Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft
File:                     oWhu-kcXfglRrIjFZNj4hQvuxdA.mft (raw, json)
Hash identifier:          wSSFbjBIipKOy73HjgL15ht19eNnkQk+xUVUIUMulgA=
Subject key identifier:   3F:01:C3:AF:08:DC:35:17:98:74:FA:24:F4:8B:50:31:B7:45:C0:E4
Authority key identifier: A1:68:6E:FA:47:17:7E:09:51:AC:88:C5:64:D8:F8:85:0B:EE:C5:D0
Certificate issuer:       /CN=a1686efa47177e0951ac88c564d8f8850beec5d0
Certificate serial:       019754C774CDB406F1669E989143373CD0FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oWhu-kcXfglRrIjFZNj4hQvuxdA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft
Manifest number:          0C12
Signing time:             Mon 09 Jun 2025 13:00:47 +0000
Manifest this update:     Mon 09 Jun 2025 13:00:47 +0000
Manifest next update:     Tue 10 Jun 2025 13:00:47 +0000
Files and hashes:         1: oWhu-kcXfglRrIjFZNj4hQvuxdA.crl (hash: KLd7xyd0k2xTTKVyTKKPCe0EEuJ6jvxQhYt5jf+choA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oWhu-kcXfglRrIjFZNj4hQvuxdA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 13:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:54:c7:74:cd:b4:06:f1:66:9e:98:91:43:37:3c:d0:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1686efa47177e0951ac88c564d8f8850beec5d0
        Validity
            Not Before: Jun  9 13:00:47 2025 GMT
            Not After : Jun 10 13:00:47 2025 GMT
        Subject: CN=3f01c3af08dc35179874fa24f48b5031b745c0e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:35:3d:00:da:19:96:42:ec:ba:ed:ce:15:5d:
                    5b:4a:de:26:d4:3d:b5:aa:8f:99:39:6c:4f:c4:5f:
                    c1:2a:49:c1:dc:cc:cb:e9:28:6c:26:49:0b:c1:5b:
                    a8:31:37:f7:fb:0f:b9:17:63:8a:3f:61:dc:a8:7e:
                    10:d2:c9:2b:17:7f:3d:7d:92:0c:45:f0:72:77:82:
                    df:d5:1d:39:bb:86:ac:9b:cb:0a:42:d5:c9:e9:5f:
                    f1:af:ee:f6:61:02:7f:ee:b4:43:bc:48:17:27:aa:
                    cb:3b:8a:8d:e4:94:50:48:3a:af:0d:6d:96:2c:e1:
                    c4:58:ac:fb:38:67:23:f7:65:33:ab:c6:74:fc:8e:
                    46:d7:68:02:84:0a:d6:cb:85:88:00:e3:e8:a0:00:
                    d1:18:ea:b8:b4:15:2b:6d:11:f3:88:65:11:9c:f7:
                    54:34:f3:d5:63:76:7f:47:aa:9c:18:cb:cf:9c:74:
                    d2:6d:31:a6:88:f3:22:fd:8b:fd:86:9b:2f:4b:ae:
                    2e:02:7b:15:1d:bc:bf:f3:2f:c3:be:40:3d:17:05:
                    cd:70:f9:17:fc:b9:e7:33:24:37:4f:32:fd:38:04:
                    de:ea:bf:f6:29:8d:49:e6:c8:b7:11:9b:3d:8c:cc:
                    11:ed:98:94:26:74:b8:85:8a:f4:2c:1d:60:4d:24:
                    49:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:01:C3:AF:08:DC:35:17:98:74:FA:24:F4:8B:50:31:B7:45:C0:E4
            X509v3 Authority Key Identifier:
                keyid:A1:68:6E:FA:47:17:7E:09:51:AC:88:C5:64:D8:F8:85:0B:EE:C5:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oWhu-kcXfglRrIjFZNj4hQvuxdA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:b6:92:3f:5c:3c:e1:22:16:77:28:26:42:93:77:fe:4d:49:
         4d:69:ff:45:22:e6:ef:77:2f:54:91:02:1d:61:0a:6a:ed:e6:
         34:97:00:7a:52:17:d9:06:2f:f2:02:0b:77:43:88:a9:db:a0:
         58:93:b8:73:eb:00:f1:64:b8:8b:51:4c:ae:2c:23:bb:ff:83:
         2e:39:3e:e8:26:a2:c1:fd:38:0d:3b:8d:dd:66:3c:77:0f:62:
         fb:ce:e6:31:a2:69:98:ec:75:2b:8d:ba:4f:d7:0f:47:10:e0:
         04:7b:7a:62:68:3a:2b:d0:24:4d:31:34:08:d6:5d:3f:20:f2:
         ae:89:ee:2a:ad:15:4e:63:88:67:f5:6b:6b:ae:ee:55:85:5c:
         d9:97:71:7d:75:49:fd:03:39:5d:c2:c3:bd:e3:1d:c0:4c:4e:
         f4:00:59:8a:7b:7a:49:74:bf:37:2a:7f:02:bd:4e:2f:27:4e:
         78:8c:bc:a7:3e:58:16:d1:17:68:fb:c5:fc:a4:7b:ad:5a:88:
         cb:da:5e:24:17:4e:c8:cd:72:9e:24:ed:c1:70:15:d3:b4:ee:
         eb:5f:99:c6:c6:97:13:4b:1b:99:5c:1e:3c:61:0d:e7:54:92:
         23:ba:13:9a:71:3b:07:d7:e7:76:a7:db:c7:d1:73:08:12:1f:
         ff:f7:30:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdUx3TNtAbxZp6YkUM3PND6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNjg2ZWZhNDcxNzdlMDk1MWFjODhjNTY0ZDhmODg1MGJl
ZWM1ZDAwHhcNMjUwNjA5MTMwMDQ3WhcNMjUwNjEwMTMwMDQ3WjAzMTEwLwYDVQQD
EygzZjAxYzNhZjA4ZGMzNTE3OTg3NGZhMjRmNDhiNTAzMWI3NDVjMGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDU9ANoZlkLsuu3OFV1bSt4m1D21
qo+ZOWxPxF/BKknB3MzL6ShsJkkLwVuoMTf3+w+5F2OKP2HcqH4Q0skrF389fZIM
RfByd4Lf1R05u4asm8sKQtXJ6V/xr+72YQJ/7rRDvEgXJ6rLO4qN5JRQSDqvDW2W
LOHEWKz7OGcj92Uzq8Z0/I5G12gChArWy4WIAOPooADRGOq4tBUrbRHziGURnPdU
NPPVY3Z/R6qcGMvPnHTSbTGmiPMi/Yv9hpsvS64uAnsVHby/8y/DvkA9FwXNcPkX
/LnnMyQ3TzL9OATe6r/2KY1J5si3EZs9jMwR7ZiUJnS4hYr0LB1gTSRJVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD8Bw68I3DUXmHT6JPSLUDG3RcDkMB8GA1UdIwQY
MBaAFKFobvpHF34JUayIxWTY+IUL7sXQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1dodS1rY1hmZ2xScklqRlpOajRoUXZ1eGRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8xMWQxOTgtODU0Zi00ODgzLWFiOTAt
Y2E0MWIzM2I4ODNhLzEvb1dodS1rY1hmZ2xScklqRlpOajRoUXZ1eGRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8xMWQxOTgtODU0Zi00ODgzLWFiOTAtY2E0MWIzM2I4ODNh
LzEvb1dodS1rY1hmZ2xScklqRlpOajRoUXZ1eGRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi7aSP1w8
4SIWdygmQpN3/k1JTWn/RSLm73cvVJECHWEKau3mNJcAelIX2QYv8gILd0OIqdug
WJO4c+sA8WS4i1FMriwju/+DLjk+6Caiwf04DTuN3WY8dw9i+87mMaJpmOx1K426
T9cPRxDgBHt6Ymg6K9AkTTE0CNZdPyDyronuKq0VTmOIZ/Vra67uVYVc2ZdxfXVJ
/QM5XcLDveMdwExO9ABZint6SXS/Nyp/Ar1OLydOeIy8pz5YFtEXaPvF/KR7rVqI
y9peJBdOyM1yniTtwXAV07Tu61+ZxsaXE0sbmVwePGEN51SSI7oTmnE7B9fndqfb
x9FzCBIf//cwZg==
-----END CERTIFICATE-----