Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/f2dad3-a6e6-4b77-8342-624f4c141f2c/1/IVMOnQni_4w4QTYVWJpfIG5_Pqk.mft
File: IVMOnQni_4w4QTYVWJpfIG5_Pqk.mft (raw, json)
Hash identifier: krQWkz35rmpO6QDPUO/3JQ0HeHV5adMII96MufHCFdY=
Subject key identifier: 2E:27:66:01:BF:74:12:3E:B7:CC:06:95:A3:C9:1C:4C:E1:60:3D:A4
Authority key identifier: 21:53:0E:9D:09:E2:FF:8C:38:41:36:15:58:9A:5F:20:6E:7F:3E:A9
Certificate issuer: /CN=21530e9d09e2ff8c38413615589a5f206e7f3ea9
Certificate serial: 0194BD17D2BC1FED185569D7C7E201A9CE00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IVMOnQni_4w4QTYVWJpfIG5_Pqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/f2dad3-a6e6-4b77-8342-624f4c141f2c/1/IVMOnQni_4w4QTYVWJpfIG5_Pqk.mft
Manifest number: 0725
Signing time: Fri 31 Jan 2025 16:00:42 +0000
Manifest this update: Fri 31 Jan 2025 16:00:42 +0000
Manifest next update: Sat 01 Feb 2025 16:00:42 +0000
Files and hashes: 1: IVMOnQni_4w4QTYVWJpfIG5_Pqk.crl (hash: 4WmsT9CEQvtpVOXmNucA+ZcjpgcKcea2m5cm+7xgRfk=)
2: NfqHOhcJXcqSfQpuNgytLU6Q0gw.roa (hash: fdvl8Vjh1i6SnoxQG77IPFWNq1tbBXhWcHGwbwfOV50=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:bd:17:d2:bc:1f:ed:18:55:69:d7:c7:e2:01:a9:ce:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21530e9d09e2ff8c38413615589a5f206e7f3ea9
Validity
Not Before: Jan 31 16:00:42 2025 GMT
Not After : Feb 1 16:00:42 2025 GMT
Subject: CN=2e276601bf74123eb7cc0695a3c91c4ce1603da4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:96:eb:17:be:f7:a4:50:d3:16:07:51:76:42:
43:91:28:fb:dd:a6:30:b7:a9:1b:18:dc:97:8e:e1:
2c:96:b7:55:a2:a2:27:5a:7c:e4:ec:29:22:aa:7a:
d6:58:a3:33:a7:47:ff:a9:d9:0d:eb:c9:5a:39:25:
c2:8a:48:f1:8e:f5:69:72:aa:21:72:14:7e:da:01:
a4:6a:ed:e4:73:94:c6:62:f5:ae:52:10:bb:df:d4:
cb:4c:cc:98:08:41:a2:74:3a:45:c4:25:c6:eb:58:
ab:ec:c2:92:e0:73:6d:c3:34:cd:34:c4:98:88:29:
34:77:c8:0f:98:9e:7b:cb:67:55:fd:2e:08:12:42:
e6:b2:6c:b7:3f:11:00:4f:27:12:33:dc:19:76:72:
34:5e:96:29:53:18:a8:0b:84:30:b4:5e:77:3c:8f:
79:cc:45:cb:a1:11:d2:58:57:27:65:e6:90:ff:37:
24:c3:00:ce:79:da:c1:ba:3c:8a:1e:ed:f4:7a:53:
83:91:e0:28:3c:9c:e4:10:93:19:5d:da:da:52:7c:
00:a3:e7:03:bc:5c:fa:71:14:e3:98:76:1e:1d:e8:
5f:56:20:f2:c1:69:9c:e2:60:a4:77:05:03:d5:f5:
4d:4f:c2:28:25:f9:99:26:c2:c5:27:99:c5:6d:e7:
fb:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:27:66:01:BF:74:12:3E:B7:CC:06:95:A3:C9:1C:4C:E1:60:3D:A4
X509v3 Authority Key Identifier:
keyid:21:53:0E:9D:09:E2:FF:8C:38:41:36:15:58:9A:5F:20:6E:7F:3E:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IVMOnQni_4w4QTYVWJpfIG5_Pqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/f2dad3-a6e6-4b77-8342-624f4c141f2c/1/IVMOnQni_4w4QTYVWJpfIG5_Pqk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/f2dad3-a6e6-4b77-8342-624f4c141f2c/1/IVMOnQni_4w4QTYVWJpfIG5_Pqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
89:43:e7:63:78:6d:6c:ab:03:b3:14:f5:ac:b4:b7:01:9b:7d:
75:f0:e7:44:32:8f:a2:5d:af:0c:56:ba:5e:cb:e3:44:57:c0:
ac:51:98:c9:4c:3d:55:ec:1f:21:2d:67:10:e3:a6:d3:a0:19:
0d:2d:22:63:fb:a1:77:13:fe:dc:49:9c:40:01:fe:56:56:71:
66:94:db:92:5c:60:a7:09:e3:ec:21:8e:af:11:f7:68:c2:f8:
80:b1:a1:42:48:42:e6:be:25:97:00:db:74:7a:e3:38:8a:9c:
5a:66:0c:3b:8c:ea:91:1b:1f:26:13:67:fe:d8:e1:df:cf:f0:
f9:b5:11:e8:32:d4:71:bc:56:18:22:9f:2b:41:76:1a:19:73:
99:1d:ea:c7:fc:41:cd:64:59:27:a1:bf:f3:5d:f2:72:f0:06:
24:63:00:af:b1:e3:63:22:a4:6a:c2:65:6d:e0:27:f8:30:90:
52:0b:cf:62:74:c2:85:a2:e6:7e:05:26:20:ad:07:32:b0:c1:
e7:a1:56:73:a6:a4:33:d9:67:80:7f:86:f5:00:4d:fe:91:c8:
ae:e7:b3:af:38:49:39:0f:f9:cf:07:d6:c3:28:6e:ab:b2:99:
04:35:60:c4:76:3d:50:bb:8d:7a:05:50:2e:a1:cb:f7:75:ae:
5d:42:73:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS9F9K8H+0YVWnXx+IBqc4AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNTMwZTlkMDllMmZmOGMzODQxMzYxNTU4OWE1ZjIwNmU3
ZjNlYTkwHhcNMjUwMTMxMTYwMDQyWhcNMjUwMjAxMTYwMDQyWjAzMTEwLwYDVQQD
EygyZTI3NjYwMWJmNzQxMjNlYjdjYzA2OTVhM2M5MWM0Y2UxNjAzZGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpbrF773pFDTFgdRdkJDkSj73aYw
t6kbGNyXjuEslrdVoqInWnzk7CkiqnrWWKMzp0f/qdkN68laOSXCikjxjvVpcqoh
chR+2gGkau3kc5TGYvWuUhC739TLTMyYCEGidDpFxCXG61ir7MKS4HNtwzTNNMSY
iCk0d8gPmJ57y2dV/S4IEkLmsmy3PxEATycSM9wZdnI0XpYpUxioC4QwtF53PI95
zEXLoRHSWFcnZeaQ/zckwwDOedrBujyKHu30elODkeAoPJzkEJMZXdraUnwAo+cD
vFz6cRTjmHYeHehfViDywWmc4mCkdwUD1fVNT8IoJfmZJsLFJ5nFbef7hQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC4nZgG/dBI+t8wGlaPJHEzhYD2kMB8GA1UdIwQY
MBaAFCFTDp0J4v+MOEE2FViaXyBufz6pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVZNT25RbmlfNHc0UVRZVldKcGZJRzVfUHFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mMmRhZDMtYTZlNi00Yjc3LTgzNDIt
NjI0ZjRjMTQxZjJjLzEvSVZNT25RbmlfNHc0UVRZVldKcGZJRzVfUHFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9mMmRhZDMtYTZlNi00Yjc3LTgzNDItNjI0ZjRjMTQxZjJj
LzEvSVZNT25RbmlfNHc0UVRZVldKcGZJRzVfUHFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiUPnY3ht
bKsDsxT1rLS3AZt9dfDnRDKPol2vDFa6XsvjRFfArFGYyUw9VewfIS1nEOOm06AZ
DS0iY/uhdxP+3EmcQAH+VlZxZpTbklxgpwnj7CGOrxH3aML4gLGhQkhC5r4llwDb
dHrjOIqcWmYMO4zqkRsfJhNn/tjh38/w+bUR6DLUcbxWGCKfK0F2GhlzmR3qx/xB
zWRZJ6G/813ycvAGJGMAr7HjYyKkasJlbeAn+DCQUgvPYnTChaLmfgUmIK0HMrDB
56FWc6akM9lngH+G9QBN/pHIruezrzhJOQ/5zwfWwyhuq7KZBDVgxHY9ULuNegVQ
LqHL93WuXUJzdg==
-----END CERTIFICATE-----
Generated at Thu Apr 24 21:49:07 2025 by rpki-client