Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.mft
File: KhmTnyGLthMV6bOzez24WWCXXRQ.mft (raw, json)
Hash identifier: 2QSfo0XT+qizJXslmx5IS7tMY6WGOYO7iQPMIioCFbY=
Subject key identifier: 60:1C:AE:14:BC:90:B9:40:07:7E:83:0C:0C:BE:F9:AF:A2:59:25:14
Authority key identifier: 2A:19:93:9F:21:8B:B6:13:15:E9:B3:B3:7B:3D:B8:59:60:97:5D:14
Certificate issuer: /CN=2a19939f218bb61315e9b3b37b3db85960975d14
Certificate serial: 0194BCE0D753DA3323C2475EB250A674C19E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KhmTnyGLthMV6bOzez24WWCXXRQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.mft
Manifest number: 0E25
Signing time: Fri 31 Jan 2025 15:00:39 +0000
Manifest this update: Fri 31 Jan 2025 15:00:39 +0000
Manifest next update: Sat 01 Feb 2025 15:00:39 +0000
Files and hashes: 1: ICnu7sUwpSSY15uEDFVsgADJKAc.roa (hash: OMIgQNcZqzMDzM+I0pk5KXUbjDdmpf89SBEO3vtX8ZE=)
2: KhmTnyGLthMV6bOzez24WWCXXRQ.crl (hash: mbjKEdhodUjfs/QlNvclxxoMknWEeTfHRzR2+Pk8zaw=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:bc:e0:d7:53:da:33:23:c2:47:5e:b2:50:a6:74:c1:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a19939f218bb61315e9b3b37b3db85960975d14
Validity
Not Before: Jan 31 15:00:39 2025 GMT
Not After : Feb 1 15:00:39 2025 GMT
Subject: CN=601cae14bc90b940077e830c0cbef9afa2592514
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:ae:a8:15:a0:51:77:bd:46:84:85:d1:94:45:
e6:55:bd:6c:19:a2:07:24:d1:2d:2e:0c:b4:1e:03:
dc:3e:dd:ff:ba:54:1e:dd:af:fc:a3:fd:8b:30:33:
7c:3e:10:8d:72:dc:c5:a6:42:c2:7e:32:cd:4a:bc:
fb:46:0c:d9:e4:e4:86:59:b7:55:26:fd:bd:68:ba:
6b:34:5c:a3:cc:c3:35:d6:de:56:28:15:d3:c0:ea:
33:4e:b4:4c:20:ce:1a:e0:a1:52:3c:f2:da:15:4d:
68:ab:f0:b3:c7:c8:95:d7:25:fe:77:9e:74:af:60:
0b:81:f5:e7:9a:f6:08:be:bf:c7:0e:05:17:0d:66:
05:b7:50:12:ea:73:5f:29:60:91:96:53:d7:4a:14:
64:80:77:17:b3:35:36:ee:6a:aa:05:ff:c0:1d:12:
4f:b5:13:1d:96:bc:4d:cd:68:79:9a:b7:83:47:01:
f2:ca:32:70:05:17:64:3c:c7:43:cf:d2:f0:cc:3e:
da:9d:96:bd:5d:95:aa:01:d9:af:38:f9:76:24:75:
d4:18:ed:8a:bb:1f:6a:f8:94:c3:7c:cc:ff:9d:92:
33:24:bf:df:ea:a9:11:9a:52:97:4b:e7:ac:73:06:
ee:40:8d:c6:a9:bd:3c:c1:25:f1:bc:eb:18:97:18:
2b:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:1C:AE:14:BC:90:B9:40:07:7E:83:0C:0C:BE:F9:AF:A2:59:25:14
X509v3 Authority Key Identifier:
keyid:2A:19:93:9F:21:8B:B6:13:15:E9:B3:B3:7B:3D:B8:59:60:97:5D:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KhmTnyGLthMV6bOzez24WWCXXRQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
bb:b6:db:3a:33:7c:3d:6c:b1:4d:a4:f9:5a:87:25:db:3f:de:
b3:82:09:db:24:4d:2e:67:3a:3f:23:66:f2:b4:ab:23:3f:93:
cf:2d:7c:b0:cb:2f:e5:84:7a:d0:01:0b:62:83:03:0a:0c:b9:
0a:07:a5:83:10:80:8f:39:eb:47:d7:e0:b0:7e:13:20:4f:1f:
df:65:63:f4:de:05:4a:5d:ff:6d:f6:0b:1c:c3:88:83:1d:d9:
b6:25:41:eb:3b:87:d4:88:58:86:66:92:01:e8:e1:64:74:06:
0b:77:24:c3:29:32:77:02:4a:c8:fe:59:a0:f5:0d:36:b6:30:
12:ad:5d:3d:41:c9:2c:66:f0:ec:d0:53:f8:f5:e8:8b:12:ce:
6a:c2:76:13:94:32:cb:8c:33:e0:b9:a8:0b:1d:40:28:40:8d:
36:70:30:9c:a2:8a:99:39:7b:c7:28:80:41:64:69:51:09:87:
7f:24:05:a4:03:06:ee:eb:75:cd:96:26:5a:bc:8f:85:41:17:
92:1a:94:04:0a:42:98:c9:ec:48:fe:22:d2:fc:09:d6:01:fd:
e1:83:d1:df:5d:20:d3:2f:fa:8c:cf:9c:52:97:d1:59:ee:88:
aa:2e:dc:b7:6a:21:4d:3a:a3:5b:c3:6d:92:e9:29:67:db:d0:
e6:6e:24:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS84NdT2jMjwkdeslCmdMGeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMTk5MzlmMjE4YmI2MTMxNWU5YjNiMzdiM2RiODU5NjA5
NzVkMTQwHhcNMjUwMTMxMTUwMDM5WhcNMjUwMjAxMTUwMDM5WjAzMTEwLwYDVQQD
Eyg2MDFjYWUxNGJjOTBiOTQwMDc3ZTgzMGMwY2JlZjlhZmEyNTkyNTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4q6oFaBRd71GhIXRlEXmVb1sGaIH
JNEtLgy0HgPcPt3/ulQe3a/8o/2LMDN8PhCNctzFpkLCfjLNSrz7RgzZ5OSGWbdV
Jv29aLprNFyjzMM11t5WKBXTwOozTrRMIM4a4KFSPPLaFU1oq/Czx8iV1yX+d550
r2ALgfXnmvYIvr/HDgUXDWYFt1AS6nNfKWCRllPXShRkgHcXszU27mqqBf/AHRJP
tRMdlrxNzWh5mreDRwHyyjJwBRdkPMdDz9LwzD7anZa9XZWqAdmvOPl2JHXUGO2K
ux9q+JTDfMz/nZIzJL/f6qkRmlKXS+escwbuQI3Gqb08wSXxvOsYlxgrbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGAcrhS8kLlAB36DDAy++a+iWSUUMB8GA1UdIwQY
MBaAFCoZk58hi7YTFemzs3s9uFlgl10UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2htVG55R0x0aE1WNmJPemV6MjRXV0NYWFJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS81NGU0OTgtZTYyOS00MWU4LThhYmMt
ZGY1ZjIwZGQ3NmFkLzEvS2htVG55R0x0aE1WNmJPemV6MjRXV0NYWFJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS81NGU0OTgtZTYyOS00MWU4LThhYmMtZGY1ZjIwZGQ3NmFk
LzEvS2htVG55R0x0aE1WNmJPemV6MjRXV0NYWFJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAu7bbOjN8
PWyxTaT5Wocl2z/es4IJ2yRNLmc6PyNm8rSrIz+Tzy18sMsv5YR60AELYoMDCgy5
CgelgxCAjznrR9fgsH4TIE8f32Vj9N4FSl3/bfYLHMOIgx3ZtiVB6zuH1IhYhmaS
AejhZHQGC3ckwykydwJKyP5ZoPUNNrYwEq1dPUHJLGbw7NBT+PXoixLOasJ2E5Qy
y4wz4LmoCx1AKECNNnAwnKKKmTl7xyiAQWRpUQmHfyQFpAMG7ut1zZYmWryPhUEX
khqUBApCmMnsSP4i0vwJ1gH94YPR310g0y/6jM+cUpfRWe6Iqi7ct2ohTTqjW8Nt
kukpZ9vQ5m4kYg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 00:48:43 2025 by rpki-client