Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.mft
File:                     OoLcXHHOpyxlsCahJnifOIZXC6Y.mft (raw, json)
Hash identifier:          6XfXAMv6+9txvJW9yLHT0v0L1mE+gyeQslybZCoMZ+A=
Subject key identifier:   C7:BF:77:AE:E7:70:63:31:95:C9:ED:E7:7D:A5:9A:59:23:BE:0B:6B
Authority key identifier: 3A:82:DC:5C:71:CE:A7:2C:65:B0:26:A1:26:78:9F:38:86:57:0B:A6
Certificate issuer:       /CN=3a82dc5c71cea72c65b026a126789f3886570ba6
Certificate serial:       0199FBEC5DF6CA60AF2A989CDB99067E8B9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OoLcXHHOpyxlsCahJnifOIZXC6Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.mft
Manifest number:          16DF
Signing time:             Sun 19 Oct 2025 10:03:15 +0000
Manifest this update:     Sun 19 Oct 2025 10:03:15 +0000
Manifest next update:     Mon 20 Oct 2025 10:03:15 +0000
Files and hashes:         1: OoLcXHHOpyxlsCahJnifOIZXC6Y.crl (hash: rr/VA2I73R36Tv2kXg8Mzq0faUa1wuQMIZ93Ofnr2W0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OoLcXHHOpyxlsCahJnifOIZXC6Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:03:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ec:5d:f6:ca:60:af:2a:98:9c:db:99:06:7e:8b:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a82dc5c71cea72c65b026a126789f3886570ba6
        Validity
            Not Before: Oct 19 10:03:15 2025 GMT
            Not After : Oct 20 10:03:15 2025 GMT
        Subject: CN=c7bf77aee770633195c9ede77da59a5923be0b6b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:31:e5:fa:ac:c5:03:53:b3:c4:25:64:c1:d2:
                    1a:5a:59:fa:fb:aa:f6:8a:a1:b8:db:31:c7:88:a6:
                    d9:6a:d2:8c:bd:b6:d6:54:f7:28:58:67:50:15:d9:
                    f3:4e:3c:f7:d3:77:45:1f:a4:cb:b3:5b:42:fa:80:
                    1b:e5:66:56:8a:1d:d5:0f:11:0f:08:ef:bf:c4:47:
                    78:86:6c:3a:29:75:77:9b:7f:25:30:fe:4e:3c:5a:
                    0f:51:4a:fa:c0:d8:ff:3d:21:7c:8f:9d:06:32:cc:
                    ab:49:13:ce:cf:2d:e7:13:6d:8d:16:89:c2:63:b4:
                    51:45:be:bd:cd:e0:10:55:31:16:b2:89:71:44:0c:
                    07:dd:3f:7f:e9:ea:31:cc:65:6e:c7:62:38:98:dd:
                    05:7d:7d:69:98:e3:ac:4b:ac:b7:df:d0:7a:38:34:
                    06:e4:24:e8:92:76:b4:a4:3e:41:5e:1d:07:42:63:
                    70:fc:eb:95:18:c6:8b:ab:3c:8b:7d:a1:66:35:18:
                    c3:27:5e:5b:08:6b:6f:58:d2:7c:b1:9f:47:9b:b0:
                    18:bd:49:ae:89:bb:08:50:a3:25:d3:74:df:de:39:
                    b5:be:1b:7f:f6:d6:50:37:07:47:28:52:4c:0f:5d:
                    bf:a5:07:ef:fd:4c:00:10:3a:1f:a9:0c:d7:f8:64:
                    22:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:BF:77:AE:E7:70:63:31:95:C9:ED:E7:7D:A5:9A:59:23:BE:0B:6B
            X509v3 Authority Key Identifier:
                keyid:3A:82:DC:5C:71:CE:A7:2C:65:B0:26:A1:26:78:9F:38:86:57:0B:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OoLcXHHOpyxlsCahJnifOIZXC6Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:c3:11:39:6a:df:de:30:96:a7:aa:20:4d:47:7f:5b:7e:fe:
         f7:d2:ff:3e:db:1a:fc:76:1c:b5:e5:bb:c5:3e:40:f0:0a:97:
         b0:4e:e5:77:9f:f4:27:e2:44:44:1a:1b:69:69:f8:69:96:98:
         9e:14:f2:1d:41:70:4b:f8:0b:08:2c:ed:54:4e:e2:ff:c5:c0:
         65:ac:cb:1f:9f:c2:a2:aa:9f:03:da:a4:b7:65:61:01:31:c8:
         eb:4f:78:18:72:c9:1b:53:3e:82:78:02:c3:3a:e1:50:c2:c3:
         fe:73:57:61:ee:36:9a:f6:1b:f0:10:d1:a7:0f:60:8c:a3:13:
         a0:dd:8b:f0:bb:67:92:29:75:59:72:d5:58:08:ad:c7:be:23:
         62:47:8c:c3:ad:bf:bc:39:b5:46:5f:3a:30:30:a4:8e:42:38:
         c6:6d:99:ad:10:76:56:0e:29:ef:fe:d1:a5:3d:a7:b6:37:47:
         9a:60:70:ad:6a:c0:bf:82:75:c0:c8:e9:74:13:53:d9:e5:83:
         7a:90:5b:ce:a1:96:12:2c:d5:72:ca:a7:56:53:7c:30:ab:0b:
         7d:20:c4:2b:f6:6d:e1:b4:54:70:29:25:ea:08:5d:aa:b7:c4:
         9e:e5:3e:c8:82:8b:c7:20:a1:5e:9e:54:a7:d0:f2:4e:1d:c3:
         ee:bf:f8:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn77F32ymCvKpic25kGfoudMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhODJkYzVjNzFjZWE3MmM2NWIwMjZhMTI2Nzg5ZjM4ODY1
NzBiYTYwHhcNMjUxMDE5MTAwMzE1WhcNMjUxMDIwMTAwMzE1WjAzMTEwLwYDVQQD
EyhjN2JmNzdhZWU3NzA2MzMxOTVjOWVkZTc3ZGE1OWE1OTIzYmUwYjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2zHl+qzFA1OzxCVkwdIaWln6+6r2
iqG42zHHiKbZatKMvbbWVPcoWGdQFdnzTjz303dFH6TLs1tC+oAb5WZWih3VDxEP
CO+/xEd4hmw6KXV3m38lMP5OPFoPUUr6wNj/PSF8j50GMsyrSRPOzy3nE22NFonC
Y7RRRb69zeAQVTEWsolxRAwH3T9/6eoxzGVux2I4mN0FfX1pmOOsS6y339B6ODQG
5CTokna0pD5BXh0HQmNw/OuVGMaLqzyLfaFmNRjDJ15bCGtvWNJ8sZ9Hm7AYvUmu
ibsIUKMl03Tf3jm1vht/9tZQNwdHKFJMD12/pQfv/UwAEDofqQzX+GQiVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMe/d67ncGMxlcnt532lmlkjvgtrMB8GA1UdIwQY
MBaAFDqC3FxxzqcsZbAmoSZ4nziGVwumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT29MY1hISE9weXhsc0NhaEpuaWZPSVpYQzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9kNTk1OGMtMTRjYS00MWQ1LThkNDIt
ZGMxZmFiNDM5ZTMwLzEvT29MY1hISE9weXhsc0NhaEpuaWZPSVpYQzZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9kNTk1OGMtMTRjYS00MWQ1LThkNDItZGMxZmFiNDM5ZTMw
LzEvT29MY1hISE9weXhsc0NhaEpuaWZPSVpYQzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcsMROWrf
3jCWp6ogTUd/W37+99L/Ptsa/HYcteW7xT5A8AqXsE7ld5/0J+JERBobaWn4aZaY
nhTyHUFwS/gLCCztVE7i/8XAZazLH5/CoqqfA9qkt2VhATHI6094GHLJG1M+gngC
wzrhUMLD/nNXYe42mvYb8BDRpw9gjKMToN2L8Ltnkil1WXLVWAitx74jYkeMw62/
vDm1Rl86MDCkjkI4xm2ZrRB2Vg4p7/7RpT2ntjdHmmBwrWrAv4J1wMjpdBNT2eWD
epBbzqGWEizVcsqnVlN8MKsLfSDEK/Zt4bRUcCkl6ghdqrfEnuU+yIKLxyChXp5U
p9DyTh3D7r/40Q==
-----END CERTIFICATE-----