Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/416742-7dd6-4101-8c18-05786bfd6857/1/o7HPJ-q7mfazXewahDm21lPc4zo.mft
File:                     o7HPJ-q7mfazXewahDm21lPc4zo.mft (raw, json)
Hash identifier:          1nNfxi5hqcnPS/wnPE6f+chywd7GwYOyLGGysD+izF0=
Subject key identifier:   2B:46:43:EF:5C:39:B1:B8:6E:94:D1:EB:C8:79:4B:3D:C6:01:2C:9A
Authority key identifier: A3:B1:CF:27:EA:BB:99:F6:B3:5D:EC:1A:84:39:B6:D6:53:DC:E3:3A
Certificate issuer:       /CN=a3b1cf27eabb99f6b35dec1a8439b6d653dce33a
Certificate serial:       0199221EE42AA6C27A6B0DCFAFA5F58CE1C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o7HPJ-q7mfazXewahDm21lPc4zo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/416742-7dd6-4101-8c18-05786bfd6857/1/o7HPJ-q7mfazXewahDm21lPc4zo.mft
Manifest number:          166E
Signing time:             Sun 07 Sep 2025 03:01:13 +0000
Manifest this update:     Sun 07 Sep 2025 03:01:13 +0000
Manifest next update:     Mon 08 Sep 2025 03:01:13 +0000
Files and hashes:         1: o7HPJ-q7mfazXewahDm21lPc4zo.crl (hash: 5GtGvfVcTdCPUNGf8bsL8UvECE8Rzi+AI+eOE4bl0go=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6c/416742-7dd6-4101-8c18-05786bfd6857/1/o7HPJ-q7mfazXewahDm21lPc4zo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6c/416742-7dd6-4101-8c18-05786bfd6857/1/o7HPJ-q7mfazXewahDm21lPc4zo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/o7HPJ-q7mfazXewahDm21lPc4zo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:01:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1e:e4:2a:a6:c2:7a:6b:0d:cf:af:a5:f5:8c:e1:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3b1cf27eabb99f6b35dec1a8439b6d653dce33a
        Validity
            Not Before: Sep  7 03:01:13 2025 GMT
            Not After : Sep  8 03:01:13 2025 GMT
        Subject: CN=2b4643ef5c39b1b86e94d1ebc8794b3dc6012c9a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:31:28:81:6c:60:c9:f4:a7:d9:90:66:cb:ed:
                    c6:83:0c:e1:82:80:fa:9b:a9:3b:ff:d9:2e:63:01:
                    8e:1a:f4:84:73:51:d3:bf:2f:45:25:17:8e:2f:72:
                    b7:ac:96:3f:76:36:11:71:cf:aa:8d:cd:ec:6a:59:
                    bd:c0:4a:39:c0:a2:e7:71:ff:3b:eb:3f:d1:3c:74:
                    fd:95:d4:9e:1d:e3:a9:2d:5f:3a:cd:a5:b0:96:27:
                    25:bd:78:93:a6:19:a1:91:77:c6:1a:c9:9a:0b:ec:
                    29:78:f3:7e:f1:69:ba:f5:bd:55:96:2d:51:62:f8:
                    e6:95:a6:dd:a7:da:18:85:3f:c9:0c:8d:f0:92:28:
                    8b:f8:2c:2d:f6:d7:4d:79:17:4e:31:c2:40:47:30:
                    fb:90:eb:51:70:3d:dc:62:dc:7d:4a:b8:62:67:58:
                    cd:35:ba:f5:5b:3a:ae:84:1d:49:d8:05:d3:af:11:
                    c6:32:99:42:f7:85:88:8b:15:87:c2:a3:20:09:fd:
                    80:44:d7:8c:32:ef:59:f8:d9:15:1e:b9:e0:cb:52:
                    ad:62:f6:9a:9f:f1:61:7a:a8:fd:10:94:cc:30:ea:
                    f9:d9:6b:0d:d5:00:8e:5f:49:48:ba:a6:7f:92:0a:
                    1a:68:ae:be:59:f1:63:e9:f0:4d:7e:37:47:35:8a:
                    13:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:46:43:EF:5C:39:B1:B8:6E:94:D1:EB:C8:79:4B:3D:C6:01:2C:9A
            X509v3 Authority Key Identifier:
                keyid:A3:B1:CF:27:EA:BB:99:F6:B3:5D:EC:1A:84:39:B6:D6:53:DC:E3:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o7HPJ-q7mfazXewahDm21lPc4zo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/416742-7dd6-4101-8c18-05786bfd6857/1/o7HPJ-q7mfazXewahDm21lPc4zo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/416742-7dd6-4101-8c18-05786bfd6857/1/o7HPJ-q7mfazXewahDm21lPc4zo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:4b:d8:19:0c:2f:0e:30:22:a9:2e:2f:91:46:c5:d4:3b:25:
         11:cd:02:43:7c:3a:61:5e:6a:b5:95:6f:fc:ea:89:47:88:1e:
         fc:ca:66:e5:86:f6:82:e4:4e:56:d2:6e:43:3c:23:7e:c1:e6:
         4b:ef:a5:6f:d5:7f:06:a8:01:10:70:eb:c2:86:ca:c8:f3:42:
         bf:93:23:08:b5:3e:11:0f:52:fb:0e:64:b2:41:b8:71:76:04:
         ae:15:ba:41:bd:3e:19:1d:11:81:b8:da:9e:cc:b5:6a:03:b9:
         bb:d3:1b:e0:8c:65:be:95:2e:d0:a0:84:3b:78:11:cb:6a:6b:
         bc:9c:66:d0:a6:9e:7b:9a:66:be:12:b0:ba:fb:58:37:2f:ac:
         49:5e:fc:46:a3:0a:5b:1c:be:dc:de:53:36:5e:71:e5:64:ff:
         c4:f5:7c:56:66:6d:fd:c9:69:7c:20:b4:c6:9a:c2:20:b7:03:
         c5:03:6b:80:26:74:6c:08:5f:d3:ef:7c:cf:6e:0f:bf:eb:ed:
         ae:ad:45:ac:e2:5b:8e:97:1e:e8:44:cd:ed:3c:38:11:da:19:
         14:f9:69:78:91:e8:78:ba:81:17:6e:b8:f5:ac:a3:66:5a:d9:
         bb:77:8d:03:4c:45:0f:8b:6c:9b:92:26:48:cc:ce:d9:3c:4f:
         92:cd:60:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHuQqpsJ6aw3Pr6X1jOHEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzYjFjZjI3ZWFiYjk5ZjZiMzVkZWMxYTg0MzliNmQ2NTNk
Y2UzM2EwHhcNMjUwOTA3MDMwMTEzWhcNMjUwOTA4MDMwMTEzWjAzMTEwLwYDVQQD
EygyYjQ2NDNlZjVjMzliMWI4NmU5NGQxZWJjODc5NGIzZGM2MDEyYzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzzEogWxgyfSn2ZBmy+3GgwzhgoD6
m6k7/9kuYwGOGvSEc1HTvy9FJReOL3K3rJY/djYRcc+qjc3salm9wEo5wKLncf87
6z/RPHT9ldSeHeOpLV86zaWwliclvXiTphmhkXfGGsmaC+wpePN+8Wm69b1Vli1R
Yvjmlabdp9oYhT/JDI3wkiiL+Cwt9tdNeRdOMcJARzD7kOtRcD3cYtx9SrhiZ1jN
Nbr1WzquhB1J2AXTrxHGMplC94WIixWHwqMgCf2ARNeMMu9Z+NkVHrngy1KtYvaa
n/Fheqj9EJTMMOr52WsN1QCOX0lIuqZ/kgoaaK6+WfFj6fBNfjdHNYoTlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCtGQ+9cObG4bpTR68h5Sz3GASyaMB8GA1UdIwQY
MBaAFKOxzyfqu5n2s13sGoQ5ttZT3OM6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzdIUEotcTdtZmF6WGV3YWhEbTIxbFBjNHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy80MTY3NDItN2RkNi00MTAxLThjMTgt
MDU3ODZiZmQ2ODU3LzEvbzdIUEotcTdtZmF6WGV3YWhEbTIxbFBjNHpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy80MTY3NDItN2RkNi00MTAxLThjMTgtMDU3ODZiZmQ2ODU3
LzEvbzdIUEotcTdtZmF6WGV3YWhEbTIxbFBjNHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY0vYGQwv
DjAiqS4vkUbF1DslEc0CQ3w6YV5qtZVv/OqJR4ge/Mpm5Yb2guROVtJuQzwjfsHm
S++lb9V/BqgBEHDrwobKyPNCv5MjCLU+EQ9S+w5kskG4cXYErhW6Qb0+GR0Rgbja
nsy1agO5u9Mb4IxlvpUu0KCEO3gRy2prvJxm0Kaee5pmvhKwuvtYNy+sSV78RqMK
Wxy+3N5TNl5x5WT/xPV8VmZt/clpfCC0xprCILcDxQNrgCZ0bAhf0+98z24Pv+vt
rq1FrOJbjpce6ETN7Tw4EdoZFPlpeJHoeLqBF2649ayjZlrZu3eNA0xFD4tsm5Im
SMzO2TxPks1g1g==
-----END CERTIFICATE-----