Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/430c81-ee4b-4e88-a36f-788f5a58044f/1/OQGfnAqym0Lg2xLprIezJ7_FWvk.mft
File:                     OQGfnAqym0Lg2xLprIezJ7_FWvk.mft (raw, json)
Hash identifier:          KhwiYHRjkd3emg7+Ux29HCv0D2n/jYLdAfcrcRn8ssk=
Subject key identifier:   91:A7:17:56:5A:C6:11:D5:9A:C9:02:AB:6A:63:FE:8A:38:EA:F9:44
Authority key identifier: 39:01:9F:9C:0A:B2:9B:42:E0:DB:12:E9:AC:87:B3:27:BF:C5:5A:F9
Certificate issuer:       /CN=39019f9c0ab29b42e0db12e9ac87b327bfc55af9
Certificate serial:       0197B6A0DC4CA16AA3CAEC9BF388822E1B76
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OQGfnAqym0Lg2xLprIezJ7_FWvk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/430c81-ee4b-4e88-a36f-788f5a58044f/1/OQGfnAqym0Lg2xLprIezJ7_FWvk.mft
Manifest number:          15B2
Signing time:             Sat 28 Jun 2025 13:01:24 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:24 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:24 +0000
Files and hashes:         1: OQGfnAqym0Lg2xLprIezJ7_FWvk.crl (hash: 5tgnxq8PVHzXQKczPyXGvgGFKIyoawnN3yHc4Pu+iUM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f2/430c81-ee4b-4e88-a36f-788f5a58044f/1/OQGfnAqym0Lg2xLprIezJ7_FWvk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f2/430c81-ee4b-4e88-a36f-788f5a58044f/1/OQGfnAqym0Lg2xLprIezJ7_FWvk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OQGfnAqym0Lg2xLprIezJ7_FWvk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:dc:4c:a1:6a:a3:ca:ec:9b:f3:88:82:2e:1b:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=39019f9c0ab29b42e0db12e9ac87b327bfc55af9
        Validity
            Not Before: Jun 28 13:01:24 2025 GMT
            Not After : Jun 29 13:01:24 2025 GMT
        Subject: CN=91a717565ac611d59ac902ab6a63fe8a38eaf944
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:29:d5:90:36:30:22:3e:bb:97:5f:d7:10:2a:
                    19:85:76:f3:52:a9:46:a0:bf:c5:5d:be:92:73:7f:
                    c1:36:cd:9b:be:e5:29:30:69:ea:db:4d:ce:2e:14:
                    51:d3:80:46:40:ee:91:22:d5:8b:12:b1:88:b3:37:
                    84:fa:06:37:01:89:5e:9e:50:ee:33:cf:92:bb:4d:
                    9b:dc:05:7a:b2:d4:39:60:8d:0c:81:6c:13:07:2e:
                    9a:bd:b3:67:cb:bc:32:d0:e8:f1:b2:06:ca:8e:f8:
                    28:39:5f:5e:2a:c9:cd:a3:b9:10:a9:ee:82:0f:3a:
                    f8:ae:ca:32:08:a9:07:2b:b0:4f:56:6a:04:4f:f6:
                    64:26:65:9b:b9:a4:64:80:2b:06:b9:8d:57:cd:91:
                    cb:27:cb:a7:f6:87:96:2f:e0:6f:5f:51:ae:57:d3:
                    4f:0b:3f:35:7e:25:6e:12:48:d8:05:5b:9a:9c:81:
                    28:a0:6e:04:48:86:50:9f:cd:f7:29:1e:23:70:7d:
                    0c:84:bd:a0:1f:3c:b2:af:51:62:27:16:8c:dd:f3:
                    fa:b0:b5:83:3c:5d:bb:86:d5:dd:65:bf:16:b5:b0:
                    c5:c0:c6:9a:ac:79:e4:59:96:94:55:f3:f0:19:05:
                    fe:13:24:a8:8c:50:16:29:ae:11:b7:8d:33:cc:5c:
                    1c:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:A7:17:56:5A:C6:11:D5:9A:C9:02:AB:6A:63:FE:8A:38:EA:F9:44
            X509v3 Authority Key Identifier:
                keyid:39:01:9F:9C:0A:B2:9B:42:E0:DB:12:E9:AC:87:B3:27:BF:C5:5A:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQGfnAqym0Lg2xLprIezJ7_FWvk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/430c81-ee4b-4e88-a36f-788f5a58044f/1/OQGfnAqym0Lg2xLprIezJ7_FWvk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/430c81-ee4b-4e88-a36f-788f5a58044f/1/OQGfnAqym0Lg2xLprIezJ7_FWvk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:cc:ae:f4:02:f4:02:da:f7:72:e0:e5:c1:ba:a0:af:3e:45:
         fc:97:1b:43:71:63:58:21:89:e3:1f:7b:24:0d:fb:ae:10:d2:
         ce:a4:70:0c:95:8f:e0:51:6e:9c:d4:ea:a9:51:6f:c3:7e:15:
         9e:54:7a:45:cf:19:1d:ed:7a:0f:59:49:1c:f5:4f:3d:23:04:
         8e:be:54:e5:3e:90:eb:7a:75:01:6d:5d:6b:7e:c9:16:3b:0e:
         a2:39:b9:fe:a0:7a:44:9c:eb:d2:75:a0:d7:b3:29:d1:d1:ba:
         03:aa:33:d3:12:6b:ea:72:e3:83:9d:65:0d:32:c3:32:7f:ea:
         51:91:fc:ce:64:4e:3e:60:d6:91:b7:bc:6a:8a:b3:fe:ef:00:
         ed:52:99:ed:b5:f2:57:6c:39:0f:f6:5b:cc:1c:e5:ae:72:a9:
         bb:c6:d4:4e:5f:55:14:a4:78:a1:23:31:64:b6:65:a2:01:73:
         b7:e4:67:86:73:d6:f9:a7:08:a1:84:90:d9:39:bb:4d:47:3a:
         c0:f2:4b:51:ae:bd:e3:89:75:af:c9:1c:19:d1:8e:71:5c:16:
         84:ac:07:f3:b1:52:5e:a4:50:e9:81:86:0b:d3:44:eb:49:7d:
         24:c1:ae:78:33:d0:d3:89:5c:e7:25:73:29:af:9e:14:a0:ef:
         c1:df:2b:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oNxMoWqjyuyb84iCLht2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MDE5ZjljMGFiMjliNDJlMGRiMTJlOWFjODdiMzI3YmZj
NTVhZjkwHhcNMjUwNjI4MTMwMTI0WhcNMjUwNjI5MTMwMTI0WjAzMTEwLwYDVQQD
Eyg5MWE3MTc1NjVhYzYxMWQ1OWFjOTAyYWI2YTYzZmU4YTM4ZWFmOTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxynVkDYwIj67l1/XECoZhXbzUqlG
oL/FXb6Sc3/BNs2bvuUpMGnq203OLhRR04BGQO6RItWLErGIszeE+gY3AYlenlDu
M8+Su02b3AV6stQ5YI0MgWwTBy6avbNny7wy0OjxsgbKjvgoOV9eKsnNo7kQqe6C
Dzr4rsoyCKkHK7BPVmoET/ZkJmWbuaRkgCsGuY1XzZHLJ8un9oeWL+BvX1GuV9NP
Cz81fiVuEkjYBVuanIEooG4ESIZQn833KR4jcH0MhL2gHzyyr1FiJxaM3fP6sLWD
PF27htXdZb8WtbDFwMaarHnkWZaUVfPwGQX+EySojFAWKa4Rt40zzFwcXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJGnF1ZaxhHVmskCq2pj/oo46vlEMB8GA1UdIwQY
MBaAFDkBn5wKsptC4NsS6ayHsye/xVr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1FHZm5BcXltMExnMnhMcHJJZXpKN19GV3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi80MzBjODEtZWU0Yi00ZTg4LWEzNmYt
Nzg4ZjVhNTgwNDRmLzEvT1FHZm5BcXltMExnMnhMcHJJZXpKN19GV3ZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi80MzBjODEtZWU0Yi00ZTg4LWEzNmYtNzg4ZjVhNTgwNDRm
LzEvT1FHZm5BcXltMExnMnhMcHJJZXpKN19GV3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPcyu9AL0
Atr3cuDlwbqgrz5F/JcbQ3FjWCGJ4x97JA37rhDSzqRwDJWP4FFunNTqqVFvw34V
nlR6Rc8ZHe16D1lJHPVPPSMEjr5U5T6Q63p1AW1da37JFjsOojm5/qB6RJzr0nWg
17Mp0dG6A6oz0xJr6nLjg51lDTLDMn/qUZH8zmROPmDWkbe8aoqz/u8A7VKZ7bXy
V2w5D/ZbzBzlrnKpu8bUTl9VFKR4oSMxZLZlogFzt+RnhnPW+acIoYSQ2Tm7TUc6
wPJLUa6944l1r8kcGdGOcVwWhKwH87FSXqRQ6YGGC9NE60l9JMGueDPQ04lc5yVz
Ka+eFKDvwd8rDQ==
-----END CERTIFICATE-----