Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/818f6a-7e0a-4a00-956e-2d993ff031be/1/kH0XgcKKAnQep6Y6zjqVMX7ri3w.mft
File: kH0XgcKKAnQep6Y6zjqVMX7ri3w.mft (raw, json)
Hash identifier: BqeUN0hD5fVJsZebIF+Mkf/Iuil/NE8YhaVQAywXx8o=
Subject key identifier: B4:84:83:EB:D5:BF:64:75:B7:18:CA:BB:19:B0:E1:CD:3B:44:27:52
Authority key identifier: 90:7D:17:81:C2:8A:02:74:1E:A7:A6:3A:CE:3A:95:31:7E:EB:8B:7C
Certificate issuer: /CN=907d1781c28a02741ea7a63ace3a95317eeb8b7c
Certificate serial: 0199567A126B72522C4848EE1EEB87165A91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kH0XgcKKAnQep6Y6zjqVMX7ri3w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/818f6a-7e0a-4a00-956e-2d993ff031be/1/kH0XgcKKAnQep6Y6zjqVMX7ri3w.mft
Manifest number: 0623
Signing time: Wed 17 Sep 2025 07:01:04 +0000
Manifest this update: Wed 17 Sep 2025 07:01:04 +0000
Manifest next update: Thu 18 Sep 2025 07:01:04 +0000
Files and hashes: 1: kH0XgcKKAnQep6Y6zjqVMX7ri3w.crl (hash: 6wwLhlBRr20+5Hjunv7DkpwPpAqjKL4KqIOvQH8Lj1I=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:56:7a:12:6b:72:52:2c:48:48:ee:1e:eb:87:16:5a:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=907d1781c28a02741ea7a63ace3a95317eeb8b7c
Validity
Not Before: Sep 17 07:01:04 2025 GMT
Not After : Sep 18 07:01:04 2025 GMT
Subject: CN=b48483ebd5bf6475b718cabb19b0e1cd3b442752
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:f2:f3:65:02:9e:2f:d6:63:68:fb:00:5d:7b:
cb:6b:d7:30:f1:6d:c5:87:3e:ce:03:33:3c:84:2c:
8b:89:07:53:63:d1:93:6f:cc:92:2c:13:d6:c4:83:
93:9f:59:2f:ae:01:ed:5a:ce:98:53:e3:57:46:76:
96:ed:20:50:4f:ff:6f:01:d7:e6:58:5e:1f:c4:d2:
ca:4e:75:c8:0e:4e:a4:3e:68:64:2e:ed:7e:2a:c0:
66:77:b7:be:77:d8:c0:6c:b4:f9:3e:ae:a5:30:d9:
00:49:ba:81:b5:7c:35:4b:60:53:06:28:1e:95:28:
dd:93:fe:bd:2c:b4:85:48:19:23:d7:a9:57:f5:47:
46:09:53:5d:64:ba:30:c0:72:45:33:20:dd:bc:22:
71:b0:62:db:a6:32:5f:e6:72:b4:36:e2:66:cf:87:
93:5c:a2:7b:1a:94:6b:55:5e:1c:99:03:19:5b:25:
7a:5f:12:f3:d9:f9:96:d0:2a:d1:8a:00:dc:ed:49:
5c:aa:6b:d5:f3:6d:21:0c:ec:7b:24:21:26:75:36:
ab:59:31:07:ce:44:a6:b0:93:54:57:53:39:62:db:
b7:42:d2:ba:6e:42:ac:76:3f:8d:15:f1:91:df:0f:
62:aa:ae:bf:99:04:a0:66:b1:bc:5e:89:93:ce:49:
b3:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:84:83:EB:D5:BF:64:75:B7:18:CA:BB:19:B0:E1:CD:3B:44:27:52
X509v3 Authority Key Identifier:
keyid:90:7D:17:81:C2:8A:02:74:1E:A7:A6:3A:CE:3A:95:31:7E:EB:8B:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kH0XgcKKAnQep6Y6zjqVMX7ri3w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/818f6a-7e0a-4a00-956e-2d993ff031be/1/kH0XgcKKAnQep6Y6zjqVMX7ri3w.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/818f6a-7e0a-4a00-956e-2d993ff031be/1/kH0XgcKKAnQep6Y6zjqVMX7ri3w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
19:1c:ed:e5:71:69:2d:92:c4:65:e1:a6:5a:1d:22:08:b0:9e:
cf:3f:52:05:3d:4b:c6:f9:a8:06:f6:fa:66:61:3d:22:82:3e:
e5:56:4f:2d:77:03:d5:63:5d:00:2e:3d:f6:46:4f:3a:f6:32:
75:ee:a9:79:ab:04:4b:a6:b8:41:8a:d7:3a:f7:ee:2f:ad:c3:
b7:ce:68:64:c1:07:e2:aa:b0:77:7e:a0:51:d3:0a:09:49:7d:
87:f9:98:83:65:c8:82:f9:ac:4d:e6:f4:d8:69:11:0d:35:98:
1d:74:52:c0:a5:79:1d:ee:50:02:a5:ea:ac:da:03:5b:54:93:
7a:50:2b:90:b2:91:67:d2:d3:55:54:a0:a7:1b:dc:51:51:98:
48:f0:fe:d7:4a:9b:64:3b:5b:a5:b4:f8:03:3f:f2:91:66:3d:
6a:0a:d2:2c:85:24:1b:7b:04:17:d2:cc:4a:13:7b:2b:fe:5d:
c8:c6:37:ca:69:99:a3:b5:97:57:45:64:63:e1:9d:59:b5:2b:
c6:7c:8d:d7:c0:82:0b:cc:9f:e7:9e:7b:45:eb:64:64:34:32:
0f:c1:78:6b:48:d3:2a:8f:b4:58:aa:83:26:b4:4a:32:06:9a:
05:52:cd:38:de:9a:ec:8b:5a:ae:3e:50:d5:33:1f:4a:02:27:
91:9e:0e:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZlWehJrclIsSEjuHuuHFlqRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwN2QxNzgxYzI4YTAyNzQxZWE3YTYzYWNlM2E5NTMxN2Vl
YjhiN2MwHhcNMjUwOTE3MDcwMTA0WhcNMjUwOTE4MDcwMTA0WjAzMTEwLwYDVQQD
EyhiNDg0ODNlYmQ1YmY2NDc1YjcxOGNhYmIxOWIwZTFjZDNiNDQyNzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvvLzZQKeL9ZjaPsAXXvLa9cw8W3F
hz7OAzM8hCyLiQdTY9GTb8ySLBPWxIOTn1kvrgHtWs6YU+NXRnaW7SBQT/9vAdfm
WF4fxNLKTnXIDk6kPmhkLu1+KsBmd7e+d9jAbLT5Pq6lMNkASbqBtXw1S2BTBige
lSjdk/69LLSFSBkj16lX9UdGCVNdZLowwHJFMyDdvCJxsGLbpjJf5nK0NuJmz4eT
XKJ7GpRrVV4cmQMZWyV6XxLz2fmW0CrRigDc7UlcqmvV820hDOx7JCEmdTarWTEH
zkSmsJNUV1M5Ytu3QtK6bkKsdj+NFfGR3w9iqq6/mQSgZrG8XomTzkmzTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLSEg+vVv2R1txjKuxmw4c07RCdSMB8GA1UdIwQY
MBaAFJB9F4HCigJ0HqemOs46lTF+64t8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0gwWGdjS0tBblFlcDZZNnpqcVZNWDdyaTN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC84MThmNmEtN2UwYS00YTAwLTk1NmUt
MmQ5OTNmZjAzMWJlLzEva0gwWGdjS0tBblFlcDZZNnpqcVZNWDdyaTN3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC84MThmNmEtN2UwYS00YTAwLTk1NmUtMmQ5OTNmZjAzMWJl
LzEva0gwWGdjS0tBblFlcDZZNnpqcVZNWDdyaTN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGRzt5XFp
LZLEZeGmWh0iCLCezz9SBT1LxvmoBvb6ZmE9IoI+5VZPLXcD1WNdAC499kZPOvYy
de6peasES6a4QYrXOvfuL63Dt85oZMEH4qqwd36gUdMKCUl9h/mYg2XIgvmsTeb0
2GkRDTWYHXRSwKV5He5QAqXqrNoDW1STelArkLKRZ9LTVVSgpxvcUVGYSPD+10qb
ZDtbpbT4Az/ykWY9agrSLIUkG3sEF9LMShN7K/5dyMY3ymmZo7WXV0VkY+GdWbUr
xnyN18CCC8yf5557RetkZDQyD8F4a0jTKo+0WKqDJrRKMgaaBVLNON6a7Itarj5Q
1TMfSgInkZ4O4A==
-----END CERTIFICATE-----
Generated at Wed Nov 5 01:43:20 2025 by rpki-client