Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/017147-a6c1-4f48-a5d9-2cde4045c42a/1/oWkKV2UZ54d6ZAis325pu4RyqhU.mft
File:                     oWkKV2UZ54d6ZAis325pu4RyqhU.mft (raw, json)
Hash identifier:          oqwL3j4WnQAo/t0ETeZeHC969FCF5honsU91YUB9BdA=
Subject key identifier:   19:C0:C0:E6:BB:72:8F:A5:DB:5E:77:2E:EE:02:AE:9F:49:21:5C:21
Authority key identifier: A1:69:0A:57:65:19:E7:87:7A:64:08:AC:DF:6E:69:BB:84:72:AA:15
Certificate issuer:       /CN=a1690a576519e7877a6408acdf6e69bb8472aa15
Certificate serial:       0196C201ED71997B036DC39B68340B9B79F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oWkKV2UZ54d6ZAis325pu4RyqhU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/017147-a6c1-4f48-a5d9-2cde4045c42a/1/oWkKV2UZ54d6ZAis325pu4RyqhU.mft
Manifest number:          0428
Signing time:             Mon 12 May 2025 01:00:28 +0000
Manifest this update:     Mon 12 May 2025 01:00:28 +0000
Manifest next update:     Tue 13 May 2025 01:00:28 +0000
Files and hashes:         1: oWkKV2UZ54d6ZAis325pu4RyqhU.crl (hash: nPiNTV7bFCL5sVFdO60jXwkt1J2aH6GCvGH+cNFQKkM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/017147-a6c1-4f48-a5d9-2cde4045c42a/1/oWkKV2UZ54d6ZAis325pu4RyqhU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/017147-a6c1-4f48-a5d9-2cde4045c42a/1/oWkKV2UZ54d6ZAis325pu4RyqhU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oWkKV2UZ54d6ZAis325pu4RyqhU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c2:01:ed:71:99:7b:03:6d:c3:9b:68:34:0b:9b:79:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1690a576519e7877a6408acdf6e69bb8472aa15
        Validity
            Not Before: May 12 01:00:28 2025 GMT
            Not After : May 13 01:00:28 2025 GMT
        Subject: CN=19c0c0e6bb728fa5db5e772eee02ae9f49215c21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:69:79:db:e7:a2:34:2c:ad:25:1f:eb:d6:92:
                    92:d5:50:3c:b6:bc:0e:b6:ed:f6:63:5c:2a:62:dc:
                    7d:a0:a9:74:d8:16:bb:dc:da:fb:f7:14:52:a9:c5:
                    25:b0:77:a2:96:c6:e1:6a:66:0e:ec:da:da:d6:94:
                    53:58:86:a0:95:5a:70:e1:3a:c5:57:e4:f1:73:a2:
                    cd:88:9e:46:f9:bf:bd:da:4b:a9:b0:74:ae:a0:48:
                    33:20:a6:09:0a:77:46:24:08:ac:2c:f2:15:4f:4c:
                    88:cc:37:a3:b2:fe:c8:ce:c5:38:01:e5:51:5c:a2:
                    71:dd:f8:55:f1:e1:e3:46:6c:33:08:aa:cc:d2:46:
                    1c:c7:5b:f5:8b:f7:ca:0f:3c:79:70:df:f4:69:b4:
                    db:07:65:e0:8e:09:a6:67:0d:e1:de:f0:15:7f:35:
                    5f:01:42:83:00:46:b2:10:81:1d:18:53:9d:16:cc:
                    38:6a:f3:3c:71:e2:9c:32:00:2e:02:1f:82:e3:46:
                    10:fa:2c:25:b4:4f:b7:3f:de:74:cf:33:6a:a5:15:
                    7f:71:8e:81:6a:b7:77:d8:53:59:af:dd:62:11:27:
                    36:ef:2f:0a:b2:57:b9:d4:9c:3c:18:79:7d:46:7c:
                    f0:b1:06:dc:4a:1b:be:86:83:6b:dd:26:61:c3:84:
                    ed:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:C0:C0:E6:BB:72:8F:A5:DB:5E:77:2E:EE:02:AE:9F:49:21:5C:21
            X509v3 Authority Key Identifier:
                keyid:A1:69:0A:57:65:19:E7:87:7A:64:08:AC:DF:6E:69:BB:84:72:AA:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oWkKV2UZ54d6ZAis325pu4RyqhU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/017147-a6c1-4f48-a5d9-2cde4045c42a/1/oWkKV2UZ54d6ZAis325pu4RyqhU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/017147-a6c1-4f48-a5d9-2cde4045c42a/1/oWkKV2UZ54d6ZAis325pu4RyqhU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:89:ce:d1:05:c3:a0:7d:0f:e1:05:51:5b:61:03:ca:21:a3:
         13:4a:38:1a:82:31:63:6a:4d:45:23:0d:87:17:60:0a:10:ec:
         ba:38:17:8c:2d:c9:92:88:c1:21:c5:3a:5d:31:df:25:29:19:
         b4:2d:ac:30:ed:7b:3e:50:98:6f:31:b0:30:a7:e5:2e:22:a6:
         ab:6d:09:9e:62:33:69:3f:ca:a5:d9:c5:0e:81:0a:42:b5:bd:
         f7:95:b7:b6:a9:c0:20:51:2d:54:15:b1:ca:f5:68:88:12:ec:
         60:44:ac:dd:7e:2b:08:55:61:88:20:60:d3:8e:73:84:8a:68:
         f6:48:6a:61:a7:d5:d7:9a:c5:33:de:54:f8:23:1e:78:e8:0d:
         0c:f5:ac:b9:99:24:41:39:e1:fd:57:e2:9b:5a:27:fa:ea:90:
         b4:a9:be:3d:ed:4f:fc:db:65:c3:0a:b4:f8:7a:18:25:70:a3:
         18:8a:d5:1b:be:43:39:c1:e1:aa:06:12:d6:73:d7:0f:56:14:
         bc:ae:05:e2:06:5c:7a:ee:85:ba:c3:b7:02:7d:36:e5:d2:eb:
         99:57:b5:30:27:43:44:91:21:b4:54:59:93:36:ab:e4:0d:11:
         ef:95:31:da:79:24:e2:13:5b:25:52:31:19:3c:38:86:cc:6b:
         db:92:e5:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbCAe1xmXsDbcObaDQLm3nxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNjkwYTU3NjUxOWU3ODc3YTY0MDhhY2RmNmU2OWJiODQ3
MmFhMTUwHhcNMjUwNTEyMDEwMDI4WhcNMjUwNTEzMDEwMDI4WjAzMTEwLwYDVQQD
EygxOWMwYzBlNmJiNzI4ZmE1ZGI1ZTc3MmVlZTAyYWU5ZjQ5MjE1YzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGl52+eiNCytJR/r1pKS1VA8trwO
tu32Y1wqYtx9oKl02Ba73Nr79xRSqcUlsHeilsbhamYO7Nra1pRTWIaglVpw4TrF
V+Txc6LNiJ5G+b+92kupsHSuoEgzIKYJCndGJAisLPIVT0yIzDejsv7IzsU4AeVR
XKJx3fhV8eHjRmwzCKrM0kYcx1v1i/fKDzx5cN/0abTbB2XgjgmmZw3h3vAVfzVf
AUKDAEayEIEdGFOdFsw4avM8ceKcMgAuAh+C40YQ+iwltE+3P950zzNqpRV/cY6B
ard32FNZr91iESc27y8Ksle51Jw8GHl9RnzwsQbcShu+hoNr3SZhw4TtNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBnAwOa7co+l2153Lu4Crp9JIVwhMB8GA1UdIwQY
MBaAFKFpCldlGeeHemQIrN9uabuEcqoVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1drS1YyVVo1NGQ2WkFpczMyNXB1NFJ5cWhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8wMTcxNDctYTZjMS00ZjQ4LWE1ZDkt
MmNkZTQwNDVjNDJhLzEvb1drS1YyVVo1NGQ2WkFpczMyNXB1NFJ5cWhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8wMTcxNDctYTZjMS00ZjQ4LWE1ZDktMmNkZTQwNDVjNDJh
LzEvb1drS1YyVVo1NGQ2WkFpczMyNXB1NFJ5cWhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP4nO0QXD
oH0P4QVRW2EDyiGjE0o4GoIxY2pNRSMNhxdgChDsujgXjC3JkojBIcU6XTHfJSkZ
tC2sMO17PlCYbzGwMKflLiKmq20JnmIzaT/KpdnFDoEKQrW995W3tqnAIFEtVBWx
yvVoiBLsYESs3X4rCFVhiCBg045zhIpo9khqYafV15rFM95U+CMeeOgNDPWsuZkk
QTnh/Vfim1on+uqQtKm+Pe1P/Ntlwwq0+HoYJXCjGIrVG75DOcHhqgYS1nPXD1YU
vK4F4gZceu6FusO3An025dLrmVe1MCdDRJEhtFRZkzar5A0R75Ux2nkk4hNbJVIx
GTw4hsxr25Ll1A==
-----END CERTIFICATE-----