Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.mft
File:                     O4RSPDky4tGYBGI0uWLg3FGr9YY.mft (raw, json)
Hash identifier:          ESHvnjRURbY1ogc9AX74lGPLF63OLdHFSGs/T5aMKTQ=
Subject key identifier:   76:3B:C8:C5:08:8D:25:CE:A2:2A:90:73:AF:B9:F3:55:82:F2:CB:46
Authority key identifier: 3B:84:52:3C:39:32:E2:D1:98:04:62:34:B9:62:E0:DC:51:AB:F5:86
Certificate issuer:       /CN=3b84523c3932e2d198046234b962e0dc51abf586
Certificate serial:       0198D65FC82CA0F088FAF9BB9B8F34ACC2AD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O4RSPDky4tGYBGI0uWLg3FGr9YY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.mft
Manifest number:          1649
Signing time:             Sat 23 Aug 2025 10:00:57 +0000
Manifest this update:     Sat 23 Aug 2025 10:00:57 +0000
Manifest next update:     Sun 24 Aug 2025 10:00:57 +0000
Files and hashes:         1: O4RSPDky4tGYBGI0uWLg3FGr9YY.crl (hash: cVHYKxMz+jOLc1w24Pw6pSDXb/RjrVjJ8xMf1ay5ALc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O4RSPDky4tGYBGI0uWLg3FGr9YY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:c8:2c:a0:f0:88:fa:f9:bb:9b:8f:34:ac:c2:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b84523c3932e2d198046234b962e0dc51abf586
        Validity
            Not Before: Aug 23 10:00:57 2025 GMT
            Not After : Aug 24 10:00:57 2025 GMT
        Subject: CN=763bc8c5088d25cea22a9073afb9f35582f2cb46
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:dc:e1:4e:3f:ba:97:9c:d6:02:cc:b4:a5:2d:
                    1b:5b:5d:1a:3a:3d:a4:7f:8a:4f:52:fa:9b:cd:38:
                    d4:62:3c:de:49:6e:5e:ad:07:62:c4:06:08:b4:ef:
                    6d:a0:64:9c:cb:8c:98:ba:cb:89:b6:1a:0a:08:5b:
                    31:cd:a4:18:28:dd:88:8e:8b:aa:54:17:31:ff:96:
                    bd:60:89:48:de:23:68:f9:84:99:d3:3c:91:db:f6:
                    0f:fd:c5:52:b6:a4:77:68:db:56:1d:ea:ca:5a:94:
                    73:12:47:1a:53:32:54:84:7e:3d:74:ec:43:97:a8:
                    cf:72:49:a8:37:7c:b3:b5:7f:43:e6:46:81:5c:e0:
                    c7:ad:49:c9:49:54:22:1b:64:fe:05:ce:02:7c:d8:
                    33:ee:2e:2d:2e:dd:8a:55:49:d4:a9:56:52:fe:7c:
                    44:d2:e1:a1:dc:37:0f:49:1a:f8:94:01:74:82:2b:
                    9c:08:f7:92:ff:e6:2c:69:ad:e4:b2:e2:11:69:71:
                    89:6f:c5:24:5c:49:a1:b9:84:08:5f:a2:f3:a8:47:
                    53:cb:2b:a3:18:7f:fa:ca:c0:04:44:a3:78:77:5e:
                    be:51:36:df:db:70:0c:e1:03:c4:d1:c1:bd:b3:ad:
                    81:62:ed:76:e8:10:a4:11:48:c5:41:36:52:45:14:
                    a5:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:3B:C8:C5:08:8D:25:CE:A2:2A:90:73:AF:B9:F3:55:82:F2:CB:46
            X509v3 Authority Key Identifier:
                keyid:3B:84:52:3C:39:32:E2:D1:98:04:62:34:B9:62:E0:DC:51:AB:F5:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O4RSPDky4tGYBGI0uWLg3FGr9YY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:65:32:63:fe:c4:24:1f:d3:5f:87:6c:0b:3b:24:b3:57:ef:
         d7:a9:db:60:64:64:1d:a3:85:65:9d:f1:bf:ed:26:d9:6a:84:
         c5:7f:f7:bc:e9:37:8e:30:18:9e:f7:4c:96:89:15:d8:bc:bb:
         c9:56:a7:9c:b2:3f:36:d5:28:e7:b3:05:05:8c:31:43:94:86:
         fb:51:6f:3b:66:e6:14:87:87:cb:46:1c:75:a4:fd:57:45:61:
         5e:f9:66:75:e8:03:4e:fd:7c:52:70:36:e7:1a:67:cc:a8:f5:
         56:aa:db:00:90:f2:f3:9b:60:c5:88:7d:97:bd:ee:e4:2b:14:
         e4:af:9c:62:7e:5f:83:9f:e9:1c:29:9c:1b:35:14:dd:37:ac:
         58:2b:14:d5:29:f4:ae:a3:48:49:62:71:9e:b3:4f:6a:82:66:
         6a:7f:11:2f:13:3e:3d:e1:9f:1e:4b:56:5f:ae:f4:04:60:6e:
         57:01:c4:c4:38:95:7a:42:28:f9:2c:da:87:ba:ce:9c:f5:39:
         8b:62:44:d4:e8:0e:b9:ee:14:0d:0a:cf:8c:c7:e9:af:bf:5f:
         33:3e:b9:bf:a0:26:e3:a9:2c:d9:6a:68:74:a5:6a:3f:7e:46:
         b0:f8:f3:f1:cc:15:9c:17:84:5a:fc:ae:82:d5:a6:6f:96:a5:
         15:06:62:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWX8gsoPCI+vm7m480rMKtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiODQ1MjNjMzkzMmUyZDE5ODA0NjIzNGI5NjJlMGRjNTFh
YmY1ODYwHhcNMjUwODIzMTAwMDU3WhcNMjUwODI0MTAwMDU3WjAzMTEwLwYDVQQD
Eyg3NjNiYzhjNTA4OGQyNWNlYTIyYTkwNzNhZmI5ZjM1NTgyZjJjYjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodzhTj+6l5zWAsy0pS0bW10aOj2k
f4pPUvqbzTjUYjzeSW5erQdixAYItO9toGScy4yYusuJthoKCFsxzaQYKN2Ijouq
VBcx/5a9YIlI3iNo+YSZ0zyR2/YP/cVStqR3aNtWHerKWpRzEkcaUzJUhH49dOxD
l6jPckmoN3yztX9D5kaBXODHrUnJSVQiG2T+Bc4CfNgz7i4tLt2KVUnUqVZS/nxE
0uGh3DcPSRr4lAF0giucCPeS/+Ysaa3ksuIRaXGJb8UkXEmhuYQIX6LzqEdTyyuj
GH/6ysAERKN4d16+UTbf23AM4QPE0cG9s62BYu126BCkEUjFQTZSRRSlMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHY7yMUIjSXOoiqQc6+581WC8stGMB8GA1UdIwQY
MBaAFDuEUjw5MuLRmARiNLli4NxRq/WGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzRSU1BEa3k0dEdZQkdJMHVXTGczRkdyOVlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy82NDBhNWUtZWQ1Mi00N2IwLWJjZmYt
YmRmNWM3ODA3NDJlLzEvTzRSU1BEa3k0dEdZQkdJMHVXTGczRkdyOVlZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy82NDBhNWUtZWQ1Mi00N2IwLWJjZmYtYmRmNWM3ODA3NDJl
LzEvTzRSU1BEa3k0dEdZQkdJMHVXTGczRkdyOVlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgGUyY/7E
JB/TX4dsCzsks1fv16nbYGRkHaOFZZ3xv+0m2WqExX/3vOk3jjAYnvdMlokV2Ly7
yVannLI/NtUo57MFBYwxQ5SG+1FvO2bmFIeHy0YcdaT9V0VhXvlmdegDTv18UnA2
5xpnzKj1VqrbAJDy85tgxYh9l73u5CsU5K+cYn5fg5/pHCmcGzUU3TesWCsU1Sn0
rqNISWJxnrNPaoJman8RLxM+PeGfHktWX670BGBuVwHExDiVekIo+Szah7rOnPU5
i2JE1OgOue4UDQrPjMfpr79fMz65v6Am46ks2WpodKVqP35GsPjz8cwVnBeEWvyu
gtWmb5alFQZipg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:02:54 2025 by rpki-client