Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/8d4c03-5fc7-41ac-94f6-1f02c7e923b3/1/O8RoMnEppQF7l23I7aydG56aFMw.mft
File:                     O8RoMnEppQF7l23I7aydG56aFMw.mft (raw, json)
Hash identifier:          2rB4Vbaiw11jhNrmoPe0uTruMrOteVot3XKVQBcLTzU=
Subject key identifier:   0A:2F:9E:62:F9:8D:74:71:BE:5B:D8:70:BA:24:A3:B5:AA:4D:0E:77
Authority key identifier: 3B:C4:68:32:71:29:A5:01:7B:97:6D:C8:ED:AC:9D:1B:9E:9A:14:CC
Certificate issuer:       /CN=3bc468327129a5017b976dc8edac9d1b9e9a14cc
Certificate serial:       01984AAF2052437DFE09BAACD394BAE3CD40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O8RoMnEppQF7l23I7aydG56aFMw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/8d4c03-5fc7-41ac-94f6-1f02c7e923b3/1/O8RoMnEppQF7l23I7aydG56aFMw.mft
Manifest number:          158D
Signing time:             Sun 27 Jul 2025 07:00:47 +0000
Manifest this update:     Sun 27 Jul 2025 07:00:47 +0000
Manifest next update:     Mon 28 Jul 2025 07:00:47 +0000
Files and hashes:         1: O8RoMnEppQF7l23I7aydG56aFMw.crl (hash: KOcasEQb3o1Bb/tOR4C+jTT/anfHBjMvywI1OzzASes=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/8d4c03-5fc7-41ac-94f6-1f02c7e923b3/1/O8RoMnEppQF7l23I7aydG56aFMw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/8d4c03-5fc7-41ac-94f6-1f02c7e923b3/1/O8RoMnEppQF7l23I7aydG56aFMw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O8RoMnEppQF7l23I7aydG56aFMw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 00:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:4a:af:20:52:43:7d:fe:09:ba:ac:d3:94:ba:e3:cd:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3bc468327129a5017b976dc8edac9d1b9e9a14cc
        Validity
            Not Before: Jul 27 07:00:47 2025 GMT
            Not After : Jul 28 07:00:47 2025 GMT
        Subject: CN=0a2f9e62f98d7471be5bd870ba24a3b5aa4d0e77
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:26:59:3e:8e:29:ae:48:bc:0a:e8:c4:e4:80:
                    71:2e:d0:be:54:a2:57:ae:f5:25:ab:6c:2e:b0:5f:
                    00:cc:f5:4c:d3:bb:83:48:73:ac:10:e9:1d:33:a4:
                    0e:4e:20:c9:0b:48:7b:77:a5:55:c0:20:3e:1a:7c:
                    09:e6:f3:56:97:de:d7:5f:bf:0d:36:d6:6d:72:0b:
                    05:2b:42:df:fb:0a:a1:a5:ba:a9:c1:b3:75:0a:00:
                    c7:c1:1e:bb:c6:52:56:56:32:d4:91:e3:59:80:7e:
                    e1:2c:04:c3:9d:d6:2c:7d:ad:2f:55:9c:eb:78:a3:
                    51:b4:76:3f:64:d9:2c:19:ef:d5:51:74:fb:b8:6d:
                    21:4a:59:b3:41:a9:88:e0:12:d8:b7:9e:19:21:91:
                    94:56:f3:39:79:80:d8:a4:f2:dd:0b:48:04:e4:cd:
                    11:1e:cc:8c:61:b2:f9:c6:94:06:15:7a:b4:34:65:
                    bc:d8:1a:3c:a2:6b:df:90:c0:f9:02:dd:ba:08:70:
                    fb:15:1c:cf:c6:66:63:04:77:ab:a3:c7:60:34:a0:
                    71:6b:b0:6c:4a:75:8c:48:11:85:3b:be:54:96:c5:
                    a6:2b:b4:78:67:64:f3:21:33:67:59:c3:85:4e:3f:
                    a1:83:0b:98:ec:bf:0b:27:e5:42:49:64:f7:0e:95:
                    a2:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:2F:9E:62:F9:8D:74:71:BE:5B:D8:70:BA:24:A3:B5:AA:4D:0E:77
            X509v3 Authority Key Identifier:
                keyid:3B:C4:68:32:71:29:A5:01:7B:97:6D:C8:ED:AC:9D:1B:9E:9A:14:CC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O8RoMnEppQF7l23I7aydG56aFMw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/8d4c03-5fc7-41ac-94f6-1f02c7e923b3/1/O8RoMnEppQF7l23I7aydG56aFMw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/8d4c03-5fc7-41ac-94f6-1f02c7e923b3/1/O8RoMnEppQF7l23I7aydG56aFMw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:cb:f5:8e:60:d4:a6:6a:42:fa:64:61:7a:e8:ec:44:c0:3d:
         24:bc:26:1f:e7:56:47:fe:3c:10:92:79:28:31:59:70:a7:41:
         69:70:38:91:32:68:bb:56:7f:ae:dd:e4:66:f3:2c:f8:e1:59:
         f6:43:a8:0b:c5:ca:57:17:2b:69:f6:50:fa:9c:18:8f:6e:ce:
         10:8b:a0:cb:b4:db:be:9b:cc:e2:c9:e7:93:3f:27:26:72:09:
         d2:79:4c:1d:73:71:9f:8f:23:0c:64:b1:1b:fc:9e:a2:cf:b0:
         a6:4e:63:f7:57:d4:2c:8a:c6:3a:1a:5c:6d:a1:01:59:e6:45:
         dc:f0:5d:c9:67:76:f4:a3:4c:5a:73:72:ba:b6:d7:87:c3:ad:
         ce:81:21:42:b7:26:03:95:9d:03:fb:52:20:82:30:77:8d:f2:
         ec:ba:42:e1:85:87:b1:69:65:26:d6:1b:9d:b4:4f:e4:c7:95:
         79:a6:05:da:e3:42:23:30:b7:1d:bd:fd:b1:48:56:b2:8e:ef:
         e4:e3:09:20:46:33:aa:d9:da:f5:89:68:03:49:4a:07:66:c0:
         6c:bc:23:86:c4:d4:43:be:07:f4:4b:40:4d:7f:4d:59:83:a9:
         a9:8d:05:e7:85:5d:48:18:bb:f7:b8:cd:8b:e5:ad:1b:86:58:
         f9:6b:e4:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhKryBSQ33+Cbqs05S6481AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiYzQ2ODMyNzEyOWE1MDE3Yjk3NmRjOGVkYWM5ZDFiOWU5
YTE0Y2MwHhcNMjUwNzI3MDcwMDQ3WhcNMjUwNzI4MDcwMDQ3WjAzMTEwLwYDVQQD
EygwYTJmOWU2MmY5OGQ3NDcxYmU1YmQ4NzBiYTI0YTNiNWFhNGQwZTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAriZZPo4prki8CujE5IBxLtC+VKJX
rvUlq2wusF8AzPVM07uDSHOsEOkdM6QOTiDJC0h7d6VVwCA+GnwJ5vNWl97XX78N
NtZtcgsFK0Lf+wqhpbqpwbN1CgDHwR67xlJWVjLUkeNZgH7hLATDndYsfa0vVZzr
eKNRtHY/ZNksGe/VUXT7uG0hSlmzQamI4BLYt54ZIZGUVvM5eYDYpPLdC0gE5M0R
HsyMYbL5xpQGFXq0NGW82Bo8omvfkMD5At26CHD7FRzPxmZjBHero8dgNKBxa7Bs
SnWMSBGFO75UlsWmK7R4Z2TzITNnWcOFTj+hgwuY7L8LJ+VCSWT3DpWi7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAovnmL5jXRxvlvYcLoko7WqTQ53MB8GA1UdIwQY
MBaAFDvEaDJxKaUBe5dtyO2snRuemhTMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzhSb01uRXBwUUY3bDIzSTdheWRHNTZhRk13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC84ZDRjMDMtNWZjNy00MWFjLTk0ZjYt
MWYwMmM3ZTkyM2IzLzEvTzhSb01uRXBwUUY3bDIzSTdheWRHNTZhRk13Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC84ZDRjMDMtNWZjNy00MWFjLTk0ZjYtMWYwMmM3ZTkyM2Iz
LzEvTzhSb01uRXBwUUY3bDIzSTdheWRHNTZhRk13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmsv1jmDU
pmpC+mRheujsRMA9JLwmH+dWR/48EJJ5KDFZcKdBaXA4kTJou1Z/rt3kZvMs+OFZ
9kOoC8XKVxcrafZQ+pwYj27OEIugy7TbvpvM4snnkz8nJnIJ0nlMHXNxn48jDGSx
G/yeos+wpk5j91fULIrGOhpcbaEBWeZF3PBdyWd29KNMWnNyurbXh8OtzoEhQrcm
A5WdA/tSIIIwd43y7LpC4YWHsWllJtYbnbRP5MeVeaYF2uNCIzC3Hb39sUhWso7v
5OMJIEYzqtna9YloA0lKB2bAbLwjhsTUQ74H9EtATX9NWYOpqY0F54VdSBi797jN
i+WtG4ZY+WvkIg==
-----END CERTIFICATE-----