Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft
File:                     oWhu-kcXfglRrIjFZNj4hQvuxdA.mft (raw, json)
Hash identifier:          ek0BaJ927nZIHZx/54mcwmWtWdyAu9LVZax59CuX+CE=
Subject key identifier:   E6:D8:40:41:22:A2:AB:14:FB:1D:92:50:D4:D0:A8:EF:B9:E7:67:CC
Authority key identifier: A1:68:6E:FA:47:17:7E:09:51:AC:88:C5:64:D8:F8:85:0B:EE:C5:D0
Certificate issuer:       /CN=a1686efa47177e0951ac88c564d8f8850beec5d0
Certificate serial:       01976BF3FAB4C86BF97F7D64C3259C655716
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oWhu-kcXfglRrIjFZNj4hQvuxdA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft
Manifest number:          0C1E
Signing time:             Sat 14 Jun 2025 01:00:40 +0000
Manifest this update:     Sat 14 Jun 2025 01:00:40 +0000
Manifest next update:     Sun 15 Jun 2025 01:00:40 +0000
Files and hashes:         1: oWhu-kcXfglRrIjFZNj4hQvuxdA.crl (hash: iWuHRx8DoNbiMxlTcSpGM/oqjBIKbbc4/709/C033zk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oWhu-kcXfglRrIjFZNj4hQvuxdA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6b:f3:fa:b4:c8:6b:f9:7f:7d:64:c3:25:9c:65:57:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1686efa47177e0951ac88c564d8f8850beec5d0
        Validity
            Not Before: Jun 14 01:00:40 2025 GMT
            Not After : Jun 15 01:00:40 2025 GMT
        Subject: CN=e6d8404122a2ab14fb1d9250d4d0a8efb9e767cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:14:cb:84:29:35:a4:8b:bb:c2:8d:b4:4e:99:
                    52:44:b4:fd:24:71:4d:63:27:09:0b:95:2a:b9:a4:
                    9e:99:c2:db:d3:ac:1f:39:12:79:af:4b:aa:68:8b:
                    6a:0f:51:62:e3:2e:c8:24:0b:b3:8f:5c:1d:de:7e:
                    76:49:8f:5f:14:ac:a3:0c:5b:89:f8:b3:9f:8c:22:
                    da:eb:10:20:24:bb:72:46:04:7a:1a:e3:03:c4:47:
                    ad:c8:07:13:93:9d:00:6b:da:7f:4e:94:3f:10:de:
                    bb:2c:e3:35:f5:4a:eb:a2:4b:a9:f2:f9:66:1a:e3:
                    1f:a4:f3:08:51:cf:34:d3:84:45:40:0a:89:5b:25:
                    ae:46:39:6b:9e:00:c3:46:e0:a3:3f:62:fc:cd:3b:
                    e0:f4:cb:f2:39:38:a2:c2:e2:17:5c:cc:96:7b:a9:
                    be:eb:b1:6f:7f:d6:19:88:0f:ad:68:65:a7:25:e0:
                    99:1a:a1:03:88:6d:6a:d4:32:1f:d1:92:21:58:fe:
                    37:86:18:f6:09:f1:e1:d7:ea:2b:90:dc:ae:8f:3e:
                    75:56:c1:3b:78:75:06:14:09:40:bc:74:13:0d:36:
                    a7:c1:e1:dc:04:81:7e:69:5b:90:57:93:3c:80:b1:
                    54:54:ac:fe:fa:30:41:78:eb:27:86:6a:1f:4d:e6:
                    e8:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:D8:40:41:22:A2:AB:14:FB:1D:92:50:D4:D0:A8:EF:B9:E7:67:CC
            X509v3 Authority Key Identifier:
                keyid:A1:68:6E:FA:47:17:7E:09:51:AC:88:C5:64:D8:F8:85:0B:EE:C5:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oWhu-kcXfglRrIjFZNj4hQvuxdA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:55:d2:b4:77:a1:9f:66:ed:1a:3f:42:2f:d0:13:81:41:ca:
         b7:6d:c7:5c:fb:18:5d:83:74:f0:50:e2:aa:b9:dd:e0:70:a7:
         19:ba:f7:22:31:19:b9:6b:82:70:d2:90:18:73:b6:24:a9:9c:
         40:71:98:7d:d5:b3:3f:91:b0:17:79:0e:72:b3:ab:17:bd:a1:
         9d:e2:e6:4b:76:67:df:df:67:75:6a:7c:9b:1c:8b:2b:66:f3:
         d0:1c:f6:9b:34:40:d0:f8:ee:be:b3:a0:44:42:41:e4:23:5d:
         9f:4a:db:26:fc:94:3c:51:f0:de:19:77:7e:d0:e6:1e:9a:ff:
         fd:41:88:4b:35:92:d8:17:da:48:fc:6e:b4:34:a7:89:1f:c7:
         ca:7e:ae:35:e1:30:94:2f:cb:97:c5:14:29:fc:30:be:80:62:
         6d:08:70:64:d9:ae:27:0f:f3:b5:47:44:a9:38:95:b2:97:e2:
         2f:f5:39:d4:25:ee:db:a5:8a:4b:a4:bd:b6:3e:e7:2e:df:61:
         76:dd:0e:7c:80:06:40:00:1a:a0:de:ed:de:59:9e:ed:69:9a:
         06:16:66:4d:27:73:16:40:36:19:6e:dd:44:1d:78:a4:15:a1:
         c9:fc:fc:89:90:d4:9a:79:8b:0d:5f:06:b6:5e:a9:b4:6d:d0:
         d4:28:31:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdr8/q0yGv5f31kwyWcZVcWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNjg2ZWZhNDcxNzdlMDk1MWFjODhjNTY0ZDhmODg1MGJl
ZWM1ZDAwHhcNMjUwNjE0MDEwMDQwWhcNMjUwNjE1MDEwMDQwWjAzMTEwLwYDVQQD
EyhlNmQ4NDA0MTIyYTJhYjE0ZmIxZDkyNTBkNGQwYThlZmI5ZTc2N2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBTLhCk1pIu7wo20TplSRLT9JHFN
YycJC5UquaSemcLb06wfORJ5r0uqaItqD1Fi4y7IJAuzj1wd3n52SY9fFKyjDFuJ
+LOfjCLa6xAgJLtyRgR6GuMDxEetyAcTk50Aa9p/TpQ/EN67LOM19Urrokup8vlm
GuMfpPMIUc8004RFQAqJWyWuRjlrngDDRuCjP2L8zTvg9MvyOTiiwuIXXMyWe6m+
67Fvf9YZiA+taGWnJeCZGqEDiG1q1DIf0ZIhWP43hhj2CfHh1+orkNyujz51VsE7
eHUGFAlAvHQTDTanweHcBIF+aVuQV5M8gLFUVKz++jBBeOsnhmofTeboKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFObYQEEioqsU+x2SUNTQqO+552fMMB8GA1UdIwQY
MBaAFKFobvpHF34JUayIxWTY+IUL7sXQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1dodS1rY1hmZ2xScklqRlpOajRoUXZ1eGRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8xMWQxOTgtODU0Zi00ODgzLWFiOTAt
Y2E0MWIzM2I4ODNhLzEvb1dodS1rY1hmZ2xScklqRlpOajRoUXZ1eGRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8xMWQxOTgtODU0Zi00ODgzLWFiOTAtY2E0MWIzM2I4ODNh
LzEvb1dodS1rY1hmZ2xScklqRlpOajRoUXZ1eGRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZlXStHeh
n2btGj9CL9ATgUHKt23HXPsYXYN08FDiqrnd4HCnGbr3IjEZuWuCcNKQGHO2JKmc
QHGYfdWzP5GwF3kOcrOrF72hneLmS3Zn399ndWp8mxyLK2bz0Bz2mzRA0PjuvrOg
REJB5CNdn0rbJvyUPFHw3hl3ftDmHpr//UGISzWS2BfaSPxutDSniR/Hyn6uNeEw
lC/Ll8UUKfwwvoBibQhwZNmuJw/ztUdEqTiVspfiL/U51CXu26WKS6S9tj7nLt9h
dt0OfIAGQAAaoN7t3lme7WmaBhZmTSdzFkA2GW7dRB14pBWhyfz8iZDUmnmLDV8G
tl6ptG3Q1CgxYQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 09:10:20 2025 by rpki-client