Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft
File:                     O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft (raw, json)
Hash identifier:          dQHrUpPLxXHlPG7recjlqdCDKNii2ylqNcy5aec5yf8=
Subject key identifier:   2B:1B:17:78:AC:E7:B5:79:76:35:BC:0B:DE:33:50:3D:EC:EE:B0:A6
Authority key identifier: 3B:55:E7:FE:B9:07:13:72:99:F5:79:2C:36:39:5E:FB:A9:B3:4B:62
Certificate issuer:       /CN=3b55e7feb907137299f5792c36395efba9b34b62
Certificate serial:       0198D705A886B6EAD5E1C8E978ECB9D93EAF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O1Xn_rkHE3KZ9XksNjle-6mzS2I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft
Manifest number:          0EF1
Signing time:             Sat 23 Aug 2025 13:02:08 +0000
Manifest this update:     Sat 23 Aug 2025 13:02:08 +0000
Manifest next update:     Sun 24 Aug 2025 13:02:08 +0000
Files and hashes:         1: O1Xn_rkHE3KZ9XksNjle-6mzS2I.crl (hash: rUXy2QAvZDVsdYeZrsAis9QS3WocsO2reoAt+d4lIGE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O1Xn_rkHE3KZ9XksNjle-6mzS2I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:05:a8:86:b6:ea:d5:e1:c8:e9:78:ec:b9:d9:3e:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b55e7feb907137299f5792c36395efba9b34b62
        Validity
            Not Before: Aug 23 13:02:08 2025 GMT
            Not After : Aug 24 13:02:08 2025 GMT
        Subject: CN=2b1b1778ace7b5797635bc0bde33503deceeb0a6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:97:fd:d2:ca:02:8c:27:d9:91:a1:e3:be:db:
                    6f:8c:d5:f5:a3:bf:6d:f2:a2:38:f8:da:e4:1d:b4:
                    d4:93:b7:25:d4:7b:15:bb:f4:55:c5:09:f9:e6:7f:
                    70:c0:fa:80:61:e3:69:70:df:1b:b3:5a:29:09:94:
                    24:ba:72:c9:cd:9d:ac:ed:11:2b:ba:d9:73:8b:3c:
                    97:23:b7:6d:70:c2:79:73:34:2b:ff:d8:db:e9:72:
                    0b:69:cc:c2:d8:f4:aa:ce:55:93:c1:e5:e0:28:f1:
                    2e:fc:e1:d8:b1:a2:e7:30:b0:94:6c:0d:c3:2c:80:
                    1e:ea:d8:ab:a9:07:36:9d:36:16:8c:1a:e2:43:9e:
                    b5:c5:d0:a7:1b:77:62:73:ee:f8:55:ba:b7:f4:30:
                    0b:a9:2e:29:b8:9f:b5:01:df:37:1b:66:16:33:40:
                    8b:cb:3a:bd:13:24:ea:f5:38:f9:40:2b:d1:d6:04:
                    40:95:ff:35:70:cf:84:c6:04:4d:f4:ce:b2:34:ab:
                    df:95:53:24:04:22:06:a6:bb:b0:4f:e7:9b:b2:7a:
                    76:e6:69:26:2c:c6:1e:11:b6:7d:e9:c2:ef:1f:52:
                    fd:e4:d6:96:51:c5:86:e9:95:4a:34:ca:30:11:9c:
                    85:20:28:13:c2:04:1d:2c:e5:ab:0a:32:b2:c5:d1:
                    40:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:1B:17:78:AC:E7:B5:79:76:35:BC:0B:DE:33:50:3D:EC:EE:B0:A6
            X509v3 Authority Key Identifier:
                keyid:3B:55:E7:FE:B9:07:13:72:99:F5:79:2C:36:39:5E:FB:A9:B3:4B:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O1Xn_rkHE3KZ9XksNjle-6mzS2I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:0f:60:df:2c:a6:ca:bf:4f:8b:fd:b6:18:d4:80:b1:04:61:
         d1:27:02:2f:e7:99:c4:2a:ba:97:a1:64:34:36:f1:78:68:ae:
         0d:93:b2:bc:5d:4c:20:ba:99:aa:31:26:29:74:90:15:12:90:
         b1:2e:76:95:59:56:ad:2e:a4:74:1a:76:76:ef:ad:29:f5:da:
         eb:0a:85:7b:78:6f:fb:30:ea:af:e2:2b:34:5a:65:81:67:0e:
         4d:b6:87:c6:ad:d0:02:9c:3a:75:fa:ed:bf:de:0b:e6:43:00:
         77:7a:40:3f:bb:d6:df:dd:89:1a:a5:e9:0f:e5:6e:e8:fa:84:
         65:6d:bb:05:6b:a3:23:b8:0d:46:7c:13:d8:9d:52:a6:f3:13:
         42:0d:70:22:d9:fa:8f:f2:14:26:6f:87:ba:74:bc:e4:8c:16:
         89:36:0d:76:18:28:25:23:49:8a:a0:5c:42:3a:10:cb:83:95:
         98:c8:eb:86:34:6f:04:a4:be:df:01:a3:65:89:e4:23:2a:5f:
         e5:3f:be:17:5b:dc:1e:f2:2d:18:28:bb:01:1c:3d:86:29:2b:
         74:b9:4a:1a:95:fe:37:bb:fa:a1:3d:2d:1e:d6:97:0c:d2:f7:
         f2:ef:3f:22:eb:bc:3d:e0:4a:1c:0d:84:f7:c5:7c:de:47:df:
         ee:b7:76:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXBaiGturV4cjpeOy52T6vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNTVlN2ZlYjkwNzEzNzI5OWY1NzkyYzM2Mzk1ZWZiYTli
MzRiNjIwHhcNMjUwODIzMTMwMjA4WhcNMjUwODI0MTMwMjA4WjAzMTEwLwYDVQQD
EygyYjFiMTc3OGFjZTdiNTc5NzYzNWJjMGJkZTMzNTAzZGVjZWViMGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA95f90soCjCfZkaHjvttvjNX1o79t
8qI4+NrkHbTUk7cl1HsVu/RVxQn55n9wwPqAYeNpcN8bs1opCZQkunLJzZ2s7REr
utlzizyXI7dtcMJ5czQr/9jb6XILaczC2PSqzlWTweXgKPEu/OHYsaLnMLCUbA3D
LIAe6tirqQc2nTYWjBriQ561xdCnG3dic+74Vbq39DALqS4puJ+1Ad83G2YWM0CL
yzq9EyTq9Tj5QCvR1gRAlf81cM+ExgRN9M6yNKvflVMkBCIGpruwT+ebsnp25mkm
LMYeEbZ96cLvH1L95NaWUcWG6ZVKNMowEZyFICgTwgQdLOWrCjKyxdFAqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCsbF3is57V5djW8C94zUD3s7rCmMB8GA1UdIwQY
MBaAFDtV5/65BxNymfV5LDY5Xvups0tiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzFYbl9ya0hFM0taOVhrc05qbGUtNm16UzJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi84Yjc2OGMtMGUwYS00YWQzLTkxMDAt
YTQ0MWUyNGJlMDM2LzEvTzFYbl9ya0hFM0taOVhrc05qbGUtNm16UzJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi84Yjc2OGMtMGUwYS00YWQzLTkxMDAtYTQ0MWUyNGJlMDM2
LzEvTzFYbl9ya0hFM0taOVhrc05qbGUtNm16UzJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADQ9g3yym
yr9Pi/22GNSAsQRh0ScCL+eZxCq6l6FkNDbxeGiuDZOyvF1MILqZqjEmKXSQFRKQ
sS52lVlWrS6kdBp2du+tKfXa6wqFe3hv+zDqr+IrNFplgWcOTbaHxq3QApw6dfrt
v94L5kMAd3pAP7vW392JGqXpD+Vu6PqEZW27BWujI7gNRnwT2J1SpvMTQg1wItn6
j/IUJm+HunS85IwWiTYNdhgoJSNJiqBcQjoQy4OVmMjrhjRvBKS+3wGjZYnkIypf
5T++F1vcHvItGCi7ARw9hikrdLlKGpX+N7v6oT0tHtaXDNL38u8/Iuu8PeBKHA2E
98V83kff7rd2EA==
-----END CERTIFICATE-----