Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft
File:                     OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft (raw, json)
Hash identifier:          Zn3nlJbgxglTcj1obVDaRGuJ8cxtBGLQwluFqxOQ9ZY=
Subject key identifier:   A0:A1:4D:DA:B9:C3:7D:1E:C2:B4:5B:9C:62:D4:6A:B7:6A:B9:D9:55
Authority key identifier: 38:A1:9E:64:0D:E1:F4:52:A7:DC:4A:BE:78:6A:A5:81:34:29:27:B1
Certificate issuer:       /CN=38a19e640de1f452a7dc4abe786aa581342927b1
Certificate serial:       01974C68CD10CF355D0A8CAACEB1322C2498
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft
Manifest number:          04BE
Signing time:             Sat 07 Jun 2025 22:00:25 +0000
Manifest this update:     Sat 07 Jun 2025 22:00:25 +0000
Manifest next update:     Sun 08 Jun 2025 22:00:25 +0000
Files and hashes:         1: OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.crl (hash: 41A11aeAOfT1PEkQ1OBDfTU8aRf+cKX2+HZv/Um2AjM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 20:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:68:cd:10:cf:35:5d:0a:8c:aa:ce:b1:32:2c:24:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38a19e640de1f452a7dc4abe786aa581342927b1
        Validity
            Not Before: Jun  7 22:00:25 2025 GMT
            Not After : Jun  8 22:00:25 2025 GMT
        Subject: CN=a0a14ddab9c37d1ec2b45b9c62d46ab76ab9d955
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:11:f8:9e:63:e3:27:61:a0:4d:d2:eb:b4:8e:
                    08:60:9f:94:a0:a3:ac:4d:b3:c7:ad:25:05:15:c1:
                    bc:42:f7:fd:d3:a1:11:c8:e9:c6:07:1d:fc:3a:9f:
                    a4:b3:00:13:26:a6:05:91:47:dc:55:72:6e:b3:07:
                    03:9d:e2:b6:27:23:45:ce:62:1f:cb:a9:b8:1f:19:
                    0d:ed:3d:42:fb:e5:d7:02:68:e6:fc:72:27:26:a3:
                    95:53:fa:c9:21:41:db:b3:89:e6:a7:94:8e:c7:23:
                    b6:4d:e3:5e:ef:2b:1c:4f:bf:3a:88:0d:94:ae:a6:
                    70:c2:b3:12:13:97:5c:61:87:03:65:f1:11:7c:9d:
                    44:41:fb:a5:94:8f:f6:48:63:84:a9:15:3c:a6:40:
                    b0:c4:db:b9:b2:ed:62:1e:06:87:8d:b7:ed:d3:65:
                    6b:ef:1c:49:9e:dd:95:74:92:3c:08:14:55:cb:4b:
                    d5:17:27:2b:9a:f3:45:0e:49:21:a8:20:13:47:bd:
                    ef:b5:08:d4:a4:79:07:b3:b3:da:03:d1:f3:cb:84:
                    41:42:d8:4c:86:62:c8:ee:43:2d:7b:b1:3f:91:11:
                    bd:28:2a:e3:3b:a1:a7:67:6e:4a:7a:48:9d:74:bd:
                    77:b6:a0:69:8e:75:a3:88:3f:77:26:f7:91:e6:5b:
                    94:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:A1:4D:DA:B9:C3:7D:1E:C2:B4:5B:9C:62:D4:6A:B7:6A:B9:D9:55
            X509v3 Authority Key Identifier:
                keyid:38:A1:9E:64:0D:E1:F4:52:A7:DC:4A:BE:78:6A:A5:81:34:29:27:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:11:fd:1c:ad:c2:21:c8:a7:a2:d0:2f:74:69:d6:ce:f9:43:
         e6:11:f3:d3:ba:c5:68:7a:1b:f4:9e:47:62:e9:ec:cb:35:1c:
         ae:87:a4:46:55:1e:da:94:65:f5:1e:a5:62:dd:dc:5e:76:f5:
         4a:f1:3c:fe:59:08:8c:58:86:ea:a5:95:12:37:ab:5c:e0:c8:
         44:53:dc:8a:07:78:9e:1b:3b:d1:89:0e:24:75:18:3f:90:8f:
         4a:cd:d3:e0:62:85:5d:2a:4e:d6:1f:6f:bf:f4:b4:84:13:33:
         c8:da:94:c9:5b:74:0f:f8:fc:50:1a:03:3a:a7:cf:f4:3d:54:
         e6:35:10:fb:38:72:26:2c:10:3a:b2:95:ea:a0:c7:db:53:50:
         de:7c:b7:bb:bb:6e:bd:67:1a:15:ba:4a:f8:51:63:b9:fe:c5:
         6f:75:82:69:26:99:6d:20:3b:27:68:0c:84:f3:c5:6f:2a:77:
         c1:ed:de:11:d5:db:bb:9a:59:33:e7:11:5f:9d:f0:f8:28:d4:
         8a:91:b0:67:35:6c:2c:f4:26:a0:46:7a:68:ac:eb:81:cf:32:
         1c:12:86:f2:e0:41:79:6a:3d:b6:3e:60:88:f3:66:12:90:8c:
         6f:81:51:31:69:ab:0c:3d:e9:51:fe:2e:73:ce:eb:e9:6a:88:
         63:b1:db:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdMaM0QzzVdCoyqzrEyLCSYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTE5ZTY0MGRlMWY0NTJhN2RjNGFiZTc4NmFhNTgxMzQy
OTI3YjEwHhcNMjUwNjA3MjIwMDI1WhcNMjUwNjA4MjIwMDI1WjAzMTEwLwYDVQQD
EyhhMGExNGRkYWI5YzM3ZDFlYzJiNDViOWM2MmQ0NmFiNzZhYjlkOTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBH4nmPjJ2GgTdLrtI4IYJ+UoKOs
TbPHrSUFFcG8Qvf906ERyOnGBx38Op+kswATJqYFkUfcVXJuswcDneK2JyNFzmIf
y6m4HxkN7T1C++XXAmjm/HInJqOVU/rJIUHbs4nmp5SOxyO2TeNe7yscT786iA2U
rqZwwrMSE5dcYYcDZfERfJ1EQfullI/2SGOEqRU8pkCwxNu5su1iHgaHjbft02Vr
7xxJnt2VdJI8CBRVy0vVFycrmvNFDkkhqCATR73vtQjUpHkHs7PaA9Hzy4RBQthM
hmLI7kMte7E/kRG9KCrjO6GnZ25KekiddL13tqBpjnWjiD93JveR5luUDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKChTdq5w30ewrRbnGLUardqudlVMB8GA1UdIwQY
MBaAFDihnmQN4fRSp9xKvnhqpYE0KSexMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0tHZVpBM2g5RktuM0VxLWVHcWxnVFFwSjdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8zZmU0MTMtYmQ1MS00NzY1LWJkODYt
Yjc0NDEwMzJlNTlmLzEvT0tHZVpBM2g5RktuM0VxLWVHcWxnVFFwSjdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8zZmU0MTMtYmQ1MS00NzY1LWJkODYtYjc0NDEwMzJlNTlm
LzEvT0tHZVpBM2g5RktuM0VxLWVHcWxnVFFwSjdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeBH9HK3C
IcinotAvdGnWzvlD5hHz07rFaHob9J5HYunsyzUcroekRlUe2pRl9R6lYt3cXnb1
SvE8/lkIjFiG6qWVEjerXODIRFPcigd4nhs70YkOJHUYP5CPSs3T4GKFXSpO1h9v
v/S0hBMzyNqUyVt0D/j8UBoDOqfP9D1U5jUQ+zhyJiwQOrKV6qDH21NQ3ny3u7tu
vWcaFbpK+FFjuf7Fb3WCaSaZbSA7J2gMhPPFbyp3we3eEdXbu5pZM+cRX53w+CjU
ipGwZzVsLPQmoEZ6aKzrgc8yHBKG8uBBeWo9tj5giPNmEpCMb4FRMWmrDD3pUf4u
c87r6WqIY7HbqQ==
-----END CERTIFICATE-----