Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
File:                     OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft (raw, json)
Hash identifier:          KWh92YoYa6DCwOkn9ZP/h4QW4IvHAAhEn/lFm81aL/8=
Subject key identifier:   7D:80:27:AD:1E:3B:BB:8C:42:32:2B:49:CF:22:01:8C:56:E6:B5:7E
Authority key identifier: 38:A1:D8:9A:13:B3:EB:B7:BF:59:E4:39:5F:3F:0D:8A:8A:7D:62:CE
Certificate issuer:       /CN=38a1d89a13b3ebb7bf59e4395f3f0d8a8a7d62ce
Certificate serial:       019511D97FD3B140194992D37A4AB6A9D462
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
Manifest number:          03D8
Signing time:             Mon 17 Feb 2025 03:00:21 +0000
Manifest this update:     Mon 17 Feb 2025 03:00:21 +0000
Manifest next update:     Tue 18 Feb 2025 03:00:21 +0000
Files and hashes:         1: OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl (hash: lcHeBFegbiEOcwN321xhPMdg/Q7EOTOOqWLUSwuV8k8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:d9:7f:d3:b1:40:19:49:92:d3:7a:4a:b6:a9:d4:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38a1d89a13b3ebb7bf59e4395f3f0d8a8a7d62ce
        Validity
            Not Before: Feb 17 03:00:21 2025 GMT
            Not After : Feb 18 03:00:21 2025 GMT
        Subject: CN=7d8027ad1e3bbb8c42322b49cf22018c56e6b57e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:b5:c7:72:c9:89:b0:c9:da:38:82:d7:46:b8:
                    17:89:94:28:ab:61:23:91:43:e5:fb:e0:3e:8c:79:
                    11:90:dc:e7:d0:26:f5:f3:a4:23:ed:9c:97:bb:90:
                    23:8a:91:44:c9:db:3e:3e:67:b3:b1:6f:3a:55:8d:
                    ff:5a:b9:15:26:32:fa:ee:8a:3f:8c:80:44:3d:7e:
                    1e:a6:b9:58:2c:df:db:ff:18:dd:ee:23:1c:a8:64:
                    be:24:4b:93:64:27:c0:07:b0:ec:2c:01:10:e0:c6:
                    8e:fd:12:69:9f:01:51:3c:d4:de:3f:e1:9d:99:b2:
                    7c:b8:40:a2:52:fe:35:f8:fe:fc:5d:51:da:88:eb:
                    56:b3:ad:5b:bf:e0:b4:59:fc:53:91:18:22:7f:b9:
                    64:a1:48:9b:66:91:1e:c0:31:3e:4b:42:bf:99:fc:
                    b4:96:c5:18:ce:89:30:09:cd:2c:13:16:bf:3e:b7:
                    48:7d:c0:19:ae:3f:66:ce:df:91:e5:38:1b:8f:f5:
                    29:6b:81:1f:8a:b7:96:d8:7a:9d:d9:5d:a7:44:0c:
                    1a:de:c8:db:94:96:22:d2:c3:92:c3:0a:69:fe:66:
                    02:91:40:c4:5a:5a:87:ce:d1:93:3d:62:cd:08:a1:
                    f1:19:65:5c:dc:ef:36:aa:b9:e4:f9:e3:d2:8e:52:
                    17:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:80:27:AD:1E:3B:BB:8C:42:32:2B:49:CF:22:01:8C:56:E6:B5:7E
            X509v3 Authority Key Identifier:
                keyid:38:A1:D8:9A:13:B3:EB:B7:BF:59:E4:39:5F:3F:0D:8A:8A:7D:62:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:f2:06:05:4c:98:f0:bf:0f:da:50:41:1c:e3:96:00:63:25:
         ef:9a:57:b0:ef:e3:b8:6d:4d:a8:84:d1:01:af:6a:d9:9e:92:
         73:e9:9b:b8:2a:7e:3a:e6:ed:c3:d5:9a:4d:e4:c9:3f:0b:ee:
         51:21:62:80:76:cf:d0:1c:3d:a8:a2:1a:f0:1a:eb:3d:1f:60:
         fe:94:e4:f0:8e:59:e3:9c:c1:06:ee:df:5c:f1:39:fc:f7:09:
         ea:20:05:73:93:07:db:ea:df:25:40:00:70:e7:43:ca:91:db:
         7a:96:2e:b6:46:1f:1b:f3:74:8f:da:0a:79:a4:01:b1:3b:63:
         5d:fd:84:8c:1c:7d:ad:b0:f6:ba:0d:94:77:5b:19:d2:46:b1:
         13:4f:bb:77:1c:26:dc:ff:10:5d:29:77:65:02:03:62:50:a5:
         a5:a7:8a:01:b1:c0:ae:96:e6:ba:93:eb:14:e1:f5:e2:d0:9b:
         8c:02:53:fd:8a:f8:31:2c:60:5b:3f:91:db:87:fb:48:2b:33:
         fb:5a:10:f9:a5:93:cb:7f:ef:20:50:da:ad:79:44:da:d6:36:
         64:80:9f:82:db:99:c9:6d:3a:46:44:1b:8d:9c:86:d4:3b:13:
         3c:c9:26:df:6c:e5:37:d6:34:ec:c0:b6:e2:a6:9c:df:c1:45:
         7b:a4:aa:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUR2X/TsUAZSZLTekq2qdRiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTFkODlhMTNiM2ViYjdiZjU5ZTQzOTVmM2YwZDhhOGE3
ZDYyY2UwHhcNMjUwMjE3MDMwMDIxWhcNMjUwMjE4MDMwMDIxWjAzMTEwLwYDVQQD
Eyg3ZDgwMjdhZDFlM2JiYjhjNDIzMjJiNDljZjIyMDE4YzU2ZTZiNTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3LXHcsmJsMnaOILXRrgXiZQoq2Ej
kUPl++A+jHkRkNzn0Cb186Qj7ZyXu5AjipFEyds+PmezsW86VY3/WrkVJjL67oo/
jIBEPX4eprlYLN/b/xjd7iMcqGS+JEuTZCfAB7DsLAEQ4MaO/RJpnwFRPNTeP+Gd
mbJ8uECiUv41+P78XVHaiOtWs61bv+C0WfxTkRgif7lkoUibZpEewDE+S0K/mfy0
lsUYzokwCc0sExa/PrdIfcAZrj9mzt+R5Tgbj/Upa4EfireW2Hqd2V2nRAwa3sjb
lJYi0sOSwwpp/mYCkUDEWlqHztGTPWLNCKHxGWVc3O82qrnk+ePSjlIXXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH2AJ60eO7uMQjIrSc8iAYxW5rV+MB8GA1UdIwQY
MBaAFDih2JoTs+u3v1nkOV8/DYqKfWLOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC84ZmNhN2YtYTllZC00OGRiLWE3ZTIt
M2E2ZmUzYmE1YzRkLzEvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC84ZmNhN2YtYTllZC00OGRiLWE3ZTItM2E2ZmUzYmE1YzRk
LzEvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANPIGBUyY
8L8P2lBBHOOWAGMl75pXsO/juG1NqITRAa9q2Z6Sc+mbuCp+Oubtw9WaTeTJPwvu
USFigHbP0Bw9qKIa8BrrPR9g/pTk8I5Z45zBBu7fXPE5/PcJ6iAFc5MH2+rfJUAA
cOdDypHbepYutkYfG/N0j9oKeaQBsTtjXf2EjBx9rbD2ug2Ud1sZ0kaxE0+7dxwm
3P8QXSl3ZQIDYlClpaeKAbHArpbmupPrFOH14tCbjAJT/Yr4MSxgWz+R24f7SCsz
+1oQ+aWTy3/vIFDarXlE2tY2ZICfgtuZyW06RkQbjZyG1DsTPMkm32zlN9Y07MC2
4qac38FFe6Sq3Q==
-----END CERTIFICATE-----