Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft
File:                     OitQeZsxwLFFEkZQ1xG844PWcDk.mft (raw, json)
Hash identifier:          pEPWoWsNEhPWsxYk1amHHXM5zGPEb0Ksw2vNyCRPIdI=
Subject key identifier:   33:AE:BD:F1:42:92:D0:C4:D8:A1:6E:6F:AF:F0:DD:61:23:FE:79:67
Authority key identifier: 3A:2B:50:79:9B:31:C0:B1:45:12:46:50:D7:11:BC:E3:83:D6:70:39
Certificate issuer:       /CN=3a2b50799b31c0b145124650d711bce383d67039
Certificate serial:       0198D5BBFAF812C80C45B4FCC2CB77376CC6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OitQeZsxwLFFEkZQ1xG844PWcDk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft
Manifest number:          0A9B
Signing time:             Sat 23 Aug 2025 07:02:03 +0000
Manifest this update:     Sat 23 Aug 2025 07:02:03 +0000
Manifest next update:     Sun 24 Aug 2025 07:02:03 +0000
Files and hashes:         1: OitQeZsxwLFFEkZQ1xG844PWcDk.crl (hash: RKmGExFpTCxNIvtwNTjb8J1fTepmEmcnXcAhm8ZYYsE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OitQeZsxwLFFEkZQ1xG844PWcDk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bb:fa:f8:12:c8:0c:45:b4:fc:c2:cb:77:37:6c:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a2b50799b31c0b145124650d711bce383d67039
        Validity
            Not Before: Aug 23 07:02:03 2025 GMT
            Not After : Aug 24 07:02:03 2025 GMT
        Subject: CN=33aebdf14292d0c4d8a16e6faff0dd6123fe7967
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:fe:e0:24:ab:e5:6b:bc:91:d4:7e:f7:87:a1:
                    f0:30:94:95:5a:9b:b8:7d:fb:9f:7f:9e:93:be:2d:
                    f6:66:ad:49:f0:77:8f:3f:5b:b3:95:e9:eb:aa:81:
                    6d:a5:87:9c:c2:69:ad:5e:b4:20:53:cf:e3:a7:47:
                    95:c5:53:3d:ce:3c:4c:7a:84:25:27:98:6d:84:76:
                    92:c5:07:17:f4:a6:09:20:ff:35:8b:bc:9d:7b:7f:
                    ed:f9:51:af:2a:f6:01:bc:d1:ef:31:c1:7d:e8:7f:
                    8f:be:3c:c3:63:5f:9f:54:23:34:c2:7c:30:ce:4f:
                    78:29:d6:b2:94:d9:ba:86:e2:84:cb:c1:ff:65:44:
                    8d:3a:ef:a7:8d:36:d0:5b:b5:6b:9c:fe:6c:92:1e:
                    12:df:e0:e5:8d:ae:ae:45:f3:e3:4e:31:d3:15:2b:
                    ce:3b:70:84:9c:57:6a:df:f6:b5:dd:e6:b5:36:76:
                    56:a6:94:3b:88:9d:12:76:a4:f0:32:00:93:0d:ff:
                    e7:7f:e3:c7:5b:42:53:8e:75:fc:ae:3a:7b:5f:83:
                    dc:49:81:b8:9d:af:c9:75:ee:d4:d0:0a:ad:5a:d3:
                    61:de:fe:54:ff:9c:46:d5:b1:e5:ad:93:49:cc:95:
                    92:40:a0:c1:f4:a6:a8:64:3a:bb:95:d0:17:b8:cc:
                    fe:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:AE:BD:F1:42:92:D0:C4:D8:A1:6E:6F:AF:F0:DD:61:23:FE:79:67
            X509v3 Authority Key Identifier:
                keyid:3A:2B:50:79:9B:31:C0:B1:45:12:46:50:D7:11:BC:E3:83:D6:70:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OitQeZsxwLFFEkZQ1xG844PWcDk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:93:22:84:57:55:b6:9f:13:70:a0:d8:ef:a9:32:6f:4d:ca:
         56:ce:99:ec:f7:07:cc:9d:28:78:21:3a:f2:5f:d8:84:9e:1b:
         48:fc:17:3f:a1:0e:12:a9:7e:22:ce:b0:68:94:92:f7:00:77:
         86:5b:41:16:99:12:62:69:2c:9d:98:fb:07:cc:8a:31:88:c7:
         a8:01:e8:e5:03:35:74:b5:b0:89:8f:e0:2d:00:39:42:9c:5f:
         cc:2f:7b:8b:6a:f7:44:88:69:61:a7:5a:df:10:56:2c:aa:47:
         68:87:8f:5b:b7:b6:88:db:a1:aa:8c:94:da:16:a4:6a:87:8f:
         18:aa:da:37:7e:8b:55:be:37:a7:45:ab:1f:cc:cc:8d:d9:90:
         f3:df:96:4b:a2:4a:35:c6:9d:bd:59:2c:e8:28:07:ab:51:0d:
         f9:eb:75:5f:e1:53:d9:66:1e:c0:43:41:9c:d3:17:4e:66:89:
         70:1a:2b:78:f7:79:b8:ee:da:45:dd:76:cf:76:7a:72:72:fb:
         15:bd:98:b1:8f:8a:7d:26:04:8c:9b:e7:1a:37:be:df:9c:df:
         5d:44:3d:fa:3d:67:33:ad:2b:66:5e:bb:93:be:df:1d:e5:71:
         9f:74:cb:e1:c8:45:bf:8e:13:67:09:e8:63:ad:f0:8f:93:74:
         b7:b7:1b:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVu/r4EsgMRbT8wst3N2zGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMmI1MDc5OWIzMWMwYjE0NTEyNDY1MGQ3MTFiY2UzODNk
NjcwMzkwHhcNMjUwODIzMDcwMjAzWhcNMjUwODI0MDcwMjAzWjAzMTEwLwYDVQQD
EygzM2FlYmRmMTQyOTJkMGM0ZDhhMTZlNmZhZmYwZGQ2MTIzZmU3OTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxf7gJKvla7yR1H73h6HwMJSVWpu4
ffuff56Tvi32Zq1J8HePP1uzlenrqoFtpYecwmmtXrQgU8/jp0eVxVM9zjxMeoQl
J5hthHaSxQcX9KYJIP81i7yde3/t+VGvKvYBvNHvMcF96H+PvjzDY1+fVCM0wnww
zk94KdaylNm6huKEy8H/ZUSNOu+njTbQW7VrnP5skh4S3+Dlja6uRfPjTjHTFSvO
O3CEnFdq3/a13ea1NnZWppQ7iJ0SdqTwMgCTDf/nf+PHW0JTjnX8rjp7X4PcSYG4
na/Jde7U0AqtWtNh3v5U/5xG1bHlrZNJzJWSQKDB9KaoZDq7ldAXuMz+3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDOuvfFCktDE2KFub6/w3WEj/nlnMB8GA1UdIwQY
MBaAFDorUHmbMcCxRRJGUNcRvOOD1nA5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2l0UWVac3h3TEZGRWtaUTF4Rzg0NFBXY0RrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8wMTUyYWItZDM0Ni00ZTExLWIwYzMt
MzMyNzMwZmIxYzhhLzEvT2l0UWVac3h3TEZGRWtaUTF4Rzg0NFBXY0RrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi8wMTUyYWItZDM0Ni00ZTExLWIwYzMtMzMyNzMwZmIxYzhh
LzEvT2l0UWVac3h3TEZGRWtaUTF4Rzg0NFBXY0RrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPpMihFdV
tp8TcKDY76kyb03KVs6Z7PcHzJ0oeCE68l/YhJ4bSPwXP6EOEql+Is6waJSS9wB3
hltBFpkSYmksnZj7B8yKMYjHqAHo5QM1dLWwiY/gLQA5QpxfzC97i2r3RIhpYada
3xBWLKpHaIePW7e2iNuhqoyU2hakaoePGKraN36LVb43p0WrH8zMjdmQ89+WS6JK
NcadvVks6CgHq1EN+et1X+FT2WYewENBnNMXTmaJcBorePd5uO7aRd12z3Z6cnL7
Fb2YsY+KfSYEjJvnGje+35zfXUQ9+j1nM60rZl67k77fHeVxn3TL4chFv44TZwno
Y63wj5N0t7cbHg==
-----END CERTIFICATE-----