Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.mft
File:                     O1HtwFDk-YX73VeMzgKtyIDGyKc.mft (raw, json)
Hash identifier:          E8Or9b3UeL1JUvnwFFVyrBeQErOGuHxxs8TPitNUMjc=
Subject key identifier:   77:BA:B8:E8:9C:BD:A1:F5:A5:E6:0E:01:12:F4:7B:1E:6D:47:E4:38
Authority key identifier: 3B:51:ED:C0:50:E4:F9:85:FB:DD:57:8C:CE:02:AD:C8:80:C6:C8:A7
Certificate issuer:       /CN=3b51edc050e4f985fbdd578cce02adc880c6c8a7
Certificate serial:       0199FBEC020281EB52C56EB505A3138FBC27
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O1HtwFDk-YX73VeMzgKtyIDGyKc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.mft
Manifest number:          0E3C
Signing time:             Sun 19 Oct 2025 10:02:52 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:52 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:52 +0000
Files and hashes:         1: O1HtwFDk-YX73VeMzgKtyIDGyKc.crl (hash: 8AV3KVFpYnB6wGhalOjty2Do8SvyWMxp+stGfmkliWw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O1HtwFDk-YX73VeMzgKtyIDGyKc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ec:02:02:81:eb:52:c5:6e:b5:05:a3:13:8f:bc:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b51edc050e4f985fbdd578cce02adc880c6c8a7
        Validity
            Not Before: Oct 19 10:02:52 2025 GMT
            Not After : Oct 20 10:02:52 2025 GMT
        Subject: CN=77bab8e89cbda1f5a5e60e0112f47b1e6d47e438
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:da:0e:ff:05:6f:29:e1:44:cf:d8:cd:95:48:
                    6f:ca:04:d4:f4:06:2d:b5:53:f5:58:58:68:7f:ab:
                    8d:e8:23:b7:af:ce:d1:a3:dd:ce:35:11:eb:f6:13:
                    cb:d0:25:d1:f0:ab:d5:b3:0f:d8:6a:3c:9a:76:c6:
                    af:4f:d4:4e:8d:02:d9:6f:dc:9f:e3:4c:b5:eb:b5:
                    ff:a3:c2:02:a4:f1:a3:f0:51:0b:27:a1:88:92:be:
                    f7:85:b7:37:98:aa:0d:3f:20:1e:60:15:c9:fe:31:
                    ae:54:9f:d3:ae:0f:70:10:c5:22:02:a7:bd:d3:f8:
                    a4:eb:82:51:71:00:cc:0b:7c:32:ba:e1:ab:f6:3d:
                    28:d4:18:49:3d:bc:f7:65:9c:f8:5b:8b:d7:ae:50:
                    06:15:50:31:bf:5b:0e:71:ba:9a:9c:63:fa:ed:36:
                    ba:ae:91:d0:ac:6e:cd:a0:1a:13:75:db:a5:40:d4:
                    c5:a4:e1:f4:b4:e2:7d:a8:17:bb:bd:a6:a2:ef:53:
                    0b:0e:1c:ec:79:16:17:b1:37:b5:86:a5:54:97:be:
                    de:26:17:6d:a9:61:9f:91:ae:9e:a4:11:93:75:b0:
                    b5:2c:1b:6e:bb:f8:10:ad:a0:87:f8:8c:ae:58:81:
                    d1:28:6e:1c:fc:b3:9f:4a:e0:02:23:4f:e4:ab:0f:
                    3e:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:BA:B8:E8:9C:BD:A1:F5:A5:E6:0E:01:12:F4:7B:1E:6D:47:E4:38
            X509v3 Authority Key Identifier:
                keyid:3B:51:ED:C0:50:E4:F9:85:FB:DD:57:8C:CE:02:AD:C8:80:C6:C8:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O1HtwFDk-YX73VeMzgKtyIDGyKc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:4b:4f:88:c0:bb:41:08:75:1a:4c:64:da:73:f9:4f:27:ec:
         f1:ff:f3:18:65:6f:61:26:3a:0e:69:f2:24:bd:8f:63:69:46:
         c8:b5:23:48:3b:79:66:97:27:af:3b:a5:1d:7b:2e:9d:40:bd:
         7b:65:9d:57:40:9b:ec:77:9d:36:13:85:f3:2b:b4:21:64:e2:
         51:f1:d5:48:7d:b3:a0:6e:46:92:a1:99:99:d6:c2:6f:52:57:
         3f:9a:9e:40:82:ed:7b:75:4b:0d:38:1c:59:45:a0:ac:5b:10:
         26:4a:09:8f:11:bd:80:e1:43:3a:80:c2:61:90:6a:f9:8b:4c:
         80:f7:f8:47:92:77:f2:b7:58:77:2c:9c:01:69:88:0b:a2:46:
         25:f3:4d:90:f9:e1:ae:f3:00:49:fd:1b:32:e0:5c:75:a9:10:
         4e:79:b9:dd:da:b1:c9:6b:6d:3a:f0:e0:8c:a1:41:d7:6f:dd:
         01:9b:d1:b3:a3:95:88:9b:84:73:cb:c2:38:00:5a:56:78:24:
         a6:b3:f5:c5:a1:30:36:76:3f:13:0d:79:02:0a:da:dd:57:cd:
         cd:2b:29:98:9a:82:82:e5:31:f8:3d:c7:0e:e1:01:68:ad:6d:
         16:7b:2a:e8:dd:bc:11:cf:02:c5:f8:0f:66:86:1a:b5:ca:3f:
         48:20:77:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn77AICgetSxW61BaMTj7wnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNTFlZGMwNTBlNGY5ODVmYmRkNTc4Y2NlMDJhZGM4ODBj
NmM4YTcwHhcNMjUxMDE5MTAwMjUyWhcNMjUxMDIwMTAwMjUyWjAzMTEwLwYDVQQD
Eyg3N2JhYjhlODljYmRhMWY1YTVlNjBlMDExMmY0N2IxZTZkNDdlNDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNoO/wVvKeFEz9jNlUhvygTU9AYt
tVP1WFhof6uN6CO3r87Ro93ONRHr9hPL0CXR8KvVsw/YajyadsavT9ROjQLZb9yf
40y167X/o8ICpPGj8FELJ6GIkr73hbc3mKoNPyAeYBXJ/jGuVJ/Trg9wEMUiAqe9
0/ik64JRcQDMC3wyuuGr9j0o1BhJPbz3ZZz4W4vXrlAGFVAxv1sOcbqanGP67Ta6
rpHQrG7NoBoTddulQNTFpOH0tOJ9qBe7vaai71MLDhzseRYXsTe1hqVUl77eJhdt
qWGfka6epBGTdbC1LBtuu/gQraCH+IyuWIHRKG4c/LOfSuACI0/kqw8+sQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHe6uOicvaH1peYOARL0ex5tR+Q4MB8GA1UdIwQY
MBaAFDtR7cBQ5PmF+91XjM4CrciAxsinMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzFIdHdGRGstWVg3M1ZlTXpnS3R5SURHeUtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9jYTcxYzgtMTNiYS00NzFiLWFmOTgt
YmNjYTYxZTM5Y2MzLzEvTzFIdHdGRGstWVg3M1ZlTXpnS3R5SURHeUtjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9jYTcxYzgtMTNiYS00NzFiLWFmOTgtYmNjYTYxZTM5Y2Mz
LzEvTzFIdHdGRGstWVg3M1ZlTXpnS3R5SURHeUtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn0tPiMC7
QQh1Gkxk2nP5Tyfs8f/zGGVvYSY6DmnyJL2PY2lGyLUjSDt5ZpcnrzulHXsunUC9
e2WdV0Cb7HedNhOF8yu0IWTiUfHVSH2zoG5GkqGZmdbCb1JXP5qeQILte3VLDTgc
WUWgrFsQJkoJjxG9gOFDOoDCYZBq+YtMgPf4R5J38rdYdyycAWmIC6JGJfNNkPnh
rvMASf0bMuBcdakQTnm53dqxyWttOvDgjKFB12/dAZvRs6OViJuEc8vCOABaVngk
prP1xaEwNnY/Ew15Agra3VfNzSspmJqCguUx+D3HDuEBaK1tFnsq6N28Ec8CxfgP
ZoYatco/SCB3Gw==
-----END CERTIFICATE-----