Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/d24305-c551-450d-b697-9ac2d536f12d/1/oGqOPGol1GOfOUWtFszF6Yo6kqY.mft
File:                     oGqOPGol1GOfOUWtFszF6Yo6kqY.mft (raw, json)
Hash identifier:          X9GkHh/AkAtuth9d+AZjIk3bXUG8XYqgr87uez+0O9c=
Subject key identifier:   4E:61:DE:8F:D2:E8:92:C3:54:23:DF:DC:4F:6E:A1:4F:A4:6A:B3:A7
Authority key identifier: A0:6A:8E:3C:6A:25:D4:63:9F:39:45:AD:16:CC:C5:E9:8A:3A:92:A6
Certificate issuer:       /CN=a06a8e3c6a25d4639f3945ad16ccc5e98a3a92a6
Certificate serial:       019896A52C350097132B9D54FB6775435C00
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oGqOPGol1GOfOUWtFszF6Yo6kqY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/d24305-c551-450d-b697-9ac2d536f12d/1/oGqOPGol1GOfOUWtFszF6Yo6kqY.mft
Manifest number:          1627
Signing time:             Mon 11 Aug 2025 01:01:03 +0000
Manifest this update:     Mon 11 Aug 2025 01:01:03 +0000
Manifest next update:     Tue 12 Aug 2025 01:01:03 +0000
Files and hashes:         1: oGqOPGol1GOfOUWtFszF6Yo6kqY.crl (hash: i2mj12vB5FwWK8DzCf/pfT5R2BjGdddYFWjx1XYbcOI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/d24305-c551-450d-b697-9ac2d536f12d/1/oGqOPGol1GOfOUWtFszF6Yo6kqY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/d24305-c551-450d-b697-9ac2d536f12d/1/oGqOPGol1GOfOUWtFszF6Yo6kqY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oGqOPGol1GOfOUWtFszF6Yo6kqY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 12 Aug 2025 01:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:96:a5:2c:35:00:97:13:2b:9d:54:fb:67:75:43:5c:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a06a8e3c6a25d4639f3945ad16ccc5e98a3a92a6
        Validity
            Not Before: Aug 11 01:01:03 2025 GMT
            Not After : Aug 12 01:01:03 2025 GMT
        Subject: CN=4e61de8fd2e892c35423dfdc4f6ea14fa46ab3a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:b4:1c:82:f0:0b:4f:ab:03:dc:dd:20:c6:5a:
                    fb:9c:18:5f:cc:03:5b:43:f9:f7:3e:9b:59:1b:cb:
                    4f:75:12:c1:14:59:85:33:1e:6b:ad:8e:7e:82:98:
                    6f:09:73:45:b6:6f:a6:28:2b:d5:ca:30:10:43:65:
                    67:3a:ea:31:0e:23:4c:f7:d0:18:a9:e6:9c:6b:4d:
                    4e:42:11:24:c6:46:24:a4:04:65:a9:34:30:9c:cb:
                    02:ec:31:14:f3:52:e1:ef:12:ab:80:08:99:81:57:
                    dc:14:27:96:8a:7c:d3:46:56:be:d0:d7:02:f5:16:
                    15:cc:f4:7d:59:3b:fe:98:41:fd:6a:ab:d9:8c:ac:
                    3d:0a:63:53:9e:f3:f4:ee:dc:34:84:63:cc:bd:d2:
                    72:15:88:c6:8d:ba:ec:80:f0:49:68:10:b0:8c:9c:
                    46:cd:d2:c4:24:6c:31:6e:11:4b:f3:34:18:ff:99:
                    0c:e0:af:2f:70:ee:e7:91:0f:d5:c9:fd:f4:2e:01:
                    07:ac:31:cd:be:e8:de:8e:6e:ad:19:a5:93:e0:60:
                    63:e9:5f:8c:15:a4:78:ff:bb:3e:a3:51:32:67:cf:
                    7b:29:44:4d:3a:b8:ca:7d:87:ba:96:df:b3:b9:3f:
                    cf:13:b4:75:22:c5:1e:ef:d2:4c:ed:b8:b9:e2:c0:
                    96:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:61:DE:8F:D2:E8:92:C3:54:23:DF:DC:4F:6E:A1:4F:A4:6A:B3:A7
            X509v3 Authority Key Identifier:
                keyid:A0:6A:8E:3C:6A:25:D4:63:9F:39:45:AD:16:CC:C5:E9:8A:3A:92:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oGqOPGol1GOfOUWtFszF6Yo6kqY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/d24305-c551-450d-b697-9ac2d536f12d/1/oGqOPGol1GOfOUWtFszF6Yo6kqY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/d24305-c551-450d-b697-9ac2d536f12d/1/oGqOPGol1GOfOUWtFszF6Yo6kqY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:24:90:06:ae:59:a3:6a:d1:be:ba:c4:9f:67:71:c3:26:e2:
         04:53:9f:f6:a0:c0:5d:ac:b5:e8:f6:b6:c0:9e:72:78:f5:10:
         1c:91:2e:c8:79:0a:4a:4b:b0:7c:6b:59:54:f6:2c:67:40:5c:
         72:62:84:e8:dd:71:27:70:7d:9b:34:87:4b:31:4e:66:23:49:
         93:de:c8:4f:95:16:20:8b:d0:4a:f5:e7:e9:1d:c8:d7:d6:ca:
         b3:78:6a:e0:e5:72:ba:bd:c4:44:10:23:b7:36:45:49:4c:b7:
         86:35:c4:c0:95:e8:a5:ea:f3:ee:e5:2a:ec:7c:21:38:62:b8:
         7b:d8:c5:6d:75:d0:f6:d0:fa:23:a1:56:7c:f7:f4:84:73:49:
         0b:03:4b:00:5a:10:39:27:0c:d2:b2:75:46:54:a2:0a:e4:53:
         11:b6:fe:7e:ec:7a:59:f7:2f:50:43:26:44:b6:3a:ec:54:46:
         b2:16:fd:63:0b:be:77:27:eb:92:3f:da:3e:a3:2e:9d:8d:e3:
         4c:de:6e:1d:57:43:a6:d4:cc:8a:23:0c:ff:f9:e5:4a:ae:0d:
         0d:21:ad:8d:68:19:e6:0b:66:f6:28:fc:9a:a5:dd:38:70:49:
         fa:09:6b:1b:76:4a:dd:d3:8b:c8:38:df:17:1b:b4:a2:de:53:
         8a:00:a8:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiWpSw1AJcTK51U+2d1Q1wAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNmE4ZTNjNmEyNWQ0NjM5ZjM5NDVhZDE2Y2NjNWU5OGEz
YTkyYTYwHhcNMjUwODExMDEwMTAzWhcNMjUwODEyMDEwMTAzWjAzMTEwLwYDVQQD
Eyg0ZTYxZGU4ZmQyZTg5MmMzNTQyM2RmZGM0ZjZlYTE0ZmE0NmFiM2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8LQcgvALT6sD3N0gxlr7nBhfzANb
Q/n3PptZG8tPdRLBFFmFMx5rrY5+gphvCXNFtm+mKCvVyjAQQ2VnOuoxDiNM99AY
qeaca01OQhEkxkYkpARlqTQwnMsC7DEU81Lh7xKrgAiZgVfcFCeWinzTRla+0NcC
9RYVzPR9WTv+mEH9aqvZjKw9CmNTnvP07tw0hGPMvdJyFYjGjbrsgPBJaBCwjJxG
zdLEJGwxbhFL8zQY/5kM4K8vcO7nkQ/Vyf30LgEHrDHNvujejm6tGaWT4GBj6V+M
FaR4/7s+o1EyZ897KURNOrjKfYe6lt+zuT/PE7R1IsUe79JM7bi54sCWewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE5h3o/S6JLDVCPf3E9uoU+karOnMB8GA1UdIwQY
MBaAFKBqjjxqJdRjnzlFrRbMxemKOpKmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0dxT1BHb2wxR09mT1VXdEZzekY2WW82a3FZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9kMjQzMDUtYzU1MS00NTBkLWI2OTct
OWFjMmQ1MzZmMTJkLzEvb0dxT1BHb2wxR09mT1VXdEZzekY2WW82a3FZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9kMjQzMDUtYzU1MS00NTBkLWI2OTctOWFjMmQ1MzZmMTJk
LzEvb0dxT1BHb2wxR09mT1VXdEZzekY2WW82a3FZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZSSQBq5Z
o2rRvrrEn2dxwybiBFOf9qDAXay16Pa2wJ5yePUQHJEuyHkKSkuwfGtZVPYsZ0Bc
cmKE6N1xJ3B9mzSHSzFOZiNJk97IT5UWIIvQSvXn6R3I19bKs3hq4OVyur3ERBAj
tzZFSUy3hjXEwJXoperz7uUq7HwhOGK4e9jFbXXQ9tD6I6FWfPf0hHNJCwNLAFoQ
OScM0rJ1RlSiCuRTEbb+fux6WfcvUEMmRLY67FRGshb9Ywu+dyfrkj/aPqMunY3j
TN5uHVdDptTMiiMM//nlSq4NDSGtjWgZ5gtm9ij8mqXdOHBJ+glrG3ZK3dOLyDjf
Fxu0ot5TigCo+A==
-----END CERTIFICATE-----