Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft
File:                     OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft (raw, json)
Hash identifier:          ZUd114Tuy3UWzi6m5H2ELrKmjlUs46+/E9IYoXVTgx4=
Subject key identifier:   F9:20:4E:79:B8:8C:EC:BC:E1:45:B2:7E:65:2D:FB:05:1A:27:0B:83
Authority key identifier: 38:A1:9E:64:0D:E1:F4:52:A7:DC:4A:BE:78:6A:A5:81:34:29:27:B1
Certificate issuer:       /CN=38a19e640de1f452a7dc4abe786aa581342927b1
Certificate serial:       0196B1EA12CA4BA4B4C12DD2DD79EACC18E4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft
Manifest number:          046E
Signing time:             Thu 08 May 2025 22:00:29 +0000
Manifest this update:     Thu 08 May 2025 22:00:29 +0000
Manifest next update:     Fri 09 May 2025 22:00:29 +0000
Files and hashes:         1: OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.crl (hash: QSLJDLlB3oRx9pXjvpZJyAWuDVs4B6GVnidclcGWyWk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 09 May 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b1:ea:12:ca:4b:a4:b4:c1:2d:d2:dd:79:ea:cc:18:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38a19e640de1f452a7dc4abe786aa581342927b1
        Validity
            Not Before: May  8 22:00:29 2025 GMT
            Not After : May  9 22:00:29 2025 GMT
        Subject: CN=f9204e79b88cecbce145b27e652dfb051a270b83
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:2a:70:05:38:dc:5c:e3:bb:6f:e0:97:5b:7f:
                    b5:9f:80:bd:b7:ba:6b:e4:00:ae:ec:31:9a:77:07:
                    37:9f:f4:ae:22:82:36:4e:53:ff:bc:d1:e6:24:bd:
                    b6:fb:e3:5d:77:e3:9e:65:57:59:4f:aa:83:f8:32:
                    f2:51:88:41:26:bd:56:50:39:70:17:48:a6:52:40:
                    a8:5b:04:a9:bb:e2:f6:24:58:a0:6a:6e:79:bb:4c:
                    ef:1c:de:ad:b3:74:3c:f5:1d:71:0a:9b:4c:aa:f0:
                    98:78:84:b8:f7:10:42:9a:9c:19:66:37:af:f2:f2:
                    7c:e9:a6:f9:f9:5f:e1:b2:22:df:05:bf:a5:e2:b2:
                    e5:dd:57:e9:3a:c8:fd:33:da:6b:c9:fb:cf:ab:47:
                    ae:52:de:4c:7a:d9:64:10:58:d8:14:79:e5:9c:d0:
                    ff:af:90:3a:31:b7:72:ea:49:d1:df:f9:31:10:71:
                    87:e3:18:0d:1a:4a:18:f9:a6:c6:08:88:0c:ef:6f:
                    0a:42:86:05:75:1e:24:f5:fd:cf:67:74:33:ee:05:
                    c2:ed:2e:6a:03:65:f3:51:ff:b5:a8:10:3e:e1:83:
                    bd:79:12:19:54:ad:e6:3f:79:e3:27:ea:69:a8:81:
                    6d:ef:70:29:42:e3:1a:22:2a:6e:73:8e:70:aa:82:
                    76:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:20:4E:79:B8:8C:EC:BC:E1:45:B2:7E:65:2D:FB:05:1A:27:0B:83
            X509v3 Authority Key Identifier:
                keyid:38:A1:9E:64:0D:E1:F4:52:A7:DC:4A:BE:78:6A:A5:81:34:29:27:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:b6:07:1e:f4:33:00:17:25:10:b3:95:99:14:d2:3c:af:f2:
         44:55:fb:63:4c:fe:56:41:e5:80:a2:14:26:81:b1:30:96:2b:
         3c:63:bc:da:6c:54:57:98:30:79:da:ef:84:86:9b:a3:ca:41:
         1f:2b:77:0c:89:f0:62:2f:f7:28:e7:0c:83:ce:53:d9:95:c3:
         0d:5c:18:49:0d:91:35:03:16:ad:9f:1b:d7:6c:45:28:eb:38:
         d3:f2:85:5c:d7:2f:1b:83:94:cb:72:63:aa:52:74:50:f5:27:
         61:de:55:ca:95:62:30:9e:7d:20:e1:98:99:e5:45:3f:f3:82:
         91:77:92:6d:49:af:02:eb:10:fb:28:66:82:dc:9f:84:95:8f:
         a2:7b:e8:ac:27:29:34:83:ac:db:a5:61:88:e4:d8:bb:aa:de:
         d5:3a:f1:8b:af:7e:6c:11:9c:c0:ba:03:82:dc:49:c3:4e:a3:
         f5:5d:10:c4:e3:2f:17:b1:02:e4:58:7c:88:1e:d2:9f:2d:63:
         d8:52:a4:93:12:6d:d4:d1:5a:4c:98:fa:41:4a:78:46:ef:e5:
         e6:a4:a4:53:36:18:81:20:08:f6:f6:9d:e5:21:19:9a:da:62:
         b9:91:f6:38:08:3d:06:a7:a2:37:91:e4:63:c6:89:4f:32:27:
         96:12:5f:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZax6hLKS6S0wS3S3XnqzBjkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTE5ZTY0MGRlMWY0NTJhN2RjNGFiZTc4NmFhNTgxMzQy
OTI3YjEwHhcNMjUwNTA4MjIwMDI5WhcNMjUwNTA5MjIwMDI5WjAzMTEwLwYDVQQD
EyhmOTIwNGU3OWI4OGNlY2JjZTE0NWIyN2U2NTJkZmIwNTFhMjcwYjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArypwBTjcXOO7b+CXW3+1n4C9t7pr
5ACu7DGadwc3n/SuIoI2TlP/vNHmJL22++Ndd+OeZVdZT6qD+DLyUYhBJr1WUDlw
F0imUkCoWwSpu+L2JFigam55u0zvHN6ts3Q89R1xCptMqvCYeIS49xBCmpwZZjev
8vJ86ab5+V/hsiLfBb+l4rLl3VfpOsj9M9pryfvPq0euUt5MetlkEFjYFHnlnND/
r5A6Mbdy6knR3/kxEHGH4xgNGkoY+abGCIgM728KQoYFdR4k9f3PZ3Qz7gXC7S5q
A2XzUf+1qBA+4YO9eRIZVK3mP3njJ+ppqIFt73ApQuMaIipuc45wqoJ2hwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPkgTnm4jOy84UWyfmUt+wUaJwuDMB8GA1UdIwQY
MBaAFDihnmQN4fRSp9xKvnhqpYE0KSexMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0tHZVpBM2g5RktuM0VxLWVHcWxnVFFwSjdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8zZmU0MTMtYmQ1MS00NzY1LWJkODYt
Yjc0NDEwMzJlNTlmLzEvT0tHZVpBM2g5RktuM0VxLWVHcWxnVFFwSjdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8zZmU0MTMtYmQ1MS00NzY1LWJkODYtYjc0NDEwMzJlNTlm
LzEvT0tHZVpBM2g5RktuM0VxLWVHcWxnVFFwSjdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGrYHHvQz
ABclELOVmRTSPK/yRFX7Y0z+VkHlgKIUJoGxMJYrPGO82mxUV5gwedrvhIabo8pB
Hyt3DInwYi/3KOcMg85T2ZXDDVwYSQ2RNQMWrZ8b12xFKOs40/KFXNcvG4OUy3Jj
qlJ0UPUnYd5VypViMJ59IOGYmeVFP/OCkXeSbUmvAusQ+yhmgtyfhJWPonvorCcp
NIOs26VhiOTYu6re1Trxi69+bBGcwLoDgtxJw06j9V0QxOMvF7EC5Fh8iB7Sny1j
2FKkkxJt1NFaTJj6QUp4Ru/l5qSkUzYYgSAI9vad5SEZmtpiuZH2OAg9BqeiN5Hk
Y8aJTzInlhJfsQ==
-----END CERTIFICATE-----