Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/32da40-0cbf-4244-b1a4-f35a445635ca/1/OBXtD6YgyAGqqabxT2WW1-yXUKE.mft
File:                     OBXtD6YgyAGqqabxT2WW1-yXUKE.mft (raw, json)
Hash identifier:          ESPX4KcL7AmC9EnwRxMCotfLSYP98DODsFhW9MVf+xw=
Subject key identifier:   80:90:99:40:83:8D:E8:72:45:2A:83:F7:23:AF:FE:F7:90:47:05:BB
Authority key identifier: 38:15:ED:0F:A6:20:C8:01:AA:A9:A6:F1:4F:65:96:D7:EC:97:50:A1
Certificate issuer:       /CN=3815ed0fa620c801aaa9a6f14f6596d7ec9750a1
Certificate serial:       01976997F0759CF3D00BB6782C4FEADF13C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OBXtD6YgyAGqqabxT2WW1-yXUKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/32da40-0cbf-4244-b1a4-f35a445635ca/1/OBXtD6YgyAGqqabxT2WW1-yXUKE.mft
Manifest number:          158F
Signing time:             Fri 13 Jun 2025 14:00:54 +0000
Manifest this update:     Fri 13 Jun 2025 14:00:54 +0000
Manifest next update:     Sat 14 Jun 2025 14:00:54 +0000
Files and hashes:         1: OBXtD6YgyAGqqabxT2WW1-yXUKE.crl (hash: RBykIPPd23Ieqr+7lAXRogBhbApbBWNPb186KjFqIaA=)
                          2: u-w9Flj7fkevQpf-dpXISzIby2Y.roa (hash: +ftWzfsK6bMqWx5+3ThvbgDjBdiFZmrC2eI3EPi2YVc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/32da40-0cbf-4244-b1a4-f35a445635ca/1/OBXtD6YgyAGqqabxT2WW1-yXUKE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/32da40-0cbf-4244-b1a4-f35a445635ca/1/OBXtD6YgyAGqqabxT2WW1-yXUKE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OBXtD6YgyAGqqabxT2WW1-yXUKE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 14:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:97:f0:75:9c:f3:d0:0b:b6:78:2c:4f:ea:df:13:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3815ed0fa620c801aaa9a6f14f6596d7ec9750a1
        Validity
            Not Before: Jun 13 14:00:54 2025 GMT
            Not After : Jun 14 14:00:54 2025 GMT
        Subject: CN=80909940838de872452a83f723affef7904705bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:f9:40:44:6f:8c:b5:93:f7:3a:d9:8d:16:21:
                    8d:5d:99:54:16:46:f1:eb:59:33:2f:c4:ab:ee:53:
                    ca:04:65:54:b8:77:48:31:db:8d:9b:c9:a3:dc:1c:
                    58:f8:da:09:d4:53:29:a7:4f:f0:6c:f9:25:1d:78:
                    23:f8:8d:06:ea:dd:0d:78:e4:61:51:65:ea:24:a9:
                    a5:8e:ff:52:ff:6b:91:49:78:4a:0a:c9:0d:76:79:
                    7d:e4:33:af:bd:34:f9:80:25:c7:cb:1b:2b:86:5a:
                    0c:64:62:a0:c6:f7:e0:87:9a:39:c1:58:df:2f:47:
                    62:8a:5a:ab:1f:63:fb:f8:42:36:07:6e:b6:1b:21:
                    6b:9e:18:b3:e9:03:20:97:07:70:8d:56:96:b9:16:
                    5e:68:b1:30:a2:b7:e8:cc:6f:90:18:58:a0:0b:ed:
                    d8:12:b9:81:a7:72:7f:d4:92:9b:c4:b5:57:69:e8:
                    4a:57:30:5d:04:51:1f:40:40:b9:00:42:a3:c2:f1:
                    7a:4a:0e:79:e2:9d:80:b3:39:d5:21:84:b6:1d:44:
                    e9:4d:6b:c0:c2:de:96:96:54:00:e7:03:ad:31:14:
                    45:fc:9f:88:09:5d:18:db:3c:d0:20:db:49:e6:d5:
                    e8:8e:10:a5:ab:7c:39:6b:37:6f:2f:fc:c6:3a:3d:
                    79:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:90:99:40:83:8D:E8:72:45:2A:83:F7:23:AF:FE:F7:90:47:05:BB
            X509v3 Authority Key Identifier:
                keyid:38:15:ED:0F:A6:20:C8:01:AA:A9:A6:F1:4F:65:96:D7:EC:97:50:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OBXtD6YgyAGqqabxT2WW1-yXUKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/32da40-0cbf-4244-b1a4-f35a445635ca/1/OBXtD6YgyAGqqabxT2WW1-yXUKE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/32da40-0cbf-4244-b1a4-f35a445635ca/1/OBXtD6YgyAGqqabxT2WW1-yXUKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:56:68:bc:34:c1:3f:3a:ae:03:2f:5c:01:de:69:9d:4a:88:
         c4:ff:2b:f1:21:f0:e3:b1:48:8d:f2:a3:83:89:47:28:0a:1f:
         fc:d3:02:69:b3:44:95:6d:0c:88:c9:bb:5d:2c:89:ad:85:3a:
         2e:2c:4d:b9:c1:c1:53:6a:bd:d3:72:4d:ee:48:9d:c1:9b:ed:
         d7:82:b4:a7:f0:fe:40:c4:17:0d:4c:b9:be:ef:71:f5:1f:cb:
         32:6a:5f:e8:58:72:5a:c9:a4:8d:02:19:a6:c4:60:3b:ee:fb:
         5d:e2:a6:3e:f5:b8:5c:f2:c9:f9:16:de:38:7a:a9:96:e5:e9:
         1d:2a:fc:a2:46:fe:1a:c2:88:27:47:09:ac:f3:e6:63:42:0d:
         1b:99:13:7a:81:5b:51:62:ba:11:9d:e0:11:6b:2e:ec:06:8d:
         bc:10:fe:e4:d6:99:07:d8:58:32:1f:0a:59:b2:67:fb:3c:e2:
         65:a3:5f:f3:68:49:23:24:8f:40:9b:1b:49:19:89:0d:8c:f2:
         16:2d:e4:32:36:ec:47:6b:79:32:da:12:30:3c:92:f1:1c:5f:
         83:73:35:0a:dc:69:44:24:a9:cf:d6:a9:36:e6:91:1c:5c:9b:
         a2:35:e2:3a:bb:da:6e:94:53:7a:0b:30:e8:50:0c:ed:78:47:
         99:2f:15:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpl/B1nPPQC7Z4LE/q3xPFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MTVlZDBmYTYyMGM4MDFhYWE5YTZmMTRmNjU5NmQ3ZWM5
NzUwYTEwHhcNMjUwNjEzMTQwMDU0WhcNMjUwNjE0MTQwMDU0WjAzMTEwLwYDVQQD
Eyg4MDkwOTk0MDgzOGRlODcyNDUyYTgzZjcyM2FmZmVmNzkwNDcwNWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmflARG+MtZP3OtmNFiGNXZlUFkbx
61kzL8Sr7lPKBGVUuHdIMduNm8mj3BxY+NoJ1FMpp0/wbPklHXgj+I0G6t0NeORh
UWXqJKmljv9S/2uRSXhKCskNdnl95DOvvTT5gCXHyxsrhloMZGKgxvfgh5o5wVjf
L0diilqrH2P7+EI2B262GyFrnhiz6QMglwdwjVaWuRZeaLEworfozG+QGFigC+3Y
ErmBp3J/1JKbxLVXaehKVzBdBFEfQEC5AEKjwvF6Sg554p2AsznVIYS2HUTpTWvA
wt6WllQA5wOtMRRF/J+ICV0Y2zzQINtJ5tXojhClq3w5azdvL/zGOj15lQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFICQmUCDjehyRSqD9yOv/veQRwW7MB8GA1UdIwQY
MBaAFDgV7Q+mIMgBqqmm8U9lltfsl1ChMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0JYdEQ2WWd5QUdxcWFieFQyV1cxLXlYVUtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8zMmRhNDAtMGNiZi00MjQ0LWIxYTQt
ZjM1YTQ0NTYzNWNhLzEvT0JYdEQ2WWd5QUdxcWFieFQyV1cxLXlYVUtFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8zMmRhNDAtMGNiZi00MjQ0LWIxYTQtZjM1YTQ0NTYzNWNh
LzEvT0JYdEQ2WWd5QUdxcWFieFQyV1cxLXlYVUtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAclZovDTB
PzquAy9cAd5pnUqIxP8r8SHw47FIjfKjg4lHKAof/NMCabNElW0MiMm7XSyJrYU6
LixNucHBU2q903JN7kidwZvt14K0p/D+QMQXDUy5vu9x9R/LMmpf6FhyWsmkjQIZ
psRgO+77XeKmPvW4XPLJ+RbeOHqpluXpHSr8okb+GsKIJ0cJrPPmY0ING5kTeoFb
UWK6EZ3gEWsu7AaNvBD+5NaZB9hYMh8KWbJn+zziZaNf82hJIySPQJsbSRmJDYzy
Fi3kMjbsR2t5MtoSMDyS8Rxfg3M1CtxpRCSpz9apNuaRHFybojXiOrvabpRTegsw
6FAM7XhHmS8VOA==
-----END CERTIFICATE-----
Generated at Fri Jun 13 21:19:06 2025 by rpki-client