Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft
File:                     oybRlH-kQ2NloBOsZ_TzKx_bqck.mft (raw, json)
Hash identifier:          HmDFjpKQMDlDM5DL3U/AqgmXW+gmraIbu7XN0lKGdVc=
Subject key identifier:   8F:31:38:18:35:6C:8F:F6:12:5C:3F:7B:E1:33:32:06:84:94:38:AA
Authority key identifier: A3:26:D1:94:7F:A4:43:63:65:A0:13:AC:67:F4:F3:2B:1F:DB:A9:C9
Certificate issuer:       /CN=a326d1947fa4436365a013ac67f4f32b1fdba9c9
Certificate serial:       0196AE0E2424A67FC3027618B849865C10AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oybRlH-kQ2NloBOsZ_TzKx_bqck.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft
Manifest number:          1225
Signing time:             Thu 08 May 2025 04:01:24 +0000
Manifest this update:     Thu 08 May 2025 04:01:24 +0000
Manifest next update:     Fri 09 May 2025 04:01:24 +0000
Files and hashes:         1: oybRlH-kQ2NloBOsZ_TzKx_bqck.crl (hash: zGt4yJRBqHUDBpsGK6zozbv2eE1zW1mgzu2CI0CXbEc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oybRlH-kQ2NloBOsZ_TzKx_bqck.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 09 May 2025 04:01:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ae:0e:24:24:a6:7f:c3:02:76:18:b8:49:86:5c:10:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a326d1947fa4436365a013ac67f4f32b1fdba9c9
        Validity
            Not Before: May  8 04:01:24 2025 GMT
            Not After : May  9 04:01:24 2025 GMT
        Subject: CN=8f313818356c8ff6125c3f7be1333206849438aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:c2:65:d4:0c:c7:c6:0f:f2:28:e3:9a:7e:a0:
                    7a:42:0b:08:cf:f9:54:19:ff:a9:9d:d6:56:64:2d:
                    61:71:73:d9:87:cf:c2:a1:1a:05:37:c3:07:ed:12:
                    f8:52:cc:86:b6:42:90:3a:7f:10:50:f9:c8:a1:7d:
                    07:82:5c:6d:91:75:e6:01:6c:61:bc:90:c9:ed:42:
                    cf:34:e5:1f:3b:a1:a3:42:5c:8c:43:b6:be:22:01:
                    05:10:96:89:8c:6d:8e:d3:24:68:2e:41:43:ba:c2:
                    55:a5:2b:e7:58:0f:c2:44:c8:6c:bd:81:65:f7:9e:
                    1b:05:23:52:30:a0:3e:5b:75:b2:54:a5:2d:de:5d:
                    39:e8:2e:0d:df:96:ee:74:46:b3:50:32:27:7d:a8:
                    47:cb:79:50:e5:67:eb:55:7a:88:56:64:73:d0:fe:
                    7d:95:42:64:09:6d:5e:7c:c2:84:31:1e:64:c4:38:
                    2d:0e:1e:08:b7:ca:99:2e:c7:c0:dc:fe:1c:b9:2a:
                    8b:13:e3:34:d7:09:b0:cc:e0:ca:85:a0:7e:3b:2f:
                    3b:82:9a:21:a5:92:33:7d:af:b2:f0:3e:73:9f:74:
                    fc:2f:f9:f2:46:a6:f0:99:9b:9f:7e:43:34:50:91:
                    c7:3c:b4:2c:32:59:da:6a:bc:88:cb:b3:f6:5d:f3:
                    22:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:31:38:18:35:6C:8F:F6:12:5C:3F:7B:E1:33:32:06:84:94:38:AA
            X509v3 Authority Key Identifier:
                keyid:A3:26:D1:94:7F:A4:43:63:65:A0:13:AC:67:F4:F3:2B:1F:DB:A9:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oybRlH-kQ2NloBOsZ_TzKx_bqck.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:e0:1a:07:f0:04:02:70:bf:f3:4f:2d:e8:7a:7e:88:e7:96:
         8f:f1:76:0b:27:0d:b4:af:f0:07:25:8d:65:0c:d6:04:d4:f2:
         a6:5d:98:8e:09:d2:cb:61:35:f2:a1:8f:56:1a:40:d1:3e:cd:
         11:f5:36:29:23:17:b1:fe:44:ad:ac:28:ab:15:d3:81:7e:93:
         da:7f:2f:63:1c:98:bd:45:ed:6b:64:63:3d:77:14:89:76:9a:
         4f:d2:43:9a:ad:c5:13:b5:c7:7d:d3:bc:8d:6b:fc:16:aa:73:
         82:99:63:a5:97:ab:4f:df:1a:c2:05:fe:5d:75:cc:0d:54:ca:
         e8:b1:f5:fc:67:35:65:09:49:1e:25:54:6f:25:76:d5:4e:9f:
         66:40:a3:ff:42:0f:fd:01:3a:b4:9f:a1:65:3c:66:69:a9:53:
         e1:f2:e7:84:a6:5e:f2:c6:53:14:60:ef:a2:bf:c3:78:d9:e4:
         c7:6a:c0:4f:42:17:16:ae:21:bb:19:89:2d:ce:a7:25:07:b2:
         9c:5a:09:6a:08:88:43:55:e2:7a:e6:e1:b4:63:21:72:2c:d2:
         a1:58:6c:43:54:a0:d2:30:55:4e:48:ff:d1:f0:e9:b5:1b:28:
         09:58:af:ef:44:24:ac:32:81:54:75:bf:75:d2:41:14:b4:a6:
         12:7f:47:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZauDiQkpn/DAnYYuEmGXBCqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMjZkMTk0N2ZhNDQzNjM2NWEwMTNhYzY3ZjRmMzJiMWZk
YmE5YzkwHhcNMjUwNTA4MDQwMTI0WhcNMjUwNTA5MDQwMTI0WjAzMTEwLwYDVQQD
Eyg4ZjMxMzgxODM1NmM4ZmY2MTI1YzNmN2JlMTMzMzIwNjg0OTQzOGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAssJl1AzHxg/yKOOafqB6QgsIz/lU
Gf+pndZWZC1hcXPZh8/CoRoFN8MH7RL4UsyGtkKQOn8QUPnIoX0HglxtkXXmAWxh
vJDJ7ULPNOUfO6GjQlyMQ7a+IgEFEJaJjG2O0yRoLkFDusJVpSvnWA/CRMhsvYFl
954bBSNSMKA+W3WyVKUt3l056C4N35budEazUDInfahHy3lQ5WfrVXqIVmRz0P59
lUJkCW1efMKEMR5kxDgtDh4It8qZLsfA3P4cuSqLE+M01wmwzODKhaB+Oy87gpoh
pZIzfa+y8D5zn3T8L/nyRqbwmZuffkM0UJHHPLQsMlnaaryIy7P2XfMi0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI8xOBg1bI/2Elw/e+EzMgaElDiqMB8GA1UdIwQY
MBaAFKMm0ZR/pENjZaATrGf08ysf26nJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3liUmxILWtRMk5sb0JPc1pfVHpLeF9icWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8wNTdmOWItYTAzYy00YmEzLTliN2Yt
NTdkM2RmYTU2NDA3LzEvb3liUmxILWtRMk5sb0JPc1pfVHpLeF9icWNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8wNTdmOWItYTAzYy00YmEzLTliN2YtNTdkM2RmYTU2NDA3
LzEvb3liUmxILWtRMk5sb0JPc1pfVHpLeF9icWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkeAaB/AE
AnC/808t6Hp+iOeWj/F2CycNtK/wByWNZQzWBNTypl2YjgnSy2E18qGPVhpA0T7N
EfU2KSMXsf5ErawoqxXTgX6T2n8vYxyYvUXta2RjPXcUiXaaT9JDmq3FE7XHfdO8
jWv8FqpzgpljpZerT98awgX+XXXMDVTK6LH1/Gc1ZQlJHiVUbyV21U6fZkCj/0IP
/QE6tJ+hZTxmaalT4fLnhKZe8sZTFGDvor/DeNnkx2rAT0IXFq4huxmJLc6nJQey
nFoJagiIQ1XieubhtGMhcizSoVhsQ1Sg0jBVTkj/0fDptRsoCViv70QkrDKBVHW/
ddJBFLSmEn9HjA==
-----END CERTIFICATE-----