Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.mft
File: QH0twQwC9ewk9pD59mBVVIZWLlk.mft (raw, json)
Hash identifier: O2rKkxFDFwlpaIvj7B1D+clmPBmB6wxzuaAlKHQvtOM=
Subject key identifier: 22:26:A8:7E:96:B9:74:4B:AC:F7:E2:ED:22:85:B4:64:AB:8C:4D:21
Authority key identifier: 40:7D:2D:C1:0C:02:F5:EC:24:F6:90:F9:F6:60:55:54:86:56:2E:59
Certificate issuer: /CN=407d2dc10c02f5ec24f690f9f660555486562e59
Certificate serial: 0194BC72D56A85D69680BB1DCDEB31A9E2DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QH0twQwC9ewk9pD59mBVVIZWLlk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.mft
Manifest number: 1129
Signing time: Fri 31 Jan 2025 13:00:29 +0000
Manifest this update: Fri 31 Jan 2025 13:00:29 +0000
Manifest next update: Sat 01 Feb 2025 13:00:29 +0000
Files and hashes: 1: H0bQgySRSVEBMsUFWG1LFpsoHvo.roa (hash: xkMnmqfm74JviA1Eb+MeDPeuGBKpBqJAXaeRNQIX3FU=)
2: QH0twQwC9ewk9pD59mBVVIZWLlk.crl (hash: c4xl2s0rHz6srAgpX6U4ZmHq5b2+gkz8unL4nzG+TTU=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:bc:72:d5:6a:85:d6:96:80:bb:1d:cd:eb:31:a9:e2:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=407d2dc10c02f5ec24f690f9f660555486562e59
Validity
Not Before: Jan 31 13:00:29 2025 GMT
Not After : Feb 1 13:00:29 2025 GMT
Subject: CN=2226a87e96b9744bacf7e2ed2285b464ab8c4d21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:e6:54:bc:2f:6e:76:84:24:33:3d:8b:23:42:
ba:b9:28:77:37:39:bd:0b:a2:14:49:61:6c:00:f3:
4c:bf:08:2b:b5:fd:53:15:12:e3:36:0f:7a:a8:e2:
55:ce:ca:24:3c:14:8f:1d:7b:0f:cc:a1:96:0c:ad:
84:1b:33:fe:49:21:1a:12:52:c2:bc:10:87:26:78:
e5:f0:cb:dc:28:67:d0:d2:a9:ac:db:c7:ce:8c:c0:
f8:0e:19:5c:28:05:51:5c:7b:d0:e4:d9:4c:63:21:
70:6a:12:91:bf:81:bd:c1:b2:ad:9a:73:1c:49:69:
ba:d3:a1:86:73:ec:1a:5b:ae:0b:81:c2:45:57:6c:
6c:fd:f2:9d:7f:ba:cc:0c:82:7d:e4:0f:1e:5d:06:
a1:6b:f7:6f:7b:aa:3a:fe:ef:3b:2d:91:14:73:3d:
52:ce:71:20:bc:df:df:10:03:b1:d5:d4:58:8c:48:
8e:b9:c5:8e:7b:6a:a3:c6:dd:bc:d5:00:ee:19:53:
8a:9a:46:d4:2d:17:67:b7:32:ac:6a:d7:21:04:7c:
24:57:9c:6e:26:55:55:c8:d7:a9:7f:24:ba:3f:fd:
c5:17:27:c2:1e:18:20:b0:b4:82:c7:b8:ef:a0:9f:
7e:1d:f5:86:7b:22:2f:1a:fb:84:b6:a1:54:a9:44:
d5:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:26:A8:7E:96:B9:74:4B:AC:F7:E2:ED:22:85:B4:64:AB:8C:4D:21
X509v3 Authority Key Identifier:
keyid:40:7D:2D:C1:0C:02:F5:EC:24:F6:90:F9:F6:60:55:54:86:56:2E:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QH0twQwC9ewk9pD59mBVVIZWLlk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
81:8d:52:e8:46:8b:f5:58:29:14:d7:f9:ea:cc:6a:c6:89:11:
e4:d4:25:8f:ae:23:5b:a1:36:88:9c:3a:8a:86:d6:80:a7:f1:
33:db:af:50:b8:35:81:9c:f6:52:9d:6a:cc:32:5d:21:7c:f7:
af:dd:df:57:54:67:8c:ed:97:64:04:62:a5:cc:f6:a5:59:6d:
11:0f:39:e7:4e:07:e7:9c:7c:af:61:1c:47:c9:f6:82:85:97:
65:28:73:fa:14:e7:69:72:54:b6:e5:7e:c2:5f:6a:81:28:4c:
25:4f:69:7e:79:e2:29:65:50:31:12:a2:40:ae:69:5d:4a:45:
8e:ec:0c:61:76:6d:6d:ec:96:8b:19:bc:41:c2:94:99:b3:49:
87:e5:00:dc:0a:a9:70:cf:de:4c:44:16:f3:49:41:b5:1c:0d:
59:d7:bb:22:99:5c:30:af:07:9a:e6:b9:6f:23:41:8a:d8:19:
58:21:49:1b:e4:4e:c1:e5:12:5c:31:1f:74:e2:97:ac:57:81:
db:d4:74:18:19:67:55:96:bf:06:3b:2f:80:8b:18:12:68:ae:
1c:db:e0:ca:6e:34:1a:1c:91:d9:a2:3b:57:84:e5:28:ab:1b:
5a:38:27:87:21:8c:38:d0:0e:79:5b:49:5f:39:ef:fe:33:eb:
be:be:b9:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS8ctVqhdaWgLsdzesxqeLeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwN2QyZGMxMGMwMmY1ZWMyNGY2OTBmOWY2NjA1NTU0ODY1
NjJlNTkwHhcNMjUwMTMxMTMwMDI5WhcNMjUwMjAxMTMwMDI5WjAzMTEwLwYDVQQD
EygyMjI2YTg3ZTk2Yjk3NDRiYWNmN2UyZWQyMjg1YjQ2NGFiOGM0ZDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmuZUvC9udoQkMz2LI0K6uSh3Nzm9
C6IUSWFsAPNMvwgrtf1TFRLjNg96qOJVzsokPBSPHXsPzKGWDK2EGzP+SSEaElLC
vBCHJnjl8MvcKGfQ0qms28fOjMD4DhlcKAVRXHvQ5NlMYyFwahKRv4G9wbKtmnMc
SWm606GGc+waW64LgcJFV2xs/fKdf7rMDIJ95A8eXQaha/dve6o6/u87LZEUcz1S
znEgvN/fEAOx1dRYjEiOucWOe2qjxt281QDuGVOKmkbULRdntzKsatchBHwkV5xu
JlVVyNepfyS6P/3FFyfCHhggsLSCx7jvoJ9+HfWGeyIvGvuEtqFUqUTVlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCImqH6WuXRLrPfi7SKFtGSrjE0hMB8GA1UdIwQY
MBaAFEB9LcEMAvXsJPaQ+fZgVVSGVi5ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUgwdHdRd0M5ZXdrOXBENTltQlZWSVpXTGxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC9hNmZjYzktZDI1MS00MmRjLWFkMDIt
OTY3YzIyODVlYTYyLzEvUUgwdHdRd0M5ZXdrOXBENTltQlZWSVpXTGxrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC9hNmZjYzktZDI1MS00MmRjLWFkMDItOTY3YzIyODVlYTYy
LzEvUUgwdHdRd0M5ZXdrOXBENTltQlZWSVpXTGxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgY1S6EaL
9VgpFNf56sxqxokR5NQlj64jW6E2iJw6iobWgKfxM9uvULg1gZz2Up1qzDJdIXz3
r93fV1RnjO2XZARipcz2pVltEQ85504H55x8r2EcR8n2goWXZShz+hTnaXJUtuV+
wl9qgShMJU9pfnniKWVQMRKiQK5pXUpFjuwMYXZtbeyWixm8QcKUmbNJh+UA3Aqp
cM/eTEQW80lBtRwNWde7IplcMK8Hmua5byNBitgZWCFJG+ROweUSXDEfdOKXrFeB
29R0GBlnVZa/BjsvgIsYEmiuHNvgym40GhyR2aI7V4TlKKsbWjgnhyGMONAOeVtJ
Xznv/jPrvr65cg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:36:04 2025 by rpki-client