Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft
File:                     OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft (raw, json)
Hash identifier:          oh828vgDB+nK5Wd+WHu+JzNC5LKEfE5tEOZmusk88k4=
Subject key identifier:   58:AA:24:59:33:1C:51:5B:B0:34:D1:C9:D7:CC:AD:E2:3B:BD:69:13
Authority key identifier: 3A:74:E0:7C:2D:EF:CA:14:BF:2D:6C:7A:15:D5:A9:33:0D:09:37:48
Certificate issuer:       /CN=3a74e07c2defca14bf2d6c7a15d5a9330d093748
Certificate serial:       0197873417D8398711F72B562406DA0111D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OnTgfC3vyhS_LWx6FdWpMw0JN0g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft
Manifest number:          0518
Signing time:             Thu 19 Jun 2025 08:00:27 +0000
Manifest this update:     Thu 19 Jun 2025 08:00:27 +0000
Manifest next update:     Fri 20 Jun 2025 08:00:27 +0000
Files and hashes:         1: OnTgfC3vyhS_LWx6FdWpMw0JN0g.crl (hash: Ya2grtbyZ+og9cjWj/QJyz5IOZBEDYGmLGFlK0Z8er4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OnTgfC3vyhS_LWx6FdWpMw0JN0g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 20 Jun 2025 08:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:87:34:17:d8:39:87:11:f7:2b:56:24:06:da:01:11:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a74e07c2defca14bf2d6c7a15d5a9330d093748
        Validity
            Not Before: Jun 19 08:00:27 2025 GMT
            Not After : Jun 20 08:00:27 2025 GMT
        Subject: CN=58aa2459331c515bb034d1c9d7ccade23bbd6913
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:10:56:3b:2b:1a:85:37:7b:6f:03:10:24:42:
                    0f:64:c3:f5:bd:5c:8f:34:08:78:12:57:11:ee:09:
                    8d:93:c9:f0:91:38:90:db:4c:09:25:48:a3:c5:4a:
                    b5:61:8f:2d:13:78:b9:cf:34:51:15:76:85:11:d6:
                    a6:a4:97:cf:e9:a2:f7:08:dc:72:b7:e3:57:15:2e:
                    6f:29:ac:46:63:fe:38:c4:f3:a7:80:c3:55:64:cb:
                    5a:67:d4:12:66:26:6c:ea:1b:a0:5a:24:92:6e:7a:
                    e8:15:1e:a4:61:81:d9:c2:a4:b2:09:ff:20:8e:87:
                    82:08:71:89:61:b4:84:7e:16:ab:82:70:26:87:8b:
                    fe:a6:72:3c:ed:88:17:80:79:c4:31:e7:91:3d:5a:
                    c2:41:a3:53:14:6f:6d:d1:48:1f:14:5c:b1:51:4c:
                    7e:25:9c:df:99:ff:73:3c:17:5f:d8:f5:94:62:57:
                    1f:10:a9:74:09:c6:8e:ca:81:95:5d:41:43:90:a9:
                    f5:7c:b6:2b:ab:e8:c9:b4:c6:34:05:aa:b9:a5:a9:
                    da:70:f7:95:81:53:c2:30:92:f2:47:f9:00:2f:d0:
                    de:d6:98:89:79:78:2d:87:f7:ae:8b:b6:98:85:b3:
                    c9:24:a7:0f:96:42:b8:56:7b:c9:82:65:f9:1f:57:
                    cf:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:AA:24:59:33:1C:51:5B:B0:34:D1:C9:D7:CC:AD:E2:3B:BD:69:13
            X509v3 Authority Key Identifier:
                keyid:3A:74:E0:7C:2D:EF:CA:14:BF:2D:6C:7A:15:D5:A9:33:0D:09:37:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OnTgfC3vyhS_LWx6FdWpMw0JN0g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8d:b7:b0:35:36:9a:26:b5:fc:17:d9:a5:88:ad:4e:6d:71:c1:
         4b:b8:28:67:79:77:82:84:bd:1a:ce:72:9f:b5:24:2e:bb:10:
         82:c6:d4:ba:a8:21:f1:8d:c2:7f:21:00:90:61:db:80:f4:7c:
         f0:9d:29:aa:fe:ec:22:da:b2:66:3d:c3:e3:f1:60:49:5e:08:
         47:ef:db:ea:af:57:17:f3:c5:54:0d:bc:65:c7:8e:f0:f1:e6:
         38:ac:8c:8d:b9:43:48:4d:68:f9:fc:cd:d3:eb:d1:6b:1b:ee:
         b4:0a:dd:ab:3e:81:26:67:3b:9e:15:cc:68:2d:8b:3c:ce:38:
         df:39:4c:7a:15:98:4c:9a:93:0b:88:57:b8:e1:d0:4d:fd:86:
         ea:00:9c:31:d9:22:76:7d:1d:24:60:3e:8d:67:dc:de:50:d8:
         9b:51:2d:da:de:54:ab:ca:ae:33:a9:45:ec:ab:b2:da:48:58:
         84:41:00:29:08:1e:68:69:49:37:41:b3:e0:da:8b:04:de:29:
         b1:cf:11:45:51:c1:3f:7e:60:65:9e:c2:3a:28:b6:29:18:10:
         79:3d:25:48:4a:65:a0:f4:bf:77:5d:2c:6f:5a:6c:ed:96:75:
         03:e2:9e:f2:e4:a8:61:84:b4:f0:bc:d8:ec:b8:f2:50:ae:e4:
         78:29:9b:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZeHNBfYOYcR9ytWJAbaARHXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNzRlMDdjMmRlZmNhMTRiZjJkNmM3YTE1ZDVhOTMzMGQw
OTM3NDgwHhcNMjUwNjE5MDgwMDI3WhcNMjUwNjIwMDgwMDI3WjAzMTEwLwYDVQQD
Eyg1OGFhMjQ1OTMzMWM1MTViYjAzNGQxYzlkN2NjYWRlMjNiYmQ2OTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohBWOysahTd7bwMQJEIPZMP1vVyP
NAh4ElcR7gmNk8nwkTiQ20wJJUijxUq1YY8tE3i5zzRRFXaFEdampJfP6aL3CNxy
t+NXFS5vKaxGY/44xPOngMNVZMtaZ9QSZiZs6hugWiSSbnroFR6kYYHZwqSyCf8g
joeCCHGJYbSEfhargnAmh4v+pnI87YgXgHnEMeeRPVrCQaNTFG9t0UgfFFyxUUx+
JZzfmf9zPBdf2PWUYlcfEKl0CcaOyoGVXUFDkKn1fLYrq+jJtMY0Baq5panacPeV
gVPCMJLyR/kAL9De1piJeXgth/eui7aYhbPJJKcPlkK4VnvJgmX5H1fPewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFiqJFkzHFFbsDTRydfMreI7vWkTMB8GA1UdIwQY
MBaAFDp04Hwt78oUvy1sehXVqTMNCTdIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT25UZ2ZDM3Z5aFNfTFd4NkZkV3BNdzBKTjBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi82NTg3ZDgtNTg5OC00NWE0LWE1ZTMt
ZDY0MmU0YjA4MWJkLzEvT25UZ2ZDM3Z5aFNfTFd4NkZkV3BNdzBKTjBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi82NTg3ZDgtNTg5OC00NWE0LWE1ZTMtZDY0MmU0YjA4MWJk
LzEvT25UZ2ZDM3Z5aFNfTFd4NkZkV3BNdzBKTjBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjbewNTaa
JrX8F9mliK1ObXHBS7goZ3l3goS9Gs5yn7UkLrsQgsbUuqgh8Y3CfyEAkGHbgPR8
8J0pqv7sItqyZj3D4/FgSV4IR+/b6q9XF/PFVA28ZceO8PHmOKyMjblDSE1o+fzN
0+vRaxvutArdqz6BJmc7nhXMaC2LPM443zlMehWYTJqTC4hXuOHQTf2G6gCcMdki
dn0dJGA+jWfc3lDYm1Et2t5Uq8quM6lF7Kuy2khYhEEAKQgeaGlJN0Gz4NqLBN4p
sc8RRVHBP35gZZ7COii2KRgQeT0lSEploPS/d10sb1ps7ZZ1A+Ke8uSoYYS08LzY
7LjyUK7keCmbdg==
-----END CERTIFICATE-----