Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/7ded1f-c40d-47f2-a110-8456dce59ce0/1/Lw47dY4ki4AfwfMNNF1giwevG_Y.mft
File: Lw47dY4ki4AfwfMNNF1giwevG_Y.mft (raw, json)
Hash identifier: qQbIy/CnKLA2qrDRn4NXNcW6le8+VxnHS4tpghFQUHY=
Subject key identifier: A3:4B:45:B1:02:21:20:8C:EA:1B:91:14:DB:2D:E5:82:80:39:0D:BC
Authority key identifier: 2F:0E:3B:75:8E:24:8B:80:1F:C1:F3:0D:34:5D:60:8B:07:AF:1B:F6
Certificate issuer: /CN=2f0e3b758e248b801fc1f30d345d608b07af1bf6
Certificate serial: 019A0411EB0F29BE27C92D6951BCAF32D411
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lw47dY4ki4AfwfMNNF1giwevG_Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/7ded1f-c40d-47f2-a110-8456dce59ce0/1/Lw47dY4ki4AfwfMNNF1giwevG_Y.mft
Manifest number: 070C
Signing time: Tue 21 Oct 2025 00:01:14 +0000
Manifest this update: Tue 21 Oct 2025 00:01:14 +0000
Manifest next update: Wed 22 Oct 2025 00:01:14 +0000
Files and hashes: 1: Lw47dY4ki4AfwfMNNF1giwevG_Y.crl (hash: HmB10ZiXUgQqHGUq76Ao08IzBCEu+ZcpfprbdTybBhk=)
2: MBtZdpS4ymxgginyDhvfCoGQ29s.roa (hash: Taga/JoIPOZ2TxBr6cVw0HmmUo2VGq5/DtsPjFffmvI=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:04:11:eb:0f:29:be:27:c9:2d:69:51:bc:af:32:d4:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f0e3b758e248b801fc1f30d345d608b07af1bf6
Validity
Not Before: Oct 21 00:01:14 2025 GMT
Not After : Oct 22 00:01:14 2025 GMT
Subject: CN=a34b45b10221208cea1b9114db2de58280390dbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:46:1e:72:a6:40:a2:d4:7d:58:ac:65:6a:ec:
cb:b6:a6:82:1c:73:31:e2:c6:39:8e:45:7c:53:11:
14:4d:02:58:68:02:a7:e7:17:e8:d3:1d:d0:4a:92:
84:8f:05:26:f8:26:6e:ed:fd:48:b7:dc:a9:c8:0f:
63:ed:dd:cf:45:9f:9a:93:00:aa:1f:f0:16:6a:32:
40:08:6f:08:61:1b:66:cc:38:7b:01:9c:bc:d8:fa:
e0:0d:b0:af:25:d7:ea:86:9a:e0:82:05:1b:b9:64:
84:4f:35:2e:6b:e2:95:d9:20:c0:27:2a:2a:28:d5:
4a:47:80:18:d2:f7:61:ab:5e:27:ad:34:2e:b4:0d:
a0:58:98:97:91:2b:4e:2e:0a:bb:04:1d:e9:20:46:
e6:54:83:a6:d4:a3:da:36:c6:ad:67:1d:eb:4c:78:
8f:b6:d7:b1:67:0c:be:d7:b9:75:f0:1d:cd:ee:e0:
4a:af:9d:58:2e:f1:ae:39:6b:bf:08:ea:e8:0a:0d:
5e:81:52:eb:94:64:3f:9a:9e:25:c3:cb:76:e7:84:
b9:6a:08:88:eb:13:08:aa:b6:43:cc:0c:0b:bf:b2:
c6:ee:d0:c7:8a:97:c5:21:c8:d6:00:8d:57:46:bf:
eb:78:09:a2:c5:e5:db:6d:36:77:6c:e1:ec:0a:52:
99:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:4B:45:B1:02:21:20:8C:EA:1B:91:14:DB:2D:E5:82:80:39:0D:BC
X509v3 Authority Key Identifier:
keyid:2F:0E:3B:75:8E:24:8B:80:1F:C1:F3:0D:34:5D:60:8B:07:AF:1B:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lw47dY4ki4AfwfMNNF1giwevG_Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/7ded1f-c40d-47f2-a110-8456dce59ce0/1/Lw47dY4ki4AfwfMNNF1giwevG_Y.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/7ded1f-c40d-47f2-a110-8456dce59ce0/1/Lw47dY4ki4AfwfMNNF1giwevG_Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
33:71:ac:bf:a4:10:68:5f:28:11:aa:68:6c:2f:12:59:6d:e8:
c7:58:c5:00:15:71:02:a8:a1:21:5d:38:12:0d:f7:9b:cd:a4:
62:7c:92:a4:76:5d:5d:a2:a1:a0:73:64:67:2e:d1:bb:33:49:
27:ed:8a:70:7e:67:ce:3f:b4:66:5a:37:95:70:2c:b7:b4:36:
08:bf:a7:f7:8d:3f:ed:2d:b8:0d:10:e9:ca:a1:32:be:9c:1e:
99:e5:60:a4:77:86:2a:40:ab:22:f7:c4:dd:c4:1a:bb:34:41:
59:6d:8e:38:5f:ed:ab:af:fd:fb:51:84:cf:74:50:a9:16:57:
17:b9:85:46:8b:51:06:6e:75:e9:e8:65:0c:74:f4:84:b0:37:
9d:7b:c5:25:9e:22:8d:5a:41:8b:74:66:25:f1:54:6c:f8:ef:
52:dd:11:02:b4:c8:47:97:00:73:b9:11:68:3e:0a:64:f5:7d:
94:7e:5b:d2:30:5d:62:c7:33:bd:f0:9e:12:32:81:60:37:0b:
fd:73:e9:e6:3e:ce:ef:bf:3e:d6:15:cf:56:27:97:ec:68:8f:
aa:16:01:61:bf:87:9b:15:9f:ba:a9:2e:65:11:46:0d:e5:6a:
d1:54:0d:f9:20:83:fa:32:52:30:11:be:f2:77:05:c3:c9:22:
8b:66:29:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoEEesPKb4nyS1pUbyvMtQRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMGUzYjc1OGUyNDhiODAxZmMxZjMwZDM0NWQ2MDhiMDdh
ZjFiZjYwHhcNMjUxMDIxMDAwMTE0WhcNMjUxMDIyMDAwMTE0WjAzMTEwLwYDVQQD
EyhhMzRiNDViMTAyMjEyMDhjZWExYjkxMTRkYjJkZTU4MjgwMzkwZGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0YecqZAotR9WKxlauzLtqaCHHMx
4sY5jkV8UxEUTQJYaAKn5xfo0x3QSpKEjwUm+CZu7f1It9ypyA9j7d3PRZ+akwCq
H/AWajJACG8IYRtmzDh7AZy82PrgDbCvJdfqhprgggUbuWSETzUua+KV2SDAJyoq
KNVKR4AY0vdhq14nrTQutA2gWJiXkStOLgq7BB3pIEbmVIOm1KPaNsatZx3rTHiP
ttexZwy+17l18B3N7uBKr51YLvGuOWu/COroCg1egVLrlGQ/mp4lw8t254S5agiI
6xMIqrZDzAwLv7LG7tDHipfFIcjWAI1XRr/reAmixeXbbTZ3bOHsClKZ7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKNLRbECISCM6huRFNst5YKAOQ28MB8GA1UdIwQY
MBaAFC8OO3WOJIuAH8HzDTRdYIsHrxv2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHc0N2RZNGtpNEFmd2ZNTk5GMWdpd2V2R19ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS83ZGVkMWYtYzQwZC00N2YyLWExMTAt
ODQ1NmRjZTU5Y2UwLzEvTHc0N2RZNGtpNEFmd2ZNTk5GMWdpd2V2R19ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS83ZGVkMWYtYzQwZC00N2YyLWExMTAtODQ1NmRjZTU5Y2Uw
LzEvTHc0N2RZNGtpNEFmd2ZNTk5GMWdpd2V2R19ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM3Gsv6QQ
aF8oEapobC8SWW3ox1jFABVxAqihIV04Eg33m82kYnySpHZdXaKhoHNkZy7RuzNJ
J+2KcH5nzj+0Zlo3lXAst7Q2CL+n940/7S24DRDpyqEyvpwemeVgpHeGKkCrIvfE
3cQauzRBWW2OOF/tq6/9+1GEz3RQqRZXF7mFRotRBm516ehlDHT0hLA3nXvFJZ4i
jVpBi3RmJfFUbPjvUt0RArTIR5cAc7kRaD4KZPV9lH5b0jBdYsczvfCeEjKBYDcL
/XPp5j7O778+1hXPVieX7GiPqhYBYb+HmxWfuqkuZRFGDeVq0VQN+SCD+jJSMBG+
8ncFw8kii2YpNg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:41:00 2025 by rpki-client