Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft
File:                     owjczEdYTD-oJh23kmouQBcrP3k.mft (raw, json)
Hash identifier:          3tASHJlYY79VA+/zDMFwTWYGB0XdtxOYcf0ofNfdOmc=
Subject key identifier:   8E:A4:B5:E5:93:98:A2:F2:22:41:7B:DA:4C:ED:9E:E0:38:AD:0B:1B
Authority key identifier: A3:08:DC:CC:47:58:4C:3F:A8:26:1D:B7:92:6A:2E:40:17:2B:3F:79
Certificate issuer:       /CN=a308dccc47584c3fa8261db7926a2e40172b3f79
Certificate serial:       019922FA63EFFA5989F53EF8A308D5775181
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/owjczEdYTD-oJh23kmouQBcrP3k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft
Manifest number:          0343
Signing time:             Sun 07 Sep 2025 07:00:58 +0000
Manifest this update:     Sun 07 Sep 2025 07:00:58 +0000
Manifest next update:     Mon 08 Sep 2025 07:00:58 +0000
Files and hashes:         1: owjczEdYTD-oJh23kmouQBcrP3k.crl (hash: XwyqDXeD9IxzUtqUKI0J6I+w1JFt4c9+SHm6Y88FV2Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/owjczEdYTD-oJh23kmouQBcrP3k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:fa:63:ef:fa:59:89:f5:3e:f8:a3:08:d5:77:51:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a308dccc47584c3fa8261db7926a2e40172b3f79
        Validity
            Not Before: Sep  7 07:00:58 2025 GMT
            Not After : Sep  8 07:00:58 2025 GMT
        Subject: CN=8ea4b5e59398a2f222417bda4ced9ee038ad0b1b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:82:a9:2b:11:df:64:4f:35:f7:05:16:a4:6e:
                    ff:81:eb:cc:f9:b0:62:43:af:13:86:d3:b1:cb:e2:
                    4f:08:d6:cc:24:84:41:35:14:ac:94:9f:4e:e1:ab:
                    92:42:34:a0:bd:f3:1b:46:12:0a:54:89:66:2f:b8:
                    a3:8f:a7:d1:79:9a:11:bb:ae:ee:18:bf:ca:eb:65:
                    11:87:59:b2:e5:aa:5c:a3:7b:f8:bf:7c:47:0b:1c:
                    ba:28:dd:05:14:dc:06:a3:fb:47:04:4b:4d:d5:41:
                    c5:3e:82:6e:2f:2b:ff:e7:05:53:1d:23:32:f1:d4:
                    10:18:7a:e7:17:9f:2d:80:38:89:d9:f5:74:11:33:
                    12:2a:e8:c2:9d:0d:f4:3a:3f:36:e2:9d:5f:11:0c:
                    81:80:71:69:e6:31:43:f4:1c:29:ad:01:ae:95:35:
                    56:91:f2:9f:ba:a7:ae:12:1b:71:85:a6:66:cc:21:
                    cb:11:10:2c:0a:e9:04:b6:8e:f6:f6:b0:ef:3d:55:
                    c5:c4:81:10:3b:6a:ea:01:87:2f:1f:df:29:31:16:
                    2f:c1:fd:a1:58:5d:80:32:92:5e:31:e9:ad:01:f6:
                    58:73:a0:03:39:87:6b:9b:c6:6c:bb:8e:94:03:5c:
                    57:5e:6e:e0:9f:17:06:54:a5:af:cf:ad:e5:d7:db:
                    78:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:A4:B5:E5:93:98:A2:F2:22:41:7B:DA:4C:ED:9E:E0:38:AD:0B:1B
            X509v3 Authority Key Identifier:
                keyid:A3:08:DC:CC:47:58:4C:3F:A8:26:1D:B7:92:6A:2E:40:17:2B:3F:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/owjczEdYTD-oJh23kmouQBcrP3k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:17:29:b6:eb:13:26:8e:d8:59:41:42:14:d0:fd:34:92:0d:
         0a:9a:a3:5b:d2:13:a7:fd:8b:8a:a6:36:5a:d6:8d:29:a9:17:
         1a:71:e9:d8:85:18:b4:16:8e:58:6a:8f:cf:ab:eb:e4:39:d0:
         73:3a:a4:5a:70:e8:de:34:ee:a9:a4:58:5b:35:9d:8e:bd:56:
         30:6a:98:9f:d5:b7:48:ec:87:b0:41:60:b9:26:ff:04:24:03:
         8a:16:92:88:ee:60:83:8b:dd:33:7c:30:5b:f3:74:ac:9c:c8:
         fc:e4:98:9f:e8:85:16:6b:e7:99:ba:30:5a:47:6e:06:29:6d:
         44:fc:87:15:84:37:c0:c7:fb:07:e7:98:80:1e:b2:e1:a5:2d:
         9f:45:e2:aa:56:72:ce:99:9e:e4:02:38:9a:fe:4f:60:a0:52:
         5f:dd:2c:d6:70:2b:0d:7b:41:8d:5e:66:e9:73:38:d5:a4:5b:
         87:29:7e:95:3d:ed:b3:39:57:89:c9:21:79:9a:71:e8:16:a5:
         b4:37:19:0c:2b:53:dc:fc:bd:63:63:d3:9c:9b:bb:7c:e4:22:
         c4:41:ba:83:5f:88:07:6a:91:52:e1:6d:61:38:18:89:77:32:
         bb:dd:6f:f2:d4:8c:ed:bd:3d:6b:9d:e1:f7:d4:79:53:01:20:
         a7:39:f9:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZki+mPv+lmJ9T74owjVd1GBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMDhkY2NjNDc1ODRjM2ZhODI2MWRiNzkyNmEyZTQwMTcy
YjNmNzkwHhcNMjUwOTA3MDcwMDU4WhcNMjUwOTA4MDcwMDU4WjAzMTEwLwYDVQQD
Eyg4ZWE0YjVlNTkzOThhMmYyMjI0MTdiZGE0Y2VkOWVlMDM4YWQwYjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4KpKxHfZE819wUWpG7/gevM+bBi
Q68ThtOxy+JPCNbMJIRBNRSslJ9O4auSQjSgvfMbRhIKVIlmL7ijj6fReZoRu67u
GL/K62URh1my5apco3v4v3xHCxy6KN0FFNwGo/tHBEtN1UHFPoJuLyv/5wVTHSMy
8dQQGHrnF58tgDiJ2fV0ETMSKujCnQ30Oj824p1fEQyBgHFp5jFD9BwprQGulTVW
kfKfuqeuEhtxhaZmzCHLERAsCukEto729rDvPVXFxIEQO2rqAYcvH98pMRYvwf2h
WF2AMpJeMemtAfZYc6ADOYdrm8Zsu46UA1xXXm7gnxcGVKWvz63l19t4zQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI6kteWTmKLyIkF72kztnuA4rQsbMB8GA1UdIwQY
MBaAFKMI3MxHWEw/qCYdt5JqLkAXKz95MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3dqY3pFZFlURC1vSmgyM2ttb3VRQmNyUDNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9hMjAyNTgtNmRmZi00Mjk1LTlkYzEt
MGFmZWIxNDUyNGJlLzEvb3dqY3pFZFlURC1vSmgyM2ttb3VRQmNyUDNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9hMjAyNTgtNmRmZi00Mjk1LTlkYzEtMGFmZWIxNDUyNGJl
LzEvb3dqY3pFZFlURC1vSmgyM2ttb3VRQmNyUDNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkRcptusT
Jo7YWUFCFND9NJINCpqjW9ITp/2LiqY2WtaNKakXGnHp2IUYtBaOWGqPz6vr5DnQ
czqkWnDo3jTuqaRYWzWdjr1WMGqYn9W3SOyHsEFguSb/BCQDihaSiO5gg4vdM3ww
W/N0rJzI/OSYn+iFFmvnmbowWkduBiltRPyHFYQ3wMf7B+eYgB6y4aUtn0XiqlZy
zpme5AI4mv5PYKBSX90s1nArDXtBjV5m6XM41aRbhyl+lT3tszlXickheZpx6Bal
tDcZDCtT3Py9Y2PTnJu7fOQixEG6g1+IB2qRUuFtYTgYiXcyu91v8tSM7b09a53h
99R5UwEgpzn5Ww==
-----END CERTIFICATE-----