Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft
File:                     OExBksVwSp65aPXPUzuaH3pmYa0.mft (raw, json)
Hash identifier:          +eN1uVXwLN9bh366yapUVkEEfb+Kepvbaoiaq5bZo4Q=
Subject key identifier:   C9:1E:37:6B:F1:99:FA:20:36:47:4C:11:B1:74:EA:E7:D1:56:AF:04
Authority key identifier: 38:4C:41:92:C5:70:4A:9E:B9:68:F5:CF:53:3B:9A:1F:7A:66:61:AD
Certificate issuer:       /CN=384c4192c5704a9eb968f5cf533b9a1f7a6661ad
Certificate serial:       0197B632B121F272F6FCB814135AB43C8709
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OExBksVwSp65aPXPUzuaH3pmYa0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft
Manifest number:          018E
Signing time:             Sat 28 Jun 2025 11:01:04 +0000
Manifest this update:     Sat 28 Jun 2025 11:01:04 +0000
Manifest next update:     Sun 29 Jun 2025 11:01:04 +0000
Files and hashes:         1: OExBksVwSp65aPXPUzuaH3pmYa0.crl (hash: SC5Kwp9mV0KxqGnplhvL9mcooIDD5jw6VRCKr0253oI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OExBksVwSp65aPXPUzuaH3pmYa0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:32:b1:21:f2:72:f6:fc:b8:14:13:5a:b4:3c:87:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=384c4192c5704a9eb968f5cf533b9a1f7a6661ad
        Validity
            Not Before: Jun 28 11:01:04 2025 GMT
            Not After : Jun 29 11:01:04 2025 GMT
        Subject: CN=c91e376bf199fa2036474c11b174eae7d156af04
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:ed:8b:83:45:f2:7c:7b:ce:ac:49:5a:9e:11:
                    05:e6:63:75:a1:40:42:c5:02:f4:bc:eb:16:bf:fc:
                    0e:ba:72:b5:5b:65:ec:31:41:57:44:92:ee:80:4f:
                    60:fa:df:b3:a3:de:9c:54:91:d4:53:76:27:e6:2c:
                    61:03:d0:40:c4:7a:11:ba:0b:f0:48:2b:70:cb:1c:
                    21:6d:a9:7d:87:7d:fa:71:19:3c:e7:dc:93:1d:10:
                    92:1d:bd:20:67:2e:c3:7d:d2:5d:56:9e:4e:39:fb:
                    0c:f1:c2:1f:d4:56:74:94:2c:15:38:91:61:6b:0a:
                    f9:a6:f3:63:4d:62:63:64:20:82:13:f0:68:0e:2a:
                    97:4a:db:fc:b0:41:13:9e:0e:b4:75:03:20:9d:a5:
                    df:d9:d5:8e:62:52:ec:ef:e7:cf:4d:6d:1d:e2:f7:
                    ef:00:bf:ef:6b:39:f4:62:ee:34:0f:6d:f2:28:10:
                    38:d3:f5:9a:a8:4c:d0:fd:26:4a:c9:11:b0:6e:38:
                    22:17:ca:d1:7b:f9:dd:55:3f:66:82:21:9d:09:5f:
                    21:7a:28:56:8b:f0:93:ad:a2:a5:61:0b:73:a7:4e:
                    ac:ab:95:ff:7d:de:13:06:be:f7:8e:cc:16:ad:e8:
                    ae:be:32:de:31:69:db:01:45:e6:4a:05:85:b1:8d:
                    f8:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:1E:37:6B:F1:99:FA:20:36:47:4C:11:B1:74:EA:E7:D1:56:AF:04
            X509v3 Authority Key Identifier:
                keyid:38:4C:41:92:C5:70:4A:9E:B9:68:F5:CF:53:3B:9A:1F:7A:66:61:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OExBksVwSp65aPXPUzuaH3pmYa0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:8b:a3:8a:14:4f:e8:3a:2c:11:be:18:f5:c5:b4:bb:bc:1d:
         c5:55:4a:d1:51:f0:f4:3f:ff:bd:2a:65:e4:0c:d7:e5:cd:7d:
         ee:f6:6c:21:ec:2c:54:e2:f6:41:f6:ea:90:87:9b:f7:97:b3:
         ad:4e:ae:9f:ff:d3:c0:c6:84:2f:22:0a:bf:97:9d:b4:6a:1f:
         12:e5:41:1c:b2:4f:91:fd:c4:34:57:ff:c8:3b:6e:03:5c:0e:
         f9:00:dc:02:7e:c7:ff:46:f1:d0:57:22:04:e9:c0:ad:23:10:
         a8:0c:80:cd:23:67:1a:67:f8:89:92:62:c5:f9:98:60:25:f2:
         42:4e:a4:47:c0:fa:18:e1:78:9a:1c:26:c3:ea:2f:59:6f:ff:
         7a:01:d3:cb:f6:22:85:ed:3a:85:47:a1:5a:b9:34:ce:8f:91:
         99:0b:c2:69:f3:d5:f9:71:f3:31:ce:a8:41:c9:5f:e1:54:88:
         b6:8f:8d:a5:f2:1e:af:58:e7:67:0d:5f:38:60:9e:52:a2:8a:
         b7:63:09:5c:24:f3:70:82:28:df:7c:b5:8a:04:06:65:d8:bd:
         ed:35:fe:e4:95:5b:f1:4b:b2:ff:a3:88:85:d9:9f:ff:f9:49:
         17:09:5b:17:6b:0e:41:96:90:2c:22:cd:04:6c:70:76:60:e4:
         b8:96:94:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2MrEh8nL2/LgUE1q0PIcJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NGM0MTkyYzU3MDRhOWViOTY4ZjVjZjUzM2I5YTFmN2E2
NjYxYWQwHhcNMjUwNjI4MTEwMTA0WhcNMjUwNjI5MTEwMTA0WjAzMTEwLwYDVQQD
EyhjOTFlMzc2YmYxOTlmYTIwMzY0NzRjMTFiMTc0ZWFlN2QxNTZhZjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoO2Lg0XyfHvOrElanhEF5mN1oUBC
xQL0vOsWv/wOunK1W2XsMUFXRJLugE9g+t+zo96cVJHUU3Yn5ixhA9BAxHoRugvw
SCtwyxwhbal9h336cRk859yTHRCSHb0gZy7DfdJdVp5OOfsM8cIf1FZ0lCwVOJFh
awr5pvNjTWJjZCCCE/BoDiqXStv8sEETng60dQMgnaXf2dWOYlLs7+fPTW0d4vfv
AL/vazn0Yu40D23yKBA40/WaqEzQ/SZKyRGwbjgiF8rRe/ndVT9mgiGdCV8heihW
i/CTraKlYQtzp06sq5X/fd4TBr73jswWreiuvjLeMWnbAUXmSgWFsY34wwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMkeN2vxmfogNkdMEbF06ufRVq8EMB8GA1UdIwQY
MBaAFDhMQZLFcEqeuWj1z1M7mh96ZmGtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0V4QmtzVndTcDY1YVBYUFV6dWFIM3BtWWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS82MjA1NzctZGZkOC00ZjIzLWE2NTAt
ODNiZTQxOGFhN2Y0LzEvT0V4QmtzVndTcDY1YVBYUFV6dWFIM3BtWWEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS82MjA1NzctZGZkOC00ZjIzLWE2NTAtODNiZTQxOGFhN2Y0
LzEvT0V4QmtzVndTcDY1YVBYUFV6dWFIM3BtWWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANoujihRP
6DosEb4Y9cW0u7wdxVVK0VHw9D//vSpl5AzX5c197vZsIewsVOL2QfbqkIeb95ez
rU6un//TwMaELyIKv5edtGofEuVBHLJPkf3ENFf/yDtuA1wO+QDcAn7H/0bx0Fci
BOnArSMQqAyAzSNnGmf4iZJixfmYYCXyQk6kR8D6GOF4mhwmw+ovWW//egHTy/Yi
he06hUehWrk0zo+RmQvCafPV+XHzMc6oQclf4VSIto+NpfIer1jnZw1fOGCeUqKK
t2MJXCTzcIIo33y1igQGZdi97TX+5JVb8Uuy/6OIhdmf//lJFwlbF2sOQZaQLCLN
BGxwdmDkuJaUfw==
-----END CERTIFICATE-----