Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/430c81-ee4b-4e88-a36f-788f5a58044f/1/OQGfnAqym0Lg2xLprIezJ7_FWvk.mft
File:                     OQGfnAqym0Lg2xLprIezJ7_FWvk.mft (raw, json)
Hash identifier:          aZEoG1WCqVUtcmkdrL7OQThoDjHmUiedodGz4QYB6Ik=
Subject key identifier:   9F:2E:69:5D:7E:98:91:DE:D1:3C:69:41:70:F9:A4:60:EA:E1:3B:21
Authority key identifier: 39:01:9F:9C:0A:B2:9B:42:E0:DB:12:E9:AC:87:B3:27:BF:C5:5A:F9
Certificate issuer:       /CN=39019f9c0ab29b42e0db12e9ac87b327bfc55af9
Certificate serial:       0199180A85BA58E687ED9785489B853A11D0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OQGfnAqym0Lg2xLprIezJ7_FWvk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/430c81-ee4b-4e88-a36f-788f5a58044f/1/OQGfnAqym0Lg2xLprIezJ7_FWvk.mft
Manifest number:          1669
Signing time:             Fri 05 Sep 2025 04:02:46 +0000
Manifest this update:     Fri 05 Sep 2025 04:02:46 +0000
Manifest next update:     Sat 06 Sep 2025 04:02:46 +0000
Files and hashes:         1: OQGfnAqym0Lg2xLprIezJ7_FWvk.crl (hash: 4K86yiEkoAbb2gSXD23mZzXJiTSTAVHsmp3aT0brh+o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f2/430c81-ee4b-4e88-a36f-788f5a58044f/1/OQGfnAqym0Lg2xLprIezJ7_FWvk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f2/430c81-ee4b-4e88-a36f-788f5a58044f/1/OQGfnAqym0Lg2xLprIezJ7_FWvk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OQGfnAqym0Lg2xLprIezJ7_FWvk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 06 Sep 2025 01:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:18:0a:85:ba:58:e6:87:ed:97:85:48:9b:85:3a:11:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=39019f9c0ab29b42e0db12e9ac87b327bfc55af9
        Validity
            Not Before: Sep  5 04:02:46 2025 GMT
            Not After : Sep  6 04:02:46 2025 GMT
        Subject: CN=9f2e695d7e9891ded13c694170f9a460eae13b21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:dd:fe:43:08:8f:e6:4a:c2:5d:1a:2a:9e:c3:
                    fc:c0:68:aa:41:51:cf:44:be:0e:16:98:70:d3:2b:
                    2e:2b:0e:e5:56:81:ea:d7:b7:36:51:f5:f2:9f:b0:
                    cb:24:1b:d7:37:ce:4b:dd:2b:a8:ac:29:26:51:84:
                    67:39:5f:2e:e2:93:22:aa:62:03:b3:4e:b6:5f:87:
                    46:0f:a6:4d:a5:81:bb:0e:43:fa:0d:30:a8:69:7f:
                    79:c7:20:66:e7:a2:24:d4:c4:9e:4a:d7:e5:0e:28:
                    3e:1a:9c:94:0c:16:02:8a:b3:29:22:ca:6b:9d:2f:
                    22:f3:d6:1b:a7:99:95:85:77:46:e4:94:d5:f4:a6:
                    a3:b5:9d:4e:1e:1b:ae:39:28:bb:c0:48:4b:0d:c5:
                    b8:cd:13:38:94:df:f3:92:6d:53:95:50:f0:74:e5:
                    c3:3b:b9:0e:91:aa:df:01:9b:6c:f9:5f:e4:ec:98:
                    ae:70:91:9c:98:22:9d:90:ee:43:69:17:16:6e:21:
                    1b:52:f6:1e:74:5f:70:51:39:e4:a1:9f:59:5a:4f:
                    53:5c:16:60:53:51:75:21:60:16:37:ac:40:2a:c4:
                    8c:cc:8b:a4:13:94:6a:34:9a:0e:ec:0b:78:60:53:
                    80:6d:ad:36:b6:30:a0:b0:f8:5a:7a:ae:d9:cd:57:
                    1c:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:2E:69:5D:7E:98:91:DE:D1:3C:69:41:70:F9:A4:60:EA:E1:3B:21
            X509v3 Authority Key Identifier:
                keyid:39:01:9F:9C:0A:B2:9B:42:E0:DB:12:E9:AC:87:B3:27:BF:C5:5A:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQGfnAqym0Lg2xLprIezJ7_FWvk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/430c81-ee4b-4e88-a36f-788f5a58044f/1/OQGfnAqym0Lg2xLprIezJ7_FWvk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/430c81-ee4b-4e88-a36f-788f5a58044f/1/OQGfnAqym0Lg2xLprIezJ7_FWvk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:f7:11:01:7a:24:42:29:be:4f:32:8e:e5:a5:a2:c5:b0:85:
         4f:d2:79:14:c9:f5:17:46:78:55:11:12:ce:e9:1c:30:09:34:
         ea:ae:1e:de:42:f9:ed:af:f6:5b:ce:f5:c0:6f:bd:68:2c:73:
         1e:c7:ae:8e:d4:35:7d:78:94:5f:2e:6a:bd:8a:5e:da:24:f9:
         c3:a1:87:c7:75:5c:54:c3:2c:1d:d4:9c:2b:fb:fb:98:18:42:
         f1:0a:4b:58:4d:29:e9:b0:a1:48:6c:39:1c:74:fe:c6:8e:db:
         a4:c8:73:70:14:d6:52:f6:ef:68:2c:20:a0:0e:40:e9:10:70:
         63:6a:e9:90:38:e6:71:dc:10:c5:79:24:aa:a9:8a:ac:6a:21:
         9b:10:27:2f:68:44:9d:b3:a8:67:40:a2:d7:c6:a8:0e:ae:cf:
         fa:37:13:0d:53:6b:45:83:96:82:02:09:d4:46:3c:52:d4:75:
         58:99:91:20:fd:54:59:44:39:5d:c0:43:b8:f3:02:49:b0:21:
         ef:b6:9e:09:04:b5:f1:7b:0d:a3:ee:29:72:ac:8d:d6:25:b6:
         0a:48:d5:44:e7:9c:de:ec:b5:9f:ee:2a:5d:6d:51:89:c8:b0:
         62:0e:75:54:4e:a1:8d:a6:63:c4:b5:2d:30:ef:fd:f1:1d:09:
         3e:dc:6c:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkYCoW6WOaH7ZeFSJuFOhHQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MDE5ZjljMGFiMjliNDJlMGRiMTJlOWFjODdiMzI3YmZj
NTVhZjkwHhcNMjUwOTA1MDQwMjQ2WhcNMjUwOTA2MDQwMjQ2WjAzMTEwLwYDVQQD
Eyg5ZjJlNjk1ZDdlOTg5MWRlZDEzYzY5NDE3MGY5YTQ2MGVhZTEzYjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt93+QwiP5krCXRoqnsP8wGiqQVHP
RL4OFphw0ysuKw7lVoHq17c2UfXyn7DLJBvXN85L3SuorCkmUYRnOV8u4pMiqmID
s062X4dGD6ZNpYG7DkP6DTCoaX95xyBm56Ik1MSeStflDig+GpyUDBYCirMpIspr
nS8i89Ybp5mVhXdG5JTV9KajtZ1OHhuuOSi7wEhLDcW4zRM4lN/zkm1TlVDwdOXD
O7kOkarfAZts+V/k7JiucJGcmCKdkO5DaRcWbiEbUvYedF9wUTnkoZ9ZWk9TXBZg
U1F1IWAWN6xAKsSMzIukE5RqNJoO7At4YFOAba02tjCgsPhaeq7ZzVccGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ8uaV1+mJHe0TxpQXD5pGDq4TshMB8GA1UdIwQY
MBaAFDkBn5wKsptC4NsS6ayHsye/xVr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1FHZm5BcXltMExnMnhMcHJJZXpKN19GV3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi80MzBjODEtZWU0Yi00ZTg4LWEzNmYt
Nzg4ZjVhNTgwNDRmLzEvT1FHZm5BcXltMExnMnhMcHJJZXpKN19GV3ZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi80MzBjODEtZWU0Yi00ZTg4LWEzNmYtNzg4ZjVhNTgwNDRm
LzEvT1FHZm5BcXltMExnMnhMcHJJZXpKN19GV3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOfcRAXok
Qim+TzKO5aWixbCFT9J5FMn1F0Z4VRESzukcMAk06q4e3kL57a/2W871wG+9aCxz
HseujtQ1fXiUXy5qvYpe2iT5w6GHx3VcVMMsHdScK/v7mBhC8QpLWE0p6bChSGw5
HHT+xo7bpMhzcBTWUvbvaCwgoA5A6RBwY2rpkDjmcdwQxXkkqqmKrGohmxAnL2hE
nbOoZ0Ci18aoDq7P+jcTDVNrRYOWggIJ1EY8UtR1WJmRIP1UWUQ5XcBDuPMCSbAh
77aeCQS18XsNo+4pcqyN1iW2CkjVROec3uy1n+4qXW1RiciwYg51VE6hjaZjxLUt
MO/98R0JPtxs2w==
-----END CERTIFICATE-----