Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/8d4c03-5fc7-41ac-94f6-1f02c7e923b3/1/O8RoMnEppQF7l23I7aydG56aFMw.mft
File:                     O8RoMnEppQF7l23I7aydG56aFMw.mft (raw, json)
Hash identifier:          npbLMGx3gp6nv+n16eVndLF4itmL/vSMPUdWcWZOQsY=
Subject key identifier:   17:63:C7:AD:05:36:96:BC:FC:91:3C:27:97:82:22:A0:72:6A:8E:DE
Authority key identifier: 3B:C4:68:32:71:29:A5:01:7B:97:6D:C8:ED:AC:9D:1B:9E:9A:14:CC
Certificate issuer:       /CN=3bc468327129a5017b976dc8edac9d1b9e9a14cc
Certificate serial:       0199FD342C843B909CA58C88A1F603EBE1F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O8RoMnEppQF7l23I7aydG56aFMw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/8d4c03-5fc7-41ac-94f6-1f02c7e923b3/1/O8RoMnEppQF7l23I7aydG56aFMw.mft
Manifest number:          166E
Signing time:             Sun 19 Oct 2025 16:01:18 +0000
Manifest this update:     Sun 19 Oct 2025 16:01:18 +0000
Manifest next update:     Mon 20 Oct 2025 16:01:18 +0000
Files and hashes:         1: O8RoMnEppQF7l23I7aydG56aFMw.crl (hash: zPZ+N6M5uR+XXNPW/2XvfyVeb/eydTwGEYNJTto1HCc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/8d4c03-5fc7-41ac-94f6-1f02c7e923b3/1/O8RoMnEppQF7l23I7aydG56aFMw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/8d4c03-5fc7-41ac-94f6-1f02c7e923b3/1/O8RoMnEppQF7l23I7aydG56aFMw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O8RoMnEppQF7l23I7aydG56aFMw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:34:2c:84:3b:90:9c:a5:8c:88:a1:f6:03:eb:e1:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3bc468327129a5017b976dc8edac9d1b9e9a14cc
        Validity
            Not Before: Oct 19 16:01:18 2025 GMT
            Not After : Oct 20 16:01:18 2025 GMT
        Subject: CN=1763c7ad053696bcfc913c27978222a0726a8ede
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:74:c4:04:10:68:a7:0b:60:58:f4:73:b6:b9:
                    88:8b:ee:de:41:25:e4:09:2c:dc:e7:f2:75:82:f1:
                    2a:7c:c8:25:61:42:3b:ec:58:3c:9f:f0:2a:27:4c:
                    83:75:43:80:e4:0d:eb:b5:82:45:54:46:b5:0f:8b:
                    28:52:5a:52:cb:d8:ea:3d:7a:98:60:7f:db:a5:90:
                    ce:eb:5a:66:e6:de:82:f4:b4:a3:ad:85:ba:a9:27:
                    b8:29:6e:3d:9f:87:2d:e1:9b:c8:ad:56:52:0a:7b:
                    5b:90:aa:e3:97:db:b6:c5:08:19:01:c7:2d:2b:d4:
                    0f:0b:70:9b:0d:d7:ff:4f:4f:54:f9:aa:b8:f5:fd:
                    0e:a7:af:d0:77:03:6e:5e:61:48:d3:d0:83:72:b7:
                    ed:a6:cc:19:be:87:78:f9:4d:4d:82:88:3e:e9:2e:
                    67:91:0f:0c:4d:6d:72:a4:cc:cc:dc:ef:14:b4:b1:
                    41:56:c6:35:a1:83:06:f1:6c:7c:fc:a1:24:b3:8f:
                    ad:3e:db:a8:0a:48:d9:37:58:2c:35:a9:c3:35:39:
                    fc:98:b1:35:24:8f:4c:c3:ab:81:8d:92:9f:29:ca:
                    94:b2:f6:06:a1:3c:93:b8:83:88:43:99:b7:91:b9:
                    88:49:5f:95:13:12:c6:a6:48:ea:fd:e8:18:1b:f7:
                    ea:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:63:C7:AD:05:36:96:BC:FC:91:3C:27:97:82:22:A0:72:6A:8E:DE
            X509v3 Authority Key Identifier:
                keyid:3B:C4:68:32:71:29:A5:01:7B:97:6D:C8:ED:AC:9D:1B:9E:9A:14:CC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O8RoMnEppQF7l23I7aydG56aFMw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/8d4c03-5fc7-41ac-94f6-1f02c7e923b3/1/O8RoMnEppQF7l23I7aydG56aFMw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/8d4c03-5fc7-41ac-94f6-1f02c7e923b3/1/O8RoMnEppQF7l23I7aydG56aFMw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:61:bb:fe:92:53:4d:1a:22:ba:f9:82:e1:7b:9e:f1:80:64:
         23:54:3d:5f:76:42:95:9c:21:3c:b3:a4:41:e4:43:2e:b7:3e:
         83:80:03:9f:e6:9d:16:16:2a:f5:3a:50:5b:43:34:99:8c:d8:
         40:2b:b5:69:b8:f1:f0:c9:46:ca:24:e0:c9:9e:11:d3:23:e1:
         61:a2:fc:bc:d0:cf:09:c5:97:46:36:fa:11:5f:a8:f5:b9:9c:
         a4:52:e6:21:8d:01:9e:cc:9d:da:46:34:d4:69:30:27:16:ea:
         8e:16:18:05:2a:50:c0:77:b7:3b:87:1a:a1:64:db:c6:b5:5c:
         3d:e0:57:df:c5:dc:39:48:89:2d:6c:9b:02:47:2c:c3:ae:b1:
         92:2b:1c:7a:a1:68:55:3f:07:98:92:cd:eb:0a:44:49:9c:81:
         91:15:7c:4b:35:45:ee:90:72:02:66:a8:f3:35:56:cf:21:87:
         45:19:0f:72:65:1f:51:07:61:77:e6:22:b8:03:2a:ba:fc:2f:
         01:15:de:49:be:99:86:57:dc:16:d0:e0:d7:08:d7:36:d3:e5:
         b2:72:e4:42:9a:00:a6:b6:65:2a:f6:3b:c9:2d:fa:94:88:fb:
         02:fa:f6:db:a4:81:85:82:ef:1e:7d:5f:af:7f:3f:de:67:c4:
         4e:8e:c5:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9NCyEO5CcpYyIofYD6+H4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiYzQ2ODMyNzEyOWE1MDE3Yjk3NmRjOGVkYWM5ZDFiOWU5
YTE0Y2MwHhcNMjUxMDE5MTYwMTE4WhcNMjUxMDIwMTYwMTE4WjAzMTEwLwYDVQQD
EygxNzYzYzdhZDA1MzY5NmJjZmM5MTNjMjc5NzgyMjJhMDcyNmE4ZWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXTEBBBopwtgWPRztrmIi+7eQSXk
CSzc5/J1gvEqfMglYUI77Fg8n/AqJ0yDdUOA5A3rtYJFVEa1D4soUlpSy9jqPXqY
YH/bpZDO61pm5t6C9LSjrYW6qSe4KW49n4ct4ZvIrVZSCntbkKrjl9u2xQgZAcct
K9QPC3CbDdf/T09U+aq49f0Op6/QdwNuXmFI09CDcrftpswZvod4+U1Ngog+6S5n
kQ8MTW1ypMzM3O8UtLFBVsY1oYMG8Wx8/KEks4+tPtuoCkjZN1gsNanDNTn8mLE1
JI9Mw6uBjZKfKcqUsvYGoTyTuIOIQ5m3kbmISV+VExLGpkjq/egYG/fqAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBdjx60FNpa8/JE8J5eCIqByao7eMB8GA1UdIwQY
MBaAFDvEaDJxKaUBe5dtyO2snRuemhTMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzhSb01uRXBwUUY3bDIzSTdheWRHNTZhRk13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC84ZDRjMDMtNWZjNy00MWFjLTk0ZjYt
MWYwMmM3ZTkyM2IzLzEvTzhSb01uRXBwUUY3bDIzSTdheWRHNTZhRk13Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC84ZDRjMDMtNWZjNy00MWFjLTk0ZjYtMWYwMmM3ZTkyM2Iz
LzEvTzhSb01uRXBwUUY3bDIzSTdheWRHNTZhRk13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEWG7/pJT
TRoiuvmC4Xue8YBkI1Q9X3ZClZwhPLOkQeRDLrc+g4ADn+adFhYq9TpQW0M0mYzY
QCu1abjx8MlGyiTgyZ4R0yPhYaL8vNDPCcWXRjb6EV+o9bmcpFLmIY0Bnsyd2kY0
1GkwJxbqjhYYBSpQwHe3O4caoWTbxrVcPeBX38XcOUiJLWybAkcsw66xkisceqFo
VT8HmJLN6wpESZyBkRV8SzVF7pByAmao8zVWzyGHRRkPcmUfUQdhd+YiuAMquvwv
ARXeSb6ZhlfcFtDg1wjXNtPlsnLkQpoAprZlKvY7yS36lIj7Avr226SBhYLvHn1f
r38/3mfETo7FuQ==
-----END CERTIFICATE-----