Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/77fa2a-13fc-4da6-aebb-7456f430c3f1/1/UPX-mbwiMohxFv2sgtQIKtvGrLc.mft
File: UPX-mbwiMohxFv2sgtQIKtvGrLc.mft (raw, json)
Hash identifier: PNenWpgaOQ1n3mFHgOkr5VHGGyV01kTi/J8keW++/vI=
Subject key identifier: 77:93:7D:37:E3:A3:28:67:12:E2:6D:28:94:CF:7E:18:84:7A:3D:CF
Authority key identifier: 50:F5:FE:99:BC:22:32:88:71:16:FD:AC:82:D4:08:2A:DB:C6:AC:B7
Certificate issuer: /CN=50f5fe99bc2232887116fdac82d4082adbc6acb7
Certificate serial: 0194BD4E605818C6D46BDAFA4ED4C6A2B822
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UPX-mbwiMohxFv2sgtQIKtvGrLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/77fa2a-13fc-4da6-aebb-7456f430c3f1/1/UPX-mbwiMohxFv2sgtQIKtvGrLc.mft
Manifest number: 02AD
Signing time: Fri 31 Jan 2025 17:00:17 +0000
Manifest this update: Fri 31 Jan 2025 17:00:17 +0000
Manifest next update: Sat 01 Feb 2025 17:00:17 +0000
Files and hashes: 1: 4IU66ltB5spMCU1NkhmnAMSEiws.roa (hash: jkXsgCZ9AOwz4i9eeBiFtGjyKyqIabmttJku6EP5dW8=)
2: UPX-mbwiMohxFv2sgtQIKtvGrLc.crl (hash: VzMuSGhUG008u3yh19updA8LMRocC5bz3ACg1QGPEB8=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:bd:4e:60:58:18:c6:d4:6b:da:fa:4e:d4:c6:a2:b8:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50f5fe99bc2232887116fdac82d4082adbc6acb7
Validity
Not Before: Jan 31 17:00:17 2025 GMT
Not After : Feb 1 17:00:17 2025 GMT
Subject: CN=77937d37e3a3286712e26d2894cf7e18847a3dcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:6e:34:cb:01:c3:f9:ca:50:96:bc:66:f0:37:
2e:00:69:5e:44:c6:ec:d6:74:6c:61:79:07:25:dd:
b7:92:56:f5:80:ea:54:bf:18:c2:d1:4d:f6:22:90:
ad:87:b4:04:8d:5a:41:04:34:40:32:99:d8:e1:d8:
01:74:91:7e:fe:24:c8:31:6b:77:e2:49:86:52:40:
f5:14:59:cc:33:e7:f6:1e:04:f9:06:cd:bb:5d:dc:
0b:31:0d:e4:9d:c1:0b:e1:3a:da:fd:fb:ae:15:bc:
1c:a3:0a:8f:6a:18:96:98:77:51:5e:1d:39:cb:02:
61:d8:84:c4:f8:0e:a7:83:7b:7d:46:f7:2f:c4:54:
cf:0a:80:6e:73:2f:44:43:23:3d:b0:62:c5:ee:7c:
b6:34:ce:5f:2b:94:13:40:8c:b7:30:ca:b4:e7:32:
9f:57:49:f5:81:e8:f3:1e:1b:80:b9:2d:6c:55:fc:
a5:97:1f:9f:02:c5:ef:42:be:62:d7:ba:ae:a9:da:
9b:1d:f3:1b:29:86:08:7d:b7:db:13:1f:c8:94:e1:
6a:3e:19:92:ac:b2:62:07:1e:05:0a:f1:c5:37:cf:
cf:f3:19:d9:cd:ee:e8:ac:25:f7:25:49:f9:4d:ea:
cb:91:7f:ea:15:bf:59:8b:49:4d:38:6a:82:f2:54:
07:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:93:7D:37:E3:A3:28:67:12:E2:6D:28:94:CF:7E:18:84:7A:3D:CF
X509v3 Authority Key Identifier:
keyid:50:F5:FE:99:BC:22:32:88:71:16:FD:AC:82:D4:08:2A:DB:C6:AC:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UPX-mbwiMohxFv2sgtQIKtvGrLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/77fa2a-13fc-4da6-aebb-7456f430c3f1/1/UPX-mbwiMohxFv2sgtQIKtvGrLc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/77fa2a-13fc-4da6-aebb-7456f430c3f1/1/UPX-mbwiMohxFv2sgtQIKtvGrLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5e:3e:3d:40:a5:ec:7f:08:b6:bf:3a:58:25:ac:d5:81:30:6e:
33:d7:8f:62:5e:be:56:00:85:d3:cb:0e:10:a3:50:07:22:89:
95:d3:d5:61:94:0f:15:82:f4:18:3d:5a:86:b3:de:c2:ee:ca:
9d:dc:d3:bc:61:2f:66:d9:08:95:a1:bc:47:3f:f2:ba:85:1e:
e0:b7:c0:0c:b0:7b:6c:24:fa:44:b2:a9:94:d0:8a:b5:f5:85:
af:fe:de:71:c9:d1:04:58:68:d5:82:dd:24:b3:d0:97:0d:43:
a3:5e:69:6c:b8:98:8d:9e:92:f0:2b:f9:0e:9b:c0:71:fb:a5:
78:5a:16:3e:ca:b8:42:d3:a1:45:c0:50:25:a6:a8:eb:82:ab:
5d:5e:f6:ac:55:e7:97:68:ac:d9:6d:4c:b8:77:9b:fc:9d:6d:
72:27:83:b2:5c:56:fa:79:de:95:8c:be:1f:1e:91:36:7d:c7:
4b:46:01:48:c3:65:02:76:b6:de:45:45:b0:ba:1e:db:9a:17:
a9:58:04:5d:2c:74:03:0d:d1:4c:53:74:c0:de:4d:18:2a:90:
6a:85:30:1f:31:10:06:f3:fa:ef:14:cb:b9:93:8b:25:59:0b:
f4:45:97:20:b5:ba:2a:c3:11:dc:3c:f6:20:70:e1:a4:23:1f:
f0:37:41:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS9TmBYGMbUa9r6TtTGorgiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwZjVmZTk5YmMyMjMyODg3MTE2ZmRhYzgyZDQwODJhZGJj
NmFjYjcwHhcNMjUwMTMxMTcwMDE3WhcNMjUwMjAxMTcwMDE3WjAzMTEwLwYDVQQD
Eyg3NzkzN2QzN2UzYTMyODY3MTJlMjZkMjg5NGNmN2UxODg0N2EzZGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmG40ywHD+cpQlrxm8DcuAGleRMbs
1nRsYXkHJd23klb1gOpUvxjC0U32IpCth7QEjVpBBDRAMpnY4dgBdJF+/iTIMWt3
4kmGUkD1FFnMM+f2HgT5Bs27XdwLMQ3kncEL4Tra/fuuFbwcowqPahiWmHdRXh05
ywJh2ITE+A6ng3t9RvcvxFTPCoBucy9EQyM9sGLF7ny2NM5fK5QTQIy3MMq05zKf
V0n1gejzHhuAuS1sVfyllx+fAsXvQr5i17quqdqbHfMbKYYIfbfbEx/IlOFqPhmS
rLJiBx4FCvHFN8/P8xnZze7orCX3JUn5TerLkX/qFb9Zi0lNOGqC8lQHRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHeTfTfjoyhnEuJtKJTPfhiEej3PMB8GA1UdIwQY
MBaAFFD1/pm8IjKIcRb9rILUCCrbxqy3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVBYLW1id2lNb2h4RnYyc2d0UUlLdHZHckxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC83N2ZhMmEtMTNmYy00ZGE2LWFlYmIt
NzQ1NmY0MzBjM2YxLzEvVVBYLW1id2lNb2h4RnYyc2d0UUlLdHZHckxjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC83N2ZhMmEtMTNmYy00ZGE2LWFlYmItNzQ1NmY0MzBjM2Yx
LzEvVVBYLW1id2lNb2h4RnYyc2d0UUlLdHZHckxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXj49QKXs
fwi2vzpYJazVgTBuM9ePYl6+VgCF08sOEKNQByKJldPVYZQPFYL0GD1ahrPewu7K
ndzTvGEvZtkIlaG8Rz/yuoUe4LfADLB7bCT6RLKplNCKtfWFr/7eccnRBFho1YLd
JLPQlw1Do15pbLiYjZ6S8Cv5DpvAcfuleFoWPsq4QtOhRcBQJaao64KrXV72rFXn
l2is2W1MuHeb/J1tcieDslxW+nnelYy+Hx6RNn3HS0YBSMNlAna23kVFsLoe25oX
qVgEXSx0Aw3RTFN0wN5NGCqQaoUwHzEQBvP67xTLuZOLJVkL9EWXILW6KsMR3Dz2
IHDhpCMf8DdB+A==
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:47:55 2025 by rpki-client