Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft
File:                     OExBksVwSp65aPXPUzuaH3pmYa0.mft (raw, json)
Hash identifier:          rK/PvFkTqQqDK7dClBhnCG5YChfkJSsw8jbrr1FXgmw=
Subject key identifier:   C1:E8:58:EA:EA:8C:B3:9F:40:30:62:2D:4F:17:68:92:D4:00:09:CF
Authority key identifier: 38:4C:41:92:C5:70:4A:9E:B9:68:F5:CF:53:3B:9A:1F:7A:66:61:AD
Certificate issuer:       /CN=384c4192c5704a9eb968f5cf533b9a1f7a6661ad
Certificate serial:       019A4E86BBC5241B1CB441E11433225094A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OExBksVwSp65aPXPUzuaH3pmYa0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft
Manifest number:          02E6
Signing time:             Tue 04 Nov 2025 11:00:44 +0000
Manifest this update:     Tue 04 Nov 2025 11:00:44 +0000
Manifest next update:     Wed 05 Nov 2025 11:00:44 +0000
Files and hashes:         1: OExBksVwSp65aPXPUzuaH3pmYa0.crl (hash: hINRA3ORVG1GNx8VHSjwB92ZYTqtlr+zwmDKMz6HKiw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OExBksVwSp65aPXPUzuaH3pmYa0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:86:bb:c5:24:1b:1c:b4:41:e1:14:33:22:50:94:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=384c4192c5704a9eb968f5cf533b9a1f7a6661ad
        Validity
            Not Before: Nov  4 11:00:44 2025 GMT
            Not After : Nov  5 11:00:44 2025 GMT
        Subject: CN=c1e858eaea8cb39f4030622d4f176892d40009cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:c7:57:24:87:a1:26:b3:3c:8b:04:0e:e8:58:
                    8e:8a:b5:80:7c:a1:3a:ef:12:24:b2:34:e8:ca:fb:
                    18:e3:8c:97:c9:79:7e:84:26:b7:65:bf:0d:3e:27:
                    85:72:68:7a:85:87:8e:0b:ad:e5:9e:49:71:6c:f4:
                    53:01:06:d7:7d:41:a4:d2:bc:ee:36:30:92:13:4b:
                    5f:58:03:a3:93:7d:e8:58:80:bd:52:49:06:2d:b6:
                    fe:fd:89:49:ea:d8:1b:e2:ed:0d:85:2e:04:e1:53:
                    0d:a3:eb:dc:05:f9:bb:03:b2:34:6a:e7:10:d7:9f:
                    cc:81:39:60:4a:a8:61:54:2d:a5:d4:a1:d7:e1:99:
                    28:7f:48:32:90:84:35:ab:3f:81:f8:f6:35:fc:5c:
                    a1:65:89:da:13:0e:3f:7e:f5:15:dd:14:0b:44:22:
                    0a:e7:c5:68:3a:e5:d0:ad:23:73:c5:a0:c4:90:76:
                    f8:1e:f8:68:17:e8:68:42:2b:0b:fe:c3:3e:86:a2:
                    2f:5f:c9:a2:c1:4c:98:e0:b4:21:0f:0e:60:05:18:
                    60:ec:e6:79:85:1e:fc:7e:9d:d9:cc:3a:20:69:2a:
                    ae:17:fc:bc:9a:ff:5e:87:a1:67:e7:df:66:b2:a1:
                    13:49:97:34:0f:3b:f0:49:3d:ce:58:12:6b:4c:f8:
                    94:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:E8:58:EA:EA:8C:B3:9F:40:30:62:2D:4F:17:68:92:D4:00:09:CF
            X509v3 Authority Key Identifier:
                keyid:38:4C:41:92:C5:70:4A:9E:B9:68:F5:CF:53:3B:9A:1F:7A:66:61:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OExBksVwSp65aPXPUzuaH3pmYa0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:10:49:a3:2d:23:d7:59:11:60:20:ea:95:21:56:f0:35:2f:
         87:46:2f:56:20:58:2c:ec:13:70:47:53:07:f5:a9:6a:fa:83:
         a0:62:6c:17:2c:04:98:58:d1:ff:8d:fc:db:d4:71:89:70:35:
         25:59:68:14:b2:d6:68:c1:ca:4c:41:ac:2c:b9:58:ef:d0:0f:
         bc:d0:e1:74:70:52:a5:67:ee:36:09:40:0f:fb:d1:07:20:fb:
         29:c2:ad:a7:cf:32:ee:67:68:b8:65:cc:74:51:b2:67:1a:cb:
         07:17:46:b1:a0:91:fa:b9:84:40:88:70:a4:54:99:39:30:a4:
         c8:c6:3b:68:6e:c4:c2:59:f5:1f:40:77:cd:f9:50:4e:c4:63:
         34:c6:a8:a0:ce:42:d1:34:4b:79:f5:6e:7c:49:c2:92:b4:af:
         b3:80:91:b7:0e:d0:b2:fe:28:98:4d:49:f8:c8:ad:43:6c:1b:
         43:f7:9c:8c:0e:2a:cd:d4:74:1d:77:9b:1d:bf:d3:60:c2:2c:
         f7:ed:55:bd:28:8e:e9:af:fb:4b:85:64:eb:8f:98:d0:36:85:
         b9:1e:31:d9:29:88:18:77:d6:5e:05:9d:61:ae:49:73:68:99:
         54:e7:da:3a:e5:54:d4:d6:39:94:9d:7b:cf:14:c6:09:b5:12:
         39:93:94:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOhrvFJBsctEHhFDMiUJSmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NGM0MTkyYzU3MDRhOWViOTY4ZjVjZjUzM2I5YTFmN2E2
NjYxYWQwHhcNMjUxMTA0MTEwMDQ0WhcNMjUxMTA1MTEwMDQ0WjAzMTEwLwYDVQQD
EyhjMWU4NThlYWVhOGNiMzlmNDAzMDYyMmQ0ZjE3Njg5MmQ0MDAwOWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8dXJIehJrM8iwQO6FiOirWAfKE6
7xIksjToyvsY44yXyXl+hCa3Zb8NPieFcmh6hYeOC63lnklxbPRTAQbXfUGk0rzu
NjCSE0tfWAOjk33oWIC9UkkGLbb+/YlJ6tgb4u0NhS4E4VMNo+vcBfm7A7I0aucQ
15/MgTlgSqhhVC2l1KHX4Zkof0gykIQ1qz+B+PY1/FyhZYnaEw4/fvUV3RQLRCIK
58VoOuXQrSNzxaDEkHb4HvhoF+hoQisL/sM+hqIvX8miwUyY4LQhDw5gBRhg7OZ5
hR78fp3ZzDogaSquF/y8mv9eh6Fn599msqETSZc0DzvwST3OWBJrTPiUnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMHoWOrqjLOfQDBiLU8XaJLUAAnPMB8GA1UdIwQY
MBaAFDhMQZLFcEqeuWj1z1M7mh96ZmGtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0V4QmtzVndTcDY1YVBYUFV6dWFIM3BtWWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS82MjA1NzctZGZkOC00ZjIzLWE2NTAt
ODNiZTQxOGFhN2Y0LzEvT0V4QmtzVndTcDY1YVBYUFV6dWFIM3BtWWEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS82MjA1NzctZGZkOC00ZjIzLWE2NTAtODNiZTQxOGFhN2Y0
LzEvT0V4QmtzVndTcDY1YVBYUFV6dWFIM3BtWWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhRBJoy0j
11kRYCDqlSFW8DUvh0YvViBYLOwTcEdTB/WpavqDoGJsFywEmFjR/43829RxiXA1
JVloFLLWaMHKTEGsLLlY79APvNDhdHBSpWfuNglAD/vRByD7KcKtp88y7mdouGXM
dFGyZxrLBxdGsaCR+rmEQIhwpFSZOTCkyMY7aG7Ewln1H0B3zflQTsRjNMaooM5C
0TRLefVufEnCkrSvs4CRtw7Qsv4omE1J+MitQ2wbQ/ecjA4qzdR0HXebHb/TYMIs
9+1VvSiO6a/7S4Vk64+Y0DaFuR4x2SmIGHfWXgWdYa5Jc2iZVOfaOuVU1NY5lJ17
zxTGCbUSOZOUJQ==
-----END CERTIFICATE-----