Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft
File:                     owjczEdYTD-oJh23kmouQBcrP3k.mft (raw, json)
Hash identifier:          kRsYb/HVaTakwizAK0X0q+0Wzj6WlGbzgppR/4++ask=
Subject key identifier:   B8:60:FF:3A:95:F5:E8:ED:85:93:1C:44:29:05:20:93:80:D7:48:6C
Authority key identifier: A3:08:DC:CC:47:58:4C:3F:A8:26:1D:B7:92:6A:2E:40:17:2B:3F:79
Certificate issuer:       /CN=a308dccc47584c3fa8261db7926a2e40172b3f79
Certificate serial:       0199FCFD75CBD1FCA2C3663E0A50BE43F438
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/owjczEdYTD-oJh23kmouQBcrP3k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft
Manifest number:          03B4
Signing time:             Sun 19 Oct 2025 15:01:33 +0000
Manifest this update:     Sun 19 Oct 2025 15:01:33 +0000
Manifest next update:     Mon 20 Oct 2025 15:01:33 +0000
Files and hashes:         1: owjczEdYTD-oJh23kmouQBcrP3k.crl (hash: FMCiYnJpU6VqRSveMdDPzSR0Dz404wwcJIue9tL4VmM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/owjczEdYTD-oJh23kmouQBcrP3k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:fd:75:cb:d1:fc:a2:c3:66:3e:0a:50:be:43:f4:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a308dccc47584c3fa8261db7926a2e40172b3f79
        Validity
            Not Before: Oct 19 15:01:33 2025 GMT
            Not After : Oct 20 15:01:33 2025 GMT
        Subject: CN=b860ff3a95f5e8ed85931c442905209380d7486c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:69:2a:19:5a:3f:58:0a:6e:a2:c1:ce:a0:cc:
                    97:2d:a8:c0:e6:d6:40:fd:0c:11:98:cd:7c:ab:ad:
                    f5:46:65:41:9b:a6:c8:be:17:eb:4b:76:93:44:1a:
                    8e:cb:7e:99:6d:3b:78:a1:9b:e4:86:af:c9:cd:a0:
                    c4:ae:d2:93:29:0d:47:cf:73:8e:05:7e:ad:38:89:
                    12:ee:67:2a:b8:05:aa:8b:51:06:57:dd:5b:9e:36:
                    21:b6:bc:98:38:25:a9:8d:67:c1:1d:8b:97:6a:a7:
                    2a:2f:de:ea:f4:f2:e3:ce:a2:e0:3a:e4:32:59:01:
                    b5:a8:e1:31:a9:65:58:e6:95:3f:e4:a5:d0:5c:00:
                    e8:1e:01:da:b2:0e:65:4e:7b:f2:6c:21:a4:fb:fa:
                    d4:a4:f8:b3:3e:43:94:9b:76:f8:7f:a7:41:4c:f4:
                    66:7c:63:d6:1c:1d:6d:2f:f4:c0:d8:f8:3d:1a:c4:
                    dd:44:3d:a8:81:3b:b2:cf:8c:9d:31:5e:1f:b0:80:
                    62:2e:74:c8:9e:54:48:a6:34:2f:e2:8f:95:8c:52:
                    4a:a2:c3:f2:cb:c0:06:07:3e:78:14:46:4e:5d:25:
                    df:a0:9f:86:a6:a5:82:4e:a3:3b:86:a6:77:5e:66:
                    01:da:71:f6:c9:25:d5:c7:1e:23:b6:aa:d7:13:e8:
                    4a:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:60:FF:3A:95:F5:E8:ED:85:93:1C:44:29:05:20:93:80:D7:48:6C
            X509v3 Authority Key Identifier:
                keyid:A3:08:DC:CC:47:58:4C:3F:A8:26:1D:B7:92:6A:2E:40:17:2B:3F:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/owjczEdYTD-oJh23kmouQBcrP3k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:01:48:25:5d:d0:45:a0:0d:8c:94:00:de:b2:27:9f:6a:d7:
         f6:29:cb:ff:cd:06:b5:98:22:b9:a6:81:8a:8e:8b:21:b5:b6:
         a1:27:a7:cc:1e:ea:1d:56:d3:b3:3e:c3:d4:91:57:89:fb:b8:
         e0:31:11:52:db:39:b2:d8:67:c0:ee:9e:3b:b3:9a:39:90:bb:
         48:51:17:df:dc:b4:19:6c:68:eb:ac:63:8e:f1:3d:f8:2f:d5:
         ae:c5:5d:6c:fa:99:c3:b3:5d:38:ed:d5:02:d1:90:87:a5:c3:
         2b:15:69:fc:12:4d:f9:11:7d:ce:a2:93:4d:87:ea:d6:33:30:
         81:61:63:fe:d4:4c:20:5d:f3:ec:df:c8:ee:8a:1c:89:77:d6:
         06:63:10:81:48:70:a6:cb:9d:34:53:e4:14:43:91:34:2f:fd:
         e2:23:f6:b1:b7:08:75:0f:39:f6:75:91:16:f7:2d:02:c3:ac:
         a4:5a:94:06:4f:d4:94:80:7e:f1:18:f0:08:94:37:f5:3d:b1:
         be:11:68:db:ec:89:4a:db:2e:a9:3a:b9:f7:de:a9:6f:84:89:
         a5:28:c6:e1:1e:09:ba:27:a1:ad:83:38:ab:65:d7:4f:9f:6d:
         1c:e5:56:fd:e5:5a:7e:71:13:2a:4f:7c:a5:51:72:ae:53:36:
         d5:ab:8f:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8/XXL0fyiw2Y+ClC+Q/Q4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMDhkY2NjNDc1ODRjM2ZhODI2MWRiNzkyNmEyZTQwMTcy
YjNmNzkwHhcNMjUxMDE5MTUwMTMzWhcNMjUxMDIwMTUwMTMzWjAzMTEwLwYDVQQD
EyhiODYwZmYzYTk1ZjVlOGVkODU5MzFjNDQyOTA1MjA5MzgwZDc0ODZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA62kqGVo/WApuosHOoMyXLajA5tZA
/QwRmM18q631RmVBm6bIvhfrS3aTRBqOy36ZbTt4oZvkhq/JzaDErtKTKQ1Hz3OO
BX6tOIkS7mcquAWqi1EGV91bnjYhtryYOCWpjWfBHYuXaqcqL97q9PLjzqLgOuQy
WQG1qOExqWVY5pU/5KXQXADoHgHasg5lTnvybCGk+/rUpPizPkOUm3b4f6dBTPRm
fGPWHB1tL/TA2Pg9GsTdRD2ogTuyz4ydMV4fsIBiLnTInlRIpjQv4o+VjFJKosPy
y8AGBz54FEZOXSXfoJ+GpqWCTqM7hqZ3XmYB2nH2ySXVxx4jtqrXE+hKowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLhg/zqV9ejthZMcRCkFIJOA10hsMB8GA1UdIwQY
MBaAFKMI3MxHWEw/qCYdt5JqLkAXKz95MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3dqY3pFZFlURC1vSmgyM2ttb3VRQmNyUDNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9hMjAyNTgtNmRmZi00Mjk1LTlkYzEt
MGFmZWIxNDUyNGJlLzEvb3dqY3pFZFlURC1vSmgyM2ttb3VRQmNyUDNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9hMjAyNTgtNmRmZi00Mjk1LTlkYzEtMGFmZWIxNDUyNGJl
LzEvb3dqY3pFZFlURC1vSmgyM2ttb3VRQmNyUDNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcQFIJV3Q
RaANjJQA3rInn2rX9inL/80GtZgiuaaBio6LIbW2oSenzB7qHVbTsz7D1JFXifu4
4DERUts5sthnwO6eO7OaOZC7SFEX39y0GWxo66xjjvE9+C/VrsVdbPqZw7NdOO3V
AtGQh6XDKxVp/BJN+RF9zqKTTYfq1jMwgWFj/tRMIF3z7N/I7oociXfWBmMQgUhw
psudNFPkFEORNC/94iP2sbcIdQ859nWRFvctAsOspFqUBk/UlIB+8RjwCJQ39T2x
vhFo2+yJStsuqTq5996pb4SJpSjG4R4JuiehrYM4q2XXT59tHOVW/eVafnETKk98
pVFyrlM21auPZg==
-----END CERTIFICATE-----