Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/618d33-dd92-4d91-b821-e850677cffb3/1/aIPzR-OJH1c9-AFa1swzHM6wR2g.mft
File: aIPzR-OJH1c9-AFa1swzHM6wR2g.mft (raw, json)
Hash identifier: TR3M2ZdUTj1BfmlhU8dLckPh5eEm9eGjIXvQeEeZbQE=
Subject key identifier: E5:A7:0B:C8:5C:E4:26:39:5A:03:C0:A8:AA:02:A8:58:49:F3:4D:93
Authority key identifier: 68:83:F3:47:E3:89:1F:57:3D:F8:01:5A:D6:CC:33:1C:CE:B0:47:68
Certificate issuer: /CN=6883f347e3891f573df8015ad6cc331cceb04768
Certificate serial: 0194BC04D3A5CA198BCE314AEC3987E30E22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aIPzR-OJH1c9-AFa1swzHM6wR2g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/618d33-dd92-4d91-b821-e850677cffb3/1/aIPzR-OJH1c9-AFa1swzHM6wR2g.mft
Manifest number: 03D3
Signing time: Fri 31 Jan 2025 11:00:20 +0000
Manifest this update: Fri 31 Jan 2025 11:00:20 +0000
Manifest next update: Sat 01 Feb 2025 11:00:20 +0000
Files and hashes: 1: aIPzR-OJH1c9-AFa1swzHM6wR2g.crl (hash: sx5ipc5FbNAqANi+veXgqOJd8JrF3jyrrnrxapj7+7o=)
2: yzwcVTa4_EkxmkA3zs7RU2L0KuA.roa (hash: DiSWwAw7nqN/ZHYKb36GWp0hrc3vDQ6bPbUIBdkwyko=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:bc:04:d3:a5:ca:19:8b:ce:31:4a:ec:39:87:e3:0e:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6883f347e3891f573df8015ad6cc331cceb04768
Validity
Not Before: Jan 31 11:00:20 2025 GMT
Not After : Feb 1 11:00:20 2025 GMT
Subject: CN=e5a70bc85ce426395a03c0a8aa02a85849f34d93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:dc:54:01:b9:67:82:61:33:e7:a8:c8:f6:1d:
77:13:cf:9f:6e:bc:38:ed:24:ef:97:b4:0d:66:23:
7a:ec:62:17:a1:1b:9e:d2:e8:0c:b3:f7:a3:d7:c7:
b6:0f:c2:97:f8:7e:10:55:30:14:5f:94:e0:9d:5d:
a6:83:4f:4a:c0:0a:10:a4:48:9c:9a:b0:f6:95:16:
d7:b3:e3:fb:63:d4:9b:3e:20:5b:08:be:15:13:77:
64:04:8f:3d:6f:9b:42:68:d9:7b:90:53:2f:4c:0b:
49:4e:bc:94:79:29:86:2d:29:56:08:4d:d0:38:a1:
5b:29:2d:af:97:48:6b:4c:b6:c9:f2:12:9d:b0:cf:
39:69:cd:3c:57:6b:99:f5:44:dc:ef:ab:3c:05:02:
4e:59:63:43:2c:3c:ad:88:f0:dd:b8:00:b7:37:02:
63:ec:1a:a8:73:b0:2d:56:60:36:f3:a7:b0:e1:87:
67:6f:99:b5:5f:d4:04:5e:0d:d0:90:39:4c:3f:4d:
e1:38:9b:9a:ac:44:93:47:60:20:4b:f6:fb:d8:9f:
76:c4:0e:3f:18:0b:27:f4:66:95:6b:db:3c:5b:69:
89:ce:6c:3a:6b:34:59:a7:d3:c3:2c:7b:b5:94:74:
a7:89:16:21:14:47:03:63:9a:28:e1:5b:58:29:b5:
dd:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:A7:0B:C8:5C:E4:26:39:5A:03:C0:A8:AA:02:A8:58:49:F3:4D:93
X509v3 Authority Key Identifier:
keyid:68:83:F3:47:E3:89:1F:57:3D:F8:01:5A:D6:CC:33:1C:CE:B0:47:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aIPzR-OJH1c9-AFa1swzHM6wR2g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/618d33-dd92-4d91-b821-e850677cffb3/1/aIPzR-OJH1c9-AFa1swzHM6wR2g.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/618d33-dd92-4d91-b821-e850677cffb3/1/aIPzR-OJH1c9-AFa1swzHM6wR2g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
77:72:6c:25:25:47:60:27:fb:26:bf:ea:5e:66:8a:80:cb:eb:
ee:45:8a:20:b7:cd:7f:fe:14:19:8b:5b:9a:47:b6:a7:c6:a3:
4a:b9:db:0b:42:30:18:38:64:c3:df:82:00:6b:c1:50:16:de:
0c:89:a6:2f:3e:5a:00:aa:5c:6c:3e:1a:e5:d1:3f:dc:b7:b3:
79:33:18:b2:ab:bf:17:42:50:dd:83:8c:74:02:0f:64:78:c6:
c0:c3:1b:c2:9c:33:29:e9:1b:92:54:3b:5f:4e:94:92:77:01:
70:50:35:e7:db:1e:32:ba:69:a9:f3:02:f6:e6:54:ae:72:51:
c6:19:0e:51:a3:c2:a0:bc:25:53:b2:ee:ba:d5:2e:34:1a:6f:
42:5d:46:45:98:d7:7a:f1:e6:26:0f:77:23:01:b5:30:39:f2:
ac:6d:9b:7e:e2:20:b4:cd:a9:f3:2f:2d:57:46:f7:af:4a:80:
5f:05:aa:fc:27:76:d7:22:d7:a2:e4:52:61:d5:ba:e2:f5:4e:
65:dc:75:c7:f2:a0:15:80:79:9c:bb:08:b1:cf:23:00:6b:99:
65:91:12:4a:ab:c6:a4:2f:e8:c1:05:f3:f0:0e:33:fb:c7:b3:
65:ea:a0:a0:37:54:e0:6b:44:6e:f9:0d:ae:81:26:ab:cf:b0:
7b:32:46:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS8BNOlyhmLzjFK7DmH4w4iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ODNmMzQ3ZTM4OTFmNTczZGY4MDE1YWQ2Y2MzMzFjY2Vi
MDQ3NjgwHhcNMjUwMTMxMTEwMDIwWhcNMjUwMjAxMTEwMDIwWjAzMTEwLwYDVQQD
EyhlNWE3MGJjODVjZTQyNjM5NWEwM2MwYThhYTAyYTg1ODQ5ZjM0ZDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNxUAblngmEz56jI9h13E8+fbrw4
7STvl7QNZiN67GIXoRue0ugMs/ej18e2D8KX+H4QVTAUX5TgnV2mg09KwAoQpEic
mrD2lRbXs+P7Y9SbPiBbCL4VE3dkBI89b5tCaNl7kFMvTAtJTryUeSmGLSlWCE3Q
OKFbKS2vl0hrTLbJ8hKdsM85ac08V2uZ9UTc76s8BQJOWWNDLDytiPDduAC3NwJj
7Bqoc7AtVmA286ew4Ydnb5m1X9QEXg3QkDlMP03hOJuarESTR2AgS/b72J92xA4/
GAsn9GaVa9s8W2mJzmw6azRZp9PDLHu1lHSniRYhFEcDY5oo4VtYKbXd9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOWnC8hc5CY5WgPAqKoCqFhJ802TMB8GA1UdIwQY
MBaAFGiD80fjiR9XPfgBWtbMMxzOsEdoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUlQelItT0pIMWM5LUFGYTFzd3pITTZ3UjJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS82MThkMzMtZGQ5Mi00ZDkxLWI4MjEt
ZTg1MDY3N2NmZmIzLzEvYUlQelItT0pIMWM5LUFGYTFzd3pITTZ3UjJnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS82MThkMzMtZGQ5Mi00ZDkxLWI4MjEtZTg1MDY3N2NmZmIz
LzEvYUlQelItT0pIMWM5LUFGYTFzd3pITTZ3UjJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd3JsJSVH
YCf7Jr/qXmaKgMvr7kWKILfNf/4UGYtbmke2p8ajSrnbC0IwGDhkw9+CAGvBUBbe
DImmLz5aAKpcbD4a5dE/3LezeTMYsqu/F0JQ3YOMdAIPZHjGwMMbwpwzKekbklQ7
X06UkncBcFA159seMrppqfMC9uZUrnJRxhkOUaPCoLwlU7LuutUuNBpvQl1GRZjX
evHmJg93IwG1MDnyrG2bfuIgtM2p8y8tV0b3r0qAXwWq/Cd21yLXouRSYdW64vVO
Zdx1x/KgFYB5nLsIsc8jAGuZZZESSqvGpC/owQXz8A4z+8ezZeqgoDdU4GtEbvkN
roEmq8+wezJGJg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:30:02 2025 by rpki-client