Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/7672e2-1c7f-4d2e-8961-c26c3e23baf6/1/0wUa-GYelCUtF1k103l-nsos2Aw.mft
File:                     0wUa-GYelCUtF1k103l-nsos2Aw.mft (raw, json)
Hash identifier:          168LkaNl2fXpL9t0U5sNg1GVy1NJ5nEcos9ex3fDzNc=
Subject key identifier:   DB:EF:6F:E3:3A:EA:65:F5:9E:08:84:37:E0:11:02:54:CE:D3:8F:AA
Authority key identifier: D3:05:1A:F8:66:1E:94:25:2D:17:59:35:D3:79:7E:9E:CA:2C:D8:0C
Certificate issuer:       /CN=d3051af8661e94252d175935d3797e9eca2cd80c
Certificate serial:       0197B70F3270E61F4F27DC169149A2B86FD1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0wUa-GYelCUtF1k103l-nsos2Aw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/7672e2-1c7f-4d2e-8961-c26c3e23baf6/1/0wUa-GYelCUtF1k103l-nsos2Aw.mft
Manifest number:          0F1D
Signing time:             Sat 28 Jun 2025 15:01:55 +0000
Manifest this update:     Sat 28 Jun 2025 15:01:55 +0000
Manifest next update:     Sun 29 Jun 2025 15:01:55 +0000
Files and hashes:         1: 0wUa-GYelCUtF1k103l-nsos2Aw.crl (hash: HTTdZdxAIvL+QJnHspxEiwSq/+bk0Emae8Hcl3gcDQg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/7672e2-1c7f-4d2e-8961-c26c3e23baf6/1/0wUa-GYelCUtF1k103l-nsos2Aw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/7672e2-1c7f-4d2e-8961-c26c3e23baf6/1/0wUa-GYelCUtF1k103l-nsos2Aw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0wUa-GYelCUtF1k103l-nsos2Aw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0f:32:70:e6:1f:4f:27:dc:16:91:49:a2:b8:6f:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3051af8661e94252d175935d3797e9eca2cd80c
        Validity
            Not Before: Jun 28 15:01:55 2025 GMT
            Not After : Jun 29 15:01:55 2025 GMT
        Subject: CN=dbef6fe33aea65f59e088437e0110254ced38faa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:6f:f5:a8:55:2a:0d:93:9d:95:3c:e5:62:56:
                    5a:2a:5d:e2:41:ad:5f:6d:5a:bf:db:a1:fa:0b:0a:
                    ba:7b:bc:94:26:19:3e:e6:30:67:01:25:a7:04:e6:
                    45:bf:71:cd:b3:db:18:87:3d:09:03:c9:d0:84:29:
                    fd:ff:59:25:16:ac:9d:ed:79:ce:8f:61:53:fe:5a:
                    e7:80:f9:bd:da:ac:f0:df:0b:15:0f:5d:84:39:7d:
                    0d:3d:c9:a9:f2:86:51:fd:11:eb:47:b1:50:de:08:
                    1b:09:8a:ab:78:4c:f4:73:5d:9a:27:7f:18:96:c2:
                    48:04:71:b7:5d:f0:7c:fc:ab:83:91:7f:41:54:20:
                    54:44:9d:75:99:c6:61:1b:84:b1:51:9f:4b:f7:76:
                    33:12:75:c4:83:73:e2:57:11:1d:79:76:d2:c5:06:
                    d8:85:65:ca:1b:50:90:d8:0e:5a:b9:83:98:d5:b5:
                    6b:14:86:c1:25:78:23:71:fc:98:85:ea:cf:46:64:
                    46:ae:3c:29:76:65:b0:83:6e:7b:2a:1d:af:fd:0d:
                    a9:8c:55:8f:eb:45:8e:d8:c0:f9:97:e8:39:54:d4:
                    8d:84:01:58:28:75:30:29:bf:08:af:40:f5:c3:08:
                    bb:f8:7e:4c:50:2e:9b:d3:bd:9e:b3:9f:6b:15:13:
                    7a:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:EF:6F:E3:3A:EA:65:F5:9E:08:84:37:E0:11:02:54:CE:D3:8F:AA
            X509v3 Authority Key Identifier:
                keyid:D3:05:1A:F8:66:1E:94:25:2D:17:59:35:D3:79:7E:9E:CA:2C:D8:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0wUa-GYelCUtF1k103l-nsos2Aw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/7672e2-1c7f-4d2e-8961-c26c3e23baf6/1/0wUa-GYelCUtF1k103l-nsos2Aw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/7672e2-1c7f-4d2e-8961-c26c3e23baf6/1/0wUa-GYelCUtF1k103l-nsos2Aw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:2d:f7:a6:36:d4:8c:ca:62:72:2a:4e:57:5b:ab:49:c2:41:
         a6:70:aa:3f:e7:7d:8f:46:2e:50:c2:c9:9a:d3:6d:7e:54:5c:
         6b:bd:e0:69:30:10:4e:e3:e0:ef:e9:50:17:14:55:af:0d:0b:
         96:ee:8f:3e:f1:a2:3c:52:b2:21:90:74:31:57:6f:ca:19:53:
         e0:2a:cf:62:2e:d3:bb:ab:5e:36:00:21:04:dc:7a:da:7c:1e:
         01:17:39:86:c4:ae:cf:b2:b9:91:11:6b:db:c5:6d:14:0f:55:
         fb:d4:a2:5d:21:a7:df:86:ba:43:ba:fc:84:6e:9d:b3:7d:8e:
         08:ac:1b:71:60:67:0d:3e:be:fd:74:76:5d:c0:cf:7c:e0:fe:
         b5:33:eb:5d:cc:ea:31:99:7d:f3:2c:33:2d:b8:35:a9:de:25:
         20:e4:83:55:77:46:d1:3b:4d:22:40:9e:66:9b:99:3e:18:ad:
         43:67:df:a2:cb:b2:01:71:8c:fc:0e:2c:17:1c:07:c2:84:59:
         72:b1:23:c3:57:47:ae:09:8a:59:c5:a6:15:e9:42:32:0c:1d:
         88:eb:10:8c:af:f9:ae:c9:dd:88:b8:10:96:5c:d5:35:0a:61:
         21:13:d9:e5:67:e9:fc:df:83:89:a6:5f:f0:57:4f:06:fd:f0:
         97:92:f2:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3DzJw5h9PJ9wWkUmiuG/RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzMDUxYWY4NjYxZTk0MjUyZDE3NTkzNWQzNzk3ZTllY2Ey
Y2Q4MGMwHhcNMjUwNjI4MTUwMTU1WhcNMjUwNjI5MTUwMTU1WjAzMTEwLwYDVQQD
EyhkYmVmNmZlMzNhZWE2NWY1OWUwODg0MzdlMDExMDI1NGNlZDM4ZmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6m/1qFUqDZOdlTzlYlZaKl3iQa1f
bVq/26H6Cwq6e7yUJhk+5jBnASWnBOZFv3HNs9sYhz0JA8nQhCn9/1klFqyd7XnO
j2FT/lrngPm92qzw3wsVD12EOX0NPcmp8oZR/RHrR7FQ3ggbCYqreEz0c12aJ38Y
lsJIBHG3XfB8/KuDkX9BVCBURJ11mcZhG4SxUZ9L93YzEnXEg3PiVxEdeXbSxQbY
hWXKG1CQ2A5auYOY1bVrFIbBJXgjcfyYherPRmRGrjwpdmWwg257Kh2v/Q2pjFWP
60WO2MD5l+g5VNSNhAFYKHUwKb8Ir0D1wwi7+H5MUC6b072es59rFRN6LwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNvvb+M66mX1ngiEN+ARAlTO04+qMB8GA1UdIwQY
MBaAFNMFGvhmHpQlLRdZNdN5fp7KLNgMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHdVYS1HWWVsQ1V0RjFrMTAzbC1uc29zMkF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi83NjcyZTItMWM3Zi00ZDJlLTg5NjEt
YzI2YzNlMjNiYWY2LzEvMHdVYS1HWWVsQ1V0RjFrMTAzbC1uc29zMkF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi83NjcyZTItMWM3Zi00ZDJlLTg5NjEtYzI2YzNlMjNiYWY2
LzEvMHdVYS1HWWVsQ1V0RjFrMTAzbC1uc29zMkF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiC33pjbU
jMpicipOV1urScJBpnCqP+d9j0YuUMLJmtNtflRca73gaTAQTuPg7+lQFxRVrw0L
lu6PPvGiPFKyIZB0MVdvyhlT4CrPYi7Tu6teNgAhBNx62nweARc5hsSuz7K5kRFr
28VtFA9V+9SiXSGn34a6Q7r8hG6ds32OCKwbcWBnDT6+/XR2XcDPfOD+tTPrXczq
MZl98ywzLbg1qd4lIOSDVXdG0TtNIkCeZpuZPhitQ2ffosuyAXGM/A4sFxwHwoRZ
crEjw1dHrgmKWcWmFelCMgwdiOsQjK/5rsndiLgQllzVNQphIRPZ5Wfp/N+DiaZf
8FdPBv3wl5LyYA==
-----END CERTIFICATE-----