Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
File: a0P3ovQ2ixel4DXOS9km-KFC1os.mft (raw, json)
Hash identifier: 6kkc3YBrUdSWjadJzEhTDYAD29/4fhfTcAYLyKqvp5I=
Subject key identifier: 72:61:FC:60:A4:CA:58:0D:19:73:F8:38:81:FE:4D:CD:0D:0B:7F:68
Authority key identifier: 6B:43:F7:A2:F4:36:8B:17:A5:E0:35:CE:4B:D9:26:F8:A1:42:D6:8B
Certificate issuer: /CN=6b43f7a2f4368b17a5e035ce4bd926f8a142d68b
Certificate serial: 0194BD4E8DA849D7C17E844911FD01535BEF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
Manifest number: 1429
Signing time: Fri 31 Jan 2025 17:00:29 +0000
Manifest this update: Fri 31 Jan 2025 17:00:29 +0000
Manifest next update: Sat 01 Feb 2025 17:00:29 +0000
Files and hashes: 1: MRvoKs_tNg3-xTMgCbueoBg-yMU.roa (hash: lEsMSNpmyZrLO0pVpESTwzarMUanf5zfZ6XbX+ha5s8=)
2: a0P3ovQ2ixel4DXOS9km-KFC1os.crl (hash: 8wVPNQC+0p+JW/K35c72WRVSkq9y2HTclOZHiSTBALg=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:bd:4e:8d:a8:49:d7:c1:7e:84:49:11:fd:01:53:5b:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b43f7a2f4368b17a5e035ce4bd926f8a142d68b
Validity
Not Before: Jan 31 17:00:29 2025 GMT
Not After : Feb 1 17:00:29 2025 GMT
Subject: CN=7261fc60a4ca580d1973f83881fe4dcd0d0b7f68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:0d:ff:55:3e:e9:fa:27:af:94:e0:1e:1c:18:
5e:95:47:ec:1f:8d:0b:7d:b1:72:5d:32:ab:be:d4:
b8:08:30:52:46:d1:35:ad:48:02:9f:08:94:0e:17:
1b:0c:a0:5e:ea:ef:23:88:60:fc:52:01:4a:d7:48:
e0:b2:5f:11:04:ca:5c:d4:f7:38:fb:b6:e1:b4:0f:
06:b4:67:c6:b4:f4:5b:84:6d:0d:cd:9f:12:f0:08:
50:40:a1:14:99:34:76:d7:70:3f:cf:c4:4d:2c:fc:
43:91:1e:6f:41:d6:6f:af:84:d7:b3:74:c7:27:c6:
5d:03:a7:f9:aa:0b:41:9b:a5:a9:ce:25:ed:5b:b7:
e7:a5:e0:27:67:f9:0c:b1:fc:ab:da:e1:54:54:e2:
63:2b:be:9a:a2:88:ff:3e:ed:c6:82:fb:c6:eb:c6:
f6:b4:91:f7:a1:28:e7:6e:f9:ff:f2:63:09:6b:50:
1b:0e:88:79:95:43:d1:b3:0c:8c:35:4d:14:cf:77:
99:a4:5d:05:0a:19:84:38:05:eb:4c:37:91:30:19:
14:d6:d9:4d:8f:f2:e9:b9:a0:14:16:53:52:ee:20:
14:7f:bf:20:e3:a0:8b:80:13:18:d6:7f:bb:95:c2:
b3:53:82:aa:4b:23:f0:73:da:17:92:c2:b0:af:d6:
24:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:61:FC:60:A4:CA:58:0D:19:73:F8:38:81:FE:4D:CD:0D:0B:7F:68
X509v3 Authority Key Identifier:
keyid:6B:43:F7:A2:F4:36:8B:17:A5:E0:35:CE:4B:D9:26:F8:A1:42:D6:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
56:4e:f2:1f:2a:6d:52:88:87:ae:8b:0f:8a:38:95:6d:69:c2:
7b:47:5a:59:60:b0:4c:cf:2c:98:33:d0:b3:e7:88:bb:83:0f:
f7:71:a0:7c:a1:39:dd:43:7c:77:30:c4:a2:f2:f5:a2:0a:c4:
58:29:82:4a:09:a7:c7:78:a5:a4:5a:1f:3e:d8:fc:0a:8e:09:
e0:35:aa:0a:fa:f9:ae:19:db:87:81:0e:32:ad:fa:20:f0:66:
9d:49:f5:75:19:43:5c:b9:da:de:a6:43:c4:59:ab:ac:c9:3e:
2a:9b:9d:a4:5e:99:93:00:1f:4f:7d:d1:41:bf:1f:34:1b:45:
d7:2a:7e:c3:5d:7c:a9:fe:f5:4e:f4:19:40:65:06:10:9e:8c:
1a:c9:08:b2:20:54:50:5b:da:0d:3b:f4:e2:70:67:56:84:2d:
06:5d:be:7c:ee:c3:89:3c:eb:50:93:3d:95:ba:88:dd:fc:ff:
47:d1:6a:76:f8:f1:c1:eb:a0:a1:5f:ad:80:f3:47:51:62:f4:
b9:7c:6d:cd:4d:c0:11:46:21:a3:45:6a:1c:24:76:84:6c:8a:
0e:bd:43:13:06:99:2e:4f:73:b0:c1:d9:5f:b5:7a:3c:b2:f7:
4d:b3:26:2f:4e:2c:51:59:4d:59:f4:68:f3:18:22:58:10:00:
da:1a:2e:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS9To2oSdfBfoRJEf0BU1vvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNDNmN2EyZjQzNjhiMTdhNWUwMzVjZTRiZDkyNmY4YTE0
MmQ2OGIwHhcNMjUwMTMxMTcwMDI5WhcNMjUwMjAxMTcwMDI5WjAzMTEwLwYDVQQD
Eyg3MjYxZmM2MGE0Y2E1ODBkMTk3M2Y4Mzg4MWZlNGRjZDBkMGI3ZjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3A3/VT7p+ievlOAeHBhelUfsH40L
fbFyXTKrvtS4CDBSRtE1rUgCnwiUDhcbDKBe6u8jiGD8UgFK10jgsl8RBMpc1Pc4
+7bhtA8GtGfGtPRbhG0NzZ8S8AhQQKEUmTR213A/z8RNLPxDkR5vQdZvr4TXs3TH
J8ZdA6f5qgtBm6WpziXtW7fnpeAnZ/kMsfyr2uFUVOJjK76aooj/Pu3GgvvG68b2
tJH3oSjnbvn/8mMJa1AbDoh5lUPRswyMNU0Uz3eZpF0FChmEOAXrTDeRMBkU1tlN
j/LpuaAUFlNS7iAUf78g46CLgBMY1n+7lcKzU4KqSyPwc9oXksKwr9YktQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHJh/GCkylgNGXP4OIH+Tc0NC39oMB8GA1UdIwQY
MBaAFGtD96L0NosXpeA1zkvZJvihQtaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9iYTdkYmEtNDc0YS00MmZkLWE5YzMt
MzViMDMxMzZkZDAzLzEvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9iYTdkYmEtNDc0YS00MmZkLWE5YzMtMzViMDMxMzZkZDAz
LzEvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVk7yHypt
UoiHrosPijiVbWnCe0daWWCwTM8smDPQs+eIu4MP93GgfKE53UN8dzDEovL1ogrE
WCmCSgmnx3ilpFofPtj8Co4J4DWqCvr5rhnbh4EOMq36IPBmnUn1dRlDXLna3qZD
xFmrrMk+KpudpF6ZkwAfT33RQb8fNBtF1yp+w118qf71TvQZQGUGEJ6MGskIsiBU
UFvaDTv04nBnVoQtBl2+fO7DiTzrUJM9lbqI3fz/R9FqdvjxweugoV+tgPNHUWL0
uXxtzU3AEUYho0VqHCR2hGyKDr1DEwaZLk9zsMHZX7V6PLL3TbMmL04sUVlNWfRo
8xgiWBAA2houBg==
-----END CERTIFICATE-----
Generated at Thu Apr 24 21:42:07 2025 by rpki-client