Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.mft
File:                     OoLcXHHOpyxlsCahJnifOIZXC6Y.mft (raw, json)
Hash identifier:          N8sDo+sxmwuYy8mamDHJVat5+ZAZX6P64j99+O3CXQM=
Subject key identifier:   C6:5A:25:A8:A9:2D:C6:FD:04:7B:D6:9F:0D:88:17:0B:84:C2:A8:2F
Authority key identifier: 3A:82:DC:5C:71:CE:A7:2C:65:B0:26:A1:26:78:9F:38:86:57:0B:A6
Certificate issuer:       /CN=3a82dc5c71cea72c65b026a126789f3886570ba6
Certificate serial:       0196B9A36087384F31A5235C9FC9B6B82D4D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OoLcXHHOpyxlsCahJnifOIZXC6Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.mft
Manifest number:          152F
Signing time:             Sat 10 May 2025 10:00:14 +0000
Manifest this update:     Sat 10 May 2025 10:00:14 +0000
Manifest next update:     Sun 11 May 2025 10:00:14 +0000
Files and hashes:         1: OoLcXHHOpyxlsCahJnifOIZXC6Y.crl (hash: UqQrb0rcPJ6qvGV9oW7yQo/CtIT4XlEA5dwdFgRgzkM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OoLcXHHOpyxlsCahJnifOIZXC6Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 10:00:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b9:a3:60:87:38:4f:31:a5:23:5c:9f:c9:b6:b8:2d:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a82dc5c71cea72c65b026a126789f3886570ba6
        Validity
            Not Before: May 10 10:00:14 2025 GMT
            Not After : May 11 10:00:14 2025 GMT
        Subject: CN=c65a25a8a92dc6fd047bd69f0d88170b84c2a82f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:84:51:45:b7:7b:94:9a:69:d2:19:42:e2:ba:
                    6d:8f:7f:c1:56:7c:0d:8e:b8:32:f3:13:42:3c:2d:
                    42:7a:a9:8f:92:c6:d4:e3:d8:3f:9d:27:29:51:82:
                    89:13:1e:20:e6:51:35:fb:ff:fe:29:9d:d7:98:2f:
                    32:93:5c:cb:68:ee:63:54:a5:7f:23:b9:96:b3:d8:
                    17:30:d3:f5:83:1a:6e:d4:46:9d:f3:df:34:b0:54:
                    89:b0:f4:69:68:0f:45:3f:97:c7:83:59:aa:19:1a:
                    05:60:69:c9:5f:66:ae:4c:ca:02:fc:6f:46:87:f9:
                    8c:da:e2:72:a7:0d:33:65:29:ce:6b:f9:27:22:67:
                    70:a4:e0:76:6e:ef:46:f1:5c:24:9e:96:75:3a:31:
                    10:4d:fb:e4:64:7f:06:9a:a7:7f:36:36:9d:5b:81:
                    32:ed:99:55:0e:47:ff:f0:ea:91:d5:2e:b8:2f:e9:
                    43:13:5d:f4:40:23:ba:48:6d:f8:0e:ab:30:b0:ca:
                    a0:e1:9a:57:9c:17:16:e4:51:7a:99:7c:72:1f:bd:
                    c3:e4:43:7f:2e:a4:c9:a7:7f:99:5a:97:66:1a:52:
                    9c:dc:8d:12:6b:28:cd:34:48:d2:9a:1c:85:c6:f0:
                    cd:24:56:77:a4:0d:ae:ca:88:49:13:76:13:97:f6:
                    c2:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:5A:25:A8:A9:2D:C6:FD:04:7B:D6:9F:0D:88:17:0B:84:C2:A8:2F
            X509v3 Authority Key Identifier:
                keyid:3A:82:DC:5C:71:CE:A7:2C:65:B0:26:A1:26:78:9F:38:86:57:0B:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OoLcXHHOpyxlsCahJnifOIZXC6Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:50:52:42:ee:40:03:95:46:d2:5d:c1:0e:30:91:70:05:47:
         b0:5e:a0:72:59:73:1e:82:af:dc:46:56:a9:a6:5a:c6:e4:a1:
         00:23:a5:5f:a4:ad:f2:42:60:1b:58:42:19:a6:71:77:8d:94:
         29:fb:20:65:e7:a1:5d:5d:a0:19:8a:96:a9:c9:55:16:5b:88:
         f2:2f:39:fa:89:22:ac:08:78:a7:b3:ae:ca:a3:21:c8:3c:85:
         b5:59:91:1c:2f:06:1e:8f:e4:67:7b:e2:b5:3b:66:2f:b7:a5:
         f1:53:02:fe:15:db:0d:80:75:99:5c:f2:c1:44:6d:3a:8b:08:
         36:ce:67:4f:4e:d7:65:6a:b2:58:56:b4:b8:61:a4:44:e4:c4:
         f2:20:10:70:d8:cc:44:96:c1:41:c5:5b:ab:02:d6:b9:a4:08:
         56:07:28:fa:0d:3f:7e:c0:5b:37:6b:2e:74:c7:d6:70:1f:21:
         da:63:7d:03:52:f4:ee:bc:59:c5:b5:b7:d5:f2:f5:19:14:86:
         cf:27:2f:73:10:ba:17:ea:f8:22:c6:c5:8f:e0:e9:0a:c9:9a:
         20:b1:e0:df:c0:a6:a0:a9:b0:2a:99:cc:6c:a9:2e:0a:54:03:
         7a:66:fe:93:86:d3:6f:0b:94:18:59:0f:ed:28:5f:26:12:1c:
         89:c8:0d:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa5o2CHOE8xpSNcn8m2uC1NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhODJkYzVjNzFjZWE3MmM2NWIwMjZhMTI2Nzg5ZjM4ODY1
NzBiYTYwHhcNMjUwNTEwMTAwMDE0WhcNMjUwNTExMTAwMDE0WjAzMTEwLwYDVQQD
EyhjNjVhMjVhOGE5MmRjNmZkMDQ3YmQ2OWYwZDg4MTcwYjg0YzJhODJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYRRRbd7lJpp0hlC4rptj3/BVnwN
jrgy8xNCPC1CeqmPksbU49g/nScpUYKJEx4g5lE1+//+KZ3XmC8yk1zLaO5jVKV/
I7mWs9gXMNP1gxpu1Ead8980sFSJsPRpaA9FP5fHg1mqGRoFYGnJX2auTMoC/G9G
h/mM2uJypw0zZSnOa/knImdwpOB2bu9G8VwknpZ1OjEQTfvkZH8Gmqd/NjadW4Ey
7ZlVDkf/8OqR1S64L+lDE130QCO6SG34DqswsMqg4ZpXnBcW5FF6mXxyH73D5EN/
LqTJp3+ZWpdmGlKc3I0SayjNNEjSmhyFxvDNJFZ3pA2uyohJE3YTl/bCFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMZaJaipLcb9BHvWnw2IFwuEwqgvMB8GA1UdIwQY
MBaAFDqC3FxxzqcsZbAmoSZ4nziGVwumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT29MY1hISE9weXhsc0NhaEpuaWZPSVpYQzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9kNTk1OGMtMTRjYS00MWQ1LThkNDIt
ZGMxZmFiNDM5ZTMwLzEvT29MY1hISE9weXhsc0NhaEpuaWZPSVpYQzZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9kNTk1OGMtMTRjYS00MWQ1LThkNDItZGMxZmFiNDM5ZTMw
LzEvT29MY1hISE9weXhsc0NhaEpuaWZPSVpYQzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFVBSQu5A
A5VG0l3BDjCRcAVHsF6gcllzHoKv3EZWqaZaxuShACOlX6St8kJgG1hCGaZxd42U
KfsgZeehXV2gGYqWqclVFluI8i85+okirAh4p7OuyqMhyDyFtVmRHC8GHo/kZ3vi
tTtmL7el8VMC/hXbDYB1mVzywURtOosINs5nT07XZWqyWFa0uGGkROTE8iAQcNjM
RJbBQcVbqwLWuaQIVgco+g0/fsBbN2sudMfWcB8h2mN9A1L07rxZxbW31fL1GRSG
zycvcxC6F+r4IsbFj+DpCsmaILHg38CmoKmwKpnMbKkuClQDemb+k4bTbwuUGFkP
7ShfJhIcicgN/Q==
-----END CERTIFICATE-----