Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.mft
File:                     OCrZBtcZpmqFoxPRBSlAAstlf3s.mft (raw, json)
Hash identifier:          mEVeXqOZUKXI2cf/xQFyPoXRq86bZGzkybff9UldKxQ=
Subject key identifier:   6E:44:8B:9D:16:F3:EF:72:E1:4C:9D:84:CC:9E:89:2E:FF:65:BC:1D
Authority key identifier: 38:2A:D9:06:D7:19:A6:6A:85:A3:13:D1:05:29:40:02:CB:65:7F:7B
Certificate issuer:       /CN=382ad906d719a66a85a313d105294002cb657f7b
Certificate serial:       01976C98F413862B6CAAACCA7713DD6EFAB3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OCrZBtcZpmqFoxPRBSlAAstlf3s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.mft
Manifest number:          016F
Signing time:             Sat 14 Jun 2025 04:00:52 +0000
Manifest this update:     Sat 14 Jun 2025 04:00:52 +0000
Manifest next update:     Sun 15 Jun 2025 04:00:52 +0000
Files and hashes:         1: OCrZBtcZpmqFoxPRBSlAAstlf3s.crl (hash: UZM0oBzSnWYVkBGzi80NW1Qu2X5Vs7yQ0r6tYQupLgA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OCrZBtcZpmqFoxPRBSlAAstlf3s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:98:f4:13:86:2b:6c:aa:ac:ca:77:13:dd:6e:fa:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=382ad906d719a66a85a313d105294002cb657f7b
        Validity
            Not Before: Jun 14 04:00:52 2025 GMT
            Not After : Jun 15 04:00:52 2025 GMT
        Subject: CN=6e448b9d16f3ef72e14c9d84cc9e892eff65bc1d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:05:5e:6e:1f:fb:e7:f0:d5:22:f6:fc:49:9c:
                    16:f7:4b:f7:3c:99:39:8b:07:19:c5:fb:bf:8b:6b:
                    4f:ac:21:6f:b1:08:97:23:1c:7f:5f:ba:04:09:bc:
                    98:10:bf:36:63:21:37:01:77:10:95:b6:54:c4:b0:
                    9f:a5:ff:98:b8:0c:77:11:73:9f:67:f9:93:64:b6:
                    67:7e:7a:48:b7:e2:ac:40:3c:27:08:42:19:68:d1:
                    a8:29:ad:81:f4:61:b3:4f:fe:52:2f:c3:d2:7a:4f:
                    6b:a5:89:21:03:98:d1:03:b7:a6:27:2c:84:48:0d:
                    c3:c3:a4:5f:c1:7a:4c:51:bd:3f:ce:8d:e4:50:5d:
                    ec:a0:32:e3:b4:46:fe:51:38:0e:07:f3:63:c5:e3:
                    4f:28:7e:6b:7b:fb:16:d0:ae:b0:45:a1:05:36:b6:
                    ae:b3:aa:4b:26:24:73:d9:46:5e:a1:fb:cd:ce:ff:
                    33:3d:9f:51:44:fd:d6:bc:e6:b9:0c:c4:21:6d:9a:
                    dc:29:89:c0:27:64:29:11:02:5e:ac:5a:7e:06:bd:
                    72:1d:94:a2:d3:72:d7:a2:cd:93:4a:11:9a:d1:1d:
                    24:c5:35:dc:16:05:58:f5:0a:93:9a:c0:b3:9a:14:
                    fa:31:60:37:55:77:df:04:4e:b1:d8:f2:17:b8:8c:
                    d9:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:44:8B:9D:16:F3:EF:72:E1:4C:9D:84:CC:9E:89:2E:FF:65:BC:1D
            X509v3 Authority Key Identifier:
                keyid:38:2A:D9:06:D7:19:A6:6A:85:A3:13:D1:05:29:40:02:CB:65:7F:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OCrZBtcZpmqFoxPRBSlAAstlf3s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:46:18:ab:f8:71:24:2f:92:fd:11:45:a5:15:62:53:95:cf:
         91:de:68:b4:c9:ab:5b:6f:86:40:80:10:32:b3:25:d1:8a:c7:
         2d:5e:c9:92:26:8f:71:18:6e:ce:b9:6b:ed:43:0b:ff:3d:b8:
         33:9e:a8:66:d9:cb:ce:d7:e3:ff:da:bf:bf:c8:8d:7b:67:f9:
         ae:57:7f:1f:36:4b:01:d0:9e:50:9a:41:4e:f9:4a:53:d8:50:
         cf:c0:2d:f6:4e:ea:ce:48:ba:43:6c:85:1c:f9:87:23:33:57:
         9e:10:5a:58:7b:0b:65:51:32:60:1e:df:93:75:46:bf:91:54:
         48:aa:c5:e5:0f:ef:a3:0d:e3:0d:30:51:cf:d4:58:cd:f2:c9:
         96:c3:0e:6a:32:4d:68:e9:d1:16:a3:ed:ef:42:db:36:33:de:
         c1:4c:ef:b1:ef:b9:f9:b7:5c:08:6c:4d:8c:da:4d:4c:f8:e3:
         08:7f:e7:31:59:6e:b5:3e:dc:db:92:48:d7:76:f5:40:d2:0b:
         97:bf:e3:9e:6d:9f:13:1d:1a:b2:b3:7c:d8:67:42:2e:74:38:
         b4:69:c6:e8:c6:c9:36:9c:1c:f2:8d:2c:98:37:79:d8:84:76:
         36:b1:a2:3c:45:c7:19:11:61:88:7c:e5:e1:6c:17:6e:f5:0d:
         2e:06:e7:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsmPQThitsqqzKdxPdbvqzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MmFkOTA2ZDcxOWE2NmE4NWEzMTNkMTA1Mjk0MDAyY2I2
NTdmN2IwHhcNMjUwNjE0MDQwMDUyWhcNMjUwNjE1MDQwMDUyWjAzMTEwLwYDVQQD
Eyg2ZTQ0OGI5ZDE2ZjNlZjcyZTE0YzlkODRjYzllODkyZWZmNjViYzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQVebh/75/DVIvb8SZwW90v3PJk5
iwcZxfu/i2tPrCFvsQiXIxx/X7oECbyYEL82YyE3AXcQlbZUxLCfpf+YuAx3EXOf
Z/mTZLZnfnpIt+KsQDwnCEIZaNGoKa2B9GGzT/5SL8PSek9rpYkhA5jRA7emJyyE
SA3Dw6RfwXpMUb0/zo3kUF3soDLjtEb+UTgOB/NjxeNPKH5re/sW0K6wRaEFNrau
s6pLJiRz2UZeofvNzv8zPZ9RRP3WvOa5DMQhbZrcKYnAJ2QpEQJerFp+Br1yHZSi
03LXos2TShGa0R0kxTXcFgVY9QqTmsCzmhT6MWA3VXffBE6x2PIXuIzZ9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG5Ei50W8+9y4UydhMyeiS7/ZbwdMB8GA1UdIwQY
MBaAFDgq2QbXGaZqhaMT0QUpQALLZX97MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0NyWkJ0Y1pwbXFGb3hQUkJTbEFBc3RsZjNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi85MTRkOTEtZWU3MS00MjI0LWIzMDAt
NmNlNTJiZWU2NjZhLzEvT0NyWkJ0Y1pwbXFGb3hQUkJTbEFBc3RsZjNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi85MTRkOTEtZWU3MS00MjI0LWIzMDAtNmNlNTJiZWU2NjZh
LzEvT0NyWkJ0Y1pwbXFGb3hQUkJTbEFBc3RsZjNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb0YYq/hx
JC+S/RFFpRViU5XPkd5otMmrW2+GQIAQMrMl0YrHLV7JkiaPcRhuzrlr7UML/z24
M56oZtnLztfj/9q/v8iNe2f5rld/HzZLAdCeUJpBTvlKU9hQz8At9k7qzki6Q2yF
HPmHIzNXnhBaWHsLZVEyYB7fk3VGv5FUSKrF5Q/vow3jDTBRz9RYzfLJlsMOajJN
aOnRFqPt70LbNjPewUzvse+5+bdcCGxNjNpNTPjjCH/nMVlutT7c25JI13b1QNIL
l7/jnm2fEx0asrN82GdCLnQ4tGnG6MbJNpwc8o0smDd52IR2NrGiPEXHGRFhiHzl
4WwXbvUNLgbnEw==
-----END CERTIFICATE-----