Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/57ac7f-f5c8-40ff-825c-46a85a28e749/1/Oc0dW7iJWMacvd6QqeBWtIxPq_g.mft
File:                     Oc0dW7iJWMacvd6QqeBWtIxPq_g.mft (raw, json)
Hash identifier:          GIn4FxV8L0awCNbiY3zff+Ju3gpn4Y1MPm65F7Bo4IQ=
Subject key identifier:   64:8D:26:CD:80:17:FC:3C:94:5F:06:26:56:73:B0:CC:DD:5A:0F:54
Authority key identifier: 39:CD:1D:5B:B8:89:58:C6:9C:BD:DE:90:A9:E0:56:B4:8C:4F:AB:F8
Certificate issuer:       /CN=39cd1d5bb88958c69cbdde90a9e056b48c4fabf8
Certificate serial:       019A4EF4B4B7198E83B7AE9F9890C12FF8BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Oc0dW7iJWMacvd6QqeBWtIxPq_g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/57ac7f-f5c8-40ff-825c-46a85a28e749/1/Oc0dW7iJWMacvd6QqeBWtIxPq_g.mft
Manifest number:          170A
Signing time:             Tue 04 Nov 2025 13:00:51 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:51 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:51 +0000
Files and hashes:         1: Oc0dW7iJWMacvd6QqeBWtIxPq_g.crl (hash: r3Puw/Bj8iDfLp/AqX5pHv0RRqEI3jbSlzsFLF/+A7k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/57ac7f-f5c8-40ff-825c-46a85a28e749/1/Oc0dW7iJWMacvd6QqeBWtIxPq_g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/57ac7f-f5c8-40ff-825c-46a85a28e749/1/Oc0dW7iJWMacvd6QqeBWtIxPq_g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Oc0dW7iJWMacvd6QqeBWtIxPq_g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:b4:b7:19:8e:83:b7:ae:9f:98:90:c1:2f:f8:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=39cd1d5bb88958c69cbdde90a9e056b48c4fabf8
        Validity
            Not Before: Nov  4 13:00:51 2025 GMT
            Not After : Nov  5 13:00:51 2025 GMT
        Subject: CN=648d26cd8017fc3c945f06265673b0ccdd5a0f54
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:88:bf:28:0d:a4:e5:70:4b:60:fd:6c:6c:90:
                    fd:c5:cf:27:8e:37:66:39:e0:78:f4:00:b9:07:89:
                    40:a4:e7:23:c8:6c:d3:16:95:10:27:37:dd:3f:9f:
                    e6:fd:85:34:82:18:b7:1a:1a:cb:45:2a:94:2a:e7:
                    cf:39:bd:37:db:86:78:89:2f:76:74:dd:2c:ab:73:
                    45:be:12:96:82:d1:ae:c0:be:87:ad:df:62:ab:b5:
                    72:51:d4:f6:d8:70:3f:ef:9e:34:e6:d5:15:20:97:
                    f6:a4:cd:19:33:8d:50:b2:61:5c:a0:15:c1:9c:f1:
                    d3:1e:cc:6a:76:ba:6a:82:eb:4a:e4:09:91:e6:02:
                    7b:23:d5:7b:8e:df:1b:8e:ba:9f:a7:42:c8:7d:bf:
                    9a:cc:75:6a:56:bc:6b:c2:f2:61:fe:86:4a:8d:9f:
                    8a:fd:a6:b5:31:ab:99:4d:48:a0:da:dd:d4:c4:61:
                    5b:b2:46:84:49:cb:56:dc:9f:dc:91:44:9a:14:69:
                    8c:8d:b6:d6:12:ef:df:5d:3a:6a:97:62:d4:25:89:
                    3b:e7:c2:b8:0a:97:ca:24:fb:b3:14:3d:a5:4f:92:
                    c6:ab:2b:ce:75:49:20:10:b7:2e:53:35:47:8d:b8:
                    2f:95:21:d7:49:1d:c2:29:9b:db:1e:45:1f:32:0f:
                    69:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:8D:26:CD:80:17:FC:3C:94:5F:06:26:56:73:B0:CC:DD:5A:0F:54
            X509v3 Authority Key Identifier:
                keyid:39:CD:1D:5B:B8:89:58:C6:9C:BD:DE:90:A9:E0:56:B4:8C:4F:AB:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Oc0dW7iJWMacvd6QqeBWtIxPq_g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/57ac7f-f5c8-40ff-825c-46a85a28e749/1/Oc0dW7iJWMacvd6QqeBWtIxPq_g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/57ac7f-f5c8-40ff-825c-46a85a28e749/1/Oc0dW7iJWMacvd6QqeBWtIxPq_g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:c8:62:86:1c:c1:c2:90:61:83:ab:bf:94:83:1a:69:44:ca:
         9c:4a:69:a7:17:f8:05:83:ed:65:14:a3:17:5a:81:2f:52:b3:
         11:1a:ed:92:39:cf:0c:8b:36:e3:9c:0f:7e:5c:30:a6:ce:f7:
         e9:78:15:83:d1:32:ba:83:05:b1:e8:f1:e6:68:b9:02:49:05:
         77:c4:bd:f7:46:49:ca:1f:f6:10:08:ce:77:87:d4:65:64:18:
         62:46:4d:68:f9:ec:2f:78:e6:5b:5f:3b:d5:1b:9e:b4:92:de:
         4c:c6:19:97:87:9d:9a:db:94:e6:ca:a1:27:29:6e:d1:a5:4e:
         b9:55:41:18:7b:15:ef:1e:f6:48:b2:d1:6a:b4:34:99:14:d6:
         c4:a6:b0:8b:0d:ae:5b:2f:75:21:57:69:2d:33:56:d3:e5:bb:
         44:82:16:67:d3:c8:c0:13:cf:17:4d:62:33:32:85:fe:b7:67:
         a8:19:81:69:84:92:57:39:cf:05:d8:7d:85:79:a9:90:de:4c:
         be:d5:a8:7b:3f:d5:21:ce:4e:53:64:d1:92:fd:62:67:bf:74:
         0a:23:8a:92:f7:2c:50:f6:8b:35:e2:59:47:56:2a:bc:5a:54:
         7d:7c:f9:a4:ae:3c:8e:d7:d6:d7:c6:37:c9:1c:e1:70:d8:ee:
         37:4c:1e:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9LS3GY6Dt66fmJDBL/i7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5Y2QxZDViYjg4OTU4YzY5Y2JkZGU5MGE5ZTA1NmI0OGM0
ZmFiZjgwHhcNMjUxMTA0MTMwMDUxWhcNMjUxMTA1MTMwMDUxWjAzMTEwLwYDVQQD
Eyg2NDhkMjZjZDgwMTdmYzNjOTQ1ZjA2MjY1NjczYjBjY2RkNWEwZjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzYi/KA2k5XBLYP1sbJD9xc8njjdm
OeB49AC5B4lApOcjyGzTFpUQJzfdP5/m/YU0ghi3GhrLRSqUKufPOb0324Z4iS92
dN0sq3NFvhKWgtGuwL6Hrd9iq7VyUdT22HA/75405tUVIJf2pM0ZM41QsmFcoBXB
nPHTHsxqdrpqgutK5AmR5gJ7I9V7jt8bjrqfp0LIfb+azHVqVrxrwvJh/oZKjZ+K
/aa1MauZTUig2t3UxGFbskaESctW3J/ckUSaFGmMjbbWEu/fXTpql2LUJYk758K4
CpfKJPuzFD2lT5LGqyvOdUkgELcuUzVHjbgvlSHXSR3CKZvbHkUfMg9pfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGSNJs2AF/w8lF8GJlZzsMzdWg9UMB8GA1UdIwQY
MBaAFDnNHVu4iVjGnL3ekKngVrSMT6v4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2MwZFc3aUpXTWFjdmQ2UXFlQld0SXhQcV9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi81N2FjN2YtZjVjOC00MGZmLTgyNWMt
NDZhODVhMjhlNzQ5LzEvT2MwZFc3aUpXTWFjdmQ2UXFlQld0SXhQcV9nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi81N2FjN2YtZjVjOC00MGZmLTgyNWMtNDZhODVhMjhlNzQ5
LzEvT2MwZFc3aUpXTWFjdmQ2UXFlQld0SXhQcV9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF8hihhzB
wpBhg6u/lIMaaUTKnEpppxf4BYPtZRSjF1qBL1KzERrtkjnPDIs245wPflwwps73
6XgVg9EyuoMFsejx5mi5AkkFd8S990ZJyh/2EAjOd4fUZWQYYkZNaPnsL3jmW187
1RuetJLeTMYZl4edmtuU5sqhJylu0aVOuVVBGHsV7x72SLLRarQ0mRTWxKawiw2u
Wy91IVdpLTNW0+W7RIIWZ9PIwBPPF01iMzKF/rdnqBmBaYSSVznPBdh9hXmpkN5M
vtWoez/VIc5OU2TRkv1iZ790CiOKkvcsUPaLNeJZR1YqvFpUfXz5pK48jtfW18Y3
yRzhcNjuN0wekg==
-----END CERTIFICATE-----