Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/e6632b-1fbf-496f-b355-1536fc78385d/1/KMtfP7lXJRqtS6CdC6tzUrdLsH0.mft
File: KMtfP7lXJRqtS6CdC6tzUrdLsH0.mft (raw, json)
Hash identifier: E3yvqkcSrvGyI3he73wSCuB1COtpI4OvM+Hne7j+tlg=
Subject key identifier: 2B:87:06:51:65:BA:80:5A:CE:5C:B3:9E:66:B0:EB:2D:FF:B3:73:39
Authority key identifier: 28:CB:5F:3F:B9:57:25:1A:AD:4B:A0:9D:0B:AB:73:52:B7:4B:B0:7D
Certificate issuer: /CN=28cb5f3fb957251aad4ba09d0bab7352b74bb07d
Certificate serial: 0194BD8575FD9E7B1A60A94D2FDEDDF6B801
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KMtfP7lXJRqtS6CdC6tzUrdLsH0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/e6632b-1fbf-496f-b355-1536fc78385d/1/KMtfP7lXJRqtS6CdC6tzUrdLsH0.mft
Manifest number: 0911
Signing time: Fri 31 Jan 2025 18:00:27 +0000
Manifest this update: Fri 31 Jan 2025 18:00:27 +0000
Manifest next update: Sat 01 Feb 2025 18:00:27 +0000
Files and hashes: 1: 0i9Bsr9ABLnx3mgPWtu21_vME3g.roa (hash: TMrcqTSOi1Ov7CcLLSWohgeiaaCi8xEADwSrQIF/DCo=)
2: KMtfP7lXJRqtS6CdC6tzUrdLsH0.crl (hash: SyM5eK6+H/4BNbh/GR5zaqnNwVaqziwu48yKOqn+/08=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:bd:85:75:fd:9e:7b:1a:60:a9:4d:2f:de:dd:f6:b8:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28cb5f3fb957251aad4ba09d0bab7352b74bb07d
Validity
Not Before: Jan 31 18:00:27 2025 GMT
Not After : Feb 1 18:00:27 2025 GMT
Subject: CN=2b87065165ba805ace5cb39e66b0eb2dffb37339
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:95:ae:db:8b:c9:2c:b7:06:04:76:69:64:43:
97:89:1e:d5:f5:d7:a0:13:b0:75:fb:63:88:94:3f:
e5:99:0e:c1:d8:7d:3c:f9:45:ee:83:0e:c6:e9:27:
80:ca:b8:a7:2a:07:06:67:7f:10:d2:6e:24:ab:d2:
f2:a8:cd:9f:c7:4d:d0:47:69:31:de:a3:bc:30:9e:
c3:a2:ca:cf:04:da:50:73:27:67:2f:fa:17:1f:da:
49:80:25:44:2d:f6:a9:c2:b7:42:26:48:65:8a:19:
22:48:70:1c:98:45:15:ef:a4:aa:c2:b8:7b:34:9d:
c6:97:67:b8:3b:49:99:0d:23:af:e0:e9:2c:3f:e4:
3f:c0:c0:56:ed:f9:7a:5f:3a:29:5c:9c:10:7e:aa:
ee:05:cf:ab:87:48:72:01:26:5a:bf:f4:dd:fc:33:
49:3d:f7:d8:6f:03:fa:d2:da:8a:9e:60:21:99:c8:
5b:c0:0c:64:3b:06:ac:49:d4:01:6b:8e:84:2c:c1:
81:70:05:e6:4f:b3:03:63:4a:8a:c9:5d:b8:f8:c5:
e5:1a:ff:e1:86:1d:09:12:bc:75:07:47:f9:d9:92:
b0:87:5b:80:64:a5:e9:d6:c8:86:8c:64:75:49:d0:
cd:26:13:e6:20:ea:9f:ad:d4:62:80:82:04:63:78:
62:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:87:06:51:65:BA:80:5A:CE:5C:B3:9E:66:B0:EB:2D:FF:B3:73:39
X509v3 Authority Key Identifier:
keyid:28:CB:5F:3F:B9:57:25:1A:AD:4B:A0:9D:0B:AB:73:52:B7:4B:B0:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMtfP7lXJRqtS6CdC6tzUrdLsH0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/e6632b-1fbf-496f-b355-1536fc78385d/1/KMtfP7lXJRqtS6CdC6tzUrdLsH0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/e6632b-1fbf-496f-b355-1536fc78385d/1/KMtfP7lXJRqtS6CdC6tzUrdLsH0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c5:04:a7:a6:fd:bb:37:b6:8a:6f:fc:f9:d8:36:0f:fc:77:d6:
8f:5a:f0:14:9b:9b:fe:eb:79:8c:93:bc:73:05:35:f6:01:f8:
86:12:ac:ae:45:9c:25:7d:db:8d:32:62:c9:eb:03:6a:9d:56:
79:65:96:dd:38:17:b9:03:22:af:39:08:04:8e:51:0a:e4:09:
a4:e6:77:05:8e:e8:d7:0b:8d:ef:f6:84:aa:23:e8:f8:c1:ed:
11:e1:56:be:eb:ad:48:32:30:c8:7d:57:9b:e7:35:8c:a1:2e:
45:31:66:44:5d:b7:66:a3:d8:72:5d:ef:66:2f:77:28:c9:02:
d9:6f:8e:3e:84:67:6a:6f:7d:3b:a6:f9:cf:16:fc:5b:16:ea:
50:9b:c0:00:63:1f:66:7b:36:ab:14:46:31:df:01:cb:cf:5a:
ad:f4:99:3d:21:a7:c1:8d:6d:05:e1:34:9c:00:99:91:df:fd:
ac:8f:09:59:8f:67:56:e7:d8:bd:ed:32:ea:01:43:0c:7f:c9:
28:6b:96:ff:1b:89:25:1d:98:36:29:f8:3b:4d:39:0b:52:84:
4a:4d:ff:3e:5a:ce:1c:40:e2:20:1e:67:fb:ab:2c:a8:ce:5d:
3d:c7:12:cb:57:32:1e:dc:c9:df:cb:6f:c4:e3:5d:4d:10:90:
32:24:68:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS9hXX9nnsaYKlNL97d9rgBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4Y2I1ZjNmYjk1NzI1MWFhZDRiYTA5ZDBiYWI3MzUyYjc0
YmIwN2QwHhcNMjUwMTMxMTgwMDI3WhcNMjUwMjAxMTgwMDI3WjAzMTEwLwYDVQQD
EygyYjg3MDY1MTY1YmE4MDVhY2U1Y2IzOWU2NmIwZWIyZGZmYjM3MzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpWu24vJLLcGBHZpZEOXiR7V9deg
E7B1+2OIlD/lmQ7B2H08+UXugw7G6SeAyrinKgcGZ38Q0m4kq9LyqM2fx03QR2kx
3qO8MJ7DosrPBNpQcydnL/oXH9pJgCVELfapwrdCJkhlihkiSHAcmEUV76Sqwrh7
NJ3Gl2e4O0mZDSOv4OksP+Q/wMBW7fl6XzopXJwQfqruBc+rh0hyASZav/Td/DNJ
PffYbwP60tqKnmAhmchbwAxkOwasSdQBa46ELMGBcAXmT7MDY0qKyV24+MXlGv/h
hh0JErx1B0f52ZKwh1uAZKXp1siGjGR1SdDNJhPmIOqfrdRigIIEY3hieQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCuHBlFluoBazlyznmaw6y3/s3M5MB8GA1UdIwQY
MBaAFCjLXz+5VyUarUugnQurc1K3S7B9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS010ZlA3bFhKUnF0UzZDZEM2dHpVcmRMc0gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9lNjYzMmItMWZiZi00OTZmLWIzNTUt
MTUzNmZjNzgzODVkLzEvS010ZlA3bFhKUnF0UzZDZEM2dHpVcmRMc0gwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9lNjYzMmItMWZiZi00OTZmLWIzNTUtMTUzNmZjNzgzODVk
LzEvS010ZlA3bFhKUnF0UzZDZEM2dHpVcmRMc0gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxQSnpv27
N7aKb/z52DYP/HfWj1rwFJub/ut5jJO8cwU19gH4hhKsrkWcJX3bjTJiyesDap1W
eWWW3TgXuQMirzkIBI5RCuQJpOZ3BY7o1wuN7/aEqiPo+MHtEeFWvuutSDIwyH1X
m+c1jKEuRTFmRF23ZqPYcl3vZi93KMkC2W+OPoRnam99O6b5zxb8WxbqUJvAAGMf
Zns2qxRGMd8By89arfSZPSGnwY1tBeE0nACZkd/9rI8JWY9nVufYve0y6gFDDH/J
KGuW/xuJJR2YNin4O005C1KESk3/PlrOHEDiIB5n+6ssqM5dPccSy1cyHtzJ38tv
xONdTRCQMiRoQg==
-----END CERTIFICATE-----
Generated at Thu Apr 24 19:04:45 2025 by rpki-client