Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.mft
File:                     O1HtwFDk-YX73VeMzgKtyIDGyKc.mft (raw, json)
Hash identifier:          JAsR4xUpKQ35gX7MxdHtookClsbPuUKv1Ih046jBMac=
Subject key identifier:   88:A2:C6:05:9B:7E:A9:69:05:E9:4D:27:41:C4:A4:3A:66:EA:52:FA
Authority key identifier: 3B:51:ED:C0:50:E4:F9:85:FB:DD:57:8C:CE:02:AD:C8:80:C6:C8:A7
Certificate issuer:       /CN=3b51edc050e4f985fbdd578cce02adc880c6c8a7
Certificate serial:       019677FB027DC3CF867F58EEDF25046AF771
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O1HtwFDk-YX73VeMzgKtyIDGyKc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.mft
Manifest number:          0C6A
Signing time:             Sun 27 Apr 2025 16:01:00 +0000
Manifest this update:     Sun 27 Apr 2025 16:01:00 +0000
Manifest next update:     Mon 28 Apr 2025 16:01:00 +0000
Files and hashes:         1: O1HtwFDk-YX73VeMzgKtyIDGyKc.crl (hash: kBo8AnLbrIK4Dh8UbZDhBRz0B5FqkG+qipGZyUdUTwc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O1HtwFDk-YX73VeMzgKtyIDGyKc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 14:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:77:fb:02:7d:c3:cf:86:7f:58:ee:df:25:04:6a:f7:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b51edc050e4f985fbdd578cce02adc880c6c8a7
        Validity
            Not Before: Apr 27 16:01:00 2025 GMT
            Not After : Apr 28 16:01:00 2025 GMT
        Subject: CN=88a2c6059b7ea96905e94d2741c4a43a66ea52fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:a5:24:44:19:50:04:78:f6:43:10:3f:57:d8:
                    2e:7a:91:92:c0:85:20:60:c5:d7:78:3c:dc:b6:46:
                    8e:52:6d:4a:23:e1:ac:ad:e4:76:74:06:6f:a8:c4:
                    09:93:f4:8b:52:8a:8b:26:8e:7e:68:e7:38:5e:05:
                    52:ea:01:22:35:df:f6:17:d9:15:1c:39:b5:d8:92:
                    31:a4:e3:e7:b7:c1:d2:cb:05:59:18:95:34:62:a4:
                    3e:3b:ac:e8:4e:4c:f2:70:36:72:4a:91:a0:45:05:
                    5f:19:29:43:79:97:8d:6a:f9:6b:ba:c9:56:72:de:
                    de:93:d9:de:7d:37:9b:01:f9:42:6e:a6:bc:9c:e8:
                    9f:b5:cb:69:f1:90:a1:1d:51:a3:7b:2c:11:8c:da:
                    d0:26:3a:3c:28:36:5f:ed:00:ca:11:13:5c:4f:5f:
                    2d:60:b3:c2:6c:3e:35:1f:b0:5e:4b:cd:b8:19:42:
                    cc:24:4a:15:b0:08:58:49:16:0c:88:b0:02:94:89:
                    6b:7d:70:25:80:68:dc:02:cd:89:83:57:e4:cb:49:
                    ee:65:d3:7e:56:4f:e8:4f:2b:67:6e:8b:90:15:0c:
                    89:18:6d:7d:79:bb:d1:e9:c7:c6:6f:bc:fb:23:04:
                    c0:42:25:b3:0d:a8:f9:53:9c:05:70:18:88:b0:99:
                    8e:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:A2:C6:05:9B:7E:A9:69:05:E9:4D:27:41:C4:A4:3A:66:EA:52:FA
            X509v3 Authority Key Identifier:
                keyid:3B:51:ED:C0:50:E4:F9:85:FB:DD:57:8C:CE:02:AD:C8:80:C6:C8:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O1HtwFDk-YX73VeMzgKtyIDGyKc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:85:82:17:8b:6f:10:cd:1c:a0:b6:a4:97:6a:2d:97:ec:a8:
         93:b8:5f:24:7d:e0:88:a5:d9:d0:af:10:5b:6f:3b:28:24:56:
         19:c0:68:9c:05:7e:d6:5c:05:8c:b6:39:ad:ee:2b:f2:3d:86:
         e1:ca:e5:a9:f2:01:ce:9c:18:10:fc:1c:f6:db:ee:47:05:05:
         61:fe:18:a7:d8:01:c6:14:7a:25:70:fc:11:95:f1:25:b6:49:
         36:84:80:ad:06:56:3a:b9:e2:ff:2d:38:0c:63:5e:bc:83:4c:
         72:d8:32:a1:fd:30:07:cc:f3:65:a6:8d:54:75:a9:5a:9a:af:
         fc:8f:9e:cb:7f:10:9e:0e:69:33:87:cb:fe:79:60:b9:cb:74:
         fe:a0:be:d3:b1:3a:08:db:d1:66:7b:a0:9f:b0:ae:70:13:8a:
         96:9a:37:4a:f3:7c:8f:0d:a7:49:b7:89:94:4d:a0:9d:be:48:
         08:d4:ab:2b:62:8c:03:9f:bd:75:ec:e5:20:1f:55:87:db:8f:
         8b:a4:e2:c7:a9:b1:a8:a6:dc:6e:be:26:1b:db:a5:54:e1:6f:
         7a:f7:69:69:39:6a:27:08:a9:33:f6:ac:0b:e0:4e:08:e1:e5:
         04:b2:33:01:ff:f2:a6:fb:64:f3:5b:00:cd:89:4f:40:dd:0d:
         d2:0d:6b:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ3+wJ9w8+Gf1ju3yUEavdxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNTFlZGMwNTBlNGY5ODVmYmRkNTc4Y2NlMDJhZGM4ODBj
NmM4YTcwHhcNMjUwNDI3MTYwMTAwWhcNMjUwNDI4MTYwMTAwWjAzMTEwLwYDVQQD
Eyg4OGEyYzYwNTliN2VhOTY5MDVlOTRkMjc0MWM0YTQzYTY2ZWE1MmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9aUkRBlQBHj2QxA/V9guepGSwIUg
YMXXeDzctkaOUm1KI+GsreR2dAZvqMQJk/SLUoqLJo5+aOc4XgVS6gEiNd/2F9kV
HDm12JIxpOPnt8HSywVZGJU0YqQ+O6zoTkzycDZySpGgRQVfGSlDeZeNavlruslW
ct7ek9nefTebAflCbqa8nOiftctp8ZChHVGjeywRjNrQJjo8KDZf7QDKERNcT18t
YLPCbD41H7BeS824GULMJEoVsAhYSRYMiLAClIlrfXAlgGjcAs2Jg1fky0nuZdN+
Vk/oTytnbouQFQyJGG19ebvR6cfGb7z7IwTAQiWzDaj5U5wFcBiIsJmOQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIiixgWbfqlpBelNJ0HEpDpm6lL6MB8GA1UdIwQY
MBaAFDtR7cBQ5PmF+91XjM4CrciAxsinMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzFIdHdGRGstWVg3M1ZlTXpnS3R5SURHeUtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9jYTcxYzgtMTNiYS00NzFiLWFmOTgt
YmNjYTYxZTM5Y2MzLzEvTzFIdHdGRGstWVg3M1ZlTXpnS3R5SURHeUtjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9jYTcxYzgtMTNiYS00NzFiLWFmOTgtYmNjYTYxZTM5Y2Mz
LzEvTzFIdHdGRGstWVg3M1ZlTXpnS3R5SURHeUtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm4WCF4tv
EM0coLakl2otl+yok7hfJH3giKXZ0K8QW287KCRWGcBonAV+1lwFjLY5re4r8j2G
4crlqfIBzpwYEPwc9tvuRwUFYf4Yp9gBxhR6JXD8EZXxJbZJNoSArQZWOrni/y04
DGNevINMctgyof0wB8zzZaaNVHWpWpqv/I+ey38Qng5pM4fL/nlguct0/qC+07E6
CNvRZnugn7CucBOKlpo3SvN8jw2nSbeJlE2gnb5ICNSrK2KMA5+9dezlIB9Vh9uP
i6Tix6mxqKbcbr4mG9ulVOFvevdpaTlqJwipM/asC+BOCOHlBLIzAf/ypvtk81sA
zYlPQN0N0g1rSg==
-----END CERTIFICATE-----