Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/f756cf-0628-4f72-a117-bbe073bf6a64/1/OWN43jPRC4yw-AhitkkaTenP_N8.mft
File:                     OWN43jPRC4yw-AhitkkaTenP_N8.mft (raw, json)
Hash identifier:          sWnjuC2U5Yt//wQ3DaDSKz69y+XT1zcFY624DRpp98Y=
Subject key identifier:   42:70:9E:1A:9B:FD:D8:C3:D1:4F:2A:8F:EF:BA:43:95:62:44:8F:17
Authority key identifier: 39:63:78:DE:33:D1:0B:8C:B0:F8:08:62:B6:49:1A:4D:E9:CF:FC:DF
Certificate issuer:       /CN=396378de33d10b8cb0f80862b6491a4de9cffcdf
Certificate serial:       01974967D7734B56D752F52667995CDACE78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OWN43jPRC4yw-AhitkkaTenP_N8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/f756cf-0628-4f72-a117-bbe073bf6a64/1/OWN43jPRC4yw-AhitkkaTenP_N8.mft
Manifest number:          0501
Signing time:             Sat 07 Jun 2025 08:00:31 +0000
Manifest this update:     Sat 07 Jun 2025 08:00:31 +0000
Manifest next update:     Sun 08 Jun 2025 08:00:31 +0000
Files and hashes:         1: OWN43jPRC4yw-AhitkkaTenP_N8.crl (hash: lKboQpsqebVzrHUEoRggAitnUlAjePd0DoPzubICrYo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/f756cf-0628-4f72-a117-bbe073bf6a64/1/OWN43jPRC4yw-AhitkkaTenP_N8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/f756cf-0628-4f72-a117-bbe073bf6a64/1/OWN43jPRC4yw-AhitkkaTenP_N8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OWN43jPRC4yw-AhitkkaTenP_N8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:67:d7:73:4b:56:d7:52:f5:26:67:99:5c:da:ce:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=396378de33d10b8cb0f80862b6491a4de9cffcdf
        Validity
            Not Before: Jun  7 08:00:31 2025 GMT
            Not After : Jun  8 08:00:31 2025 GMT
        Subject: CN=42709e1a9bfdd8c3d14f2a8fefba439562448f17
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f6:e3:bb:ba:ad:bf:be:ba:5b:03:58:4d:c7:88:
                    dd:cc:8a:ce:67:ca:f5:50:84:c8:52:dc:4c:1d:5a:
                    f1:d8:8e:e5:85:4f:07:15:dd:54:d3:d0:93:f6:88:
                    34:9c:88:d1:6b:23:b3:eb:31:ea:9f:88:79:0b:45:
                    88:90:e3:ab:a4:97:ad:e7:08:9f:00:bf:33:d1:a8:
                    ca:01:f8:f0:39:4a:ad:ea:ff:ed:5e:dc:3f:fa:63:
                    43:9c:4d:48:e0:f3:95:c1:ab:1d:e8:94:f0:ba:ca:
                    22:34:18:c5:6a:71:a7:bf:dd:5b:d2:df:80:ed:88:
                    2f:7d:be:fc:53:46:8a:81:24:d1:3e:18:7b:e1:ff:
                    40:64:96:d7:61:76:5e:00:ad:4b:4f:b3:4a:75:55:
                    a1:b7:f1:f8:b2:ae:dd:7c:50:6f:ee:82:a1:12:d9:
                    2d:50:47:fb:a3:d2:4a:86:4a:3a:12:e8:e1:46:30:
                    6a:ab:23:88:ea:c8:85:9f:8b:c5:cb:68:78:ca:52:
                    46:92:10:9d:c7:5d:6c:a1:5e:0a:aa:b7:f9:7d:e5:
                    f2:73:96:4d:10:cb:04:6b:69:bf:fc:17:c8:91:f7:
                    fe:19:77:50:89:df:bb:b7:e8:79:e3:24:13:d8:9d:
                    10:44:54:85:f9:68:fa:9c:23:1c:a8:15:67:8d:1a:
                    87:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:70:9E:1A:9B:FD:D8:C3:D1:4F:2A:8F:EF:BA:43:95:62:44:8F:17
            X509v3 Authority Key Identifier:
                keyid:39:63:78:DE:33:D1:0B:8C:B0:F8:08:62:B6:49:1A:4D:E9:CF:FC:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OWN43jPRC4yw-AhitkkaTenP_N8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/f756cf-0628-4f72-a117-bbe073bf6a64/1/OWN43jPRC4yw-AhitkkaTenP_N8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/f756cf-0628-4f72-a117-bbe073bf6a64/1/OWN43jPRC4yw-AhitkkaTenP_N8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:c1:1b:69:89:4f:35:df:8f:44:c3:82:ec:1f:06:f9:2c:d1:
         02:6c:33:da:fa:82:60:d7:63:6c:b7:62:53:c1:f0:d3:57:d2:
         6b:55:b1:83:a5:22:1d:7d:fb:37:bf:70:dd:a1:74:aa:ef:b4:
         5c:70:b5:f2:e5:2c:1d:64:c2:fb:66:af:d2:2c:a5:5f:8a:a7:
         f2:e5:cb:c4:62:66:08:d4:c7:4e:bf:bc:86:1d:a0:d0:51:be:
         95:b4:0e:93:f1:f4:f9:5c:15:4d:58:c5:19:66:20:de:93:7c:
         33:91:46:10:8f:ab:0d:89:8b:9d:bc:32:1e:ca:3e:4f:0b:f4:
         bd:d2:d3:88:2c:99:d9:f3:6b:c2:b4:77:cb:5e:80:33:30:71:
         35:cf:13:ef:45:db:c0:ad:64:d0:62:71:12:83:22:00:85:71:
         a7:f0:0c:6e:d3:0e:b0:0c:80:be:2a:83:cb:2f:4d:e3:bb:af:
         f6:73:80:59:45:7b:13:1e:80:0a:97:0e:2a:83:4c:1b:d1:e3:
         eb:ae:4d:d4:e2:44:2a:fc:4a:a5:77:c9:fc:71:dc:12:e1:90:
         e1:08:32:2e:d9:bb:22:39:f3:5c:72:fb:51:fa:78:17:8b:2b:
         bd:51:8b:f2:84:fe:76:22:31:0e:59:d7:62:8f:79:67:9c:1c:
         68:ce:53:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJZ9dzS1bXUvUmZ5lc2s54MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NjM3OGRlMzNkMTBiOGNiMGY4MDg2MmI2NDkxYTRkZTlj
ZmZjZGYwHhcNMjUwNjA3MDgwMDMxWhcNMjUwNjA4MDgwMDMxWjAzMTEwLwYDVQQD
Eyg0MjcwOWUxYTliZmRkOGMzZDE0ZjJhOGZlZmJhNDM5NTYyNDQ4ZjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9uO7uq2/vrpbA1hNx4jdzIrOZ8r1
UITIUtxMHVrx2I7lhU8HFd1U09CT9og0nIjRayOz6zHqn4h5C0WIkOOrpJet5wif
AL8z0ajKAfjwOUqt6v/tXtw/+mNDnE1I4POVwasd6JTwusoiNBjFanGnv91b0t+A
7Ygvfb78U0aKgSTRPhh74f9AZJbXYXZeAK1LT7NKdVWht/H4sq7dfFBv7oKhEtkt
UEf7o9JKhko6EujhRjBqqyOI6siFn4vFy2h4ylJGkhCdx11soV4Kqrf5feXyc5ZN
EMsEa2m//BfIkff+GXdQid+7t+h54yQT2J0QRFSF+Wj6nCMcqBVnjRqHFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEJwnhqb/djD0U8qj++6Q5ViRI8XMB8GA1UdIwQY
MBaAFDljeN4z0QuMsPgIYrZJGk3pz/zfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1dONDNqUFJDNHl3LUFoaXRra2FUZW5QX044LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9mNzU2Y2YtMDYyOC00ZjcyLWExMTct
YmJlMDczYmY2YTY0LzEvT1dONDNqUFJDNHl3LUFoaXRra2FUZW5QX044Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9mNzU2Y2YtMDYyOC00ZjcyLWExMTctYmJlMDczYmY2YTY0
LzEvT1dONDNqUFJDNHl3LUFoaXRra2FUZW5QX044LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe8EbaYlP
Nd+PRMOC7B8G+SzRAmwz2vqCYNdjbLdiU8Hw01fSa1Wxg6UiHX37N79w3aF0qu+0
XHC18uUsHWTC+2av0iylX4qn8uXLxGJmCNTHTr+8hh2g0FG+lbQOk/H0+VwVTVjF
GWYg3pN8M5FGEI+rDYmLnbwyHso+Twv0vdLTiCyZ2fNrwrR3y16AMzBxNc8T70Xb
wK1k0GJxEoMiAIVxp/AMbtMOsAyAviqDyy9N47uv9nOAWUV7Ex6ACpcOKoNMG9Hj
665N1OJEKvxKpXfJ/HHcEuGQ4QgyLtm7IjnzXHL7Ufp4F4srvVGL8oT+diIxDlnX
Yo95Z5wcaM5T1w==
-----END CERTIFICATE-----