Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/495c34-95f9-495e-b1c8-474f2cf6e62a/1/OWpY9F0OyAFfoyauWP9YAzKJv50.mft
File:                     OWpY9F0OyAFfoyauWP9YAzKJv50.mft (raw, json)
Hash identifier:          ljc0jDO8O4+Vz0hvf8MC5cyAb35L17DfWo9ySWGgOfM=
Subject key identifier:   D9:6F:C2:78:D0:A2:47:52:07:A1:99:8B:47:C9:DE:93:EB:3F:82:FD
Authority key identifier: 39:6A:58:F4:5D:0E:C8:01:5F:A3:26:AE:58:FF:58:03:32:89:BF:9D
Certificate issuer:       /CN=396a58f45d0ec8015fa326ae58ff58033289bf9d
Certificate serial:       0196A31B968621457AD9B5933AF74EA9EC50
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OWpY9F0OyAFfoyauWP9YAzKJv50.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/495c34-95f9-495e-b1c8-474f2cf6e62a/1/OWpY9F0OyAFfoyauWP9YAzKJv50.mft
Manifest number:          1523
Signing time:             Tue 06 May 2025 01:00:16 +0000
Manifest this update:     Tue 06 May 2025 01:00:16 +0000
Manifest next update:     Wed 07 May 2025 01:00:16 +0000
Files and hashes:         1: OWpY9F0OyAFfoyauWP9YAzKJv50.crl (hash: amh1XFM56jJe3mgUYuo+nYnSIcdS8mX+nCm5A48+mBM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/495c34-95f9-495e-b1c8-474f2cf6e62a/1/OWpY9F0OyAFfoyauWP9YAzKJv50.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/495c34-95f9-495e-b1c8-474f2cf6e62a/1/OWpY9F0OyAFfoyauWP9YAzKJv50.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OWpY9F0OyAFfoyauWP9YAzKJv50.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 07 May 2025 01:00:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a3:1b:96:86:21:45:7a:d9:b5:93:3a:f7:4e:a9:ec:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=396a58f45d0ec8015fa326ae58ff58033289bf9d
        Validity
            Not Before: May  6 01:00:16 2025 GMT
            Not After : May  7 01:00:16 2025 GMT
        Subject: CN=d96fc278d0a2475207a1998b47c9de93eb3f82fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:4d:1c:b8:13:ec:4f:87:0d:2a:9a:bb:c8:16:
                    77:ac:19:de:f5:44:33:31:34:be:b5:c4:90:f3:fe:
                    f9:37:98:f4:fe:56:20:b1:aa:df:e2:dc:51:86:0c:
                    e4:95:f3:9f:a4:06:d4:fd:73:35:3c:eb:61:90:09:
                    6c:21:e4:9f:df:fb:d7:50:47:a5:cd:91:80:1c:28:
                    7e:95:c6:d9:30:d1:1c:b9:c6:ae:31:b0:5d:77:d1:
                    4c:22:05:6e:51:5f:36:40:55:fa:13:5b:3f:0b:dd:
                    5f:a2:d7:3c:32:4b:0d:58:dd:87:62:be:9d:fe:2d:
                    22:be:bb:ac:c3:03:cc:7b:b5:18:1a:5d:6d:92:f1:
                    88:da:7e:01:9d:8f:4d:0c:5a:12:9d:26:81:3c:83:
                    e2:d0:62:3c:3f:7b:45:6c:d0:cb:7c:50:b5:aa:f6:
                    81:d5:87:e0:5d:bb:74:4a:74:92:20:dd:88:7b:53:
                    d7:cf:93:cb:eb:1f:d4:0b:07:98:24:e9:3a:2a:c0:
                    a4:02:53:62:d8:31:55:4c:1e:ae:f7:e3:5b:43:05:
                    c3:e0:0b:04:eb:6f:76:3b:9c:88:bc:7b:40:b2:37:
                    a5:57:22:4c:db:d6:b7:94:63:91:8e:3d:84:8f:45:
                    77:bc:db:95:5a:1f:e9:72:14:27:37:41:e6:eb:fc:
                    f8:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:6F:C2:78:D0:A2:47:52:07:A1:99:8B:47:C9:DE:93:EB:3F:82:FD
            X509v3 Authority Key Identifier:
                keyid:39:6A:58:F4:5D:0E:C8:01:5F:A3:26:AE:58:FF:58:03:32:89:BF:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OWpY9F0OyAFfoyauWP9YAzKJv50.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/495c34-95f9-495e-b1c8-474f2cf6e62a/1/OWpY9F0OyAFfoyauWP9YAzKJv50.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/495c34-95f9-495e-b1c8-474f2cf6e62a/1/OWpY9F0OyAFfoyauWP9YAzKJv50.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:7d:17:d5:13:de:d4:78:ae:45:be:c4:20:35:87:83:1b:2e:
         c5:12:a3:af:a8:d3:38:ea:64:fc:25:8d:e9:f6:73:a0:a8:27:
         59:cf:60:ee:e7:30:e1:10:b2:a8:ea:c9:da:d8:d4:9b:60:1c:
         aa:d8:4d:09:29:8e:b9:76:29:4a:74:27:15:d5:2b:bf:93:84:
         2d:f8:68:4d:53:44:e5:22:96:9a:41:2a:af:83:78:d1:e9:f0:
         f1:82:6b:49:93:04:5b:94:e9:59:8d:87:db:c6:bc:4e:56:43:
         2d:5c:23:3a:9b:95:fb:dd:04:53:ae:78:39:a8:77:97:39:51:
         0e:14:27:6a:b9:e0:8e:23:37:ae:26:3c:6a:a3:38:a1:4b:3d:
         f9:32:c8:67:63:0c:96:77:44:43:81:4a:46:99:d6:37:e3:dd:
         03:27:fc:9a:a2:1a:87:59:0a:07:4f:5b:46:8a:7b:ff:c0:be:
         7d:e4:37:fb:96:d7:a5:6b:fb:9b:72:28:08:22:d5:50:b4:70:
         68:82:69:5c:a6:6a:af:cd:e6:ef:72:10:d5:dc:ab:a5:25:5d:
         22:bd:17:91:2c:3a:d5:b3:e6:35:17:2c:c3:18:0a:68:5b:94:
         3f:ae:f6:a3:d3:cc:f4:f8:49:6d:f8:d7:0c:db:85:dc:68:88:
         49:66:04:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZajG5aGIUV62bWTOvdOqexQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NmE1OGY0NWQwZWM4MDE1ZmEzMjZhZTU4ZmY1ODAzMzI4
OWJmOWQwHhcNMjUwNTA2MDEwMDE2WhcNMjUwNTA3MDEwMDE2WjAzMTEwLwYDVQQD
EyhkOTZmYzI3OGQwYTI0NzUyMDdhMTk5OGI0N2M5ZGU5M2ViM2Y4MmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvE0cuBPsT4cNKpq7yBZ3rBne9UQz
MTS+tcSQ8/75N5j0/lYgsarf4txRhgzklfOfpAbU/XM1POthkAlsIeSf3/vXUEel
zZGAHCh+lcbZMNEcucauMbBdd9FMIgVuUV82QFX6E1s/C91fotc8MksNWN2HYr6d
/i0ivruswwPMe7UYGl1tkvGI2n4BnY9NDFoSnSaBPIPi0GI8P3tFbNDLfFC1qvaB
1YfgXbt0SnSSIN2Ie1PXz5PL6x/UCweYJOk6KsCkAlNi2DFVTB6u9+NbQwXD4AsE
6292O5yIvHtAsjelVyJM29a3lGORjj2Ej0V3vNuVWh/pchQnN0Hm6/z4JwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNlvwnjQokdSB6GZi0fJ3pPrP4L9MB8GA1UdIwQY
MBaAFDlqWPRdDsgBX6Mmrlj/WAMyib+dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1dwWTlGME95QUZmb3lhdVdQOVlBektKdjUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy80OTVjMzQtOTVmOS00OTVlLWIxYzgt
NDc0ZjJjZjZlNjJhLzEvT1dwWTlGME95QUZmb3lhdVdQOVlBektKdjUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy80OTVjMzQtOTVmOS00OTVlLWIxYzgtNDc0ZjJjZjZlNjJh
LzEvT1dwWTlGME95QUZmb3lhdVdQOVlBektKdjUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZn0X1RPe
1HiuRb7EIDWHgxsuxRKjr6jTOOpk/CWN6fZzoKgnWc9g7ucw4RCyqOrJ2tjUm2Ac
qthNCSmOuXYpSnQnFdUrv5OELfhoTVNE5SKWmkEqr4N40enw8YJrSZMEW5TpWY2H
28a8TlZDLVwjOpuV+90EU654Oah3lzlRDhQnarngjiM3riY8aqM4oUs9+TLIZ2MM
lndEQ4FKRpnWN+PdAyf8mqIah1kKB09bRop7/8C+feQ3+5bXpWv7m3IoCCLVULRw
aIJpXKZqr83m73IQ1dyrpSVdIr0XkSw61bPmNRcswxgKaFuUP672o9PM9PhJbfjX
DNuF3GiISWYEyQ==
-----END CERTIFICATE-----