Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/bc1c74-1e0a-4055-80b8-efa7f89bd0b9/1/onIAVE-TpnX8jHhBhWmA44o1Kcs.mft
File: onIAVE-TpnX8jHhBhWmA44o1Kcs.mft (raw, json)
Hash identifier: /2iRiIUeNWhFT6xyIXnEPcLkjAlnbxJYlsqQUbRIxSo=
Subject key identifier: 7D:D1:B0:E5:AB:32:92:A8:23:56:1F:2E:36:4A:A8:44:D2:65:E5:BE
Authority key identifier: A2:72:00:54:4F:93:A6:75:FC:8C:78:41:85:69:80:E3:8A:35:29:CB
Certificate issuer: /CN=a27200544f93a675fc8c7841856980e38a3529cb
Certificate serial: 0194BD854DB80CDD4308A4506D69DA290A47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/onIAVE-TpnX8jHhBhWmA44o1Kcs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/bc1c74-1e0a-4055-80b8-efa7f89bd0b9/1/onIAVE-TpnX8jHhBhWmA44o1Kcs.mft
Manifest number: 0EC6
Signing time: Fri 31 Jan 2025 18:00:17 +0000
Manifest this update: Fri 31 Jan 2025 18:00:17 +0000
Manifest next update: Sat 01 Feb 2025 18:00:17 +0000
Files and hashes: 1: WsJxTcqQMdNcfxDwYxL96RxQkLE.roa (hash: AzUS2a/hUE19ESDc/skGDA/ldB6bGDxX9L5RO7/taEk=)
2: onIAVE-TpnX8jHhBhWmA44o1Kcs.crl (hash: NkusEzDkS3A+7BsRTrjzMJetUCsACk9U72kdXBu+re0=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:bd:85:4d:b8:0c:dd:43:08:a4:50:6d:69:da:29:0a:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a27200544f93a675fc8c7841856980e38a3529cb
Validity
Not Before: Jan 31 18:00:17 2025 GMT
Not After : Feb 1 18:00:17 2025 GMT
Subject: CN=7dd1b0e5ab3292a823561f2e364aa844d265e5be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:42:66:fe:fb:b4:57:e9:93:7a:31:e1:64:d3:
95:26:70:9f:4b:b6:29:3b:e0:53:74:21:23:3e:c7:
60:53:22:22:6a:f4:88:85:72:3e:d1:d3:59:46:e2:
d4:27:25:84:3d:88:cf:39:7a:f9:24:86:49:c6:30:
80:b9:eb:e4:13:00:3a:25:40:39:3b:fe:41:09:15:
04:4a:40:6c:60:fc:a9:37:57:36:fa:fa:ca:25:b8:
d6:72:7c:b0:bc:7a:b2:0a:ad:6e:0f:16:ad:5e:35:
81:be:a3:cc:86:ca:39:e3:13:1b:41:12:b3:88:02:
c2:05:f8:ee:1f:5d:a2:b5:d7:ae:e1:21:ce:4d:ec:
49:ba:31:8d:ef:9e:6b:11:d8:2c:b7:42:d3:4c:44:
11:e1:a2:34:ed:bb:9e:85:da:2f:be:34:f0:46:4c:
fd:9c:dc:85:29:55:9b:da:24:41:65:64:6f:12:52:
5b:39:b4:18:9c:bb:fe:1c:4b:63:a4:12:bc:98:ec:
c0:b8:73:93:43:d6:e0:f9:8a:f2:95:58:0c:d1:bd:
0f:15:f9:7a:ee:8e:26:75:f4:a6:1b:80:2a:89:b7:
e4:ce:77:57:9a:66:ce:be:f9:73:9c:48:be:c2:f6:
3a:b1:75:7c:09:a6:58:72:5a:49:cf:25:6a:0e:82:
97:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:D1:B0:E5:AB:32:92:A8:23:56:1F:2E:36:4A:A8:44:D2:65:E5:BE
X509v3 Authority Key Identifier:
keyid:A2:72:00:54:4F:93:A6:75:FC:8C:78:41:85:69:80:E3:8A:35:29:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/onIAVE-TpnX8jHhBhWmA44o1Kcs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/bc1c74-1e0a-4055-80b8-efa7f89bd0b9/1/onIAVE-TpnX8jHhBhWmA44o1Kcs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/bc1c74-1e0a-4055-80b8-efa7f89bd0b9/1/onIAVE-TpnX8jHhBhWmA44o1Kcs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
bf:50:8e:5b:8b:23:fe:39:04:2d:e3:89:90:c5:29:fa:cf:57:
7d:d0:e3:53:19:ce:32:22:94:0f:21:b4:f7:72:69:27:ee:76:
4a:b1:fd:66:52:a2:e1:a3:92:c1:79:d6:9f:29:72:64:a2:6a:
fc:56:2f:b8:9f:43:18:d0:6b:6b:16:d4:f5:90:b3:cf:d7:46:
90:80:37:70:85:b5:8d:b3:70:d7:62:c2:76:53:37:ea:3e:64:
64:79:09:db:ca:37:14:09:12:4c:0f:82:28:cc:ec:e3:25:33:
b9:e1:f1:e5:18:72:26:0f:24:dd:3c:c5:fb:1b:2b:80:a4:9d:
ce:f9:fb:6c:8e:44:a2:75:2a:12:16:98:51:9d:9b:d9:02:33:
da:3b:b9:19:a8:7f:a7:c7:cc:e5:27:42:4e:50:8d:8e:e8:05:
71:2f:ad:74:a8:7a:4c:fa:16:32:b2:d5:d9:26:27:4b:e2:81:
d7:9a:ce:f4:3b:20:01:51:47:98:8a:b1:92:c4:16:6b:43:06:
28:b1:39:e3:5a:6e:b8:eb:c5:56:79:3a:03:62:50:9b:58:59:
99:3d:1d:18:5b:0d:cd:f6:3f:e6:69:7a:ae:86:7b:5c:ce:ff:
db:10:eb:c8:a1:8f:14:00:b4:45:3b:f2:c2:9d:8d:24:59:1f:
2f:f5:dd:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS9hU24DN1DCKRQbWnaKQpHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNzIwMDU0NGY5M2E2NzVmYzhjNzg0MTg1Njk4MGUzOGEz
NTI5Y2IwHhcNMjUwMTMxMTgwMDE3WhcNMjUwMjAxMTgwMDE3WjAzMTEwLwYDVQQD
Eyg3ZGQxYjBlNWFiMzI5MmE4MjM1NjFmMmUzNjRhYTg0NGQyNjVlNWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2kJm/vu0V+mTejHhZNOVJnCfS7Yp
O+BTdCEjPsdgUyIiavSIhXI+0dNZRuLUJyWEPYjPOXr5JIZJxjCAuevkEwA6JUA5
O/5BCRUESkBsYPypN1c2+vrKJbjWcnywvHqyCq1uDxatXjWBvqPMhso54xMbQRKz
iALCBfjuH12itdeu4SHOTexJujGN755rEdgst0LTTEQR4aI07buehdovvjTwRkz9
nNyFKVWb2iRBZWRvElJbObQYnLv+HEtjpBK8mOzAuHOTQ9bg+YrylVgM0b0PFfl6
7o4mdfSmG4AqibfkzndXmmbOvvlznEi+wvY6sXV8CaZYclpJzyVqDoKXZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH3RsOWrMpKoI1YfLjZKqETSZeW+MB8GA1UdIwQY
MBaAFKJyAFRPk6Z1/Ix4QYVpgOOKNSnLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb25JQVZFLVRwblg4akhoQmhXbUE0NG8xS2NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9iYzFjNzQtMWUwYS00MDU1LTgwYjgt
ZWZhN2Y4OWJkMGI5LzEvb25JQVZFLVRwblg4akhoQmhXbUE0NG8xS2NzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9iYzFjNzQtMWUwYS00MDU1LTgwYjgtZWZhN2Y4OWJkMGI5
LzEvb25JQVZFLVRwblg4akhoQmhXbUE0NG8xS2NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAv1COW4sj
/jkELeOJkMUp+s9XfdDjUxnOMiKUDyG093JpJ+52SrH9ZlKi4aOSwXnWnylyZKJq
/FYvuJ9DGNBraxbU9ZCzz9dGkIA3cIW1jbNw12LCdlM36j5kZHkJ28o3FAkSTA+C
KMzs4yUzueHx5RhyJg8k3TzF+xsrgKSdzvn7bI5EonUqEhaYUZ2b2QIz2ju5Gah/
p8fM5SdCTlCNjugFcS+tdKh6TPoWMrLV2SYnS+KB15rO9DsgAVFHmIqxksQWa0MG
KLE541puuOvFVnk6A2JQm1hZmT0dGFsNzfY/5ml6roZ7XM7/2xDryKGPFAC0RTvy
wp2NJFkfL/Xdbw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:42:11 2025 by rpki-client