Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft
File:                     OExBksVwSp65aPXPUzuaH3pmYa0.mft (raw, json)
Hash identifier:          pWVgcRz2AM25Fbtpk8UYopq5fhY9wKH0wsYDz8l7aBA=
Subject key identifier:   1F:0F:F0:A2:F9:39:A4:6F:4F:80:CA:E2:EF:41:D9:5A:78:DF:0B:56
Authority key identifier: 38:4C:41:92:C5:70:4A:9E:B9:68:F5:CF:53:3B:9A:1F:7A:66:61:AD
Certificate issuer:       /CN=384c4192c5704a9eb968f5cf533b9a1f7a6661ad
Certificate serial:       019654C9D3F4CB5A61D367575A8A63F462F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OExBksVwSp65aPXPUzuaH3pmYa0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft
Manifest number:          D7
Signing time:             Sun 20 Apr 2025 20:00:35 +0000
Manifest this update:     Sun 20 Apr 2025 20:00:35 +0000
Manifest next update:     Mon 21 Apr 2025 20:00:35 +0000
Files and hashes:         1: OExBksVwSp65aPXPUzuaH3pmYa0.crl (hash: ViGPH0vQw7bvkwVFUqmXU8qR8WYi0qWvp7Fx8Oee2zY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OExBksVwSp65aPXPUzuaH3pmYa0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:54:c9:d3:f4:cb:5a:61:d3:67:57:5a:8a:63:f4:62:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=384c4192c5704a9eb968f5cf533b9a1f7a6661ad
        Validity
            Not Before: Apr 20 20:00:35 2025 GMT
            Not After : Apr 21 20:00:35 2025 GMT
        Subject: CN=1f0ff0a2f939a46f4f80cae2ef41d95a78df0b56
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:94:4c:bf:e4:0d:55:97:ca:0d:c8:a7:66:eb:
                    22:08:f5:0f:82:26:74:c4:a0:d4:17:09:bf:15:30:
                    ee:00:03:0f:59:7b:f6:6f:de:25:d4:14:64:48:08:
                    14:13:cf:85:cd:5b:9c:3b:75:8f:de:b7:9f:3a:68:
                    1b:ca:03:ab:45:4c:90:e6:1e:b6:b1:1c:96:05:9b:
                    bb:e6:ed:e7:10:0d:17:19:9b:0b:48:95:9b:1b:a1:
                    80:a8:32:f6:d3:3a:da:42:82:f1:5e:15:7d:b7:10:
                    a6:65:70:68:03:0f:5a:27:12:f2:08:ec:0f:ee:eb:
                    ed:a0:a9:75:23:38:08:52:3d:3c:cb:02:f1:88:02:
                    36:4e:98:e5:82:be:c7:c2:64:1b:33:d5:12:a4:c3:
                    ed:ac:a9:0b:a8:90:1b:f9:9c:b1:71:e6:d2:44:b4:
                    58:92:84:48:5e:44:74:3e:c3:56:1e:78:29:38:80:
                    71:85:03:f2:22:69:ea:53:b1:dc:99:51:46:33:4f:
                    3e:d4:83:34:97:e9:e5:d3:2f:55:79:59:a9:30:6f:
                    82:e1:32:42:5d:c1:f2:52:10:af:3a:9f:7c:97:0c:
                    ab:ea:01:5f:ae:76:3e:08:cf:75:33:74:e5:77:a6:
                    25:3b:5a:fc:15:56:6d:46:c0:48:22:89:d4:e4:5b:
                    93:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:0F:F0:A2:F9:39:A4:6F:4F:80:CA:E2:EF:41:D9:5A:78:DF:0B:56
            X509v3 Authority Key Identifier:
                keyid:38:4C:41:92:C5:70:4A:9E:B9:68:F5:CF:53:3B:9A:1F:7A:66:61:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OExBksVwSp65aPXPUzuaH3pmYa0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:8c:33:88:4e:18:e1:17:2f:55:d4:42:2f:f6:fe:ce:41:72:
         bd:26:e5:6e:e6:74:0b:ac:b0:70:e1:56:30:aa:aa:f9:c9:20:
         e7:9e:b0:97:34:eb:b3:4a:b4:af:84:73:1d:80:1f:d2:e0:ba:
         ce:02:ae:0f:58:53:fd:7d:c2:fd:5e:61:94:64:c3:96:35:35:
         3a:e3:7d:0d:a0:e2:fd:46:f6:17:f9:11:32:b7:95:0e:8e:28:
         df:6b:c2:6d:06:04:16:8a:51:36:9c:98:72:c4:84:75:07:99:
         db:5b:fa:61:d8:96:96:d8:fc:d3:7f:3b:14:70:ff:20:24:41:
         24:d7:fe:05:a9:23:12:8f:b9:87:b3:56:1f:f0:2f:21:d9:49:
         cf:75:1b:1d:b0:f5:0a:44:18:ed:62:75:27:e5:e1:4c:3f:e2:
         ce:9e:05:c7:89:b9:c7:ff:ee:85:e1:87:47:7f:4b:eb:71:f0:
         d4:4f:fc:4f:a3:04:26:b4:4f:86:3e:83:ce:c4:23:ff:5a:b0:
         b6:72:68:7c:db:4c:a4:db:fd:b6:bd:8e:5f:7c:de:c0:aa:a2:
         18:93:4b:f4:e7:7c:fa:96:e4:7f:e6:d0:98:a5:6a:67:24:4b:
         07:96:33:4e:c5:3b:4b:0e:27:2d:84:0f:9f:3b:6f:e6:4c:c2:
         ba:11:71:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZUydP0y1ph02dXWopj9GLyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NGM0MTkyYzU3MDRhOWViOTY4ZjVjZjUzM2I5YTFmN2E2
NjYxYWQwHhcNMjUwNDIwMjAwMDM1WhcNMjUwNDIxMjAwMDM1WjAzMTEwLwYDVQQD
EygxZjBmZjBhMmY5MzlhNDZmNGY4MGNhZTJlZjQxZDk1YTc4ZGYwYjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5RMv+QNVZfKDcinZusiCPUPgiZ0
xKDUFwm/FTDuAAMPWXv2b94l1BRkSAgUE8+FzVucO3WP3refOmgbygOrRUyQ5h62
sRyWBZu75u3nEA0XGZsLSJWbG6GAqDL20zraQoLxXhV9txCmZXBoAw9aJxLyCOwP
7uvtoKl1IzgIUj08ywLxiAI2Tpjlgr7HwmQbM9USpMPtrKkLqJAb+ZyxcebSRLRY
koRIXkR0PsNWHngpOIBxhQPyImnqU7HcmVFGM08+1IM0l+nl0y9VeVmpMG+C4TJC
XcHyUhCvOp98lwyr6gFfrnY+CM91M3Tld6YlO1r8FVZtRsBIIonU5FuTmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB8P8KL5OaRvT4DK4u9B2Vp43wtWMB8GA1UdIwQY
MBaAFDhMQZLFcEqeuWj1z1M7mh96ZmGtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0V4QmtzVndTcDY1YVBYUFV6dWFIM3BtWWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS82MjA1NzctZGZkOC00ZjIzLWE2NTAt
ODNiZTQxOGFhN2Y0LzEvT0V4QmtzVndTcDY1YVBYUFV6dWFIM3BtWWEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS82MjA1NzctZGZkOC00ZjIzLWE2NTAtODNiZTQxOGFhN2Y0
LzEvT0V4QmtzVndTcDY1YVBYUFV6dWFIM3BtWWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiowziE4Y
4RcvVdRCL/b+zkFyvSblbuZ0C6ywcOFWMKqq+ckg556wlzTrs0q0r4RzHYAf0uC6
zgKuD1hT/X3C/V5hlGTDljU1OuN9DaDi/Ub2F/kRMreVDo4o32vCbQYEFopRNpyY
csSEdQeZ21v6YdiWltj80387FHD/ICRBJNf+BakjEo+5h7NWH/AvIdlJz3UbHbD1
CkQY7WJ1J+XhTD/izp4Fx4m5x//uheGHR39L63Hw1E/8T6MEJrRPhj6DzsQj/1qw
tnJofNtMpNv9tr2OX3zewKqiGJNL9Od8+pbkf+bQmKVqZyRLB5YzTsU7Sw4nLYQP
nztv5kzCuhFxwQ==
-----END CERTIFICATE-----