Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/8d4c03-5fc7-41ac-94f6-1f02c7e923b3/1/O8RoMnEppQF7l23I7aydG56aFMw.mft
File:                     O8RoMnEppQF7l23I7aydG56aFMw.mft (raw, json)
Hash identifier:          RCG6B71qf7ZpSm+3Mc0HJ3F2vH9z0Ai62Za/WItIBkQ=
Subject key identifier:   1E:C1:BC:FE:A7:FA:2E:0B:86:73:73:98:AB:58:A7:C9:CD:BB:3C:97
Authority key identifier: 3B:C4:68:32:71:29:A5:01:7B:97:6D:C8:ED:AC:9D:1B:9E:9A:14:CC
Certificate issuer:       /CN=3bc468327129a5017b976dc8edac9d1b9e9a14cc
Certificate serial:       019749D5E28946CD6C66C86BA976A112CAF1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O8RoMnEppQF7l23I7aydG56aFMw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/8d4c03-5fc7-41ac-94f6-1f02c7e923b3/1/O8RoMnEppQF7l23I7aydG56aFMw.mft
Manifest number:          1508
Signing time:             Sat 07 Jun 2025 10:00:43 +0000
Manifest this update:     Sat 07 Jun 2025 10:00:43 +0000
Manifest next update:     Sun 08 Jun 2025 10:00:43 +0000
Files and hashes:         1: O8RoMnEppQF7l23I7aydG56aFMw.crl (hash: QVhYvMpqRgjC4cJUXEkzV0R0d+56A7DFER1RWX0T4yo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/8d4c03-5fc7-41ac-94f6-1f02c7e923b3/1/O8RoMnEppQF7l23I7aydG56aFMw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/8d4c03-5fc7-41ac-94f6-1f02c7e923b3/1/O8RoMnEppQF7l23I7aydG56aFMw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O8RoMnEppQF7l23I7aydG56aFMw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:d5:e2:89:46:cd:6c:66:c8:6b:a9:76:a1:12:ca:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3bc468327129a5017b976dc8edac9d1b9e9a14cc
        Validity
            Not Before: Jun  7 10:00:43 2025 GMT
            Not After : Jun  8 10:00:43 2025 GMT
        Subject: CN=1ec1bcfea7fa2e0b86737398ab58a7c9cdbb3c97
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:f2:43:9a:2f:e8:ff:75:c0:45:2c:9a:62:51:
                    f0:45:c0:a3:f8:bb:1a:58:2d:ec:a9:95:33:38:15:
                    3b:6a:ee:81:c3:7d:92:3e:06:e9:01:1a:07:3f:81:
                    a5:7f:d9:f2:e5:42:2d:83:b8:5b:c9:7e:20:91:64:
                    fc:14:bf:b3:09:42:7e:c6:53:64:5a:ff:a3:2b:1f:
                    be:91:dd:18:ca:12:89:b8:73:ee:d1:d9:6a:02:48:
                    26:9a:80:28:b5:94:f8:0a:91:f4:f4:2d:7e:5d:a6:
                    9f:05:76:9b:35:e9:da:aa:84:94:b4:a2:cf:0c:5a:
                    71:01:f6:f9:b5:4f:41:e1:88:1f:43:bf:cb:0f:d6:
                    0c:50:5b:e2:f4:2c:f4:3a:4c:f8:17:d6:1a:bc:81:
                    c4:c6:4f:28:a0:e4:51:d2:b9:9a:9d:96:f4:bc:d9:
                    96:c9:de:7e:dc:bc:fc:5e:ed:f4:12:c8:d2:95:c2:
                    02:11:ab:31:a3:69:02:86:03:f2:44:51:75:e0:c7:
                    69:8e:08:b4:91:23:3f:01:a8:51:0b:e4:de:29:bf:
                    34:3e:f8:7c:6b:8f:98:27:56:f5:ce:dd:40:1f:cc:
                    ee:0f:80:bd:64:e0:52:40:84:be:23:03:b8:6b:0f:
                    89:16:dd:ec:87:9b:51:b4:1f:d7:b7:18:28:a3:48:
                    d4:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:C1:BC:FE:A7:FA:2E:0B:86:73:73:98:AB:58:A7:C9:CD:BB:3C:97
            X509v3 Authority Key Identifier:
                keyid:3B:C4:68:32:71:29:A5:01:7B:97:6D:C8:ED:AC:9D:1B:9E:9A:14:CC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O8RoMnEppQF7l23I7aydG56aFMw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/8d4c03-5fc7-41ac-94f6-1f02c7e923b3/1/O8RoMnEppQF7l23I7aydG56aFMw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/8d4c03-5fc7-41ac-94f6-1f02c7e923b3/1/O8RoMnEppQF7l23I7aydG56aFMw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:79:9b:41:c5:aa:64:6e:11:5e:c4:fb:e7:ca:ba:be:29:b2:
         a0:b2:da:14:80:c0:6d:ff:9f:97:47:3e:0b:74:14:73:01:a5:
         75:6e:ac:b4:fc:d5:c1:35:26:29:bc:aa:11:b2:4e:ea:2a:38:
         d9:55:40:19:23:f6:16:bf:c3:15:62:80:96:83:d7:f3:b9:d2:
         8e:ac:90:37:30:c4:0f:28:0f:e9:90:9e:e6:bd:b9:b3:27:4a:
         04:9f:c1:45:10:38:e2:c2:c0:f7:4a:02:90:4d:ee:75:b2:56:
         02:fe:d3:6b:5f:d6:c2:94:c2:2b:b5:0a:2f:8d:6c:d8:57:73:
         87:30:96:03:07:be:db:3c:7a:70:76:ab:67:39:16:73:45:c7:
         e0:37:32:9a:3b:f9:7b:52:d5:f8:2e:d7:3a:94:c3:f8:ec:a5:
         b6:65:46:57:41:fa:43:5d:26:e3:d2:8a:eb:e5:cd:57:de:68:
         b5:b4:4a:68:73:ca:35:44:8e:4b:07:87:52:1a:de:22:a3:63:
         32:9a:b8:c7:c4:d1:3e:5a:7f:e5:cd:49:dd:08:0f:c4:07:d7:
         0a:c8:88:79:6b:ea:fe:4a:eb:30:d7:98:0c:26:9d:f8:a6:a9:
         89:a6:a1:6b:15:91:de:85:08:6f:46:25:a5:b6:19:e8:e4:05:
         22:30:02:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJ1eKJRs1sZshrqXahEsrxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiYzQ2ODMyNzEyOWE1MDE3Yjk3NmRjOGVkYWM5ZDFiOWU5
YTE0Y2MwHhcNMjUwNjA3MTAwMDQzWhcNMjUwNjA4MTAwMDQzWjAzMTEwLwYDVQQD
EygxZWMxYmNmZWE3ZmEyZTBiODY3MzczOThhYjU4YTdjOWNkYmIzYzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovJDmi/o/3XARSyaYlHwRcCj+Lsa
WC3sqZUzOBU7au6Bw32SPgbpARoHP4Glf9ny5UItg7hbyX4gkWT8FL+zCUJ+xlNk
Wv+jKx++kd0YyhKJuHPu0dlqAkgmmoAotZT4CpH09C1+XaafBXabNenaqoSUtKLP
DFpxAfb5tU9B4YgfQ7/LD9YMUFvi9Cz0Okz4F9YavIHExk8ooORR0rmanZb0vNmW
yd5+3Lz8Xu30EsjSlcICEasxo2kChgPyRFF14Mdpjgi0kSM/AahRC+TeKb80Pvh8
a4+YJ1b1zt1AH8zuD4C9ZOBSQIS+IwO4aw+JFt3sh5tRtB/Xtxgoo0jUTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB7BvP6n+i4LhnNzmKtYp8nNuzyXMB8GA1UdIwQY
MBaAFDvEaDJxKaUBe5dtyO2snRuemhTMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzhSb01uRXBwUUY3bDIzSTdheWRHNTZhRk13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC84ZDRjMDMtNWZjNy00MWFjLTk0ZjYt
MWYwMmM3ZTkyM2IzLzEvTzhSb01uRXBwUUY3bDIzSTdheWRHNTZhRk13Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC84ZDRjMDMtNWZjNy00MWFjLTk0ZjYtMWYwMmM3ZTkyM2Iz
LzEvTzhSb01uRXBwUUY3bDIzSTdheWRHNTZhRk13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdXmbQcWq
ZG4RXsT758q6vimyoLLaFIDAbf+fl0c+C3QUcwGldW6stPzVwTUmKbyqEbJO6io4
2VVAGSP2Fr/DFWKAloPX87nSjqyQNzDEDygP6ZCe5r25sydKBJ/BRRA44sLA90oC
kE3udbJWAv7Ta1/WwpTCK7UKL41s2FdzhzCWAwe+2zx6cHarZzkWc0XH4Dcymjv5
e1LV+C7XOpTD+OyltmVGV0H6Q10m49KK6+XNV95otbRKaHPKNUSOSweHUhreIqNj
Mpq4x8TRPlp/5c1J3QgPxAfXCsiIeWvq/krrMNeYDCad+KapiaahaxWR3oUIb0Yl
pbYZ6OQFIjACiQ==
-----END CERTIFICATE-----