Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft
File:                     oHEAJhaNhq-46ZnPsqjonFct0vk.mft (raw, json)
Hash identifier:          vfsmrgyb50iymVGU9z+LA23jL68qIViNadnH4AypuGU=
Subject key identifier:   C5:6F:9F:AF:4B:E6:C0:97:9F:64:9B:ED:80:1B:80:3F:05:E4:B0:F5
Authority key identifier: A0:71:00:26:16:8D:86:AF:B8:E9:99:CF:B2:A8:E8:9C:57:2D:D2:F9
Certificate issuer:       /CN=a0710026168d86afb8e999cfb2a8e89c572dd2f9
Certificate serial:       019748FAC472A3CDA1835CECEB3185AFD1A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oHEAJhaNhq-46ZnPsqjonFct0vk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft
Manifest number:          12C7
Signing time:             Sat 07 Jun 2025 06:01:23 +0000
Manifest this update:     Sat 07 Jun 2025 06:01:23 +0000
Manifest next update:     Sun 08 Jun 2025 06:01:23 +0000
Files and hashes:         1: oHEAJhaNhq-46ZnPsqjonFct0vk.crl (hash: EQEmsoNLwrPOp7TAjn6PC4U7GhJZuEPmpZOQglvjGH4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oHEAJhaNhq-46ZnPsqjonFct0vk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 06:01:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:fa:c4:72:a3:cd:a1:83:5c:ec:eb:31:85:af:d1:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0710026168d86afb8e999cfb2a8e89c572dd2f9
        Validity
            Not Before: Jun  7 06:01:23 2025 GMT
            Not After : Jun  8 06:01:23 2025 GMT
        Subject: CN=c56f9faf4be6c0979f649bed801b803f05e4b0f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:0c:8d:d5:4d:c0:4e:fb:82:59:00:47:f9:ce:
                    9e:9b:f2:4c:c5:17:f5:c6:65:26:ec:9d:ab:10:8d:
                    1f:8c:e8:11:80:89:ce:49:37:d8:7a:29:2b:11:94:
                    b9:49:d3:89:9e:d1:86:21:25:33:d4:21:65:49:65:
                    12:77:b4:60:19:40:8f:c1:35:6f:84:de:0f:ac:8e:
                    8d:1a:2a:d1:25:bc:b4:18:ff:09:03:7f:51:20:44:
                    f3:5d:96:c8:d2:32:6b:2e:90:05:db:b6:90:97:1d:
                    95:9b:4a:30:1f:cb:80:af:18:22:bc:cb:7b:b2:ee:
                    f2:a3:08:2f:89:16:6e:8b:7a:47:6c:97:ba:42:8e:
                    64:a8:c5:17:bd:b1:70:89:b9:b6:5c:66:23:92:d1:
                    a8:1a:d0:63:21:e2:21:45:66:e2:0f:8b:0a:d2:08:
                    30:36:c6:c1:b7:34:bb:39:d3:00:77:26:fc:d9:ac:
                    c0:8b:22:38:82:60:c5:42:f6:1b:16:ae:f0:7f:83:
                    73:f6:c9:7b:35:01:cc:b6:62:86:ba:9e:c7:bb:d3:
                    13:58:7c:60:98:99:b4:72:9f:ac:02:85:ad:3a:ef:
                    19:59:d7:44:ed:9e:9d:cb:70:63:45:1f:87:f1:e9:
                    09:a8:0f:7f:b5:f6:db:5a:97:a7:b7:01:e8:4f:0a:
                    83:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:6F:9F:AF:4B:E6:C0:97:9F:64:9B:ED:80:1B:80:3F:05:E4:B0:F5
            X509v3 Authority Key Identifier:
                keyid:A0:71:00:26:16:8D:86:AF:B8:E9:99:CF:B2:A8:E8:9C:57:2D:D2:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oHEAJhaNhq-46ZnPsqjonFct0vk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:a9:d9:93:f7:80:d5:e7:86:17:e0:85:76:41:30:f3:38:bf:
         ee:aa:d6:3d:a7:27:8e:98:26:c7:41:17:cf:17:e1:f7:f1:40:
         ea:bd:bc:0f:f2:0a:d7:e0:7e:8f:3f:b6:c5:a3:66:14:d3:2e:
         04:42:49:7d:fc:c6:f2:26:77:92:4f:63:55:e3:18:36:84:c0:
         ad:bc:46:88:61:1f:02:ed:e7:ff:f5:21:7a:f0:08:a2:ad:2f:
         f1:35:f8:db:da:e9:64:02:c9:55:96:bc:e5:18:b1:67:7c:40:
         49:b1:72:41:70:9c:7b:87:e5:3b:b8:53:25:71:2e:05:5e:c0:
         f5:d5:2c:a4:45:4f:ff:d5:ed:ef:4f:01:57:d9:67:46:c4:fe:
         67:ff:5d:96:6a:3f:64:16:78:94:60:b6:01:4a:11:c9:e8:6c:
         af:97:de:c8:50:16:4c:6e:9c:2d:2a:17:aa:50:5e:7a:ba:56:
         c0:5c:a1:d7:7d:47:9b:89:57:90:bc:96:f3:12:cb:2f:77:d0:
         80:8a:3a:66:6e:d9:5f:39:6b:59:30:91:d0:0e:e3:eb:88:41:
         6d:c0:28:b9:7e:7b:16:35:9c:1f:7f:6c:c8:ec:ba:94:5f:35:
         08:ac:fa:9d:1c:aa:1d:34:eb:85:f2:fe:97:f4:d3:62:26:78:
         f4:3b:53:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdI+sRyo82hg1zs6zGFr9GiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNzEwMDI2MTY4ZDg2YWZiOGU5OTljZmIyYThlODljNTcy
ZGQyZjkwHhcNMjUwNjA3MDYwMTIzWhcNMjUwNjA4MDYwMTIzWjAzMTEwLwYDVQQD
EyhjNTZmOWZhZjRiZTZjMDk3OWY2NDliZWQ4MDFiODAzZjA1ZTRiMGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwyN1U3ATvuCWQBH+c6em/JMxRf1
xmUm7J2rEI0fjOgRgInOSTfYeikrEZS5SdOJntGGISUz1CFlSWUSd7RgGUCPwTVv
hN4PrI6NGirRJby0GP8JA39RIETzXZbI0jJrLpAF27aQlx2Vm0owH8uArxgivMt7
su7yowgviRZui3pHbJe6Qo5kqMUXvbFwibm2XGYjktGoGtBjIeIhRWbiD4sK0ggw
NsbBtzS7OdMAdyb82azAiyI4gmDFQvYbFq7wf4Nz9sl7NQHMtmKGup7Hu9MTWHxg
mJm0cp+sAoWtOu8ZWddE7Z6dy3BjRR+H8ekJqA9/tfbbWpentwHoTwqD1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMVvn69L5sCXn2Sb7YAbgD8F5LD1MB8GA1UdIwQY
MBaAFKBxACYWjYavuOmZz7Ko6JxXLdL5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0hFQUpoYU5ocS00NlpuUHNxam9uRmN0MHZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi81NzcyMTItMDhiMC00M2VkLTg5YzYt
YTlhNmJmNjVlNjNhLzEvb0hFQUpoYU5ocS00NlpuUHNxam9uRmN0MHZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi81NzcyMTItMDhiMC00M2VkLTg5YzYtYTlhNmJmNjVlNjNh
LzEvb0hFQUpoYU5ocS00NlpuUHNxam9uRmN0MHZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoqnZk/eA
1eeGF+CFdkEw8zi/7qrWPacnjpgmx0EXzxfh9/FA6r28D/IK1+B+jz+2xaNmFNMu
BEJJffzG8iZ3kk9jVeMYNoTArbxGiGEfAu3n//UhevAIoq0v8TX429rpZALJVZa8
5RixZ3xASbFyQXCce4flO7hTJXEuBV7A9dUspEVP/9Xt708BV9lnRsT+Z/9dlmo/
ZBZ4lGC2AUoRyehsr5feyFAWTG6cLSoXqlBeerpWwFyh131Hm4lXkLyW8xLLL3fQ
gIo6Zm7ZXzlrWTCR0A7j64hBbcAouX57FjWcH39syOy6lF81CKz6nRyqHTTrhfL+
l/TTYiZ49DtTVA==
-----END CERTIFICATE-----