Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft
File:                     oybRlH-kQ2NloBOsZ_TzKx_bqck.mft (raw, json)
Hash identifier:          wYUwIK3uoJVAD+z3tvjho/o/gQSuouiX2SWYWnWniWY=
Subject key identifier:   AD:F7:E0:24:78:D3:C6:D4:6C:CA:7A:89:6C:89:6B:F3:15:D5:B7:B5
Authority key identifier: A3:26:D1:94:7F:A4:43:63:65:A0:13:AC:67:F4:F3:2B:1F:DB:A9:C9
Certificate issuer:       /CN=a326d1947fa4436365a013ac67f4f32b1fdba9c9
Certificate serial:       019643D5DE0816804AF7CEEA6FBA3FD0DBDA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oybRlH-kQ2NloBOsZ_TzKx_bqck.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft
Manifest number:          11EE
Signing time:             Thu 17 Apr 2025 13:00:11 +0000
Manifest this update:     Thu 17 Apr 2025 13:00:11 +0000
Manifest next update:     Fri 18 Apr 2025 13:00:11 +0000
Files and hashes:         1: oybRlH-kQ2NloBOsZ_TzKx_bqck.crl (hash: PvLJOeOPb4GUDJLCYDhoA9JIpiJkWp9J+0EPOvp0HE0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oybRlH-kQ2NloBOsZ_TzKx_bqck.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 18 Apr 2025 13:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:43:d5:de:08:16:80:4a:f7:ce:ea:6f:ba:3f:d0:db:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a326d1947fa4436365a013ac67f4f32b1fdba9c9
        Validity
            Not Before: Apr 17 13:00:11 2025 GMT
            Not After : Apr 18 13:00:11 2025 GMT
        Subject: CN=adf7e02478d3c6d46cca7a896c896bf315d5b7b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:33:c1:4d:60:ee:b5:df:44:56:c0:d8:7d:5b:
                    3f:0f:ed:4a:58:8f:17:b7:ce:57:17:9c:af:60:29:
                    e6:92:0b:75:c8:69:84:5c:d1:25:72:22:91:2e:f3:
                    1c:37:93:d2:1a:2b:12:2c:a7:80:aa:b8:28:8a:10:
                    09:05:84:6b:56:a7:35:fc:2e:8c:57:95:d3:86:62:
                    d0:74:3d:f4:1d:82:46:93:a7:29:91:2a:9e:98:0d:
                    0c:ae:fb:85:e8:7c:c1:bd:67:a9:c9:8a:6e:79:52:
                    97:2b:82:ca:f8:7c:07:04:73:d4:8f:39:b2:e8:0a:
                    30:bd:30:6f:80:cd:e3:f6:b6:94:e8:e7:14:5b:12:
                    f0:29:fd:86:f3:a0:18:af:28:0f:20:54:97:f3:c9:
                    e1:b5:02:68:e5:fa:da:16:db:ff:68:e6:ca:40:73:
                    39:40:ac:a3:51:b6:20:75:32:59:91:9a:fe:08:48:
                    d0:c3:48:1a:48:13:81:8e:5d:4e:85:41:db:e9:41:
                    07:b5:dd:c9:81:2f:30:0f:26:06:af:7e:9e:a4:70:
                    29:13:62:93:17:b3:2e:96:37:16:c2:1e:65:10:f4:
                    3f:3a:71:f6:d0:fe:e8:ff:2c:dd:f6:67:67:ae:ce:
                    ae:64:7a:13:cc:e5:a4:a3:2b:a4:da:45:aa:77:59:
                    d8:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:F7:E0:24:78:D3:C6:D4:6C:CA:7A:89:6C:89:6B:F3:15:D5:B7:B5
            X509v3 Authority Key Identifier:
                keyid:A3:26:D1:94:7F:A4:43:63:65:A0:13:AC:67:F4:F3:2B:1F:DB:A9:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oybRlH-kQ2NloBOsZ_TzKx_bqck.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:3d:57:37:c6:c5:e1:11:43:5f:03:c3:95:5a:f5:79:b0:9f:
         58:fe:9a:2f:28:dd:76:28:8a:2f:a1:60:b6:d7:79:82:e1:d0:
         31:8d:14:85:6d:9d:34:30:1a:59:9c:fd:9d:77:0e:6d:78:0b:
         03:47:b6:f3:73:f0:b1:31:92:75:07:65:c7:0a:32:f7:af:31:
         01:02:a8:1e:b8:b6:83:60:3f:05:68:2f:75:27:da:64:72:9a:
         6e:5f:12:ac:80:fd:97:4b:1c:e0:9a:1f:67:c5:f0:14:e3:76:
         11:f0:75:63:82:09:15:05:c9:23:c4:50:c2:cf:45:28:b4:91:
         81:8c:68:65:c4:1b:2a:dc:5d:54:50:67:fd:b8:10:0f:b1:14:
         d6:c5:13:db:76:16:ce:a1:a3:7f:6f:7c:9b:0a:e9:9e:cc:5c:
         e0:c5:4a:c5:48:dc:33:a0:0d:45:14:e1:44:70:d5:f1:8e:c3:
         c8:e1:7e:f4:e6:0b:ef:e2:48:70:60:b4:b8:f8:56:d5:5b:6b:
         0f:fc:e3:5a:47:06:aa:4c:f3:18:f1:f1:0c:ed:66:88:bc:70:
         7b:8a:66:b3:bc:71:b6:d6:66:8e:27:e9:ca:ba:4d:d0:e3:fb:
         d7:d9:42:7b:2c:43:7c:21:7b:60:7f:dc:f4:33:3a:2a:1d:4b:
         26:9e:f4:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZD1d4IFoBK987qb7o/0NvaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMjZkMTk0N2ZhNDQzNjM2NWEwMTNhYzY3ZjRmMzJiMWZk
YmE5YzkwHhcNMjUwNDE3MTMwMDExWhcNMjUwNDE4MTMwMDExWjAzMTEwLwYDVQQD
EyhhZGY3ZTAyNDc4ZDNjNmQ0NmNjYTdhODk2Yzg5NmJmMzE1ZDViN2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjPBTWDutd9EVsDYfVs/D+1KWI8X
t85XF5yvYCnmkgt1yGmEXNElciKRLvMcN5PSGisSLKeAqrgoihAJBYRrVqc1/C6M
V5XThmLQdD30HYJGk6cpkSqemA0MrvuF6HzBvWepyYpueVKXK4LK+HwHBHPUjzmy
6AowvTBvgM3j9raU6OcUWxLwKf2G86AYrygPIFSX88nhtQJo5fraFtv/aObKQHM5
QKyjUbYgdTJZkZr+CEjQw0gaSBOBjl1OhUHb6UEHtd3JgS8wDyYGr36epHApE2KT
F7MuljcWwh5lEPQ/OnH20P7o/yzd9mdnrs6uZHoTzOWkoyuk2kWqd1nYYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK334CR408bUbMp6iWyJa/MV1be1MB8GA1UdIwQY
MBaAFKMm0ZR/pENjZaATrGf08ysf26nJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3liUmxILWtRMk5sb0JPc1pfVHpLeF9icWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8wNTdmOWItYTAzYy00YmEzLTliN2Yt
NTdkM2RmYTU2NDA3LzEvb3liUmxILWtRMk5sb0JPc1pfVHpLeF9icWNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8wNTdmOWItYTAzYy00YmEzLTliN2YtNTdkM2RmYTU2NDA3
LzEvb3liUmxILWtRMk5sb0JPc1pfVHpLeF9icWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZT1XN8bF
4RFDXwPDlVr1ebCfWP6aLyjddiiKL6Fgttd5guHQMY0UhW2dNDAaWZz9nXcObXgL
A0e283PwsTGSdQdlxwoy968xAQKoHri2g2A/BWgvdSfaZHKabl8SrID9l0sc4Jof
Z8XwFON2EfB1Y4IJFQXJI8RQws9FKLSRgYxoZcQbKtxdVFBn/bgQD7EU1sUT23YW
zqGjf298mwrpnsxc4MVKxUjcM6ANRRThRHDV8Y7DyOF+9OYL7+JIcGC0uPhW1Vtr
D/zjWkcGqkzzGPHxDO1miLxwe4pms7xxttZmjifpyrpN0OP719lCeyxDfCF7YH/c
9DM6Kh1LJp70rQ==
-----END CERTIFICATE-----