Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/0ac3ba-54d3-491f-9048-555a19833d8e/1/sz3NILWulcFy0y7XKevzBhl7I-c.mft
File: sz3NILWulcFy0y7XKevzBhl7I-c.mft (raw, json)
Hash identifier: DXuhdnkdfbzmuSaE9A0pQd6dkhHGUXG8KHjPcdCvDzI=
Subject key identifier: F8:3A:94:F8:66:7C:10:DC:A5:E7:0E:7A:88:C1:D9:1C:F0:5D:D8:82
Authority key identifier: B3:3D:CD:20:B5:AE:95:C1:72:D3:2E:D7:29:EB:F3:06:19:7B:23:E7
Certificate issuer: /CN=b33dcd20b5ae95c172d32ed729ebf306197b23e7
Certificate serial: 019A32A10615ABBEFB5FE1BD6B3E99109A60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sz3NILWulcFy0y7XKevzBhl7I-c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/0ac3ba-54d3-491f-9048-555a19833d8e/1/sz3NILWulcFy0y7XKevzBhl7I-c.mft
Manifest number: 16FF
Signing time: Thu 30 Oct 2025 01:00:04 +0000
Manifest this update: Thu 30 Oct 2025 01:00:04 +0000
Manifest next update: Fri 31 Oct 2025 01:00:04 +0000
Files and hashes: 1: CIm7PdRT4tGc0ohUd0vMkXyk2Z4.roa (hash: bKi9ERQ3HDvQWS3A9n+SnlJFymCAx7E6eQcIAFgcP7o=)
2: sz3NILWulcFy0y7XKevzBhl7I-c.crl (hash: 192y3tYhicHJhYK8USZZUpRgzc59e9vjQJS+g2FsZK8=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:32:a1:06:15:ab:be:fb:5f:e1:bd:6b:3e:99:10:9a:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b33dcd20b5ae95c172d32ed729ebf306197b23e7
Validity
Not Before: Oct 30 01:00:04 2025 GMT
Not After : Oct 31 01:00:04 2025 GMT
Subject: CN=f83a94f8667c10dca5e70e7a88c1d91cf05dd882
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:d6:46:61:fe:eb:ae:02:20:9a:39:6b:f8:35:
84:6e:63:16:48:de:e3:84:82:dc:8b:af:6f:11:37:
24:ed:8d:0e:7d:d6:29:d8:83:8a:d9:ab:0f:cc:0a:
e6:38:39:00:6b:d5:d1:3d:15:14:3d:11:b9:b5:01:
ea:49:7d:05:ed:a8:3c:8e:dd:71:1e:0e:04:10:41:
a1:a9:6f:ee:bf:68:59:27:72:9e:ac:e6:f7:f4:0a:
d3:fd:98:28:33:f4:a9:17:c1:69:7e:67:08:8f:d4:
91:81:55:e5:73:bd:fc:65:6d:a5:3a:93:5d:22:3f:
e9:68:41:56:27:90:66:0c:19:a9:23:36:ee:0d:3c:
18:94:71:dc:b5:93:10:52:e4:d1:b1:96:b8:cb:08:
00:6c:9f:46:7a:0d:42:0b:42:94:d3:8f:a5:da:76:
f3:e1:2d:c6:0a:b8:c9:2c:cf:b4:90:eb:99:aa:db:
77:24:1b:07:11:97:1c:e7:01:d9:ce:8b:cb:f1:35:
88:c3:68:18:aa:d8:49:5b:10:38:0d:41:fe:ba:93:
9a:15:e3:14:43:72:12:2d:3d:97:23:2f:47:f7:48:
b7:75:1f:3b:35:e0:a1:a7:cf:22:f6:9f:8b:f1:d5:
8c:4b:5a:e9:d4:3b:7a:44:92:9e:b2:c6:76:5c:41:
62:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:3A:94:F8:66:7C:10:DC:A5:E7:0E:7A:88:C1:D9:1C:F0:5D:D8:82
X509v3 Authority Key Identifier:
keyid:B3:3D:CD:20:B5:AE:95:C1:72:D3:2E:D7:29:EB:F3:06:19:7B:23:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sz3NILWulcFy0y7XKevzBhl7I-c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/0ac3ba-54d3-491f-9048-555a19833d8e/1/sz3NILWulcFy0y7XKevzBhl7I-c.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/0ac3ba-54d3-491f-9048-555a19833d8e/1/sz3NILWulcFy0y7XKevzBhl7I-c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
37:c8:03:b1:63:71:40:d1:67:e2:13:0f:19:dd:90:28:5f:98:
f6:c8:d0:4b:a6:5e:a0:4e:fa:a1:d6:2e:b1:4e:26:4c:e9:54:
fc:be:9d:ca:94:2f:2d:06:93:9f:02:82:8f:8b:d8:e3:ee:fc:
bb:36:c0:6b:ea:40:63:9f:7f:42:70:54:c8:65:85:6e:cc:43:
9f:46:62:1c:b3:1c:0d:83:04:5b:25:73:6b:3b:3b:1f:f9:2a:
f1:f2:26:f3:54:29:e8:5c:6b:0a:3e:95:0c:b4:ff:a0:b4:6d:
67:49:e4:f0:da:c0:83:35:c8:c2:12:61:93:4d:8c:7d:ef:30:
40:49:3a:e6:bd:48:f5:3a:c8:b5:5a:f2:d7:56:11:08:1e:97:
56:5b:c7:c5:b0:29:d1:5a:f4:c8:39:c4:27:be:9c:90:94:a0:
ce:f2:b8:4a:d4:60:20:53:6e:95:45:48:1c:92:92:99:74:ef:
c0:2c:69:7f:bd:3a:57:ea:73:c6:2c:88:3d:cc:e7:ef:69:a3:
7f:b1:a4:7e:77:cc:d5:19:3c:8d:06:12:86:4d:7a:47:a5:1d:
ec:85:2a:9e:01:96:9d:3a:2e:94:f9:3c:3c:62:e9:8a:1a:4d:
4b:b6:93:1d:c4:f6:5c:54:db:d7:8d:d4:b3:63:d6:a0:99:40:
96:be:24:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoyoQYVq777X+G9az6ZEJpgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzM2RjZDIwYjVhZTk1YzE3MmQzMmVkNzI5ZWJmMzA2MTk3
YjIzZTcwHhcNMjUxMDMwMDEwMDA0WhcNMjUxMDMxMDEwMDA0WjAzMTEwLwYDVQQD
EyhmODNhOTRmODY2N2MxMGRjYTVlNzBlN2E4OGMxZDkxY2YwNWRkODgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNZGYf7rrgIgmjlr+DWEbmMWSN7j
hILci69vETck7Y0OfdYp2IOK2asPzArmODkAa9XRPRUUPRG5tQHqSX0F7ag8jt1x
Hg4EEEGhqW/uv2hZJ3KerOb39ArT/ZgoM/SpF8FpfmcIj9SRgVXlc738ZW2lOpNd
Ij/paEFWJ5BmDBmpIzbuDTwYlHHctZMQUuTRsZa4ywgAbJ9Geg1CC0KU04+l2nbz
4S3GCrjJLM+0kOuZqtt3JBsHEZcc5wHZzovL8TWIw2gYqthJWxA4DUH+upOaFeMU
Q3ISLT2XIy9H90i3dR87NeChp88i9p+L8dWMS1rp1Dt6RJKessZ2XEFi+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPg6lPhmfBDcpecOeojB2RzwXdiCMB8GA1UdIwQY
MBaAFLM9zSC1rpXBctMu1ynr8wYZeyPnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3ozTklMV3VsY0Z5MHk3WEtldnpCaGw3SS1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8wYWMzYmEtNTRkMy00OTFmLTkwNDgt
NTU1YTE5ODMzZDhlLzEvc3ozTklMV3VsY0Z5MHk3WEtldnpCaGw3SS1jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8wYWMzYmEtNTRkMy00OTFmLTkwNDgtNTU1YTE5ODMzZDhl
LzEvc3ozTklMV3VsY0Z5MHk3WEtldnpCaGw3SS1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN8gDsWNx
QNFn4hMPGd2QKF+Y9sjQS6ZeoE76odYusU4mTOlU/L6dypQvLQaTnwKCj4vY4+78
uzbAa+pAY59/QnBUyGWFbsxDn0ZiHLMcDYMEWyVzazs7H/kq8fIm81Qp6FxrCj6V
DLT/oLRtZ0nk8NrAgzXIwhJhk02Mfe8wQEk65r1I9TrItVry11YRCB6XVlvHxbAp
0Vr0yDnEJ76ckJSgzvK4StRgIFNulUVIHJKSmXTvwCxpf706V+pzxiyIPczn72mj
f7GkfnfM1Rk8jQYShk16R6Ud7IUqngGWnToulPk8PGLpihpNS7aTHcT2XFTb143U
s2PWoJlAlr4kdA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 01:30:51 2025 by rpki-client