Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft
File:                     OExBksVwSp65aPXPUzuaH3pmYa0.mft (raw, json)
Hash identifier:          czn8Z38xktV+KveZjhtfkWC/zRc98NJUCr1m+vGnQa4=
Subject key identifier:   38:D5:63:AD:1C:27:9C:AC:4E:E0:99:66:55:8F:80:E7:DD:B3:DA:D5
Authority key identifier: 38:4C:41:92:C5:70:4A:9E:B9:68:F5:CF:53:3B:9A:1F:7A:66:61:AD
Certificate issuer:       /CN=384c4192c5704a9eb968f5cf533b9a1f7a6661ad
Certificate serial:       01976CCF87EFDCED4BAA74E4BB72383AE79C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OExBksVwSp65aPXPUzuaH3pmYa0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft
Manifest number:          0168
Signing time:             Sat 14 Jun 2025 05:00:29 +0000
Manifest this update:     Sat 14 Jun 2025 05:00:29 +0000
Manifest next update:     Sun 15 Jun 2025 05:00:29 +0000
Files and hashes:         1: OExBksVwSp65aPXPUzuaH3pmYa0.crl (hash: qf63m7GMZPO3GNuKOoygLd/GvxIxp/2iIiUz+jm/otA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OExBksVwSp65aPXPUzuaH3pmYa0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:cf:87:ef:dc:ed:4b:aa:74:e4:bb:72:38:3a:e7:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=384c4192c5704a9eb968f5cf533b9a1f7a6661ad
        Validity
            Not Before: Jun 14 05:00:29 2025 GMT
            Not After : Jun 15 05:00:29 2025 GMT
        Subject: CN=38d563ad1c279cac4ee09966558f80e7ddb3dad5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:37:ed:c6:3b:c2:b8:b1:49:22:5e:98:8b:d5:
                    08:42:39:c5:a7:a1:88:63:50:d7:83:bf:17:cb:d6:
                    16:3d:78:4a:2c:44:63:6e:ef:20:05:5d:2e:94:c0:
                    55:5d:d9:49:c5:aa:25:99:8c:10:f2:8c:d5:f4:39:
                    27:48:b5:66:1a:23:65:ee:d2:d4:6e:87:26:d6:f5:
                    ab:a7:d0:fe:a0:76:5a:d6:ca:d9:5b:d2:c1:20:6d:
                    66:4c:04:8d:4f:ec:57:18:06:2e:50:7b:8d:52:66:
                    77:bd:c4:ff:0f:e1:83:6e:14:c2:42:cc:42:a3:23:
                    cc:25:e4:1c:88:07:ab:a4:1e:53:63:d7:7b:aa:43:
                    48:db:80:48:6b:df:01:56:57:bd:a7:50:2b:2c:81:
                    a7:d3:6f:41:5f:79:1e:d0:74:8d:2f:ae:73:af:89:
                    db:0e:c8:89:f8:28:08:94:fc:3f:8d:63:70:85:47:
                    15:d5:20:05:ec:23:63:d9:4f:b8:b5:c0:4a:f9:44:
                    6d:42:14:42:fc:d3:02:cf:3c:d3:3f:76:ed:d1:5c:
                    5b:de:70:32:6a:01:0e:c0:2b:9b:47:30:7a:5a:c0:
                    14:84:63:5b:eb:b3:21:92:5b:60:e7:6e:26:2e:11:
                    53:97:b1:a9:1b:b3:25:7a:95:59:f6:e8:4c:5e:33:
                    e0:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:D5:63:AD:1C:27:9C:AC:4E:E0:99:66:55:8F:80:E7:DD:B3:DA:D5
            X509v3 Authority Key Identifier:
                keyid:38:4C:41:92:C5:70:4A:9E:B9:68:F5:CF:53:3B:9A:1F:7A:66:61:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OExBksVwSp65aPXPUzuaH3pmYa0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:c9:89:f6:ba:ec:59:2e:7b:07:f4:58:3f:81:89:13:5d:47:
         15:a6:ce:05:85:46:01:7d:4e:5e:c0:72:d1:c1:9b:aa:54:05:
         6f:26:5c:81:63:cf:7e:0d:1f:5b:05:48:5c:b4:e4:d0:fa:42:
         28:78:72:92:2e:c3:b2:10:e3:38:b6:b9:7e:2b:e8:eb:7d:2e:
         6d:aa:c1:ca:87:8d:9d:b5:44:2f:fa:90:2f:47:12:a6:f2:b8:
         b5:1d:a3:5c:24:53:5a:31:a9:52:5b:1f:63:1f:75:b1:b9:44:
         82:e0:8e:34:1f:eb:90:8b:1e:2f:78:f8:7e:71:75:44:22:62:
         48:a1:d2:56:59:d8:d3:20:11:1d:d9:dc:dc:ab:e6:26:54:e3:
         2d:02:f6:08:37:8a:a2:66:a1:cb:70:0a:71:ac:0e:a6:70:9b:
         02:f3:0c:7b:4d:84:fa:65:e8:fe:08:86:b9:83:4c:14:40:a9:
         3c:9a:a2:10:f9:e4:12:9b:52:72:80:68:e1:97:b5:68:9f:09:
         5e:e8:36:6f:c7:34:7d:9e:d2:9b:97:33:dd:f8:c3:3a:3c:c7:
         b3:9e:81:8e:0f:7d:75:fe:ba:fc:7c:2e:22:ad:d0:93:6b:ff:
         54:fc:e3:8e:3c:f3:96:1c:68:5b:ae:3e:74:2d:97:82:ce:4e:
         90:79:03:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsz4fv3O1LqnTku3I4OuecMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NGM0MTkyYzU3MDRhOWViOTY4ZjVjZjUzM2I5YTFmN2E2
NjYxYWQwHhcNMjUwNjE0MDUwMDI5WhcNMjUwNjE1MDUwMDI5WjAzMTEwLwYDVQQD
EygzOGQ1NjNhZDFjMjc5Y2FjNGVlMDk5NjY1NThmODBlN2RkYjNkYWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjftxjvCuLFJIl6Yi9UIQjnFp6GI
Y1DXg78Xy9YWPXhKLERjbu8gBV0ulMBVXdlJxaolmYwQ8ozV9DknSLVmGiNl7tLU
bocm1vWrp9D+oHZa1srZW9LBIG1mTASNT+xXGAYuUHuNUmZ3vcT/D+GDbhTCQsxC
oyPMJeQciAerpB5TY9d7qkNI24BIa98BVle9p1ArLIGn029BX3ke0HSNL65zr4nb
DsiJ+CgIlPw/jWNwhUcV1SAF7CNj2U+4tcBK+URtQhRC/NMCzzzTP3bt0Vxb3nAy
agEOwCubRzB6WsAUhGNb67Mhkltg524mLhFTl7GpG7MlepVZ9uhMXjPgyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDjVY60cJ5ysTuCZZlWPgOfds9rVMB8GA1UdIwQY
MBaAFDhMQZLFcEqeuWj1z1M7mh96ZmGtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0V4QmtzVndTcDY1YVBYUFV6dWFIM3BtWWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS82MjA1NzctZGZkOC00ZjIzLWE2NTAt
ODNiZTQxOGFhN2Y0LzEvT0V4QmtzVndTcDY1YVBYUFV6dWFIM3BtWWEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS82MjA1NzctZGZkOC00ZjIzLWE2NTAtODNiZTQxOGFhN2Y0
LzEvT0V4QmtzVndTcDY1YVBYUFV6dWFIM3BtWWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX8mJ9rrs
WS57B/RYP4GJE11HFabOBYVGAX1OXsBy0cGbqlQFbyZcgWPPfg0fWwVIXLTk0PpC
KHhyki7DshDjOLa5fivo630ubarByoeNnbVEL/qQL0cSpvK4tR2jXCRTWjGpUlsf
Yx91sblEguCONB/rkIseL3j4fnF1RCJiSKHSVlnY0yARHdnc3KvmJlTjLQL2CDeK
omahy3AKcawOpnCbAvMMe02E+mXo/giGuYNMFECpPJqiEPnkEptScoBo4Ze1aJ8J
Xug2b8c0fZ7Sm5cz3fjDOjzHs56Bjg99df66/HwuIq3Qk2v/VPzjjjzzlhxoW64+
dC2Xgs5OkHkDug==
-----END CERTIFICATE-----