Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/DNScoZAd8CCTDOlx9lzBgKP8voE.mft
File: DNScoZAd8CCTDOlx9lzBgKP8voE.mft (raw, json)
Hash identifier: DJHQT0gl12BpcNI6NH6kiBWfVKLxxjBF2Yle5ppZ0UM=
Subject key identifier: AD:05:49:DC:11:90:0E:60:82:9B:D9:D4:3D:A0:B5:2A:55:1B:AA:22
Authority key identifier: 0C:D4:9C:A1:90:1D:F0:20:93:0C:E9:71:F6:5C:C1:80:A3:FC:BE:81
Certificate issuer: /CN=0cd49ca1901df020930ce971f65cc180a3fcbe81
Certificate serial: 01962FAB19A23888C1D126E29AB948A1C8C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DNScoZAd8CCTDOlx9lzBgKP8voE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/DNScoZAd8CCTDOlx9lzBgKP8voE.mft
Manifest number: 14EA
Signing time: Sun 13 Apr 2025 15:01:04 +0000
Manifest this update: Sun 13 Apr 2025 15:01:04 +0000
Manifest next update: Mon 14 Apr 2025 15:01:04 +0000
Files and hashes: 1: DNScoZAd8CCTDOlx9lzBgKP8voE.crl (hash: 9+y53cD7Q3Y6ncBlzDDcp8LGK2m+sXjSGbJHBnasnuo=)
2: IyvCi4bscVz-cDd1e8YDDEn65h8.roa (hash: +ReDdginBUQu4++Dvo5zNIlV1w8CIv08Gg4t44mG608=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:2f:ab:19:a2:38:88:c1:d1:26:e2:9a:b9:48:a1:c8:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0cd49ca1901df020930ce971f65cc180a3fcbe81
Validity
Not Before: Apr 13 15:01:04 2025 GMT
Not After : Apr 14 15:01:04 2025 GMT
Subject: CN=ad0549dc11900e60829bd9d43da0b52a551baa22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:76:90:14:98:91:e7:0d:f0:2e:84:db:11:1f:
60:74:6d:be:90:42:27:d2:c7:eb:24:35:8f:5c:e7:
b2:18:38:43:db:ef:3a:bd:30:c0:f6:cc:31:4b:2e:
f7:d1:7f:7a:10:9f:23:1b:c0:2a:0a:5c:d7:7b:e9:
f5:f7:6f:ce:8f:a8:38:aa:b0:7d:0e:df:a3:25:bd:
87:1b:37:ec:4b:9f:6c:04:cc:ab:c3:b6:af:49:da:
76:13:46:46:09:5c:ad:54:83:42:44:53:24:13:7c:
57:86:4e:fd:29:88:36:c9:61:1f:8c:02:d1:11:8f:
40:c8:e7:17:1e:f6:5b:c8:7e:e8:95:65:98:b1:5d:
cc:1c:57:9e:d2:b9:06:eb:ed:83:63:90:ec:02:c5:
9d:51:16:d9:84:63:39:f4:c1:11:eb:59:02:69:23:
94:ca:00:74:d8:6b:e2:90:71:fb:3a:bb:c4:a7:b7:
7d:56:92:48:d9:75:79:3f:31:b1:51:c2:0a:14:ac:
f3:1b:03:b6:06:0d:17:b9:6a:83:cd:3d:9c:0e:00:
b6:d0:f1:28:b0:8b:89:c6:e1:e0:7b:a4:e3:7c:24:
c9:3b:eb:8c:cc:19:98:55:9e:c4:82:86:c1:71:82:
c5:87:9e:3e:59:0b:46:97:7a:ec:3c:6b:93:e6:a4:
82:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:05:49:DC:11:90:0E:60:82:9B:D9:D4:3D:A0:B5:2A:55:1B:AA:22
X509v3 Authority Key Identifier:
keyid:0C:D4:9C:A1:90:1D:F0:20:93:0C:E9:71:F6:5C:C1:80:A3:FC:BE:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DNScoZAd8CCTDOlx9lzBgKP8voE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/DNScoZAd8CCTDOlx9lzBgKP8voE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/DNScoZAd8CCTDOlx9lzBgKP8voE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
29:82:6a:e2:b3:1a:be:d1:52:45:69:8a:25:f4:eb:98:a8:c5:
d9:4b:79:40:08:08:ee:9d:78:18:bb:bb:a0:58:d6:ca:e9:39:
06:90:8c:d6:40:65:8c:f9:a9:9e:e1:fd:63:f1:0f:a9:e2:c7:
90:be:cc:db:30:ec:e6:44:7b:02:65:e3:41:db:30:1a:48:96:
1a:a9:88:2e:d8:ca:cb:2c:b5:4e:e0:a8:b9:0d:00:ca:90:eb:
7c:07:b0:2d:86:14:cb:aa:3d:0e:0e:7a:3e:e8:ee:1e:72:12:
23:cf:13:27:24:13:7b:9b:73:98:2c:75:b2:72:17:96:c4:a1:
e3:9c:0c:ee:81:8d:91:aa:20:3b:38:65:c8:6b:fc:bb:48:65:
b2:64:95:78:d2:94:7e:05:af:12:81:56:d0:bc:0b:dd:eb:ff:
c2:7f:10:8c:99:49:35:01:bd:2f:de:19:d5:bd:20:eb:f0:2a:
c7:e0:90:fe:07:6a:fd:75:fc:7b:e8:cd:9f:81:6f:77:b2:65:
8d:1f:a7:5d:f2:76:88:cf:a4:be:05:05:96:a4:df:6f:1b:ad:
fa:10:7a:35:ac:00:e0:fc:f3:f8:50:ec:02:c2:5d:1f:65:24:
99:a2:73:51:6d:3e:7b:df:38:14:f8:92:ed:bb:bb:56:d3:2e:
34:ce:c4:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYvqxmiOIjB0SbimrlIocjFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZDQ5Y2ExOTAxZGYwMjA5MzBjZTk3MWY2NWNjMTgwYTNm
Y2JlODEwHhcNMjUwNDEzMTUwMTA0WhcNMjUwNDE0MTUwMTA0WjAzMTEwLwYDVQQD
EyhhZDA1NDlkYzExOTAwZTYwODI5YmQ5ZDQzZGEwYjUyYTU1MWJhYTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXaQFJiR5w3wLoTbER9gdG2+kEIn
0sfrJDWPXOeyGDhD2+86vTDA9swxSy730X96EJ8jG8AqClzXe+n192/Oj6g4qrB9
Dt+jJb2HGzfsS59sBMyrw7avSdp2E0ZGCVytVINCRFMkE3xXhk79KYg2yWEfjALR
EY9AyOcXHvZbyH7olWWYsV3MHFee0rkG6+2DY5DsAsWdURbZhGM59MER61kCaSOU
ygB02GvikHH7OrvEp7d9VpJI2XV5PzGxUcIKFKzzGwO2Bg0XuWqDzT2cDgC20PEo
sIuJxuHge6TjfCTJO+uMzBmYVZ7EgobBcYLFh54+WQtGl3rsPGuT5qSCdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK0FSdwRkA5ggpvZ1D2gtSpVG6oiMB8GA1UdIwQY
MBaAFAzUnKGQHfAgkwzpcfZcwYCj/L6BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE5TY29aQWQ4Q0NURE9seDlsekJnS1A4dm9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9jOWNjYzktYzQwNS00MjhmLWI3NzMt
ZGQyM2RjNDI0MWZhLzEvRE5TY29aQWQ4Q0NURE9seDlsekJnS1A4dm9FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9jOWNjYzktYzQwNS00MjhmLWI3NzMtZGQyM2RjNDI0MWZh
LzEvRE5TY29aQWQ4Q0NURE9seDlsekJnS1A4dm9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKYJq4rMa
vtFSRWmKJfTrmKjF2Ut5QAgI7p14GLu7oFjWyuk5BpCM1kBljPmpnuH9Y/EPqeLH
kL7M2zDs5kR7AmXjQdswGkiWGqmILtjKyyy1TuCouQ0AypDrfAewLYYUy6o9Dg56
PujuHnISI88TJyQTe5tzmCx1snIXlsSh45wM7oGNkaogOzhlyGv8u0hlsmSVeNKU
fgWvEoFW0LwL3ev/wn8QjJlJNQG9L94Z1b0g6/Aqx+CQ/gdq/XX8e+jNn4Fvd7Jl
jR+nXfJ2iM+kvgUFlqTfbxut+hB6NawA4Pzz+FDsAsJdH2UkmaJzUW0+e984FPiS
7bu7VtMuNM7EUg==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:31 2025 by rpki-client on console.sobornost.net