Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.mft
File:                     OZ17KbLru-43WSMgfh2FZU8LV7o.mft (raw, json)
Hash identifier:          ODcrMcXtB7jsqMMnQ46kEAQyW8VU17qGfsReqvaBo9c=
Subject key identifier:   73:7B:A1:2C:C3:8B:F0:B9:28:0E:29:38:89:CF:0F:2E:46:85:11:09
Authority key identifier: 39:9D:7B:29:B2:EB:BB:EE:37:59:23:20:7E:1D:85:65:4F:0B:57:BA
Certificate issuer:       /CN=399d7b29b2ebbbee375923207e1d85654f0b57ba
Certificate serial:       0197B7458ACE41FD7F5D95A5CDCBD66A8D70
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OZ17KbLru-43WSMgfh2FZU8LV7o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.mft
Manifest number:          01FF
Signing time:             Sat 28 Jun 2025 16:01:17 +0000
Manifest this update:     Sat 28 Jun 2025 16:01:17 +0000
Manifest next update:     Sun 29 Jun 2025 16:01:17 +0000
Files and hashes:         1: OZ17KbLru-43WSMgfh2FZU8LV7o.crl (hash: YryRnkFLE0U9SJydJxusH1YVmurlksoUEbNKTbC07QA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OZ17KbLru-43WSMgfh2FZU8LV7o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:45:8a:ce:41:fd:7f:5d:95:a5:cd:cb:d6:6a:8d:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=399d7b29b2ebbbee375923207e1d85654f0b57ba
        Validity
            Not Before: Jun 28 16:01:17 2025 GMT
            Not After : Jun 29 16:01:17 2025 GMT
        Subject: CN=737ba12cc38bf0b9280e293889cf0f2e46851109
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:6b:0b:2f:bc:e3:81:12:2f:f6:2f:39:61:e8:
                    26:d7:49:8c:a1:9b:09:bc:e5:f2:1d:98:e2:fa:87:
                    24:89:e5:ab:f4:87:09:8b:aa:b1:35:93:71:35:2e:
                    95:63:b9:fd:3e:ad:61:c0:41:05:6a:8a:d1:d9:c1:
                    19:8f:41:cb:9a:cd:51:76:ef:04:7e:16:5b:c0:38:
                    c9:95:36:94:01:c0:fa:b6:de:dd:5c:43:d3:d8:c8:
                    c5:90:08:f1:36:57:33:e9:ff:bf:78:3d:ae:61:47:
                    0a:13:3f:24:ff:6d:90:2e:af:fb:ad:f9:a5:31:fd:
                    da:80:49:2f:95:30:ba:e9:b8:96:4f:c4:f5:37:28:
                    f4:6b:0a:89:eb:4e:95:f6:66:7b:c6:56:ba:9c:c3:
                    0f:70:2b:5a:6d:30:75:13:f1:d8:39:86:4d:f5:c8:
                    15:67:10:7c:09:2a:33:97:0f:b8:26:5e:80:f7:af:
                    53:8d:0e:f9:60:55:3e:6f:76:7d:eb:61:1e:26:be:
                    1b:84:98:6f:dc:cd:1c:9e:be:52:e4:3f:79:0d:fc:
                    33:67:f2:29:33:88:73:9e:16:c7:06:70:18:bb:62:
                    83:73:2b:43:d1:b0:60:13:44:60:96:79:a8:5f:34:
                    96:6f:e3:47:5e:63:e3:57:3b:07:33:7a:16:8f:e5:
                    a9:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:7B:A1:2C:C3:8B:F0:B9:28:0E:29:38:89:CF:0F:2E:46:85:11:09
            X509v3 Authority Key Identifier:
                keyid:39:9D:7B:29:B2:EB:BB:EE:37:59:23:20:7E:1D:85:65:4F:0B:57:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OZ17KbLru-43WSMgfh2FZU8LV7o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:22:ad:d9:54:21:a3:ff:9d:29:e3:3f:2e:44:15:35:3b:a2:
         4a:ec:ce:e4:2a:79:ec:43:8d:89:64:31:be:ae:d7:b6:55:b4:
         15:70:4e:4f:aa:73:58:06:8a:85:d0:8c:3b:f5:bc:df:25:13:
         57:25:90:ba:68:89:39:b5:a0:ab:cc:c3:2f:77:6d:18:1f:1d:
         7c:7f:30:f7:85:a0:8c:7f:b4:3b:dc:d7:c8:85:87:1c:ab:61:
         6d:21:89:c1:9a:1a:ab:c6:5a:e8:b7:ba:ad:8d:28:a9:11:62:
         71:03:76:74:dd:01:ff:70:7a:cc:45:44:fc:88:9b:60:38:d4:
         30:59:53:a9:32:fa:6c:fc:60:a7:4c:53:9f:ac:0a:ae:58:e5:
         3f:c2:ed:8a:2f:d4:6d:86:8c:f4:94:f9:a0:53:2d:06:e2:d3:
         75:89:e2:58:ad:b5:d2:71:0c:88:07:70:38:57:83:66:18:e2:
         a0:4f:50:77:ff:6f:b4:f9:b1:a4:d9:6c:ca:63:bd:5c:4e:f9:
         5e:b2:1c:e7:dc:51:19:43:23:78:14:2b:52:4a:b8:a5:b4:8b:
         29:b7:a1:38:9f:f0:66:13:85:2b:bc:35:49:17:fc:44:05:6e:
         1f:cb:87:f2:d2:3f:6c:81:94:d1:fc:ec:cd:29:67:a0:6e:84:
         c1:db:16:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RYrOQf1/XZWlzcvWao1wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5OWQ3YjI5YjJlYmJiZWUzNzU5MjMyMDdlMWQ4NTY1NGYw
YjU3YmEwHhcNMjUwNjI4MTYwMTE3WhcNMjUwNjI5MTYwMTE3WjAzMTEwLwYDVQQD
Eyg3MzdiYTEyY2MzOGJmMGI5MjgwZTI5Mzg4OWNmMGYyZTQ2ODUxMTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0WsLL7zjgRIv9i85Yegm10mMoZsJ
vOXyHZji+ockieWr9IcJi6qxNZNxNS6VY7n9Pq1hwEEFaorR2cEZj0HLms1Rdu8E
fhZbwDjJlTaUAcD6tt7dXEPT2MjFkAjxNlcz6f+/eD2uYUcKEz8k/22QLq/7rfml
Mf3agEkvlTC66biWT8T1Nyj0awqJ606V9mZ7xla6nMMPcCtabTB1E/HYOYZN9cgV
ZxB8CSozlw+4Jl6A969TjQ75YFU+b3Z962EeJr4bhJhv3M0cnr5S5D95DfwzZ/Ip
M4hznhbHBnAYu2KDcytD0bBgE0RglnmoXzSWb+NHXmPjVzsHM3oWj+Wp8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHN7oSzDi/C5KA4pOInPDy5GhREJMB8GA1UdIwQY
MBaAFDmdeymy67vuN1kjIH4dhWVPC1e6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1oxN0tiTHJ1LTQzV1NNZ2ZoMkZaVThMVjdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8zOTFjOGQtNmFjNi00YzA2LTlhNDAt
YTZiNWE4YmUxMTEzLzEvT1oxN0tiTHJ1LTQzV1NNZ2ZoMkZaVThMVjdvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8zOTFjOGQtNmFjNi00YzA2LTlhNDAtYTZiNWE4YmUxMTEz
LzEvT1oxN0tiTHJ1LTQzV1NNZ2ZoMkZaVThMVjdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYSKt2VQh
o/+dKeM/LkQVNTuiSuzO5Cp57EONiWQxvq7XtlW0FXBOT6pzWAaKhdCMO/W83yUT
VyWQumiJObWgq8zDL3dtGB8dfH8w94WgjH+0O9zXyIWHHKthbSGJwZoaq8Za6Le6
rY0oqRFicQN2dN0B/3B6zEVE/IibYDjUMFlTqTL6bPxgp0xTn6wKrljlP8Ltii/U
bYaM9JT5oFMtBuLTdYniWK210nEMiAdwOFeDZhjioE9Qd/9vtPmxpNlsymO9XE75
XrIc59xRGUMjeBQrUkq4pbSLKbehOJ/wZhOFK7w1SRf8RAVuH8uH8tI/bIGU0fzs
zSlnoG6EwdsWUg==
-----END CERTIFICATE-----