Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft
File:                     oCUv6bQqZD9HflhGYZquiGkX7_s.mft (raw, json)
Hash identifier:          9BQjMzCWiic/iL7LxbFExCEo6MZ7adyD+cUTtraLyFQ=
Subject key identifier:   CE:88:27:62:2B:DC:47:2D:B9:13:7F:14:4F:04:11:9E:3B:FF:93:15
Authority key identifier: A0:25:2F:E9:B4:2A:64:3F:47:7E:58:46:61:9A:AE:88:69:17:EF:FB
Certificate issuer:       /CN=a0252fe9b42a643f477e5846619aae886917effb
Certificate serial:       0198D73B6852F4973A438AD22DBB0D08E4D0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oCUv6bQqZD9HflhGYZquiGkX7_s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft
Manifest number:          1433
Signing time:             Sat 23 Aug 2025 14:00:51 +0000
Manifest this update:     Sat 23 Aug 2025 14:00:51 +0000
Manifest next update:     Sun 24 Aug 2025 14:00:51 +0000
Files and hashes:         1: oCUv6bQqZD9HflhGYZquiGkX7_s.crl (hash: tjhHsLy9KQSzKWW2B24mI6L2BVkEx3v33CJpSbSR4q0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oCUv6bQqZD9HflhGYZquiGkX7_s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 12:50:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:3b:68:52:f4:97:3a:43:8a:d2:2d:bb:0d:08:e4:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0252fe9b42a643f477e5846619aae886917effb
        Validity
            Not Before: Aug 23 14:00:51 2025 GMT
            Not After : Aug 24 14:00:51 2025 GMT
        Subject: CN=ce8827622bdc472db9137f144f04119e3bff9315
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:88:5d:b2:f0:30:2e:7e:1c:92:ae:8e:71:f3:
                    45:57:45:2b:be:a0:37:10:1e:67:29:5f:59:0a:cb:
                    88:cb:49:0b:f5:22:c4:54:2e:ae:14:a5:92:fc:09:
                    af:a6:bc:a9:5e:67:bf:70:43:b8:20:8b:d7:ee:9d:
                    fc:ae:a1:69:66:4b:b2:b9:39:d6:ac:51:c3:a3:0d:
                    fd:24:54:70:bd:a9:4d:c7:50:53:1f:90:84:3c:7b:
                    a7:d8:b2:e3:aa:64:c0:d7:e3:b7:6a:e0:47:34:03:
                    c8:d2:81:5c:6b:71:05:be:13:55:9e:54:5b:61:52:
                    98:3a:e7:af:b1:4e:64:19:2c:99:6f:bc:6d:73:36:
                    e4:9f:a1:b8:02:84:13:c8:68:90:71:90:36:fe:72:
                    95:c5:23:06:dd:59:dd:ce:b0:f3:8f:4b:a7:65:61:
                    e1:a3:58:23:c4:f7:12:2a:58:58:42:97:c8:0b:66:
                    16:91:c5:9c:7b:91:68:d3:97:e0:d1:fd:b5:68:e3:
                    ea:58:b6:aa:91:e3:ab:11:ba:22:f6:a0:a6:01:2a:
                    a8:fd:3f:8b:4d:fe:e0:5e:f9:b2:e8:55:19:be:8f:
                    02:02:70:94:68:f8:17:3e:17:82:b6:bc:8e:d4:38:
                    ff:e7:8d:12:62:29:12:b9:38:9a:a0:f5:8b:76:8a:
                    90:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:88:27:62:2B:DC:47:2D:B9:13:7F:14:4F:04:11:9E:3B:FF:93:15
            X509v3 Authority Key Identifier:
                keyid:A0:25:2F:E9:B4:2A:64:3F:47:7E:58:46:61:9A:AE:88:69:17:EF:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oCUv6bQqZD9HflhGYZquiGkX7_s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:d1:d8:69:b9:ec:f0:75:a7:ff:fe:91:2a:b4:2f:d8:4b:ea:
         58:a7:14:ac:10:99:b8:70:b0:d1:d7:2b:e5:db:f9:30:14:65:
         51:e6:69:81:90:ef:ec:84:98:42:bb:c7:e6:b1:c2:4b:3c:78:
         0e:db:8e:04:ca:72:03:ef:06:65:41:f3:9a:be:ba:6a:ff:89:
         31:83:d0:c7:f0:82:36:fb:57:00:4b:bc:88:47:f4:60:02:bb:
         d8:18:ef:5b:b5:d1:f4:4d:af:b8:4f:a2:c0:3d:bc:34:45:21:
         e6:b3:b9:c7:81:67:ac:96:95:2a:da:20:7c:10:c1:69:a9:f1:
         c4:51:89:ba:e3:04:ba:63:0e:ad:2f:12:11:bb:99:8b:2c:78:
         01:a7:e1:73:1c:75:5d:29:b5:cc:9f:5a:e3:dd:c4:7c:53:56:
         44:7c:52:48:af:02:1c:47:6e:98:83:81:eb:59:7f:71:3d:f0:
         af:66:53:54:2c:47:e2:e6:34:58:cf:43:c9:fb:bc:fd:e0:8e:
         3e:6d:36:31:20:9e:48:46:99:ee:96:25:0d:01:a7:2c:32:ae:
         2b:46:de:0e:c4:9f:0d:75:6e:aa:a3:a9:cd:f3:2e:4e:db:ea:
         08:9c:6c:98:2e:ca:fe:25:42:27:56:da:38:63:25:65:46:6a:
         6e:74:9a:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXO2hS9Jc6Q4rSLbsNCOTQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwMjUyZmU5YjQyYTY0M2Y0NzdlNTg0NjYxOWFhZTg4Njkx
N2VmZmIwHhcNMjUwODIzMTQwMDUxWhcNMjUwODI0MTQwMDUxWjAzMTEwLwYDVQQD
EyhjZTg4Mjc2MjJiZGM0NzJkYjkxMzdmMTQ0ZjA0MTE5ZTNiZmY5MzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYhdsvAwLn4ckq6OcfNFV0UrvqA3
EB5nKV9ZCsuIy0kL9SLEVC6uFKWS/AmvprypXme/cEO4IIvX7p38rqFpZkuyuTnW
rFHDow39JFRwvalNx1BTH5CEPHun2LLjqmTA1+O3auBHNAPI0oFca3EFvhNVnlRb
YVKYOuevsU5kGSyZb7xtczbkn6G4AoQTyGiQcZA2/nKVxSMG3VndzrDzj0unZWHh
o1gjxPcSKlhYQpfIC2YWkcWce5Fo05fg0f21aOPqWLaqkeOrEboi9qCmASqo/T+L
Tf7gXvmy6FUZvo8CAnCUaPgXPheCtryO1Dj/540SYikSuTiaoPWLdoqQQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM6IJ2Ir3EctuRN/FE8EEZ47/5MVMB8GA1UdIwQY
MBaAFKAlL+m0KmQ/R35YRmGarohpF+/7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0NVdjZiUXFaRDlIZmxoR1lacXVpR2tYN19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9jOWNhNjUtOTI1My00ZmM0LTliYmYt
MDFkYzk0NGM0NDc3LzEvb0NVdjZiUXFaRDlIZmxoR1lacXVpR2tYN19zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9jOWNhNjUtOTI1My00ZmM0LTliYmYtMDFkYzk0NGM0NDc3
LzEvb0NVdjZiUXFaRDlIZmxoR1lacXVpR2tYN19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAINHYabns
8HWn//6RKrQv2EvqWKcUrBCZuHCw0dcr5dv5MBRlUeZpgZDv7ISYQrvH5rHCSzx4
DtuOBMpyA+8GZUHzmr66av+JMYPQx/CCNvtXAEu8iEf0YAK72BjvW7XR9E2vuE+i
wD28NEUh5rO5x4FnrJaVKtogfBDBaanxxFGJuuMEumMOrS8SEbuZiyx4Aafhcxx1
XSm1zJ9a493EfFNWRHxSSK8CHEdumIOB61l/cT3wr2ZTVCxH4uY0WM9Dyfu8/eCO
Pm02MSCeSEaZ7pYlDQGnLDKuK0beDsSfDXVuqqOpzfMuTtvqCJxsmC7K/iVCJ1ba
OGMlZUZqbnSaLQ==
-----END CERTIFICATE-----