Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft
File:                     oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft (raw, json)
Hash identifier:          EWAMc+iPZzrPu8dqLYsRlEuMp5mwQCmFHlGfpndYy2c=
Subject key identifier:   14:AE:15:4C:A7:15:41:32:6D:0F:3F:37:69:78:1D:DA:42:AA:4A:AB
Authority key identifier: A0:A6:7E:06:B5:90:46:35:EB:4D:1C:91:C3:41:28:9F:59:AF:EA:A7
Certificate issuer:       /CN=a0a67e06b5904635eb4d1c91c341289f59afeaa7
Certificate serial:       019778D3AA2BED01DF6C80E20E3B59C15360
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft
Manifest number:          1592
Signing time:             Mon 16 Jun 2025 13:00:26 +0000
Manifest this update:     Mon 16 Jun 2025 13:00:26 +0000
Manifest next update:     Tue 17 Jun 2025 13:00:26 +0000
Files and hashes:         1: oKZ-BrWQRjXrTRyRw0Eon1mv6qc.crl (hash: h0ukOhKMBn1vGFdOc3Rj29BCWD0WHqr5wch6hMgnMRU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Jun 2025 13:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:78:d3:aa:2b:ed:01:df:6c:80:e2:0e:3b:59:c1:53:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0a67e06b5904635eb4d1c91c341289f59afeaa7
        Validity
            Not Before: Jun 16 13:00:26 2025 GMT
            Not After : Jun 17 13:00:26 2025 GMT
        Subject: CN=14ae154ca71541326d0f3f3769781dda42aa4aab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:fe:5b:a0:38:34:ea:3a:9a:6e:08:2c:9c:35:
                    a8:1d:28:33:78:46:6a:f8:8a:bb:96:42:84:9e:d6:
                    4d:3e:c5:31:03:8d:7a:99:10:01:6c:72:9f:51:f3:
                    10:a0:71:d7:9f:e6:c9:17:f7:45:76:c0:af:ff:db:
                    a5:b7:1e:a1:3e:43:ac:80:d4:7d:f7:de:90:11:0f:
                    10:dd:a2:b3:47:73:03:3d:b6:50:4d:9b:1c:6e:32:
                    6f:3d:d7:4c:4c:8a:9a:1d:e5:8a:a5:f9:43:91:de:
                    dd:4a:95:59:2f:c2:4d:4a:aa:e7:12:52:e9:a5:df:
                    34:a9:f6:63:ab:e5:20:db:9c:31:2f:12:0d:77:cb:
                    5b:48:c1:24:bd:ba:e0:c2:76:76:61:72:58:1a:85:
                    d8:94:4e:d7:6b:79:18:d4:9c:19:c2:de:4d:06:b0:
                    cb:fa:db:f9:e9:58:6f:6c:63:fa:30:d6:36:6b:14:
                    3a:1d:93:d4:08:08:75:ec:60:0d:cc:90:d1:9c:ad:
                    60:aa:6e:a8:0b:9c:3a:41:75:07:b0:6e:28:d8:5a:
                    a2:08:1c:1c:29:4c:a8:2a:34:20:ea:d0:b1:4a:7b:
                    4a:83:a5:03:b7:6c:87:af:fa:ea:2a:ae:cb:24:66:
                    11:d7:49:1f:4e:c6:6e:f6:44:4d:6b:9e:9c:27:44:
                    a5:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:AE:15:4C:A7:15:41:32:6D:0F:3F:37:69:78:1D:DA:42:AA:4A:AB
            X509v3 Authority Key Identifier:
                keyid:A0:A6:7E:06:B5:90:46:35:EB:4D:1C:91:C3:41:28:9F:59:AF:EA:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b3:ca:42:e5:55:bd:b0:be:77:74:db:ea:6d:90:ee:62:75:b7:
         bf:4f:d4:7c:3c:62:a8:97:64:36:57:28:68:db:7f:05:af:f6:
         e6:2b:6a:b1:c0:6b:e2:81:db:96:f6:e4:bc:b4:be:83:b2:8d:
         ab:6d:10:cf:6b:91:79:b0:13:d8:d4:fd:54:84:37:29:48:86:
         4a:77:40:f4:c0:76:d9:cb:da:4b:b6:c3:7e:90:a7:ff:98:18:
         fe:01:ae:4a:c2:f6:99:2c:a4:c6:fa:78:cf:a3:64:86:5c:63:
         57:21:3d:0c:67:96:cf:03:f6:8f:07:03:6e:2b:40:24:b1:88:
         bd:40:60:d8:1f:56:c2:5a:7b:3d:50:4a:8e:99:be:41:f0:41:
         ce:6d:b2:20:b9:b4:8d:5b:b5:d4:dd:06:8b:99:67:69:67:92:
         6f:9c:c9:04:76:08:84:02:ef:41:06:01:5a:b6:1a:2e:8a:d1:
         b1:82:9e:96:6e:b7:33:be:14:71:9e:40:c5:f3:84:a9:25:b1:
         fe:0b:9e:d6:6f:ea:dd:67:32:26:5e:8f:09:07:85:b4:9f:df:
         7a:7d:7a:29:da:dc:cd:e2:be:df:a4:34:f9:24:87:44:45:dd:
         0f:04:71:2b:f3:57:f2:3f:0c:e0:b4:21:90:23:7c:c1:80:50:
         91:e5:a4:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd406or7QHfbIDiDjtZwVNgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYTY3ZTA2YjU5MDQ2MzVlYjRkMWM5MWMzNDEyODlmNTlh
ZmVhYTcwHhcNMjUwNjE2MTMwMDI2WhcNMjUwNjE3MTMwMDI2WjAzMTEwLwYDVQQD
EygxNGFlMTU0Y2E3MTU0MTMyNmQwZjNmMzc2OTc4MWRkYTQyYWE0YWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3v5boDg06jqabggsnDWoHSgzeEZq
+Iq7lkKEntZNPsUxA416mRABbHKfUfMQoHHXn+bJF/dFdsCv/9ultx6hPkOsgNR9
996QEQ8Q3aKzR3MDPbZQTZscbjJvPddMTIqaHeWKpflDkd7dSpVZL8JNSqrnElLp
pd80qfZjq+Ug25wxLxINd8tbSMEkvbrgwnZ2YXJYGoXYlE7Xa3kY1JwZwt5NBrDL
+tv56VhvbGP6MNY2axQ6HZPUCAh17GANzJDRnK1gqm6oC5w6QXUHsG4o2FqiCBwc
KUyoKjQg6tCxSntKg6UDt2yHr/rqKq7LJGYR10kfTsZu9kRNa56cJ0SlCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBSuFUynFUEybQ8/N2l4HdpCqkqrMB8GA1UdIwQY
MBaAFKCmfga1kEY1600ckcNBKJ9Zr+qnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0taLUJyV1FSalhyVFJ5UncwRW9uMW12NnFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC8wNWUxYWMtZTcwMy00ZjU3LWE5MWEt
YjBmZWI0ZjkzMTlhLzEvb0taLUJyV1FSalhyVFJ5UncwRW9uMW12NnFjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC8wNWUxYWMtZTcwMy00ZjU3LWE5MWEtYjBmZWI0ZjkzMTlh
LzEvb0taLUJyV1FSalhyVFJ5UncwRW9uMW12NnFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAs8pC5VW9
sL53dNvqbZDuYnW3v0/UfDxiqJdkNlcoaNt/Ba/25itqscBr4oHblvbkvLS+g7KN
q20Qz2uRebAT2NT9VIQ3KUiGSndA9MB22cvaS7bDfpCn/5gY/gGuSsL2mSykxvp4
z6NkhlxjVyE9DGeWzwP2jwcDbitAJLGIvUBg2B9Wwlp7PVBKjpm+QfBBzm2yILm0
jVu11N0Gi5lnaWeSb5zJBHYIhALvQQYBWrYaLorRsYKelm63M74UcZ5AxfOEqSWx
/gue1m/q3WcyJl6PCQeFtJ/fen16KdrczeK+36Q0+SSHREXdDwRxK/NX8j8M4LQh
kCN8wYBQkeWkGg==
-----END CERTIFICATE-----