Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/017147-a6c1-4f48-a5d9-2cde4045c42a/1/oWkKV2UZ54d6ZAis325pu4RyqhU.mft
File:                     oWkKV2UZ54d6ZAis325pu4RyqhU.mft (raw, json)
Hash identifier:          4MAGzmRps/lZnax3FhP8GL9msxMFfpbSqy3A/ydtARM=
Subject key identifier:   6F:C3:74:CC:43:B4:24:53:A4:33:0B:77:73:65:01:00:4A:AF:F9:79
Authority key identifier: A1:69:0A:57:65:19:E7:87:7A:64:08:AC:DF:6E:69:BB:84:72:AA:15
Certificate issuer:       /CN=a1690a576519e7877a6408acdf6e69bb8472aa15
Certificate serial:       0197B74515617B64623616482E1C910A0D7D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oWkKV2UZ54d6ZAis325pu4RyqhU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/017147-a6c1-4f48-a5d9-2cde4045c42a/1/oWkKV2UZ54d6ZAis325pu4RyqhU.mft
Manifest number:          04A7
Signing time:             Sat 28 Jun 2025 16:00:47 +0000
Manifest this update:     Sat 28 Jun 2025 16:00:47 +0000
Manifest next update:     Sun 29 Jun 2025 16:00:47 +0000
Files and hashes:         1: oWkKV2UZ54d6ZAis325pu4RyqhU.crl (hash: BRoJCU/AxTkGrG3isKTmkS+8ipQQuThqwkQYJqHvGFA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/017147-a6c1-4f48-a5d9-2cde4045c42a/1/oWkKV2UZ54d6ZAis325pu4RyqhU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/017147-a6c1-4f48-a5d9-2cde4045c42a/1/oWkKV2UZ54d6ZAis325pu4RyqhU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oWkKV2UZ54d6ZAis325pu4RyqhU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:45:15:61:7b:64:62:36:16:48:2e:1c:91:0a:0d:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1690a576519e7877a6408acdf6e69bb8472aa15
        Validity
            Not Before: Jun 28 16:00:47 2025 GMT
            Not After : Jun 29 16:00:47 2025 GMT
        Subject: CN=6fc374cc43b42453a4330b77736501004aaff979
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:a8:ed:46:83:31:da:6e:45:4f:1e:78:ef:35:
                    e0:f1:3b:f7:05:fd:ef:9b:62:5c:93:e7:fa:0f:7c:
                    52:50:e1:00:2c:30:e3:35:56:f7:04:67:eb:55:63:
                    4a:6d:30:ca:aa:56:de:cd:e6:c3:6d:1b:91:c4:97:
                    fb:46:f7:f2:36:ca:e8:3b:53:a9:f2:bf:65:08:06:
                    91:02:cf:7b:36:09:1e:40:32:09:2a:0d:9d:1b:fc:
                    98:fc:e7:58:6d:3f:20:1d:33:cd:50:20:f2:81:71:
                    21:6e:47:fa:4c:93:a9:e9:68:57:ae:2c:be:e4:ea:
                    4a:63:e1:98:e9:d1:e4:a8:00:03:ff:5b:95:9f:32:
                    b4:66:93:f7:54:5b:7e:2c:c8:9a:00:d5:c5:ef:13:
                    20:40:5f:36:a0:86:8b:a7:47:39:d7:a1:05:ab:3d:
                    c4:28:26:05:8c:90:9a:54:e1:4e:66:43:12:6c:9d:
                    aa:04:c5:fe:28:37:d0:19:f3:99:3a:5e:9a:5c:e8:
                    fe:e3:06:a0:7b:93:16:5b:61:44:5e:8a:20:27:fc:
                    99:2b:73:4a:d9:b0:d0:62:e0:11:b6:3f:6f:71:47:
                    7f:ba:14:74:97:42:c1:c9:d4:9f:9a:af:eb:b3:4a:
                    d4:5e:b4:d5:e0:c9:19:06:d5:8f:0f:a2:f9:f1:89:
                    b1:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:C3:74:CC:43:B4:24:53:A4:33:0B:77:73:65:01:00:4A:AF:F9:79
            X509v3 Authority Key Identifier:
                keyid:A1:69:0A:57:65:19:E7:87:7A:64:08:AC:DF:6E:69:BB:84:72:AA:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oWkKV2UZ54d6ZAis325pu4RyqhU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/017147-a6c1-4f48-a5d9-2cde4045c42a/1/oWkKV2UZ54d6ZAis325pu4RyqhU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/017147-a6c1-4f48-a5d9-2cde4045c42a/1/oWkKV2UZ54d6ZAis325pu4RyqhU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:a8:31:0e:2f:86:ea:08:1f:ff:f1:e4:4b:4a:f3:da:9d:34:
         0a:89:26:a9:fe:23:53:19:f4:f3:37:a5:88:19:c9:dc:99:d0:
         24:3a:d1:2d:cd:31:b5:54:92:5c:f8:ad:44:c1:0e:55:6e:3b:
         63:b9:e2:f9:35:82:47:75:7c:f6:75:a3:22:6f:54:2c:93:2e:
         00:4a:c6:d8:e5:c2:b3:3d:e8:cb:43:8e:f9:e0:1f:5d:03:05:
         b2:5e:9b:63:e5:60:d5:a4:2d:89:ed:0d:ad:9f:f0:6a:65:f8:
         8f:52:5c:37:e3:32:80:4d:89:c5:12:51:c0:09:f1:0d:e7:6f:
         7b:29:58:fa:d8:30:c4:cc:2b:0a:38:0e:fb:b4:15:12:e7:bf:
         34:5e:6a:36:ab:1a:81:8d:cd:26:ab:3e:50:24:92:ea:ce:05:
         c9:67:d3:34:0e:93:7d:82:88:fd:5c:1d:68:5d:68:0d:3c:3a:
         ad:4f:e5:4f:4a:b4:86:95:7c:67:f1:07:0e:89:9b:5c:e6:6b:
         73:03:fb:84:62:66:8c:6f:5d:a1:5d:6e:d6:33:ef:ce:bb:f9:
         04:f1:96:50:d5:fb:30:45:76:c5:2e:a9:85:c7:5e:94:90:64:
         b7:2e:05:cf:88:f1:3d:4d:fb:79:fc:fe:eb:f6:ad:40:b5:6b:
         78:23:5e:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RRVhe2RiNhZILhyRCg19MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNjkwYTU3NjUxOWU3ODc3YTY0MDhhY2RmNmU2OWJiODQ3
MmFhMTUwHhcNMjUwNjI4MTYwMDQ3WhcNMjUwNjI5MTYwMDQ3WjAzMTEwLwYDVQQD
Eyg2ZmMzNzRjYzQzYjQyNDUzYTQzMzBiNzc3MzY1MDEwMDRhYWZmOTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz6jtRoMx2m5FTx547zXg8Tv3Bf3v
m2Jck+f6D3xSUOEALDDjNVb3BGfrVWNKbTDKqlbezebDbRuRxJf7RvfyNsroO1Op
8r9lCAaRAs97NgkeQDIJKg2dG/yY/OdYbT8gHTPNUCDygXEhbkf6TJOp6WhXriy+
5OpKY+GY6dHkqAAD/1uVnzK0ZpP3VFt+LMiaANXF7xMgQF82oIaLp0c516EFqz3E
KCYFjJCaVOFOZkMSbJ2qBMX+KDfQGfOZOl6aXOj+4wage5MWW2FEXoogJ/yZK3NK
2bDQYuARtj9vcUd/uhR0l0LBydSfmq/rs0rUXrTV4MkZBtWPD6L58Ymx5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG/DdMxDtCRTpDMLd3NlAQBKr/l5MB8GA1UdIwQY
MBaAFKFpCldlGeeHemQIrN9uabuEcqoVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1drS1YyVVo1NGQ2WkFpczMyNXB1NFJ5cWhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8wMTcxNDctYTZjMS00ZjQ4LWE1ZDkt
MmNkZTQwNDVjNDJhLzEvb1drS1YyVVo1NGQ2WkFpczMyNXB1NFJ5cWhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8wMTcxNDctYTZjMS00ZjQ4LWE1ZDktMmNkZTQwNDVjNDJh
LzEvb1drS1YyVVo1NGQ2WkFpczMyNXB1NFJ5cWhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaagxDi+G
6ggf//HkS0rz2p00Cokmqf4jUxn08zeliBnJ3JnQJDrRLc0xtVSSXPitRMEOVW47
Y7ni+TWCR3V89nWjIm9ULJMuAErG2OXCsz3oy0OO+eAfXQMFsl6bY+Vg1aQtie0N
rZ/wamX4j1JcN+MygE2JxRJRwAnxDedveylY+tgwxMwrCjgO+7QVEue/NF5qNqsa
gY3NJqs+UCSS6s4FyWfTNA6TfYKI/VwdaF1oDTw6rU/lT0q0hpV8Z/EHDombXOZr
cwP7hGJmjG9doV1u1jPvzrv5BPGWUNX7MEV2xS6phcdelJBkty4Fz4jxPU37efz+
6/atQLVreCNevQ==
-----END CERTIFICATE-----