Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/70e964-601e-4f4b-911e-6e3a7d969a40/1/5OIv9yeFHntJFhTwetExVxQcwwk.mft
File: 5OIv9yeFHntJFhTwetExVxQcwwk.mft (raw, json)
Hash identifier: IhPWh1T7Lfbsg0/UTQh+CuthhnRg1zCPTgA2IgXiMlQ=
Subject key identifier: 28:6A:80:40:95:25:BF:85:4A:D1:44:44:40:08:AF:2D:B6:F1:67:69
Authority key identifier: E4:E2:2F:F7:27:85:1E:7B:49:16:14:F0:7A:D1:31:57:14:1C:C3:09
Certificate issuer: /CN=e4e22ff727851e7b491614f07ad13157141cc309
Certificate serial: 01992C34D0F3A77BF71ED9828470DD2C18E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5OIv9yeFHntJFhTwetExVxQcwwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/70e964-601e-4f4b-911e-6e3a7d969a40/1/5OIv9yeFHntJFhTwetExVxQcwwk.mft
Manifest number: 1525
Signing time: Tue 09 Sep 2025 02:01:22 +0000
Manifest this update: Tue 09 Sep 2025 02:01:22 +0000
Manifest next update: Wed 10 Sep 2025 02:01:22 +0000
Files and hashes: 1: 5OIv9yeFHntJFhTwetExVxQcwwk.crl (hash: AJzdfXkpwo9PRzaWOYGExWfdiAxB1tgaxQ/FyFdZ7D4=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:2c:34:d0:f3:a7:7b:f7:1e:d9:82:84:70:dd:2c:18:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4e22ff727851e7b491614f07ad13157141cc309
Validity
Not Before: Sep 9 02:01:22 2025 GMT
Not After : Sep 10 02:01:22 2025 GMT
Subject: CN=286a80409525bf854ad144444008af2db6f16769
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:1b:9b:8b:dc:79:e9:8c:22:d9:6b:f6:4f:ed:
5f:6a:dd:79:48:c8:5d:04:bb:32:1d:85:c5:6a:91:
86:28:68:0d:dd:3a:e6:95:f0:51:39:ab:5d:ae:fe:
c6:c6:45:d7:44:ad:55:71:90:da:90:71:c5:8b:07:
0c:fd:9f:ae:97:a5:d0:9f:5b:9d:50:df:27:4b:ac:
0c:70:b2:99:bd:f9:56:46:ee:67:5f:9f:b2:02:ee:
4d:97:b1:5e:34:a9:81:39:6f:5e:f9:a3:70:45:e1:
95:fc:39:39:99:40:80:fb:f8:c1:68:cd:a4:87:f3:
70:c7:6f:fb:2f:e7:2e:f2:93:29:33:26:41:8f:f1:
21:f9:0d:c0:73:40:0d:b9:7a:23:78:a2:98:b6:f0:
f3:29:4e:88:e6:45:92:66:f5:43:de:80:d0:af:5e:
04:67:0f:cb:5b:65:d8:12:80:98:1d:ad:00:94:db:
2e:40:4f:03:25:04:76:cf:76:77:54:e0:bc:60:ec:
f7:41:85:d9:d0:f5:9c:ed:a9:1c:1b:58:53:bf:ca:
28:7b:19:ff:c3:f0:cb:18:1f:7d:d1:8f:9e:b2:67:
1c:78:b6:a9:4c:21:2e:e1:a1:d5:b0:c7:f5:30:03:
5e:93:33:d9:c0:fe:b1:49:e6:9a:ef:c4:85:46:9c:
59:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:6A:80:40:95:25:BF:85:4A:D1:44:44:40:08:AF:2D:B6:F1:67:69
X509v3 Authority Key Identifier:
keyid:E4:E2:2F:F7:27:85:1E:7B:49:16:14:F0:7A:D1:31:57:14:1C:C3:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5OIv9yeFHntJFhTwetExVxQcwwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/70e964-601e-4f4b-911e-6e3a7d969a40/1/5OIv9yeFHntJFhTwetExVxQcwwk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/70e964-601e-4f4b-911e-6e3a7d969a40/1/5OIv9yeFHntJFhTwetExVxQcwwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
94:6f:c6:85:74:25:0e:94:35:30:87:90:26:b5:44:fe:60:83:
fb:4c:16:0b:d7:fa:da:e7:84:88:00:d1:00:b6:3f:99:79:a2:
52:81:77:31:4c:aa:99:b4:90:b0:ba:d3:d9:7e:0f:77:1c:1d:
23:53:01:c5:f6:0c:6d:2c:cc:dc:cc:d8:db:50:f2:76:1e:19:
65:a7:55:a8:f9:45:3e:fb:c6:5f:95:03:b1:6f:1e:e3:7b:42:
27:eb:b7:bf:9b:98:86:69:9c:df:9a:09:77:23:58:a0:2a:22:
4b:32:36:77:a8:d6:3e:4c:d4:f4:fe:ad:01:a6:28:f1:a0:79:
09:66:e9:08:74:eb:08:2a:f6:4f:fe:e1:93:ea:34:bf:17:78:
50:a6:8f:64:87:69:42:2b:fc:a2:c3:56:62:41:db:4f:ab:25:
54:2d:40:d7:bd:a1:49:51:c3:e0:7f:c6:2d:0f:aa:03:d7:ee:
bc:ff:0d:37:6b:b3:9b:e7:7d:22:d5:66:dd:2a:23:e1:0e:21:
89:90:8c:e0:2d:6d:e0:48:6a:fe:fb:de:35:1b:4a:dd:00:50:
32:3a:7d:7c:ae:5c:ab:8c:9f:83:79:36:8e:4c:32:a3:44:9f:
13:08:55:f5:67:ab:ff:2e:09:52:c0:c0:3d:a6:ec:35:28:97:
a3:b9:78:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZksNNDzp3v3HtmChHDdLBjiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0ZTIyZmY3Mjc4NTFlN2I0OTE2MTRmMDdhZDEzMTU3MTQx
Y2MzMDkwHhcNMjUwOTA5MDIwMTIyWhcNMjUwOTEwMDIwMTIyWjAzMTEwLwYDVQQD
EygyODZhODA0MDk1MjViZjg1NGFkMTQ0NDQ0MDA4YWYyZGI2ZjE2NzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhubi9x56Ywi2Wv2T+1fat15SMhd
BLsyHYXFapGGKGgN3TrmlfBROatdrv7GxkXXRK1VcZDakHHFiwcM/Z+ul6XQn1ud
UN8nS6wMcLKZvflWRu5nX5+yAu5Nl7FeNKmBOW9e+aNwReGV/Dk5mUCA+/jBaM2k
h/Nwx2/7L+cu8pMpMyZBj/Eh+Q3Ac0ANuXojeKKYtvDzKU6I5kWSZvVD3oDQr14E
Zw/LW2XYEoCYHa0AlNsuQE8DJQR2z3Z3VOC8YOz3QYXZ0PWc7akcG1hTv8ooexn/
w/DLGB990Y+esmcceLapTCEu4aHVsMf1MANekzPZwP6xSeaa78SFRpxZNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFChqgECVJb+FStFEREAIry228WdpMB8GA1UdIwQY
MBaAFOTiL/cnhR57SRYU8HrRMVcUHMMJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNU9Jdjl5ZUZIbnRKRmhUd2V0RXhWeFFjd3drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC83MGU5NjQtNjAxZS00ZjRiLTkxMWUt
NmUzYTdkOTY5YTQwLzEvNU9Jdjl5ZUZIbnRKRmhUd2V0RXhWeFFjd3drLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC83MGU5NjQtNjAxZS00ZjRiLTkxMWUtNmUzYTdkOTY5YTQw
LzEvNU9Jdjl5ZUZIbnRKRmhUd2V0RXhWeFFjd3drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlG/GhXQl
DpQ1MIeQJrVE/mCD+0wWC9f62ueEiADRALY/mXmiUoF3MUyqmbSQsLrT2X4Pdxwd
I1MBxfYMbSzM3MzY21Dydh4ZZadVqPlFPvvGX5UDsW8e43tCJ+u3v5uYhmmc35oJ
dyNYoCoiSzI2d6jWPkzU9P6tAaYo8aB5CWbpCHTrCCr2T/7hk+o0vxd4UKaPZIdp
Qiv8osNWYkHbT6slVC1A172hSVHD4H/GLQ+qA9fuvP8NN2uzm+d9ItVm3Soj4Q4h
iZCM4C1t4Ehq/vveNRtK3QBQMjp9fK5cq4yfg3k2jkwyo0SfEwhV9Wer/y4JUsDA
PabsNSiXo7l4QQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:21:21 2025 by rpki-client