Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/416742-7dd6-4101-8c18-05786bfd6857/1/o7HPJ-q7mfazXewahDm21lPc4zo.mft
File:                     o7HPJ-q7mfazXewahDm21lPc4zo.mft (raw, json)
Hash identifier:          D+HjP0h2VcGMucE/fDwPhD9KdCG/LwcvzgFN2hr+qfo=
Subject key identifier:   B6:B3:27:DA:F8:FA:9F:76:8D:77:7E:55:77:67:2A:E6:2A:DE:32:0F
Authority key identifier: A3:B1:CF:27:EA:BB:99:F6:B3:5D:EC:1A:84:39:B6:D6:53:DC:E3:3A
Certificate issuer:       /CN=a3b1cf27eabb99f6b35dec1a8439b6d653dce33a
Certificate serial:       01977187E0047DCE023C31E0A155817ED441
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o7HPJ-q7mfazXewahDm21lPc4zo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/416742-7dd6-4101-8c18-05786bfd6857/1/o7HPJ-q7mfazXewahDm21lPc4zo.mft
Manifest number:          158E
Signing time:             Sun 15 Jun 2025 03:00:19 +0000
Manifest this update:     Sun 15 Jun 2025 03:00:19 +0000
Manifest next update:     Mon 16 Jun 2025 03:00:19 +0000
Files and hashes:         1: o7HPJ-q7mfazXewahDm21lPc4zo.crl (hash: xGs5K89yvUZpRWkV+QqSPd1JIRieZfPczeSt8zZxhek=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6c/416742-7dd6-4101-8c18-05786bfd6857/1/o7HPJ-q7mfazXewahDm21lPc4zo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6c/416742-7dd6-4101-8c18-05786bfd6857/1/o7HPJ-q7mfazXewahDm21lPc4zo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/o7HPJ-q7mfazXewahDm21lPc4zo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 16 Jun 2025 03:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:71:87:e0:04:7d:ce:02:3c:31:e0:a1:55:81:7e:d4:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3b1cf27eabb99f6b35dec1a8439b6d653dce33a
        Validity
            Not Before: Jun 15 03:00:19 2025 GMT
            Not After : Jun 16 03:00:19 2025 GMT
        Subject: CN=b6b327daf8fa9f768d777e5577672ae62ade320f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:26:11:aa:57:26:c7:0d:51:91:7a:d6:e8:84:
                    48:02:6b:71:7b:43:fe:ad:e3:a9:aa:d7:13:64:dd:
                    9d:22:5c:1e:f7:7a:5c:a2:99:8f:55:7d:5d:50:88:
                    4b:23:de:fe:f3:bb:e3:ca:02:c1:fa:17:f9:4b:b7:
                    15:3c:97:50:4e:9e:c2:6a:10:d3:d9:98:04:e2:74:
                    d2:15:28:25:17:e7:71:97:55:4c:79:d4:e0:90:0f:
                    74:8c:8f:de:f1:93:52:33:dc:ff:9c:da:84:f3:d9:
                    f7:48:36:3a:71:16:b7:38:0e:3a:83:12:7b:97:b9:
                    7d:4c:8b:8f:da:05:69:91:21:cd:e1:12:8a:7d:b1:
                    4b:4b:c0:35:8a:64:7e:83:5b:6a:59:e7:93:c3:7d:
                    bd:ac:71:75:c9:2d:99:6a:73:6a:a0:9b:f9:ca:b0:
                    eb:27:fa:96:8c:83:4d:f6:fe:f1:2f:33:20:2e:8e:
                    dd:91:5c:2d:c9:bb:1d:58:86:b9:6c:73:15:e8:6e:
                    68:9a:71:c7:77:ff:e4:57:7b:3c:64:06:37:5f:cd:
                    a7:cd:cf:46:c6:9d:39:7f:af:20:4b:f6:31:03:db:
                    5e:65:d4:0a:8f:71:b6:a4:3e:d9:c8:68:80:e7:ce:
                    23:8d:64:5a:fa:57:ae:27:f1:42:cc:b3:5d:83:4b:
                    84:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:B3:27:DA:F8:FA:9F:76:8D:77:7E:55:77:67:2A:E6:2A:DE:32:0F
            X509v3 Authority Key Identifier:
                keyid:A3:B1:CF:27:EA:BB:99:F6:B3:5D:EC:1A:84:39:B6:D6:53:DC:E3:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o7HPJ-q7mfazXewahDm21lPc4zo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/416742-7dd6-4101-8c18-05786bfd6857/1/o7HPJ-q7mfazXewahDm21lPc4zo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/416742-7dd6-4101-8c18-05786bfd6857/1/o7HPJ-q7mfazXewahDm21lPc4zo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:7e:fb:8d:28:0d:19:10:e4:fb:82:5e:fe:a4:a4:7d:67:e9:
         1a:a8:57:32:94:4d:a8:0c:09:32:bd:eb:ee:00:08:7e:83:6e:
         9e:fa:d3:5a:60:bd:6e:8e:bd:58:7c:14:d6:06:5f:19:c2:6a:
         35:1b:68:20:24:88:fa:98:99:88:43:ed:0b:59:ea:7e:aa:00:
         1e:26:83:03:f6:a5:83:2d:a6:1f:8a:f1:9b:e3:90:29:73:c1:
         a4:6c:09:6d:16:db:9a:1b:ec:39:b6:4a:74:a1:3c:32:3b:44:
         7e:b1:41:b1:17:81:33:e2:e6:ea:b9:56:20:36:8f:24:8d:95:
         f2:0c:91:68:47:48:8f:07:b0:8e:5d:92:45:7f:4d:2e:a8:7d:
         3b:61:18:94:53:6a:5b:c0:08:05:82:7a:a2:c5:69:e0:2b:9c:
         b6:ed:70:3c:0e:d4:b6:50:59:67:45:0a:57:d7:04:97:e6:d7:
         c0:a5:4a:f4:85:e9:ff:f3:47:fb:82:5e:73:57:b5:93:d4:1a:
         7b:a2:8a:b2:66:6d:94:4c:d1:3d:6e:e0:9c:c2:dc:33:bb:16:
         6c:33:9f:44:4f:a7:b8:b9:8f:d4:ac:e0:51:4a:61:f5:fa:e5:
         79:6b:37:b4:0d:47:6c:3a:49:6e:c1:3e:eb:90:52:92:fa:f4:
         e2:4f:c3:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdxh+AEfc4CPDHgoVWBftRBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzYjFjZjI3ZWFiYjk5ZjZiMzVkZWMxYTg0MzliNmQ2NTNk
Y2UzM2EwHhcNMjUwNjE1MDMwMDE5WhcNMjUwNjE2MDMwMDE5WjAzMTEwLwYDVQQD
EyhiNmIzMjdkYWY4ZmE5Zjc2OGQ3NzdlNTU3NzY3MmFlNjJhZGUzMjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvyYRqlcmxw1RkXrW6IRIAmtxe0P+
reOpqtcTZN2dIlwe93pcopmPVX1dUIhLI97+87vjygLB+hf5S7cVPJdQTp7CahDT
2ZgE4nTSFSglF+dxl1VMedTgkA90jI/e8ZNSM9z/nNqE89n3SDY6cRa3OA46gxJ7
l7l9TIuP2gVpkSHN4RKKfbFLS8A1imR+g1tqWeeTw329rHF1yS2ZanNqoJv5yrDr
J/qWjINN9v7xLzMgLo7dkVwtybsdWIa5bHMV6G5omnHHd//kV3s8ZAY3X82nzc9G
xp05f68gS/YxA9teZdQKj3G2pD7ZyGiA584jjWRa+leuJ/FCzLNdg0uEPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLazJ9r4+p92jXd+VXdnKuYq3jIPMB8GA1UdIwQY
MBaAFKOxzyfqu5n2s13sGoQ5ttZT3OM6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzdIUEotcTdtZmF6WGV3YWhEbTIxbFBjNHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy80MTY3NDItN2RkNi00MTAxLThjMTgt
MDU3ODZiZmQ2ODU3LzEvbzdIUEotcTdtZmF6WGV3YWhEbTIxbFBjNHpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy80MTY3NDItN2RkNi00MTAxLThjMTgtMDU3ODZiZmQ2ODU3
LzEvbzdIUEotcTdtZmF6WGV3YWhEbTIxbFBjNHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM377jSgN
GRDk+4Je/qSkfWfpGqhXMpRNqAwJMr3r7gAIfoNunvrTWmC9bo69WHwU1gZfGcJq
NRtoICSI+piZiEPtC1nqfqoAHiaDA/algy2mH4rxm+OQKXPBpGwJbRbbmhvsObZK
dKE8MjtEfrFBsReBM+Lm6rlWIDaPJI2V8gyRaEdIjwewjl2SRX9NLqh9O2EYlFNq
W8AIBYJ6osVp4Cuctu1wPA7UtlBZZ0UKV9cEl+bXwKVK9IXp//NH+4Jec1e1k9Qa
e6KKsmZtlEzRPW7gnMLcM7sWbDOfRE+nuLmP1KzgUUph9frleWs3tA1HbDpJbsE+
65BSkvr04k/DWg==
-----END CERTIFICATE-----