Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/d29cf0-4064-498a-8de3-11646be16723/1/O-5gZrtlLGSMeocJnQ2TVFRgYNM.mft
File:                     O-5gZrtlLGSMeocJnQ2TVFRgYNM.mft (raw, json)
Hash identifier:          izBiorQk/LG7nt4bt1DuQ9xLD7n6rP/SWrHxUybEqJQ=
Subject key identifier:   E2:93:8A:9C:16:4F:93:69:52:97:35:1E:76:A0:F4:B5:43:B5:B7:D2
Authority key identifier: 3B:EE:60:66:BB:65:2C:64:8C:7A:87:09:9D:0D:93:54:54:60:60:D3
Certificate issuer:       /CN=3bee6066bb652c648c7a87099d0d9354546060d3
Certificate serial:       0196760C816102CDE78F803AF5F2AB668DED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O-5gZrtlLGSMeocJnQ2TVFRgYNM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/d29cf0-4064-498a-8de3-11646be16723/1/O-5gZrtlLGSMeocJnQ2TVFRgYNM.mft
Manifest number:          150F
Signing time:             Sun 27 Apr 2025 07:00:52 +0000
Manifest this update:     Sun 27 Apr 2025 07:00:52 +0000
Manifest next update:     Mon 28 Apr 2025 07:00:52 +0000
Files and hashes:         1: O-5gZrtlLGSMeocJnQ2TVFRgYNM.crl (hash: oT2QUEiem3J5MOIialhaAZ/hXemuk4bp2BEEarWZwBA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0b/d29cf0-4064-498a-8de3-11646be16723/1/O-5gZrtlLGSMeocJnQ2TVFRgYNM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0b/d29cf0-4064-498a-8de3-11646be16723/1/O-5gZrtlLGSMeocJnQ2TVFRgYNM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O-5gZrtlLGSMeocJnQ2TVFRgYNM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 07:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:0c:81:61:02:cd:e7:8f:80:3a:f5:f2:ab:66:8d:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3bee6066bb652c648c7a87099d0d9354546060d3
        Validity
            Not Before: Apr 27 07:00:52 2025 GMT
            Not After : Apr 28 07:00:52 2025 GMT
        Subject: CN=e2938a9c164f93695297351e76a0f4b543b5b7d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:04:12:69:93:fc:99:57:73:cf:36:4b:ce:19:
                    d7:94:0e:bd:1f:2e:11:22:a0:73:48:be:26:c0:7c:
                    cd:2a:ef:ba:2c:6c:ea:67:a5:a4:14:51:93:bb:a8:
                    63:61:65:40:61:6a:38:6d:c0:7f:c7:0a:05:e2:e5:
                    00:46:92:83:68:9c:77:31:09:92:3c:03:cb:fc:20:
                    a5:ce:3c:e0:8f:de:e5:2e:0d:bd:a6:41:72:e4:31:
                    a6:39:2a:84:08:17:e2:56:a6:c6:be:98:01:2e:21:
                    3b:33:5a:40:0a:63:6c:13:5b:02:c4:92:47:f7:0a:
                    c5:2d:9f:dd:ca:40:33:1a:e3:1e:80:75:f0:f2:3a:
                    5e:f3:87:d7:b6:a2:2e:d1:d5:ba:d0:75:b0:9e:05:
                    3d:88:98:c5:cd:33:79:51:c3:d8:24:fe:9b:d7:77:
                    6b:73:95:1a:f7:17:87:22:1a:6c:66:6a:fb:3a:18:
                    3e:ab:72:74:bc:b2:19:54:c1:52:d2:22:c9:d0:59:
                    56:8a:4d:b0:02:37:2e:52:4c:ed:87:00:65:6c:2f:
                    63:e7:f3:7a:b5:b9:9a:6f:07:99:e2:d1:5e:06:55:
                    12:5e:3b:c5:f6:65:e9:d5:3c:c5:bb:3d:c1:21:6a:
                    3f:ac:ec:6e:90:e7:ab:fc:9e:a1:42:40:a6:08:e1:
                    44:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:93:8A:9C:16:4F:93:69:52:97:35:1E:76:A0:F4:B5:43:B5:B7:D2
            X509v3 Authority Key Identifier:
                keyid:3B:EE:60:66:BB:65:2C:64:8C:7A:87:09:9D:0D:93:54:54:60:60:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O-5gZrtlLGSMeocJnQ2TVFRgYNM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/d29cf0-4064-498a-8de3-11646be16723/1/O-5gZrtlLGSMeocJnQ2TVFRgYNM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/d29cf0-4064-498a-8de3-11646be16723/1/O-5gZrtlLGSMeocJnQ2TVFRgYNM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:9b:f0:f5:8c:d4:c9:c0:f3:98:62:ce:94:c6:8a:aa:84:d0:
         99:53:c0:3d:e5:fc:95:ff:ac:4c:a6:b1:b3:6a:4f:cb:31:16:
         1c:2a:a8:e4:e1:92:4c:c7:a6:93:58:a9:8a:0d:4d:52:64:dd:
         40:61:b0:6d:82:b1:39:89:42:65:38:48:b9:8c:c0:b1:a3:d1:
         7a:e6:05:2a:8e:a6:51:d4:17:9e:d3:6e:93:dd:84:d1:f7:81:
         28:57:32:3c:d1:cb:40:29:09:e6:0f:f9:30:9d:1d:ab:37:49:
         4b:d3:07:f7:49:38:b3:c3:55:6c:fc:cb:f5:c7:a7:09:2f:c0:
         c1:ba:52:36:b8:f6:c2:a1:f9:b7:d0:59:7e:f9:1a:a2:f4:93:
         3a:79:1f:a4:14:86:42:59:8c:e1:07:11:52:ee:8c:97:bd:ba:
         69:8d:0b:f6:10:f5:a4:02:9f:8e:64:0c:15:a8:fb:47:8d:4f:
         bf:12:39:60:c9:d8:ab:43:f9:5a:73:76:60:f0:2c:03:74:46:
         ab:1a:ec:d2:0a:01:76:c6:b2:c9:f4:ae:2e:90:bb:82:1b:81:
         f1:71:7c:cc:02:59:ca:fe:d5:ff:58:71:38:63:15:6f:14:8c:
         65:af:29:77:ec:c8:99:7b:9e:00:96:00:9b:4f:b9:b9:56:31:
         4a:95:df:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2DIFhAs3nj4A69fKrZo3tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZWU2MDY2YmI2NTJjNjQ4YzdhODcwOTlkMGQ5MzU0NTQ2
MDYwZDMwHhcNMjUwNDI3MDcwMDUyWhcNMjUwNDI4MDcwMDUyWjAzMTEwLwYDVQQD
EyhlMjkzOGE5YzE2NGY5MzY5NTI5NzM1MWU3NmEwZjRiNTQzYjViN2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwQSaZP8mVdzzzZLzhnXlA69Hy4R
IqBzSL4mwHzNKu+6LGzqZ6WkFFGTu6hjYWVAYWo4bcB/xwoF4uUARpKDaJx3MQmS
PAPL/CClzjzgj97lLg29pkFy5DGmOSqECBfiVqbGvpgBLiE7M1pACmNsE1sCxJJH
9wrFLZ/dykAzGuMegHXw8jpe84fXtqIu0dW60HWwngU9iJjFzTN5UcPYJP6b13dr
c5Ua9xeHIhpsZmr7Ohg+q3J0vLIZVMFS0iLJ0FlWik2wAjcuUkzthwBlbC9j5/N6
tbmabweZ4tFeBlUSXjvF9mXp1TzFuz3BIWo/rOxukOer/J6hQkCmCOFEiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOKTipwWT5NpUpc1Hnag9LVDtbfSMB8GA1UdIwQY
MBaAFDvuYGa7ZSxkjHqHCZ0Nk1RUYGDTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTy01Z1pydGxMR1NNZW9jSm5RMlRWRlJnWU5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9kMjljZjAtNDA2NC00OThhLThkZTMt
MTE2NDZiZTE2NzIzLzEvTy01Z1pydGxMR1NNZW9jSm5RMlRWRlJnWU5NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi9kMjljZjAtNDA2NC00OThhLThkZTMtMTE2NDZiZTE2NzIz
LzEvTy01Z1pydGxMR1NNZW9jSm5RMlRWRlJnWU5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOZvw9YzU
ycDzmGLOlMaKqoTQmVPAPeX8lf+sTKaxs2pPyzEWHCqo5OGSTMemk1ipig1NUmTd
QGGwbYKxOYlCZThIuYzAsaPReuYFKo6mUdQXntNuk92E0feBKFcyPNHLQCkJ5g/5
MJ0dqzdJS9MH90k4s8NVbPzL9cenCS/AwbpSNrj2wqH5t9BZfvkaovSTOnkfpBSG
QlmM4QcRUu6Ml726aY0L9hD1pAKfjmQMFaj7R41PvxI5YMnYq0P5WnN2YPAsA3RG
qxrs0goBdsayyfSuLpC7ghuB8XF8zAJZyv7V/1hxOGMVbxSMZa8pd+zImXueAJYA
m0+5uVYxSpXfXg==
-----END CERTIFICATE-----