Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft
File:                     OitQeZsxwLFFEkZQ1xG844PWcDk.mft (raw, json)
Hash identifier:          2ILiG1zCaQ0Yy38lITZqh1JHs934OYTdvcSS8hw3fjU=
Subject key identifier:   4C:55:F5:03:97:2F:74:B0:4E:B2:7C:FE:A4:87:EF:87:A1:3C:E7:86
Authority key identifier: 3A:2B:50:79:9B:31:C0:B1:45:12:46:50:D7:11:BC:E3:83:D6:70:39
Certificate issuer:       /CN=3a2b50799b31c0b145124650d711bce383d67039
Certificate serial:       0197B7EA7F7644333C44DF09358FD0941FA2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OitQeZsxwLFFEkZQ1xG844PWcDk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft
Manifest number:          0A07
Signing time:             Sat 28 Jun 2025 19:01:27 +0000
Manifest this update:     Sat 28 Jun 2025 19:01:27 +0000
Manifest next update:     Sun 29 Jun 2025 19:01:27 +0000
Files and hashes:         1: OitQeZsxwLFFEkZQ1xG844PWcDk.crl (hash: Z0MCqLPE7PRv4WO6CtfTaaddBJRwhuWB8gLxwWNeIXI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OitQeZsxwLFFEkZQ1xG844PWcDk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:ea:7f:76:44:33:3c:44:df:09:35:8f:d0:94:1f:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a2b50799b31c0b145124650d711bce383d67039
        Validity
            Not Before: Jun 28 19:01:27 2025 GMT
            Not After : Jun 29 19:01:27 2025 GMT
        Subject: CN=4c55f503972f74b04eb27cfea487ef87a13ce786
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:66:25:66:2a:fa:1b:45:0f:fc:81:72:f5:d5:
                    3d:fc:c8:62:bf:c5:39:f9:8a:e6:5a:48:cc:1e:05:
                    59:12:6b:db:70:3c:c8:75:a7:aa:01:df:b5:ce:0f:
                    f6:fd:d9:92:10:b8:d0:ab:fd:e6:b1:ca:44:7b:7d:
                    25:23:cf:bc:d2:d2:aa:6d:36:89:e3:f6:69:a8:8a:
                    39:9d:76:52:ca:0c:51:85:45:65:1f:25:5f:7e:b1:
                    45:53:84:ad:32:d5:3a:9c:d8:43:0b:e9:0e:7f:7d:
                    8d:0b:50:f5:76:51:96:28:a5:37:3d:3e:07:7d:82:
                    57:31:bf:f5:60:bb:9e:c1:ed:1e:c2:80:98:13:b1:
                    19:d7:33:11:09:7f:8c:1c:e1:bf:5f:a5:a4:1f:bf:
                    cf:11:39:03:24:ec:e9:ba:90:a6:c6:5f:b0:4d:fd:
                    e2:2b:6f:31:f8:c2:b8:2a:81:b8:b1:d9:64:d7:a1:
                    3f:54:52:02:7d:c4:3e:a2:6e:c0:86:49:e6:f8:bd:
                    7d:a4:3c:e0:69:28:da:0e:9e:83:0c:8f:35:ac:b2:
                    d4:c8:f4:3e:6e:9e:01:7c:0c:f2:7f:f0:c3:ff:f8:
                    2d:30:ee:fa:90:3d:92:ba:0f:b9:35:64:2a:4a:a0:
                    82:c7:65:31:de:06:9a:f0:f9:21:a5:f6:f5:ac:04:
                    eb:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:55:F5:03:97:2F:74:B0:4E:B2:7C:FE:A4:87:EF:87:A1:3C:E7:86
            X509v3 Authority Key Identifier:
                keyid:3A:2B:50:79:9B:31:C0:B1:45:12:46:50:D7:11:BC:E3:83:D6:70:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OitQeZsxwLFFEkZQ1xG844PWcDk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:9f:93:b1:ac:80:f3:21:67:88:7f:9a:58:b1:04:27:1d:ce:
         8f:fe:a5:38:c1:e0:8d:dc:bc:b3:a6:40:ce:00:0d:d2:8f:84:
         cb:a4:b8:1c:da:40:a0:81:51:09:4d:6f:49:d1:66:0a:18:39:
         7a:66:0b:47:12:21:3c:b9:dd:b9:81:69:05:06:5b:f7:14:19:
         9c:80:24:9d:74:0a:10:19:48:2a:63:a4:af:3c:7a:6d:93:af:
         d4:9d:bb:64:4f:8f:bf:39:c3:52:7d:a9:5d:07:ac:5f:d4:e4:
         18:84:4a:24:7e:e4:f0:98:1a:38:e4:48:84:4c:62:5e:8b:f4:
         39:8a:e3:4d:9d:e5:3c:7f:c0:32:91:9b:70:d7:ac:f5:69:8a:
         82:dc:a8:34:cb:8d:eb:f5:1e:0a:32:87:d9:9a:97:02:37:8a:
         be:d1:9d:a2:a1:d7:20:ec:90:19:7c:a8:c3:40:31:4d:63:d8:
         ae:78:12:ac:81:81:9f:6b:0e:b7:19:02:82:1d:00:8c:b9:ca:
         70:9e:1d:a0:69:65:6a:01:4b:10:a2:0b:12:8f:e0:4e:b6:68:
         b0:55:fd:be:4d:b3:9b:33:de:06:ca:25:5a:ac:92:30:91:a9:
         a9:db:5b:43:dc:7c:bf:96:0d:95:f5:56:9b:8b:7e:42:71:7f:
         3d:e4:e6:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36n92RDM8RN8JNY/QlB+iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMmI1MDc5OWIzMWMwYjE0NTEyNDY1MGQ3MTFiY2UzODNk
NjcwMzkwHhcNMjUwNjI4MTkwMTI3WhcNMjUwNjI5MTkwMTI3WjAzMTEwLwYDVQQD
Eyg0YzU1ZjUwMzk3MmY3NGIwNGViMjdjZmVhNDg3ZWY4N2ExM2NlNzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWYlZir6G0UP/IFy9dU9/Mhiv8U5
+YrmWkjMHgVZEmvbcDzIdaeqAd+1zg/2/dmSELjQq/3mscpEe30lI8+80tKqbTaJ
4/ZpqIo5nXZSygxRhUVlHyVffrFFU4StMtU6nNhDC+kOf32NC1D1dlGWKKU3PT4H
fYJXMb/1YLuewe0ewoCYE7EZ1zMRCX+MHOG/X6WkH7/PETkDJOzpupCmxl+wTf3i
K28x+MK4KoG4sdlk16E/VFICfcQ+om7Ahknm+L19pDzgaSjaDp6DDI81rLLUyPQ+
bp4BfAzyf/DD//gtMO76kD2Sug+5NWQqSqCCx2Ux3gaa8Pkhpfb1rATr3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFExV9QOXL3SwTrJ8/qSH74ehPOeGMB8GA1UdIwQY
MBaAFDorUHmbMcCxRRJGUNcRvOOD1nA5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2l0UWVac3h3TEZGRWtaUTF4Rzg0NFBXY0RrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8wMTUyYWItZDM0Ni00ZTExLWIwYzMt
MzMyNzMwZmIxYzhhLzEvT2l0UWVac3h3TEZGRWtaUTF4Rzg0NFBXY0RrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi8wMTUyYWItZDM0Ni00ZTExLWIwYzMtMzMyNzMwZmIxYzhh
LzEvT2l0UWVac3h3TEZGRWtaUTF4Rzg0NFBXY0RrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGJ+TsayA
8yFniH+aWLEEJx3Oj/6lOMHgjdy8s6ZAzgAN0o+Ey6S4HNpAoIFRCU1vSdFmChg5
emYLRxIhPLnduYFpBQZb9xQZnIAknXQKEBlIKmOkrzx6bZOv1J27ZE+PvznDUn2p
XQesX9TkGIRKJH7k8JgaOORIhExiXov0OYrjTZ3lPH/AMpGbcNes9WmKgtyoNMuN
6/UeCjKH2ZqXAjeKvtGdoqHXIOyQGXyow0AxTWPYrngSrIGBn2sOtxkCgh0AjLnK
cJ4doGllagFLEKILEo/gTrZosFX9vk2zmzPeBsolWqySMJGpqdtbQ9x8v5YNlfVW
m4t+QnF/PeTmdw==
-----END CERTIFICATE-----