Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft
File:                     OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft (raw, json)
Hash identifier:          zwYLv+FZwE4tG9W2R+QjMwesAMLgXxouezyj4h18cJE=
Subject key identifier:   8A:22:99:9D:6A:A1:01:65:6E:B5:1A:51:C3:CA:69:96:08:ED:4F:C0
Authority key identifier: 38:A1:9E:64:0D:E1:F4:52:A7:DC:4A:BE:78:6A:A5:81:34:29:27:B1
Certificate issuer:       /CN=38a19e640de1f452a7dc4abe786aa581342927b1
Certificate serial:       0197B6A1BC8D1D5E8A05AC8B67A1C3F62FCF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft
Manifest number:          04F5
Signing time:             Sat 28 Jun 2025 13:02:22 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:22 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:22 +0000
Files and hashes:         1: OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.crl (hash: JiPLkxu12++3yd6tfaTZfqoeFXoWnV2lJ8OXI+PpWAs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:bc:8d:1d:5e:8a:05:ac:8b:67:a1:c3:f6:2f:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38a19e640de1f452a7dc4abe786aa581342927b1
        Validity
            Not Before: Jun 28 13:02:22 2025 GMT
            Not After : Jun 29 13:02:22 2025 GMT
        Subject: CN=8a22999d6aa101656eb51a51c3ca699608ed4fc0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:ad:b8:cc:6c:60:0b:8d:a3:77:6c:82:48:7c:
                    79:54:bf:67:aa:88:00:f2:66:97:31:c9:e5:bc:7e:
                    f7:bb:7e:a2:f8:5a:85:3a:ed:02:ee:ae:76:45:8d:
                    8d:76:f9:6e:8a:74:8a:e3:60:48:c4:b8:cd:61:30:
                    b2:8a:76:eb:8b:c1:86:62:08:d8:44:16:70:b7:86:
                    f7:2d:56:2a:36:63:48:25:af:3e:22:34:35:56:b1:
                    a6:fc:93:c2:3b:41:fe:b5:e3:97:be:44:b3:fa:9f:
                    3a:03:5c:17:47:a8:e2:4f:bd:fb:ab:f8:bd:17:7b:
                    c2:02:80:8d:ac:f6:4c:02:17:6a:8c:55:cd:06:20:
                    f7:34:04:5b:cc:7f:1b:12:65:dc:41:61:a0:d7:ee:
                    b1:99:06:2d:85:5d:6f:33:e3:dc:11:98:44:5a:56:
                    15:94:ad:4c:f5:e3:6d:2c:6a:2e:79:4a:c5:44:f4:
                    48:dc:b1:3d:74:85:4d:40:b3:08:9e:67:b6:4c:e8:
                    0b:9d:60:77:8b:86:34:da:71:c3:2e:b1:77:ae:33:
                    ed:5a:54:9f:e5:14:d3:22:74:6c:5a:47:43:b5:66:
                    27:2b:bb:0a:3f:42:07:29:53:ef:02:a7:23:d9:2f:
                    57:ab:d6:89:5c:31:1d:25:2a:73:93:18:5e:7c:40:
                    05:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:22:99:9D:6A:A1:01:65:6E:B5:1A:51:C3:CA:69:96:08:ED:4F:C0
            X509v3 Authority Key Identifier:
                keyid:38:A1:9E:64:0D:E1:F4:52:A7:DC:4A:BE:78:6A:A5:81:34:29:27:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:6f:98:11:e2:76:0f:07:c3:bf:fc:38:11:15:28:11:50:27:
         7c:03:78:2d:6b:b4:43:b9:2b:04:1d:f5:39:1b:87:a7:c5:7d:
         1d:65:88:76:78:19:49:6c:8c:b8:8b:e2:b2:c6:34:f7:e2:95:
         42:80:d9:40:dc:2e:07:ca:47:84:73:a3:0c:f6:21:65:81:ef:
         4d:59:f5:89:64:3e:95:54:0f:35:07:f0:61:3c:7f:4a:f8:c8:
         82:3c:e1:bf:e3:26:2d:c9:ae:5b:c7:c5:a1:4a:46:74:bc:b0:
         1e:d9:26:bf:48:ec:d8:2c:19:e8:6c:85:4f:46:84:29:50:d0:
         73:be:a9:b8:85:bd:12:04:27:25:a9:33:bf:62:d5:aa:1c:a8:
         6f:e2:24:27:88:f4:2e:c5:8a:db:ff:26:e8:2f:49:1c:8d:e6:
         0f:fd:5c:d9:3c:d5:67:ed:a8:37:93:54:7d:de:5a:97:78:89:
         7d:fb:c3:38:6b:1f:c6:f6:5c:48:64:d1:1c:c0:f2:48:e8:1a:
         79:e7:65:b0:07:29:11:b3:57:e8:27:23:86:c6:97:04:56:f6:
         b7:63:74:0d:97:81:4d:3e:c8:8a:ec:2d:ca:77:99:ab:e2:e4:
         e1:f2:1a:9c:bd:dd:30:de:70:01:05:3c:d9:da:33:40:7f:98:
         c2:3a:b5:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2obyNHV6KBayLZ6HD9i/PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTE5ZTY0MGRlMWY0NTJhN2RjNGFiZTc4NmFhNTgxMzQy
OTI3YjEwHhcNMjUwNjI4MTMwMjIyWhcNMjUwNjI5MTMwMjIyWjAzMTEwLwYDVQQD
Eyg4YTIyOTk5ZDZhYTEwMTY1NmViNTFhNTFjM2NhNjk5NjA4ZWQ0ZmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4624zGxgC42jd2yCSHx5VL9nqogA
8maXMcnlvH73u36i+FqFOu0C7q52RY2NdvluinSK42BIxLjNYTCyinbri8GGYgjY
RBZwt4b3LVYqNmNIJa8+IjQ1VrGm/JPCO0H+teOXvkSz+p86A1wXR6jiT737q/i9
F3vCAoCNrPZMAhdqjFXNBiD3NARbzH8bEmXcQWGg1+6xmQYthV1vM+PcEZhEWlYV
lK1M9eNtLGoueUrFRPRI3LE9dIVNQLMInme2TOgLnWB3i4Y02nHDLrF3rjPtWlSf
5RTTInRsWkdDtWYnK7sKP0IHKVPvAqcj2S9Xq9aJXDEdJSpzkxhefEAFKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIoimZ1qoQFlbrUaUcPKaZYI7U/AMB8GA1UdIwQY
MBaAFDihnmQN4fRSp9xKvnhqpYE0KSexMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0tHZVpBM2g5RktuM0VxLWVHcWxnVFFwSjdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8zZmU0MTMtYmQ1MS00NzY1LWJkODYt
Yjc0NDEwMzJlNTlmLzEvT0tHZVpBM2g5RktuM0VxLWVHcWxnVFFwSjdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8zZmU0MTMtYmQ1MS00NzY1LWJkODYtYjc0NDEwMzJlNTlm
LzEvT0tHZVpBM2g5RktuM0VxLWVHcWxnVFFwSjdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANW+YEeJ2
DwfDv/w4ERUoEVAnfAN4LWu0Q7krBB31ORuHp8V9HWWIdngZSWyMuIvissY09+KV
QoDZQNwuB8pHhHOjDPYhZYHvTVn1iWQ+lVQPNQfwYTx/SvjIgjzhv+MmLcmuW8fF
oUpGdLywHtkmv0js2CwZ6GyFT0aEKVDQc76puIW9EgQnJakzv2LVqhyob+IkJ4j0
LsWK2/8m6C9JHI3mD/1c2TzVZ+2oN5NUfd5al3iJffvDOGsfxvZcSGTRHMDySOga
eedlsAcpEbNX6CcjhsaXBFb2t2N0DZeBTT7IiuwtyneZq+Lk4fIanL3dMN5wAQU8
2dozQH+Ywjq1gQ==
-----END CERTIFICATE-----