Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/744a6e-f3a2-40dd-a02e-4eab060f15fa/1/O-lZPSkOAlAninOzE1UDKTJ71Yk.mft
File:                     O-lZPSkOAlAninOzE1UDKTJ71Yk.mft (raw, json)
Hash identifier:          DaSpAqNAr/fTHGYLUik0tK9FFgNmx46AVKmEUuoq5Jw=
Subject key identifier:   4B:27:E0:53:14:E5:CE:CE:8B:46:F5:F2:00:92:10:0D:EC:CC:B2:63
Authority key identifier: 3B:E9:59:3D:29:0E:02:50:27:8A:73:B3:13:55:03:29:32:7B:D5:89
Certificate issuer:       /CN=3be9593d290e0250278a73b313550329327bd589
Certificate serial:       01988B1089916A8AEBC78789DE05D7BEEFAE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O-lZPSkOAlAninOzE1UDKTJ71Yk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/744a6e-f3a2-40dd-a02e-4eab060f15fa/1/O-lZPSkOAlAninOzE1UDKTJ71Yk.mft
Manifest number:          1624
Signing time:             Fri 08 Aug 2025 19:02:53 +0000
Manifest this update:     Fri 08 Aug 2025 19:02:53 +0000
Manifest next update:     Sat 09 Aug 2025 19:02:53 +0000
Files and hashes:         1: O-lZPSkOAlAninOzE1UDKTJ71Yk.crl (hash: Tq1CUofdccYm6ubQPORFqEdJcfT5ptANn+8TKTKxAI0=)
                          2: bxRO7kfiXfIBzrwx6__-lx4GD-Q.roa (hash: Yl6am4vWUQXhAPFuVgrQF79QPPtS7MoD02zbAbTLBHQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/744a6e-f3a2-40dd-a02e-4eab060f15fa/1/O-lZPSkOAlAninOzE1UDKTJ71Yk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/744a6e-f3a2-40dd-a02e-4eab060f15fa/1/O-lZPSkOAlAninOzE1UDKTJ71Yk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O-lZPSkOAlAninOzE1UDKTJ71Yk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 19:02:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:10:89:91:6a:8a:eb:c7:87:89:de:05:d7:be:ef:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3be9593d290e0250278a73b313550329327bd589
        Validity
            Not Before: Aug  8 19:02:53 2025 GMT
            Not After : Aug  9 19:02:53 2025 GMT
        Subject: CN=4b27e05314e5cece8b46f5f20092100decccb263
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:f3:95:bb:b7:09:f0:cb:ef:da:05:e5:4c:d0:
                    5c:3d:b8:73:04:82:c1:5e:b3:02:ab:31:ee:17:e9:
                    c4:52:2b:c4:ec:4c:3d:65:cc:65:07:a4:5b:ed:b4:
                    98:39:28:66:20:f3:a2:b9:04:c8:49:e8:f2:a2:d8:
                    80:bf:97:41:f1:a9:9e:27:92:8c:2d:36:be:66:02:
                    4a:9a:b4:3d:81:dd:6b:6c:a6:83:1d:b0:ec:40:12:
                    80:01:ea:72:05:26:63:2e:5e:06:7c:a4:82:34:be:
                    b9:82:bb:15:27:81:13:16:32:14:58:d4:b6:64:b1:
                    64:7a:d2:07:d0:2a:00:57:1d:b0:d4:c2:dd:f7:5d:
                    2e:e1:8d:af:6c:c3:58:84:dc:85:3e:5b:03:d6:1c:
                    63:1c:af:cf:1b:24:cd:98:62:fe:01:bc:df:98:ed:
                    10:cf:8c:3f:89:3e:40:dd:21:be:3e:37:1d:a5:7f:
                    e6:d7:c2:14:7f:dd:e4:2b:42:04:34:48:00:d4:03:
                    5a:65:01:58:51:7d:51:88:2b:6a:1b:60:ab:d9:44:
                    53:ea:c4:90:64:cb:77:ea:d6:49:bf:61:74:f5:9b:
                    57:da:3a:27:12:34:48:72:0b:da:b7:86:a2:fd:07:
                    b5:37:54:cd:c2:b9:10:3c:75:83:58:4d:4d:4a:c5:
                    32:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:27:E0:53:14:E5:CE:CE:8B:46:F5:F2:00:92:10:0D:EC:CC:B2:63
            X509v3 Authority Key Identifier:
                keyid:3B:E9:59:3D:29:0E:02:50:27:8A:73:B3:13:55:03:29:32:7B:D5:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O-lZPSkOAlAninOzE1UDKTJ71Yk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/744a6e-f3a2-40dd-a02e-4eab060f15fa/1/O-lZPSkOAlAninOzE1UDKTJ71Yk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/744a6e-f3a2-40dd-a02e-4eab060f15fa/1/O-lZPSkOAlAninOzE1UDKTJ71Yk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ce:f4:92:8f:b7:f6:d3:fb:50:96:08:a4:44:7c:6f:92:4d:f6:
         52:00:94:d9:f0:de:bd:7c:11:c4:01:71:1a:6e:17:38:8f:47:
         4f:b1:29:5e:19:77:84:a1:e9:97:da:1f:07:eb:ae:cd:56:de:
         ff:ac:21:d9:48:2c:b1:75:23:a3:63:fb:ea:5d:5c:f1:d5:30:
         37:f3:69:1d:75:8b:fd:84:44:32:ee:e0:68:1b:9b:2b:38:72:
         d9:f2:fd:f1:ad:2b:c6:3f:36:85:25:27:16:7e:1c:6f:a9:bc:
         9d:3f:1a:a0:66:11:c2:7e:b3:88:2e:26:3c:c3:41:b8:88:44:
         cb:ab:94:29:47:54:86:6a:aa:33:a7:62:ab:40:92:21:a0:f5:
         cd:37:8d:c4:2a:60:20:69:79:fc:b7:fd:94:60:2a:59:4f:a7:
         44:3e:a0:46:34:98:3d:36:fe:c2:84:2f:9b:9b:0a:80:62:e2:
         ae:64:c3:cc:47:48:41:51:cd:8a:f8:e0:a0:be:cb:fc:03:ca:
         c7:33:eb:25:65:f1:c3:50:ff:b7:18:08:99:2a:b4:e4:e5:2e:
         96:fd:04:74:e7:da:75:e0:4b:bf:ca:ba:1c:61:06:a6:02:6b:
         bc:5f:70:c4:d4:4a:eb:fe:9c:b7:9a:4a:c1:60:e6:de:4b:f9:
         83:70:c8:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLEImRaorrx4eJ3gXXvu+uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZTk1OTNkMjkwZTAyNTAyNzhhNzNiMzEzNTUwMzI5MzI3
YmQ1ODkwHhcNMjUwODA4MTkwMjUzWhcNMjUwODA5MTkwMjUzWjAzMTEwLwYDVQQD
Eyg0YjI3ZTA1MzE0ZTVjZWNlOGI0NmY1ZjIwMDkyMTAwZGVjY2NiMjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4/OVu7cJ8Mvv2gXlTNBcPbhzBILB
XrMCqzHuF+nEUivE7Ew9ZcxlB6Rb7bSYOShmIPOiuQTISejyotiAv5dB8ameJ5KM
LTa+ZgJKmrQ9gd1rbKaDHbDsQBKAAepyBSZjLl4GfKSCNL65grsVJ4ETFjIUWNS2
ZLFketIH0CoAVx2w1MLd910u4Y2vbMNYhNyFPlsD1hxjHK/PGyTNmGL+AbzfmO0Q
z4w/iT5A3SG+PjcdpX/m18IUf93kK0IENEgA1ANaZQFYUX1RiCtqG2Cr2URT6sSQ
ZMt36tZJv2F09ZtX2jonEjRIcgvat4ai/Qe1N1TNwrkQPHWDWE1NSsUyEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEsn4FMU5c7Oi0b18gCSEA3szLJjMB8GA1UdIwQY
MBaAFDvpWT0pDgJQJ4pzsxNVAykye9WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTy1sWlBTa09BbEFuaW5PekUxVURLVEo3MVlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS83NDRhNmUtZjNhMi00MGRkLWEwMmUt
NGVhYjA2MGYxNWZhLzEvTy1sWlBTa09BbEFuaW5PekUxVURLVEo3MVlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS83NDRhNmUtZjNhMi00MGRkLWEwMmUtNGVhYjA2MGYxNWZh
LzEvTy1sWlBTa09BbEFuaW5PekUxVURLVEo3MVlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzvSSj7f2
0/tQlgikRHxvkk32UgCU2fDevXwRxAFxGm4XOI9HT7EpXhl3hKHpl9ofB+uuzVbe
/6wh2UgssXUjo2P76l1c8dUwN/NpHXWL/YREMu7gaBubKzhy2fL98a0rxj82hSUn
Fn4cb6m8nT8aoGYRwn6ziC4mPMNBuIhEy6uUKUdUhmqqM6diq0CSIaD1zTeNxCpg
IGl5/Lf9lGAqWU+nRD6gRjSYPTb+woQvm5sKgGLirmTDzEdIQVHNivjgoL7L/APK
xzPrJWXxw1D/txgImSq05OUulv0EdOfadeBLv8q6HGEGpgJrvF9wxNRK6/6ct5pK
wWDm3kv5g3DICQ==
-----END CERTIFICATE-----
Generated at Sat Aug 9 05:51:16 2025 by rpki-client