Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/25cbad-6134-45b1-8b3d-eb569a8a210f/1/gaNsZ-miNTnIFTqYNO-D5cGOa3I.mft
File: gaNsZ-miNTnIFTqYNO-D5cGOa3I.mft (raw, json)
Hash identifier: QETh/Br30JTvBAc1Xd168BdlsR5IlDPVt5fZ3sz5CsU=
Subject key identifier: 1E:AF:DB:38:84:2C:38:B4:4B:F4:70:25:6D:99:A5:6F:12:BE:4D:89
Authority key identifier: 81:A3:6C:67:E9:A2:35:39:C8:15:3A:98:34:EF:83:E5:C1:8E:6B:72
Certificate issuer: /CN=81a36c67e9a23539c8153a9834ef83e5c18e6b72
Certificate serial: 01999822B22F37ECFF9A0C9138A47071C62F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gaNsZ-miNTnIFTqYNO-D5cGOa3I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/25cbad-6134-45b1-8b3d-eb569a8a210f/1/gaNsZ-miNTnIFTqYNO-D5cGOa3I.mft
Manifest number: 04F5
Signing time: Tue 30 Sep 2025 01:00:34 +0000
Manifest this update: Tue 30 Sep 2025 01:00:34 +0000
Manifest next update: Wed 01 Oct 2025 01:00:34 +0000
Files and hashes: 1: gaNsZ-miNTnIFTqYNO-D5cGOa3I.crl (hash: MWsoyjo5ZSnMHeHUivkcDoQ1YOaykqlVkQuxSpjvKxA=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:98:22:b2:2f:37:ec:ff:9a:0c:91:38:a4:70:71:c6:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81a36c67e9a23539c8153a9834ef83e5c18e6b72
Validity
Not Before: Sep 30 01:00:34 2025 GMT
Not After : Oct 1 01:00:34 2025 GMT
Subject: CN=1eafdb38842c38b44bf470256d99a56f12be4d89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a9:16:1e:10:8e:32:a9:a0:c2:e6:b5:31:25:
f5:dd:bb:6c:a9:ff:75:cc:6f:9a:8d:29:63:6b:43:
af:5b:2b:7a:aa:b5:d4:a0:c4:94:72:ad:56:90:75:
90:11:dc:07:83:09:da:c8:4b:79:f2:41:fd:c7:38:
8b:4c:db:65:3e:39:8b:53:bd:c4:71:b5:bd:e6:89:
e4:e3:28:a9:ba:58:ae:0c:10:6f:ba:0b:17:88:8d:
ce:f1:bf:ea:10:14:52:f9:00:e6:d8:0a:07:c9:91:
ca:c5:24:56:56:b4:1c:5d:cc:4b:db:35:19:8d:a1:
e3:4c:09:14:37:12:26:05:cc:09:1d:06:2e:1a:5b:
81:1c:c3:3b:36:65:a5:b0:1c:f5:86:a1:be:20:51:
e3:a2:5a:77:f2:aa:44:85:a5:ad:54:35:9f:20:84:
b1:8e:18:5e:39:c9:1c:8a:7a:5a:17:e4:ec:53:4b:
20:a0:68:fe:ad:2b:d9:c8:9e:6f:4f:94:70:81:a0:
33:90:39:df:45:07:af:3d:1c:13:77:bd:ed:e5:22:
a3:d9:c7:00:59:eb:8e:a1:cb:d0:47:1e:86:2d:a8:
8b:a0:b4:d2:d3:40:90:d9:64:d8:b7:08:91:14:ae:
40:6b:61:26:3d:ae:d5:a3:83:3a:52:0c:52:db:07:
4c:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:AF:DB:38:84:2C:38:B4:4B:F4:70:25:6D:99:A5:6F:12:BE:4D:89
X509v3 Authority Key Identifier:
keyid:81:A3:6C:67:E9:A2:35:39:C8:15:3A:98:34:EF:83:E5:C1:8E:6B:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gaNsZ-miNTnIFTqYNO-D5cGOa3I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/25cbad-6134-45b1-8b3d-eb569a8a210f/1/gaNsZ-miNTnIFTqYNO-D5cGOa3I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/25cbad-6134-45b1-8b3d-eb569a8a210f/1/gaNsZ-miNTnIFTqYNO-D5cGOa3I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
04:b9:a7:87:25:0b:fa:de:c3:25:51:21:71:a2:9d:51:35:c8:
f0:13:95:93:75:dd:78:fe:04:38:98:1d:48:55:53:a6:ff:6a:
de:07:11:0c:d6:8a:f0:e2:cb:df:b4:bb:fa:02:d6:22:a2:1e:
d6:2e:9d:1f:9a:46:24:5b:42:1d:0c:a9:80:de:87:f9:19:a2:
fd:d3:ae:85:72:2f:c6:06:c9:a2:8e:3d:f3:60:6b:5c:40:54:
30:f5:01:55:57:b8:ec:76:80:05:9f:ca:30:c3:66:83:30:86:
d7:07:02:e4:16:03:a9:09:9a:21:ba:d7:72:57:52:d8:31:c0:
cb:be:58:ee:0b:16:34:45:b4:58:dc:e0:a8:02:b4:04:ce:7b:
3a:80:aa:74:9e:34:30:ee:56:d2:4b:d0:3c:ca:21:dd:5d:63:
47:21:c0:9d:ad:16:1a:3d:94:05:74:f5:52:92:b7:92:64:79:
62:ad:2d:98:f0:91:37:cf:b9:05:ac:e1:b1:df:92:b0:8a:5f:
11:ad:5d:ca:b9:9c:02:4d:4f:95:42:60:dc:0c:50:4d:8d:b5:
8c:e2:df:fd:63:8b:f3:e5:68:2d:91:41:bf:7b:e8:20:08:17:
c8:38:7f:23:7c:b2:b8:2e:3f:c4:65:ac:03:f3:5f:e2:0b:b6:
a7:a2:14:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZmYIrIvN+z/mgyROKRwccYvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYTM2YzY3ZTlhMjM1MzljODE1M2E5ODM0ZWY4M2U1YzE4
ZTZiNzIwHhcNMjUwOTMwMDEwMDM0WhcNMjUxMDAxMDEwMDM0WjAzMTEwLwYDVQQD
EygxZWFmZGIzODg0MmMzOGI0NGJmNDcwMjU2ZDk5YTU2ZjEyYmU0ZDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoakWHhCOMqmgwua1MSX13btsqf91
zG+ajSlja0OvWyt6qrXUoMSUcq1WkHWQEdwHgwnayEt58kH9xziLTNtlPjmLU73E
cbW95onk4yipuliuDBBvugsXiI3O8b/qEBRS+QDm2AoHyZHKxSRWVrQcXcxL2zUZ
jaHjTAkUNxImBcwJHQYuGluBHMM7NmWlsBz1hqG+IFHjolp38qpEhaWtVDWfIISx
jhheOckcinpaF+TsU0sgoGj+rSvZyJ5vT5RwgaAzkDnfRQevPRwTd73t5SKj2ccA
WeuOocvQRx6GLaiLoLTS00CQ2WTYtwiRFK5Aa2EmPa7Vo4M6UgxS2wdMnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB6v2ziELDi0S/RwJW2ZpW8Svk2JMB8GA1UdIwQY
MBaAFIGjbGfpojU5yBU6mDTvg+XBjmtyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2FOc1otbWlOVG5JRlRxWU5PLUQ1Y0dPYTNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8yNWNiYWQtNjEzNC00NWIxLThiM2Qt
ZWI1NjlhOGEyMTBmLzEvZ2FOc1otbWlOVG5JRlRxWU5PLUQ1Y0dPYTNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8yNWNiYWQtNjEzNC00NWIxLThiM2QtZWI1NjlhOGEyMTBm
LzEvZ2FOc1otbWlOVG5JRlRxWU5PLUQ1Y0dPYTNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABLmnhyUL
+t7DJVEhcaKdUTXI8BOVk3XdeP4EOJgdSFVTpv9q3gcRDNaK8OLL37S7+gLWIqIe
1i6dH5pGJFtCHQypgN6H+Rmi/dOuhXIvxgbJoo4982BrXEBUMPUBVVe47HaABZ/K
MMNmgzCG1wcC5BYDqQmaIbrXcldS2DHAy75Y7gsWNEW0WNzgqAK0BM57OoCqdJ40
MO5W0kvQPMoh3V1jRyHAna0WGj2UBXT1UpK3kmR5Yq0tmPCRN8+5Bazhsd+SsIpf
Ea1dyrmcAk1PlUJg3AxQTY21jOLf/WOL8+VoLZFBv3voIAgXyDh/I3yyuC4/xGWs
A/Nf4gu2p6IUZw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 00:46:15 2025 by rpki-client