Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.mft
File:                     O4RSPDky4tGYBGI0uWLg3FGr9YY.mft (raw, json)
Hash identifier:          cNy8ULqLEdqJbPYrg/xZ0Er5p0QgwyHR1jV02iF3kb0=
Subject key identifier:   D6:3B:D1:94:FA:38:3F:19:AD:07:85:29:1F:58:9A:82:1A:70:56:6B
Authority key identifier: 3B:84:52:3C:39:32:E2:D1:98:04:62:34:B9:62:E0:DC:51:AB:F5:86
Certificate issuer:       /CN=3b84523c3932e2d198046234b962e0dc51abf586
Certificate serial:       01977308D9316450F93A53F3EE99FC49B603
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O4RSPDky4tGYBGI0uWLg3FGr9YY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.mft
Manifest number:          1591
Signing time:             Sun 15 Jun 2025 10:00:49 +0000
Manifest this update:     Sun 15 Jun 2025 10:00:49 +0000
Manifest next update:     Mon 16 Jun 2025 10:00:49 +0000
Files and hashes:         1: O4RSPDky4tGYBGI0uWLg3FGr9YY.crl (hash: mcdrygdUAZg//OC27yRuVLbyA19vNRAHXDbYm+wMjec=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O4RSPDky4tGYBGI0uWLg3FGr9YY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 16 Jun 2025 10:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:73:08:d9:31:64:50:f9:3a:53:f3:ee:99:fc:49:b6:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b84523c3932e2d198046234b962e0dc51abf586
        Validity
            Not Before: Jun 15 10:00:49 2025 GMT
            Not After : Jun 16 10:00:49 2025 GMT
        Subject: CN=d63bd194fa383f19ad0785291f589a821a70566b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:97:11:d7:f3:28:71:eb:37:25:f7:dc:08:dc:
                    06:15:b8:b8:76:75:0a:59:05:fe:ce:dd:4f:73:b1:
                    80:b7:1e:c4:39:ec:21:ec:6e:f5:47:3e:f2:bb:42:
                    52:6b:79:72:df:63:aa:00:f5:35:25:7a:02:c2:2b:
                    e8:ef:9e:b0:8b:7a:70:15:c8:bd:ff:d2:c1:f5:3c:
                    47:25:ce:5b:4f:c4:17:e8:13:82:e6:f9:c7:d2:bc:
                    47:c0:a2:37:c1:7f:15:8a:15:0c:3c:8c:30:a1:61:
                    f0:e2:f8:60:3d:0e:de:03:be:3a:ed:1a:b5:51:a4:
                    a8:30:b4:2d:40:a9:c5:b1:a3:b3:c6:55:5a:29:92:
                    f0:df:d7:28:27:e0:fd:6c:51:76:91:5f:45:a1:7f:
                    5b:07:ea:39:84:34:6b:10:32:28:81:43:ef:c2:62:
                    f3:1f:07:25:30:9f:76:5a:ea:12:a3:b9:b9:2d:10:
                    30:93:ec:91:2f:fd:38:e2:3c:54:8e:70:a7:97:e5:
                    e7:56:28:27:fb:60:b0:e3:43:bd:36:db:1a:99:b2:
                    d1:ef:db:05:9f:2a:04:32:af:c8:ad:7e:9a:13:31:
                    97:c5:a5:50:79:d5:e6:04:58:ee:cf:f3:ef:4f:1b:
                    a1:38:5b:72:95:2d:2f:4f:8b:9d:2d:b2:c6:87:ca:
                    c5:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:3B:D1:94:FA:38:3F:19:AD:07:85:29:1F:58:9A:82:1A:70:56:6B
            X509v3 Authority Key Identifier:
                keyid:3B:84:52:3C:39:32:E2:D1:98:04:62:34:B9:62:E0:DC:51:AB:F5:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O4RSPDky4tGYBGI0uWLg3FGr9YY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:41:74:c4:f7:81:b9:4b:f8:9c:2d:49:a0:13:ca:4e:0c:3c:
         76:6d:f5:34:0e:71:b3:10:c6:cf:76:c5:c8:ed:5b:2b:b7:f9:
         ed:b3:ff:85:48:24:d5:f7:6a:5c:e2:72:55:89:33:07:6a:89:
         c8:27:ec:49:82:2c:44:5d:0b:d4:02:53:99:8e:71:fb:5a:ac:
         81:c5:70:93:b6:29:c9:9e:c8:3d:c9:b9:4b:6e:47:c6:21:cf:
         68:72:52:4a:32:b8:12:5a:5b:3e:c7:a2:4d:cf:45:32:58:46:
         1f:3a:05:1b:7b:52:1a:47:91:89:87:4e:b1:c3:73:b7:46:28:
         87:ef:27:16:5d:38:93:e4:a8:04:31:db:ee:8e:ad:bc:5e:bc:
         7f:a8:7c:f8:ff:7b:f4:e6:14:7a:14:7e:75:a6:a2:1d:c2:4e:
         56:20:2a:37:52:b2:dd:31:f2:9b:6d:b1:8d:87:46:f8:53:98:
         95:22:02:a3:12:6a:de:86:6e:a3:f6:17:20:22:1e:a4:fe:6f:
         84:72:28:85:0f:0e:a4:31:34:18:be:a4:8d:b2:a0:e8:cc:d3:
         0e:3c:d8:ea:bb:57:1a:b4:4d:9c:d6:12:02:0b:82:26:71:79:
         25:44:07:8b:94:c0:26:16:c3:4e:ef:76:ca:ae:97:c8:b5:2e:
         7b:c0:2d:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdzCNkxZFD5OlPz7pn8SbYDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiODQ1MjNjMzkzMmUyZDE5ODA0NjIzNGI5NjJlMGRjNTFh
YmY1ODYwHhcNMjUwNjE1MTAwMDQ5WhcNMjUwNjE2MTAwMDQ5WjAzMTEwLwYDVQQD
EyhkNjNiZDE5NGZhMzgzZjE5YWQwNzg1MjkxZjU4OWE4MjFhNzA1NjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxpcR1/Moces3JffcCNwGFbi4dnUK
WQX+zt1Pc7GAtx7EOewh7G71Rz7yu0JSa3ly32OqAPU1JXoCwivo756wi3pwFci9
/9LB9TxHJc5bT8QX6BOC5vnH0rxHwKI3wX8VihUMPIwwoWHw4vhgPQ7eA7467Rq1
UaSoMLQtQKnFsaOzxlVaKZLw39coJ+D9bFF2kV9FoX9bB+o5hDRrEDIogUPvwmLz
HwclMJ92WuoSo7m5LRAwk+yRL/044jxUjnCnl+XnVign+2Cw40O9NtsambLR79sF
nyoEMq/IrX6aEzGXxaVQedXmBFjuz/PvTxuhOFtylS0vT4udLbLGh8rFlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNY70ZT6OD8ZrQeFKR9YmoIacFZrMB8GA1UdIwQY
MBaAFDuEUjw5MuLRmARiNLli4NxRq/WGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzRSU1BEa3k0dEdZQkdJMHVXTGczRkdyOVlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy82NDBhNWUtZWQ1Mi00N2IwLWJjZmYt
YmRmNWM3ODA3NDJlLzEvTzRSU1BEa3k0dEdZQkdJMHVXTGczRkdyOVlZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy82NDBhNWUtZWQ1Mi00N2IwLWJjZmYtYmRmNWM3ODA3NDJl
LzEvTzRSU1BEa3k0dEdZQkdJMHVXTGczRkdyOVlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlUF0xPeB
uUv4nC1JoBPKTgw8dm31NA5xsxDGz3bFyO1bK7f57bP/hUgk1fdqXOJyVYkzB2qJ
yCfsSYIsRF0L1AJTmY5x+1qsgcVwk7YpyZ7IPcm5S25HxiHPaHJSSjK4ElpbPsei
Tc9FMlhGHzoFG3tSGkeRiYdOscNzt0Yoh+8nFl04k+SoBDHb7o6tvF68f6h8+P97
9OYUehR+daaiHcJOViAqN1Ky3THym22xjYdG+FOYlSICoxJq3oZuo/YXICIepP5v
hHIohQ8OpDE0GL6kjbKg6MzTDjzY6rtXGrRNnNYSAguCJnF5JUQHi5TAJhbDTu92
yq6XyLUue8AtpQ==
-----END CERTIFICATE-----