Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.mft
File:                     OZ17KbLru-43WSMgfh2FZU8LV7o.mft (raw, json)
Hash identifier:          keuAFUc3p0ir75RTu7LMfjh10hDwLjivUklrGXtET2o=
Subject key identifier:   9F:EE:17:F0:2F:DD:3E:FF:2A:4D:F6:55:91:A1:8C:81:C3:1F:A5:45
Authority key identifier: 39:9D:7B:29:B2:EB:BB:EE:37:59:23:20:7E:1D:85:65:4F:0B:57:BA
Certificate issuer:       /CN=399d7b29b2ebbbee375923207e1d85654f0b57ba
Certificate serial:       0198481BD8E818B041E9393200D5E6098997
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OZ17KbLru-43WSMgfh2FZU8LV7o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.mft
Manifest number:          024A
Signing time:             Sat 26 Jul 2025 19:00:41 +0000
Manifest this update:     Sat 26 Jul 2025 19:00:41 +0000
Manifest next update:     Sun 27 Jul 2025 19:00:41 +0000
Files and hashes:         1: OZ17KbLru-43WSMgfh2FZU8LV7o.crl (hash: zSk8XnucMHBLeQ6kgrnoPSXNMDj5GMhU7XwIj/5n12I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OZ17KbLru-43WSMgfh2FZU8LV7o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Jul 2025 19:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:48:1b:d8:e8:18:b0:41:e9:39:32:00:d5:e6:09:89:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=399d7b29b2ebbbee375923207e1d85654f0b57ba
        Validity
            Not Before: Jul 26 19:00:41 2025 GMT
            Not After : Jul 27 19:00:41 2025 GMT
        Subject: CN=9fee17f02fdd3eff2a4df65591a18c81c31fa545
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:65:d3:90:5f:3e:ea:33:11:04:74:c9:57:03:
                    0e:cb:04:64:58:df:db:4f:57:98:d3:f0:88:96:1d:
                    32:bb:bd:80:eb:44:c5:04:1c:14:0c:29:ec:25:80:
                    9e:1a:87:be:05:5c:32:cd:6e:15:0e:32:16:4c:a3:
                    77:79:25:14:4c:a8:8a:22:e3:d9:09:3f:f2:71:79:
                    ac:10:21:1e:59:ae:9b:db:e9:57:27:1a:d5:1f:b7:
                    31:52:7c:80:6c:ff:d3:11:bf:3c:3e:9b:9a:1e:e8:
                    aa:57:58:21:08:f3:1e:de:22:f1:7a:8e:89:4d:6f:
                    59:e7:64:37:51:a9:ff:02:6a:50:14:85:7b:29:c6:
                    da:48:3a:0b:0e:82:ee:0f:0d:d4:24:63:22:fb:75:
                    5b:8b:17:78:4d:39:1a:97:4b:92:b8:bf:3d:7b:34:
                    c6:7f:f8:34:f2:78:10:e5:46:a3:73:e1:61:f3:17:
                    ef:1c:70:f3:0a:d6:39:1e:ce:79:34:7f:43:2f:cf:
                    3a:8e:e0:ef:c4:48:4d:e3:e9:b6:46:e8:70:30:ae:
                    d2:5b:c1:70:19:46:73:89:b1:8b:70:1a:2f:3f:12:
                    54:96:17:64:7b:94:07:a5:6c:f6:11:7a:b3:48:c1:
                    31:da:91:04:a3:01:4d:66:28:24:8e:50:0b:61:65:
                    84:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:EE:17:F0:2F:DD:3E:FF:2A:4D:F6:55:91:A1:8C:81:C3:1F:A5:45
            X509v3 Authority Key Identifier:
                keyid:39:9D:7B:29:B2:EB:BB:EE:37:59:23:20:7E:1D:85:65:4F:0B:57:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OZ17KbLru-43WSMgfh2FZU8LV7o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ba:b8:88:86:f6:ef:c2:64:de:dd:06:6c:52:1e:b8:14:cc:ba:
         c8:bb:98:0e:62:ea:87:ef:4e:5b:18:8c:d1:cd:b8:27:2d:2e:
         05:af:7e:a3:8a:f5:fe:2c:53:11:fc:bf:ea:66:5a:a5:9f:aa:
         3f:5f:c0:be:fc:ff:6a:f4:58:3d:05:a7:c5:b6:5b:c6:bb:ff:
         6f:bc:c1:16:20:0f:ec:c7:41:c7:2d:d1:98:38:1b:8b:45:a6:
         bb:e2:76:ff:b4:fd:fa:40:7b:35:f2:fe:b3:15:f9:5d:27:1d:
         7a:42:d7:2f:24:b7:c2:79:54:99:32:92:3d:9f:2f:f2:af:82:
         06:1c:5c:4b:f4:b8:22:35:89:1a:c3:84:fe:bc:56:24:6a:47:
         8f:76:f4:a7:c6:8c:a2:8c:e1:2e:44:a1:75:19:77:bf:3f:0b:
         3d:8e:f7:32:31:77:46:fd:a7:47:77:a1:4a:af:26:2f:46:22:
         f0:84:33:99:20:77:fc:ec:34:a9:3d:80:bc:8e:75:2b:e0:9f:
         a7:85:ef:3c:fb:c7:63:d9:cf:8d:84:67:db:49:f7:a9:75:21:
         4f:e4:24:16:60:83:f2:83:6e:ca:0d:38:11:4e:36:df:57:3f:
         36:a8:88:1b:09:be:a1:e9:69:85:df:5e:ee:94:bf:27:03:8f:
         99:32:2e:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhIG9joGLBB6TkyANXmCYmXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5OWQ3YjI5YjJlYmJiZWUzNzU5MjMyMDdlMWQ4NTY1NGYw
YjU3YmEwHhcNMjUwNzI2MTkwMDQxWhcNMjUwNzI3MTkwMDQxWjAzMTEwLwYDVQQD
Eyg5ZmVlMTdmMDJmZGQzZWZmMmE0ZGY2NTU5MWExOGM4MWMzMWZhNTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxGXTkF8+6jMRBHTJVwMOywRkWN/b
T1eY0/CIlh0yu72A60TFBBwUDCnsJYCeGoe+BVwyzW4VDjIWTKN3eSUUTKiKIuPZ
CT/ycXmsECEeWa6b2+lXJxrVH7cxUnyAbP/TEb88PpuaHuiqV1ghCPMe3iLxeo6J
TW9Z52Q3Uan/AmpQFIV7KcbaSDoLDoLuDw3UJGMi+3Vbixd4TTkal0uSuL89ezTG
f/g08ngQ5Uajc+Fh8xfvHHDzCtY5Hs55NH9DL886juDvxEhN4+m2RuhwMK7SW8Fw
GUZzibGLcBovPxJUlhdke5QHpWz2EXqzSMEx2pEEowFNZigkjlALYWWEIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ/uF/Av3T7/Kk32VZGhjIHDH6VFMB8GA1UdIwQY
MBaAFDmdeymy67vuN1kjIH4dhWVPC1e6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1oxN0tiTHJ1LTQzV1NNZ2ZoMkZaVThMVjdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8zOTFjOGQtNmFjNi00YzA2LTlhNDAt
YTZiNWE4YmUxMTEzLzEvT1oxN0tiTHJ1LTQzV1NNZ2ZoMkZaVThMVjdvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8zOTFjOGQtNmFjNi00YzA2LTlhNDAtYTZiNWE4YmUxMTEz
LzEvT1oxN0tiTHJ1LTQzV1NNZ2ZoMkZaVThMVjdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuriIhvbv
wmTe3QZsUh64FMy6yLuYDmLqh+9OWxiM0c24Jy0uBa9+o4r1/ixTEfy/6mZapZ+q
P1/Avvz/avRYPQWnxbZbxrv/b7zBFiAP7MdBxy3RmDgbi0Wmu+J2/7T9+kB7NfL+
sxX5XScdekLXLyS3wnlUmTKSPZ8v8q+CBhxcS/S4IjWJGsOE/rxWJGpHj3b0p8aM
oozhLkShdRl3vz8LPY73MjF3Rv2nR3ehSq8mL0Yi8IQzmSB3/Ow0qT2AvI51K+Cf
p4XvPPvHY9nPjYRn20n3qXUhT+QkFmCD8oNuyg04EU4231c/NqiIGwm+oelphd9e
7pS/JwOPmTIuDw==
-----END CERTIFICATE-----