Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft
File: PO7GxHlRspnHCAZYPXkdUM2BbF8.mft (raw, json)
Hash identifier: rXRMB9IgaN0h1En5HF6Os1uNZE6XmfhSPfwmGf9LlK0=
Subject key identifier: 4A:63:27:BD:7B:80:AB:E3:3D:6A:DD:6E:09:F7:F8:36:59:58:54:91
Authority key identifier: 3C:EE:C6:C4:79:51:B2:99:C7:08:06:58:3D:79:1D:50:CD:81:6C:5F
Certificate issuer: /CN=3ceec6c47951b299c70806583d791d50cd816c5f
Certificate serial: 01962E61CC282B48DD884C79E7B331E6096A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PO7GxHlRspnHCAZYPXkdUM2BbF8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft
Manifest number: 0139
Signing time: Sun 13 Apr 2025 09:01:23 +0000
Manifest this update: Sun 13 Apr 2025 09:01:23 +0000
Manifest next update: Mon 14 Apr 2025 09:01:23 +0000
Files and hashes: 1: PO7GxHlRspnHCAZYPXkdUM2BbF8.crl (hash: 4ShiLXgO2wLW5J9bzQKsPdeaE1POfyVfBZ/3QWJDYXw=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:2e:61:cc:28:2b:48:dd:88:4c:79:e7:b3:31:e6:09:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ceec6c47951b299c70806583d791d50cd816c5f
Validity
Not Before: Apr 13 09:01:23 2025 GMT
Not After : Apr 14 09:01:23 2025 GMT
Subject: CN=4a6327bd7b80abe33d6add6e09f7f83659585491
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:57:3a:e4:fa:57:60:97:83:05:9a:47:39:80:
3f:13:dd:a8:72:d1:01:74:22:ba:3f:1d:21:3f:bd:
67:4a:25:e1:97:75:ad:f4:a9:ca:e2:57:2a:8b:17:
a2:74:b6:44:66:99:46:c7:34:d4:46:ca:ce:39:fd:
61:5b:56:00:c7:da:ed:73:2a:fb:7a:b0:27:c2:06:
46:16:13:7b:32:3f:71:3c:8b:55:80:77:11:f5:11:
e9:2d:f1:13:80:ed:04:ea:85:c1:1c:2c:51:ad:9c:
94:b2:13:93:ba:68:29:17:68:f3:06:7c:65:18:c1:
04:be:c3:58:63:ae:e7:45:45:a3:5e:fc:0d:bf:67:
5b:0d:ac:99:1e:40:b1:b0:8e:bb:54:01:9e:7f:6c:
52:39:11:61:aa:1a:00:07:b3:5b:a4:93:85:48:5c:
35:49:d2:1f:77:81:cb:3a:0f:0e:4a:98:85:74:e8:
2d:eb:a6:15:6f:77:b5:37:67:80:57:f2:b2:47:51:
f7:82:5b:1a:6d:44:44:d9:78:ac:3b:b7:2e:a3:ea:
32:98:34:07:37:50:d3:4b:8f:de:60:60:97:27:3e:
8d:ab:f7:32:81:1e:76:98:ab:56:f6:7c:ad:85:ec:
c5:c6:35:4e:77:80:28:21:d8:cb:7c:53:23:db:67:
af:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:63:27:BD:7B:80:AB:E3:3D:6A:DD:6E:09:F7:F8:36:59:58:54:91
X509v3 Authority Key Identifier:
keyid:3C:EE:C6:C4:79:51:B2:99:C7:08:06:58:3D:79:1D:50:CD:81:6C:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PO7GxHlRspnHCAZYPXkdUM2BbF8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
00:57:19:35:b6:16:bd:91:3c:da:fa:3b:52:92:69:3b:c5:02:
3a:df:e8:e4:f1:6f:c5:5c:05:bc:1f:b0:b3:ec:fc:67:25:c9:
25:8c:00:de:6f:18:95:a9:4c:7e:97:dc:ba:f2:a7:a6:79:aa:
63:13:fa:7e:20:62:b0:e8:15:05:23:87:05:12:1f:e6:3f:7c:
e3:a0:9c:fe:d8:2d:1a:9b:7e:c9:3a:20:6a:ec:27:5c:d0:d0:
3b:24:4c:99:f4:cd:a1:9f:a9:6b:c9:d4:13:3c:a4:50:24:07:
c0:a8:3c:22:f7:05:6b:58:5f:ed:22:4e:09:89:f0:e7:b0:88:
72:db:77:1d:8c:53:84:f1:60:67:0c:3a:3a:1a:21:f1:79:41:
fa:b4:32:65:26:ee:f9:40:3d:93:e1:9a:54:59:3a:e4:5b:fc:
8b:b6:58:fb:b4:7b:65:08:e7:24:d2:03:38:c8:17:10:6c:8c:
3b:9a:01:44:24:3f:45:5e:a5:30:23:18:35:6b:1f:45:3a:3c:
35:3c:d8:e7:53:90:00:48:33:26:52:25:fe:4e:6c:d7:08:48:
7c:bd:27:fc:e2:b8:94:b8:31:64:e1:b2:ea:9b:2d:52:2a:d6:
13:ec:de:2b:69:33:d5:f6:7a:35:93:f8:23:ba:3f:19:ae:8c:
bc:bc:d8:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYuYcwoK0jdiEx557Mx5glqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZWVjNmM0Nzk1MWIyOTljNzA4MDY1ODNkNzkxZDUwY2Q4
MTZjNWYwHhcNMjUwNDEzMDkwMTIzWhcNMjUwNDE0MDkwMTIzWjAzMTEwLwYDVQQD
Eyg0YTYzMjdiZDdiODBhYmUzM2Q2YWRkNmUwOWY3ZjgzNjU5NTg1NDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFc65PpXYJeDBZpHOYA/E92octEB
dCK6Px0hP71nSiXhl3Wt9KnK4lcqixeidLZEZplGxzTURsrOOf1hW1YAx9rtcyr7
erAnwgZGFhN7Mj9xPItVgHcR9RHpLfETgO0E6oXBHCxRrZyUshOTumgpF2jzBnxl
GMEEvsNYY67nRUWjXvwNv2dbDayZHkCxsI67VAGef2xSORFhqhoAB7NbpJOFSFw1
SdIfd4HLOg8OSpiFdOgt66YVb3e1N2eAV/KyR1H3glsabURE2XisO7cuo+oymDQH
N1DTS4/eYGCXJz6Nq/cygR52mKtW9nythezFxjVOd4AoIdjLfFMj22evWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEpjJ717gKvjPWrdbgn3+DZZWFSRMB8GA1UdIwQY
MBaAFDzuxsR5UbKZxwgGWD15HVDNgWxfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE83R3hIbFJzcG5IQ0FaWVBYa2RVTTJCYkY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9iMzMwYzctZmRhYy00MDBhLTk2N2It
YTcyZWFkMjk1MzI1LzEvUE83R3hIbFJzcG5IQ0FaWVBYa2RVTTJCYkY4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9iMzMwYzctZmRhYy00MDBhLTk2N2ItYTcyZWFkMjk1MzI1
LzEvUE83R3hIbFJzcG5IQ0FaWVBYa2RVTTJCYkY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAFcZNbYW
vZE82vo7UpJpO8UCOt/o5PFvxVwFvB+ws+z8ZyXJJYwA3m8YlalMfpfcuvKnpnmq
YxP6fiBisOgVBSOHBRIf5j9846Cc/tgtGpt+yTogauwnXNDQOyRMmfTNoZ+pa8nU
EzykUCQHwKg8IvcFa1hf7SJOCYnw57CIctt3HYxThPFgZww6Ohoh8XlB+rQyZSbu
+UA9k+GaVFk65Fv8i7ZY+7R7ZQjnJNIDOMgXEGyMO5oBRCQ/RV6lMCMYNWsfRTo8
NTzY51OQAEgzJlIl/k5s1whIfL0n/OK4lLgxZOGy6pstUirWE+zeK2kz1fZ6NZP4
I7o/Ga6MvLzYKw==
-----END CERTIFICATE-----