Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/416742-7dd6-4101-8c18-05786bfd6857/1/o7HPJ-q7mfazXewahDm21lPc4zo.mft
File:                     o7HPJ-q7mfazXewahDm21lPc4zo.mft (raw, json)
Hash identifier:          FFwKSa4yaD0qLBeCPJlJXSvzWNsGVIOd/2FWDsf+0to=
Subject key identifier:   A9:FF:1C:1D:A6:BC:49:35:6D:35:9A:C2:B1:C7:F7:29:E1:B6:93:C9
Authority key identifier: A3:B1:CF:27:EA:BB:99:F6:B3:5D:EC:1A:84:39:B6:D6:53:DC:E3:3A
Certificate issuer:       /CN=a3b1cf27eabb99f6b35dec1a8439b6d653dce33a
Certificate serial:       01975E382951747FBA1B23DFA86DAA4B3B27
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o7HPJ-q7mfazXewahDm21lPc4zo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/416742-7dd6-4101-8c18-05786bfd6857/1/o7HPJ-q7mfazXewahDm21lPc4zo.mft
Manifest number:          1584
Signing time:             Wed 11 Jun 2025 09:00:28 +0000
Manifest this update:     Wed 11 Jun 2025 09:00:28 +0000
Manifest next update:     Thu 12 Jun 2025 09:00:28 +0000
Files and hashes:         1: o7HPJ-q7mfazXewahDm21lPc4zo.crl (hash: Hu+z/QdmAG2TpFoxEcKBgyE5CYhNJ633xXA5UqQT5d0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6c/416742-7dd6-4101-8c18-05786bfd6857/1/o7HPJ-q7mfazXewahDm21lPc4zo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6c/416742-7dd6-4101-8c18-05786bfd6857/1/o7HPJ-q7mfazXewahDm21lPc4zo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/o7HPJ-q7mfazXewahDm21lPc4zo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 08:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5e:38:29:51:74:7f:ba:1b:23:df:a8:6d:aa:4b:3b:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3b1cf27eabb99f6b35dec1a8439b6d653dce33a
        Validity
            Not Before: Jun 11 09:00:28 2025 GMT
            Not After : Jun 12 09:00:28 2025 GMT
        Subject: CN=a9ff1c1da6bc49356d359ac2b1c7f729e1b693c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:fd:ce:3e:e6:a3:bd:c3:96:91:eb:a2:c1:f3:
                    29:81:c1:5e:0e:1c:96:95:f7:a5:e9:3e:bc:de:6b:
                    c8:56:20:65:1f:5a:37:ae:92:5f:9a:03:4c:d6:12:
                    84:86:c6:80:d4:a7:d3:a0:e0:ac:1a:35:e3:b0:d9:
                    2c:70:8b:d0:da:e5:73:f3:53:d9:6e:ed:22:67:24:
                    3b:de:1f:dd:a9:22:3c:5d:96:16:ce:85:6f:ea:1b:
                    35:a1:4d:9b:02:2c:f3:40:ca:d2:87:9c:14:93:d9:
                    4f:49:d3:01:d3:b0:5b:93:64:d9:50:b4:98:64:c9:
                    c4:1e:1c:9e:78:0c:83:e9:b8:77:8a:29:50:d7:7f:
                    f9:f1:67:3e:e5:5e:32:00:02:6c:cf:0f:de:1b:47:
                    bd:ab:1e:6d:9b:83:1a:a5:bf:3e:74:31:b1:fe:fb:
                    7b:22:fc:d2:5a:ec:1f:d8:d1:e7:5e:08:b2:23:a1:
                    e2:31:ed:3c:a9:d6:63:da:22:49:f5:01:3a:30:69:
                    13:37:51:c8:cc:c3:95:01:5d:66:ff:af:d2:62:a5:
                    01:48:9e:b6:e4:51:05:47:88:9b:c3:8f:a0:30:4b:
                    1f:c4:4d:b3:b4:7a:e7:05:a1:66:54:0a:f5:24:84:
                    18:1a:a0:cc:cf:dc:ec:30:7f:fa:54:09:34:ee:b0:
                    db:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:FF:1C:1D:A6:BC:49:35:6D:35:9A:C2:B1:C7:F7:29:E1:B6:93:C9
            X509v3 Authority Key Identifier:
                keyid:A3:B1:CF:27:EA:BB:99:F6:B3:5D:EC:1A:84:39:B6:D6:53:DC:E3:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o7HPJ-q7mfazXewahDm21lPc4zo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/416742-7dd6-4101-8c18-05786bfd6857/1/o7HPJ-q7mfazXewahDm21lPc4zo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/416742-7dd6-4101-8c18-05786bfd6857/1/o7HPJ-q7mfazXewahDm21lPc4zo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:2a:0f:14:7c:39:33:65:9b:28:fa:af:33:20:4a:43:91:0c:
         f0:49:e2:87:13:09:47:e0:1b:99:63:f0:41:8d:8c:1c:db:fd:
         b1:2a:75:39:98:ee:4e:24:64:97:20:d0:da:0a:79:c0:f5:6d:
         ea:77:50:5d:c5:b4:e9:e7:c0:09:d7:4e:c5:64:f1:c4:f4:18:
         06:8c:e0:ec:26:bb:93:fe:d2:36:4e:f5:06:4b:ac:fd:87:0b:
         87:64:e2:81:60:4f:af:6c:b4:7a:d9:58:d9:47:4c:73:fd:da:
         bd:69:0f:e8:9f:20:2b:ea:82:60:af:46:37:36:32:18:f5:60:
         1f:5f:c5:da:29:fc:2e:08:77:7d:09:bd:c4:db:6a:44:60:23:
         91:7d:38:32:9d:3e:23:4a:97:a2:0c:37:d5:9a:2e:44:e3:ba:
         15:4d:6e:6e:1c:25:70:41:b1:53:91:c4:40:46:e7:a7:07:e6:
         35:58:55:82:09:6b:01:be:c2:b5:cb:d5:b2:36:76:a7:6f:3d:
         ef:96:23:0c:68:0a:fd:07:f6:93:7f:4b:99:c6:56:96:db:18:
         ef:30:72:5c:8e:e8:2c:f9:6a:fe:d9:c7:20:b4:1e:28:6e:4a:
         4e:ff:c6:c6:dc:2f:f3:00:0f:f2:0f:ce:d4:b3:58:22:79:45:
         68:50:44:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdeOClRdH+6GyPfqG2qSzsnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzYjFjZjI3ZWFiYjk5ZjZiMzVkZWMxYTg0MzliNmQ2NTNk
Y2UzM2EwHhcNMjUwNjExMDkwMDI4WhcNMjUwNjEyMDkwMDI4WjAzMTEwLwYDVQQD
EyhhOWZmMWMxZGE2YmM0OTM1NmQzNTlhYzJiMWM3ZjcyOWUxYjY5M2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0/3OPuajvcOWkeuiwfMpgcFeDhyW
lfel6T683mvIViBlH1o3rpJfmgNM1hKEhsaA1KfToOCsGjXjsNkscIvQ2uVz81PZ
bu0iZyQ73h/dqSI8XZYWzoVv6hs1oU2bAizzQMrSh5wUk9lPSdMB07Bbk2TZULSY
ZMnEHhyeeAyD6bh3iilQ13/58Wc+5V4yAAJszw/eG0e9qx5tm4Mapb8+dDGx/vt7
IvzSWuwf2NHnXgiyI6HiMe08qdZj2iJJ9QE6MGkTN1HIzMOVAV1m/6/SYqUBSJ62
5FEFR4ibw4+gMEsfxE2ztHrnBaFmVAr1JIQYGqDMz9zsMH/6VAk07rDbpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKn/HB2mvEk1bTWawrHH9ynhtpPJMB8GA1UdIwQY
MBaAFKOxzyfqu5n2s13sGoQ5ttZT3OM6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzdIUEotcTdtZmF6WGV3YWhEbTIxbFBjNHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy80MTY3NDItN2RkNi00MTAxLThjMTgt
MDU3ODZiZmQ2ODU3LzEvbzdIUEotcTdtZmF6WGV3YWhEbTIxbFBjNHpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy80MTY3NDItN2RkNi00MTAxLThjMTgtMDU3ODZiZmQ2ODU3
LzEvbzdIUEotcTdtZmF6WGV3YWhEbTIxbFBjNHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUioPFHw5
M2WbKPqvMyBKQ5EM8EnihxMJR+AbmWPwQY2MHNv9sSp1OZjuTiRklyDQ2gp5wPVt
6ndQXcW06efACddOxWTxxPQYBozg7Ca7k/7SNk71Bkus/YcLh2TigWBPr2y0etlY
2UdMc/3avWkP6J8gK+qCYK9GNzYyGPVgH1/F2in8Lgh3fQm9xNtqRGAjkX04Mp0+
I0qXogw31ZouROO6FU1ubhwlcEGxU5HEQEbnpwfmNVhVgglrAb7CtcvVsjZ2p289
75YjDGgK/Qf2k39LmcZWltsY7zByXI7oLPlq/tnHILQeKG5KTv/Gxtwv8wAP8g/O
1LNYInlFaFBE6Q==
-----END CERTIFICATE-----