Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/9f068a-17f4-4311-8bbc-234b322a0cfe/1/o_60EOB9CI-2UbkTdJuBJX47mVI.mft
File:                     o_60EOB9CI-2UbkTdJuBJX47mVI.mft (raw, json)
Hash identifier:          q3TaBpVrD0XY+ri5k0l3UH+l1OpcVzTMAaCiewTewZg=
Subject key identifier:   17:89:5D:C0:38:0B:C7:0B:06:70:92:3E:92:4D:90:29:3C:35:0F:8D
Authority key identifier: A3:FE:B4:10:E0:7D:08:8F:B6:51:B9:13:74:9B:81:25:7E:3B:99:52
Certificate issuer:       /CN=a3feb410e07d088fb651b913749b81257e3b9952
Certificate serial:       0197B88FEB6608AB54BC8284B7F8DF1D9322
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o_60EOB9CI-2UbkTdJuBJX47mVI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/9f068a-17f4-4311-8bbc-234b322a0cfe/1/o_60EOB9CI-2UbkTdJuBJX47mVI.mft
Manifest number:          1000
Signing time:             Sat 28 Jun 2025 22:02:08 +0000
Manifest this update:     Sat 28 Jun 2025 22:02:08 +0000
Manifest next update:     Sun 29 Jun 2025 22:02:08 +0000
Files and hashes:         1: o_60EOB9CI-2UbkTdJuBJX47mVI.crl (hash: p7WSH++P9hQzGpc3UWYCF/JmRgEoV/UkFOFYLBQKR4U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e4/9f068a-17f4-4311-8bbc-234b322a0cfe/1/o_60EOB9CI-2UbkTdJuBJX47mVI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e4/9f068a-17f4-4311-8bbc-234b322a0cfe/1/o_60EOB9CI-2UbkTdJuBJX47mVI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/o_60EOB9CI-2UbkTdJuBJX47mVI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 19:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8f:eb:66:08:ab:54:bc:82:84:b7:f8:df:1d:93:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3feb410e07d088fb651b913749b81257e3b9952
        Validity
            Not Before: Jun 28 22:02:08 2025 GMT
            Not After : Jun 29 22:02:08 2025 GMT
        Subject: CN=17895dc0380bc70b0670923e924d90293c350f8d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:7d:e6:cb:e9:b5:64:d9:42:40:b8:f9:90:87:
                    a0:3c:ed:79:52:07:91:70:40:e0:e0:94:37:fe:52:
                    a7:40:a9:6a:84:f6:38:b9:f7:df:72:6c:17:15:0b:
                    f1:ab:52:81:79:cd:ad:9d:54:ac:74:7c:2a:ad:92:
                    cf:2e:38:0d:c6:89:0c:23:a3:c5:31:15:14:c4:eb:
                    2f:ee:42:40:2d:5a:61:26:af:f6:b9:b9:84:54:2c:
                    6f:77:ab:a7:f6:e3:dd:32:36:03:a5:14:48:b5:a6:
                    71:98:5c:fb:c9:f5:0a:61:2b:15:d3:9c:bf:79:8b:
                    dd:55:9d:a9:14:34:83:f0:2d:6c:a3:dd:fa:73:d0:
                    c1:50:4e:51:1f:cd:dc:b3:74:11:24:36:56:44:c7:
                    30:ab:ee:c1:e1:90:39:4e:e8:21:1a:db:c7:48:73:
                    09:6a:b3:21:b7:c7:6c:f2:97:d0:04:03:07:06:ed:
                    c5:8f:45:17:87:33:3b:1c:68:bb:94:2f:74:23:dd:
                    4e:71:22:38:db:4c:9a:05:69:9f:d4:48:84:56:57:
                    ff:fb:b1:a3:0a:25:1f:96:29:ca:dd:05:12:9e:d6:
                    26:02:6c:e7:a5:6b:e5:cb:50:77:1f:2c:89:14:0c:
                    35:69:2b:01:bb:3e:33:86:14:76:b0:f7:91:58:3b:
                    2a:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:89:5D:C0:38:0B:C7:0B:06:70:92:3E:92:4D:90:29:3C:35:0F:8D
            X509v3 Authority Key Identifier:
                keyid:A3:FE:B4:10:E0:7D:08:8F:B6:51:B9:13:74:9B:81:25:7E:3B:99:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o_60EOB9CI-2UbkTdJuBJX47mVI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/9f068a-17f4-4311-8bbc-234b322a0cfe/1/o_60EOB9CI-2UbkTdJuBJX47mVI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/9f068a-17f4-4311-8bbc-234b322a0cfe/1/o_60EOB9CI-2UbkTdJuBJX47mVI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:fe:3f:db:73:40:10:70:4a:00:5f:c1:ef:95:af:87:7c:26:
         02:8e:e2:a1:af:58:3d:0c:57:aa:1c:4f:79:29:d5:a8:c2:bc:
         aa:37:38:1f:43:b2:72:68:74:d6:29:61:94:7a:f0:70:96:0c:
         dc:65:e7:a0:42:71:63:76:62:c5:14:4e:2c:dc:8e:b6:07:49:
         69:26:ce:a8:9e:6a:33:f3:8f:7e:10:83:c5:07:fc:1f:62:98:
         ef:17:9a:a7:9c:38:e6:c5:28:dd:4d:b5:52:21:3b:38:be:17:
         55:23:bc:dc:a4:ea:67:25:0b:0b:58:84:2d:86:d8:09:5f:2b:
         fd:92:93:e6:f8:bb:02:2d:27:ac:3c:44:f2:41:b7:b6:0d:0e:
         16:ff:ad:80:1a:84:f5:77:3f:86:97:d1:38:b1:ad:33:49:4f:
         9b:63:9a:11:cf:35:a2:ed:6f:98:2e:34:06:41:3a:1d:ac:0d:
         78:0a:f2:2c:bf:75:c3:4a:c8:ce:83:72:ae:58:e0:d0:26:b9:
         07:69:5d:5c:50:21:a5:ed:c8:d7:92:28:75:f2:43:73:d1:74:
         a0:70:2a:24:2d:9f:f1:59:86:39:23:3c:15:2f:e4:f4:b6:57:
         2b:1e:cf:b9:ff:77:75:9a:d4:9b:e1:21:e6:d6:47:f2:54:d1:
         a4:06:43:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4j+tmCKtUvIKEt/jfHZMiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzZmViNDEwZTA3ZDA4OGZiNjUxYjkxMzc0OWI4MTI1N2Uz
Yjk5NTIwHhcNMjUwNjI4MjIwMjA4WhcNMjUwNjI5MjIwMjA4WjAzMTEwLwYDVQQD
EygxNzg5NWRjMDM4MGJjNzBiMDY3MDkyM2U5MjRkOTAyOTNjMzUwZjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyX3my+m1ZNlCQLj5kIegPO15UgeR
cEDg4JQ3/lKnQKlqhPY4ufffcmwXFQvxq1KBec2tnVSsdHwqrZLPLjgNxokMI6PF
MRUUxOsv7kJALVphJq/2ubmEVCxvd6un9uPdMjYDpRRItaZxmFz7yfUKYSsV05y/
eYvdVZ2pFDSD8C1so936c9DBUE5RH83cs3QRJDZWRMcwq+7B4ZA5TughGtvHSHMJ
arMht8ds8pfQBAMHBu3Fj0UXhzM7HGi7lC90I91OcSI420yaBWmf1EiEVlf/+7Gj
CiUflinK3QUSntYmAmznpWvly1B3HyyJFAw1aSsBuz4zhhR2sPeRWDsqawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBeJXcA4C8cLBnCSPpJNkCk8NQ+NMB8GA1UdIwQY
MBaAFKP+tBDgfQiPtlG5E3SbgSV+O5lSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb182MEVPQjlDSS0yVWJrVGRKdUJKWDQ3bVZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC85ZjA2OGEtMTdmNC00MzExLThiYmMt
MjM0YjMyMmEwY2ZlLzEvb182MEVPQjlDSS0yVWJrVGRKdUJKWDQ3bVZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC85ZjA2OGEtMTdmNC00MzExLThiYmMtMjM0YjMyMmEwY2Zl
LzEvb182MEVPQjlDSS0yVWJrVGRKdUJKWDQ3bVZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAef4/23NA
EHBKAF/B75Wvh3wmAo7ioa9YPQxXqhxPeSnVqMK8qjc4H0Oycmh01ilhlHrwcJYM
3GXnoEJxY3ZixRROLNyOtgdJaSbOqJ5qM/OPfhCDxQf8H2KY7xeap5w45sUo3U21
UiE7OL4XVSO83KTqZyULC1iELYbYCV8r/ZKT5vi7Ai0nrDxE8kG3tg0OFv+tgBqE
9Xc/hpfROLGtM0lPm2OaEc81ou1vmC40BkE6HawNeAryLL91w0rIzoNyrljg0Ca5
B2ldXFAhpe3I15IodfJDc9F0oHAqJC2f8VmGOSM8FS/k9LZXKx7Puf93dZrUm+Eh
5tZH8lTRpAZDqA==
-----END CERTIFICATE-----