Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft
File:                     owjczEdYTD-oJh23kmouQBcrP3k.mft (raw, json)
Hash identifier:          P8vXBVQ28XMIGhOE8hr9Z8/oucIAdIa25NYyqG8Zo4Q=
Subject key identifier:   FF:BB:79:DD:6E:47:5F:4B:CC:97:DD:7D:A2:DA:E0:28:4D:C6:BC:DF
Authority key identifier: A3:08:DC:CC:47:58:4C:3F:A8:26:1D:B7:92:6A:2E:40:17:2B:3F:79
Certificate issuer:       /CN=a308dccc47584c3fa8261db7926a2e40172b3f79
Certificate serial:       019745F92E91E9653A774F3D59390679F0B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/owjczEdYTD-oJh23kmouQBcrP3k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft
Manifest number:          024C
Signing time:             Fri 06 Jun 2025 16:00:47 +0000
Manifest this update:     Fri 06 Jun 2025 16:00:47 +0000
Manifest next update:     Sat 07 Jun 2025 16:00:47 +0000
Files and hashes:         1: owjczEdYTD-oJh23kmouQBcrP3k.crl (hash: OtIbFWjtnD1z6IiHD5RJ/KJT/oeje667GpUQmfDf4GY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/owjczEdYTD-oJh23kmouQBcrP3k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 16:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:45:f9:2e:91:e9:65:3a:77:4f:3d:59:39:06:79:f0:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a308dccc47584c3fa8261db7926a2e40172b3f79
        Validity
            Not Before: Jun  6 16:00:47 2025 GMT
            Not After : Jun  7 16:00:47 2025 GMT
        Subject: CN=ffbb79dd6e475f4bcc97dd7da2dae0284dc6bcdf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:01:a7:09:fd:a2:9b:45:ad:74:c2:4b:f5:b5:
                    4b:35:3b:75:56:dc:60:59:90:a3:c1:c1:40:fe:6c:
                    9f:0c:67:ff:c2:ac:d5:c1:03:84:28:48:1f:b4:6a:
                    9e:4c:e9:ce:03:95:41:d7:ad:e8:fe:66:87:7a:4d:
                    e5:74:16:b7:ff:55:62:83:e1:ea:9b:e0:3d:cf:2a:
                    00:63:f5:3b:3b:51:3f:cc:d8:51:dc:d7:3e:32:a3:
                    3d:89:c7:54:66:84:e1:4f:ad:ce:cd:38:58:2c:cd:
                    ee:63:87:d9:df:c9:aa:e6:6f:0b:b6:c4:e1:7a:2a:
                    8c:8e:22:5e:fa:f2:cb:04:ba:a6:e1:45:42:41:9d:
                    5d:f5:85:f7:9c:25:ae:f7:30:a2:64:39:80:88:f6:
                    0e:df:d3:71:2d:e9:44:bf:e5:c8:c1:c5:71:58:1a:
                    9c:90:56:01:97:33:a3:1f:09:c9:5f:66:c1:30:e9:
                    71:8f:e1:4b:0a:15:d6:3b:fe:65:32:a9:5a:1c:9a:
                    5d:dc:8c:79:0a:33:ec:3e:20:8b:f0:f5:33:11:af:
                    6d:9f:d3:d2:82:80:ab:2b:f2:f3:40:b5:1d:c5:20:
                    57:98:6b:56:dd:80:e0:e9:dd:89:2d:d2:ac:aa:c9:
                    47:72:d7:b7:16:89:02:42:25:c6:00:f2:b0:59:af:
                    3f:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:BB:79:DD:6E:47:5F:4B:CC:97:DD:7D:A2:DA:E0:28:4D:C6:BC:DF
            X509v3 Authority Key Identifier:
                keyid:A3:08:DC:CC:47:58:4C:3F:A8:26:1D:B7:92:6A:2E:40:17:2B:3F:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/owjczEdYTD-oJh23kmouQBcrP3k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:dd:76:d9:db:8c:af:63:8f:f2:c0:34:c9:a5:f1:7f:24:b1:
         a5:c6:75:e7:22:a5:85:f6:1f:8c:64:43:ab:6a:86:db:cb:b9:
         a3:02:e6:8c:d3:55:44:d4:04:c2:60:7b:5f:75:97:07:15:73:
         a4:cf:fc:81:95:79:a4:60:17:65:47:5d:d8:a2:16:90:73:a4:
         ed:fe:eb:63:79:53:ed:6e:6e:9d:0c:83:33:dc:6e:8e:6e:7a:
         c3:60:24:15:d1:2e:fc:2f:ed:d2:36:45:0b:c2:81:c0:dc:39:
         a2:c1:67:3c:0e:fd:a6:cd:d8:8d:2d:ae:59:57:9d:d8:e6:d0:
         a3:3b:1e:24:9e:8c:e0:3b:0d:7d:c0:0b:d2:98:2c:a1:30:a5:
         21:2a:36:b8:84:9d:27:74:11:a7:2e:82:7e:47:86:89:0c:76:
         09:50:01:81:a0:ca:b7:1e:69:77:23:c2:86:7f:bf:20:79:29:
         f3:a6:12:e2:71:9a:5d:01:8c:54:8e:f4:9a:f8:20:43:50:63:
         f4:a8:92:67:5a:24:71:a6:98:e2:98:b6:c2:9b:0f:8b:5b:ac:
         b1:49:a3:de:fc:32:3c:5e:0a:93:c3:c8:af:40:b8:f9:62:81:
         d3:92:4a:2f:0b:34:16:43:7d:f1:1e:65:fb:34:b7:21:fa:2f:
         eb:b7:5c:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdF+S6R6WU6d089WTkGefC2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMDhkY2NjNDc1ODRjM2ZhODI2MWRiNzkyNmEyZTQwMTcy
YjNmNzkwHhcNMjUwNjA2MTYwMDQ3WhcNMjUwNjA3MTYwMDQ3WjAzMTEwLwYDVQQD
EyhmZmJiNzlkZDZlNDc1ZjRiY2M5N2RkN2RhMmRhZTAyODRkYzZiY2RmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAGnCf2im0WtdMJL9bVLNTt1Vtxg
WZCjwcFA/myfDGf/wqzVwQOEKEgftGqeTOnOA5VB163o/maHek3ldBa3/1Vig+Hq
m+A9zyoAY/U7O1E/zNhR3Nc+MqM9icdUZoThT63OzThYLM3uY4fZ38mq5m8LtsTh
eiqMjiJe+vLLBLqm4UVCQZ1d9YX3nCWu9zCiZDmAiPYO39NxLelEv+XIwcVxWBqc
kFYBlzOjHwnJX2bBMOlxj+FLChXWO/5lMqlaHJpd3Ix5CjPsPiCL8PUzEa9tn9PS
goCrK/LzQLUdxSBXmGtW3YDg6d2JLdKsqslHcte3FokCQiXGAPKwWa8/dwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP+7ed1uR19LzJfdfaLa4ChNxrzfMB8GA1UdIwQY
MBaAFKMI3MxHWEw/qCYdt5JqLkAXKz95MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3dqY3pFZFlURC1vSmgyM2ttb3VRQmNyUDNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9hMjAyNTgtNmRmZi00Mjk1LTlkYzEt
MGFmZWIxNDUyNGJlLzEvb3dqY3pFZFlURC1vSmgyM2ttb3VRQmNyUDNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9hMjAyNTgtNmRmZi00Mjk1LTlkYzEtMGFmZWIxNDUyNGJl
LzEvb3dqY3pFZFlURC1vSmgyM2ttb3VRQmNyUDNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhN122duM
r2OP8sA0yaXxfySxpcZ15yKlhfYfjGRDq2qG28u5owLmjNNVRNQEwmB7X3WXBxVz
pM/8gZV5pGAXZUdd2KIWkHOk7f7rY3lT7W5unQyDM9xujm56w2AkFdEu/C/t0jZF
C8KBwNw5osFnPA79ps3YjS2uWVed2ObQozseJJ6M4DsNfcAL0pgsoTClISo2uISd
J3QRpy6CfkeGiQx2CVABgaDKtx5pdyPChn+/IHkp86YS4nGaXQGMVI70mvggQ1Bj
9KiSZ1okcaaY4pi2wpsPi1ussUmj3vwyPF4Kk8PIr0C4+WKB05JKLws0FkN98R5l
+zS3Ifov67dcqQ==
-----END CERTIFICATE-----