Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft
File:                     oYhrwvjZOpz8WoN-LydS7knyJHQ.mft (raw, json)
Hash identifier:          CQuT1xPPsuF2TSk+hpMu2J4SeZTDKZ0hKDre6+4UYBk=
Subject key identifier:   99:99:AE:D7:DF:01:DD:09:F2:01:CD:34:01:A7:10:45:87:4E:F7:4F
Authority key identifier: A1:88:6B:C2:F8:D9:3A:9C:FC:5A:83:7E:2F:27:52:EE:49:F2:24:74
Certificate issuer:       /CN=a1886bc2f8d93a9cfc5a837e2f2752ee49f22474
Certificate serial:       0199221E8BF015068838D8446B4D4E8D9ADB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oYhrwvjZOpz8WoN-LydS7knyJHQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft
Manifest number:          166D
Signing time:             Sun 07 Sep 2025 03:00:51 +0000
Manifest this update:     Sun 07 Sep 2025 03:00:51 +0000
Manifest next update:     Mon 08 Sep 2025 03:00:51 +0000
Files and hashes:         1: oYhrwvjZOpz8WoN-LydS7knyJHQ.crl (hash: 2pwRs5YUHopliXgCO0n/jN/iFN+gLdbsAMQpqPL/6es=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oYhrwvjZOpz8WoN-LydS7knyJHQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1e:8b:f0:15:06:88:38:d8:44:6b:4d:4e:8d:9a:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1886bc2f8d93a9cfc5a837e2f2752ee49f22474
        Validity
            Not Before: Sep  7 03:00:51 2025 GMT
            Not After : Sep  8 03:00:51 2025 GMT
        Subject: CN=9999aed7df01dd09f201cd3401a71045874ef74f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:d0:b7:55:92:37:84:0a:55:69:73:df:4d:36:
                    5d:22:52:fd:19:23:e9:38:e0:fb:2e:a0:6b:80:25:
                    6d:c7:83:9e:aa:7f:53:1a:78:bd:45:b4:38:4c:45:
                    62:33:af:48:04:ac:52:e6:31:59:38:8a:75:38:c7:
                    28:77:c6:24:e3:b2:cf:6d:8d:91:b5:af:47:80:53:
                    59:5c:2b:17:a9:9f:ae:5c:9d:d9:d5:cf:e6:68:f4:
                    b1:83:6d:8a:14:5e:18:15:21:87:e9:36:9e:d6:e1:
                    f4:96:97:d7:44:e7:61:61:a2:23:89:11:22:81:88:
                    ea:38:66:58:40:9a:d8:96:3f:88:ac:ae:35:51:4f:
                    47:3a:3b:c5:d9:bc:2a:d3:6f:aa:51:d7:d9:60:f7:
                    40:6f:ed:82:8e:6e:c5:66:2f:14:ed:4d:3c:a6:38:
                    b8:16:92:ae:ae:74:e4:f3:55:09:e6:00:34:bb:7d:
                    68:02:5d:91:5d:91:75:3c:3b:de:b2:0d:da:eb:70:
                    4a:de:61:45:1b:04:13:47:f0:66:9c:f7:89:5f:4a:
                    3e:5e:a4:5d:2e:f5:35:24:54:ca:ec:e6:4e:07:ff:
                    a9:54:59:d0:52:cc:93:43:70:a1:44:20:44:54:9d:
                    15:de:e1:36:f4:72:25:73:4c:ca:55:d3:22:42:cb:
                    19:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:99:AE:D7:DF:01:DD:09:F2:01:CD:34:01:A7:10:45:87:4E:F7:4F
            X509v3 Authority Key Identifier:
                keyid:A1:88:6B:C2:F8:D9:3A:9C:FC:5A:83:7E:2F:27:52:EE:49:F2:24:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oYhrwvjZOpz8WoN-LydS7knyJHQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:23:54:a4:d1:ef:c5:80:1f:fb:c6:cd:80:b3:82:2c:f0:55:
         5f:a6:64:80:4c:2c:5d:a3:1b:f2:6a:78:e8:6b:33:d0:05:ee:
         83:ea:ec:86:dd:b5:a2:93:f8:60:0e:19:bf:c0:94:4d:fd:e9:
         ac:3c:51:4c:48:a7:47:04:c3:6e:d3:75:83:51:e8:82:19:b1:
         b7:aa:ef:c4:86:cb:1d:4e:15:e6:a0:0b:0e:cb:c0:2f:ec:9a:
         50:a1:76:82:4a:f5:0b:fc:72:2f:61:e9:f0:4e:5c:9b:40:86:
         7c:79:ab:50:aa:83:1a:d4:0d:35:4c:38:87:ad:06:5d:4a:3c:
         2a:e7:b1:4e:da:d2:35:6c:4d:91:4f:c3:36:f1:56:f4:3a:7a:
         35:64:03:77:ac:af:0a:d5:a4:25:a6:0c:7b:b4:cf:ec:a5:ad:
         2a:01:e6:79:d7:77:b6:4f:3d:63:1c:09:fc:52:36:2c:95:28:
         67:a2:e6:3c:07:45:62:2b:67:5e:cc:e8:80:b0:82:6a:47:fd:
         5e:60:b9:af:97:f3:68:bf:e4:d7:b2:ad:b3:25:a1:d2:e1:be:
         c0:86:cc:33:90:22:c1:4f:61:a0:b9:44:dd:a9:d5:62:4d:02:
         fc:7d:45:37:cd:9b:c4:cb:e1:40:b8:5d:8c:ee:56:81:6e:e6:
         3a:80:79:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHovwFQaIONhEa01OjZrbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExODg2YmMyZjhkOTNhOWNmYzVhODM3ZTJmMjc1MmVlNDlm
MjI0NzQwHhcNMjUwOTA3MDMwMDUxWhcNMjUwOTA4MDMwMDUxWjAzMTEwLwYDVQQD
Eyg5OTk5YWVkN2RmMDFkZDA5ZjIwMWNkMzQwMWE3MTA0NTg3NGVmNzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1dC3VZI3hApVaXPfTTZdIlL9GSPp
OOD7LqBrgCVtx4Oeqn9TGni9RbQ4TEViM69IBKxS5jFZOIp1OMcod8Yk47LPbY2R
ta9HgFNZXCsXqZ+uXJ3Z1c/maPSxg22KFF4YFSGH6Tae1uH0lpfXROdhYaIjiREi
gYjqOGZYQJrYlj+IrK41UU9HOjvF2bwq02+qUdfZYPdAb+2Cjm7FZi8U7U08pji4
FpKurnTk81UJ5gA0u31oAl2RXZF1PDvesg3a63BK3mFFGwQTR/BmnPeJX0o+XqRd
LvU1JFTK7OZOB/+pVFnQUsyTQ3ChRCBEVJ0V3uE29HIlc0zKVdMiQssZnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJmZrtffAd0J8gHNNAGnEEWHTvdPMB8GA1UdIwQY
MBaAFKGIa8L42Tqc/FqDfi8nUu5J8iR0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1locnd2alpPcHo4V29OLUx5ZFM3a255SkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi83Y2I3NmUtOTU3Yi00MzExLTg5Yzkt
OTk1ZDExYTg2MDE1LzEvb1locnd2alpPcHo4V29OLUx5ZFM3a255SkhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi83Y2I3NmUtOTU3Yi00MzExLTg5YzktOTk1ZDExYTg2MDE1
LzEvb1locnd2alpPcHo4V29OLUx5ZFM3a255SkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKyNUpNHv
xYAf+8bNgLOCLPBVX6ZkgEwsXaMb8mp46Gsz0AXug+rsht21opP4YA4Zv8CUTf3p
rDxRTEinRwTDbtN1g1Hoghmxt6rvxIbLHU4V5qALDsvAL+yaUKF2gkr1C/xyL2Hp
8E5cm0CGfHmrUKqDGtQNNUw4h60GXUo8KuexTtrSNWxNkU/DNvFW9Dp6NWQDd6yv
CtWkJaYMe7TP7KWtKgHmedd3tk89YxwJ/FI2LJUoZ6LmPAdFYitnXszogLCCakf9
XmC5r5fzaL/k17KtsyWh0uG+wIbMM5AiwU9hoLlE3anVYk0C/H1FN82bxMvhQLhd
jO5WgW7mOoB5PQ==
-----END CERTIFICATE-----