Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/54d38e-c90b-4b71-b71a-3e424056948f/1/ojOmr19ohDKHnH4MB3LN3Y8XbbU.mft
File:                     ojOmr19ohDKHnH4MB3LN3Y8XbbU.mft (raw, json)
Hash identifier:          s7pbwUNUkP2kaXdiNAcjM5Ilj+n8CqP+wP9HN+6a9FE=
Subject key identifier:   5B:BD:A6:97:3B:F1:6E:15:C7:F3:AB:DB:A7:1E:A9:28:EC:29:D4:38
Authority key identifier: A2:33:A6:AF:5F:68:84:32:87:9C:7E:0C:07:72:CD:DD:8F:17:6D:B5
Certificate issuer:       /CN=a233a6af5f688432879c7e0c0772cddd8f176db5
Certificate serial:       019A73018BF0A5A555A80FDFE45F8DD7C2D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ojOmr19ohDKHnH4MB3LN3Y8XbbU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/54d38e-c90b-4b71-b71a-3e424056948f/1/ojOmr19ohDKHnH4MB3LN3Y8XbbU.mft
Manifest number:          171D
Signing time:             Tue 11 Nov 2025 13:01:12 +0000
Manifest this update:     Tue 11 Nov 2025 13:01:12 +0000
Manifest next update:     Wed 12 Nov 2025 13:01:12 +0000
Files and hashes:         1: ojOmr19ohDKHnH4MB3LN3Y8XbbU.crl (hash: BUaCg0/9hfjKXI6tts3NPp01RngSmGygoEmtzaShP60=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fd/54d38e-c90b-4b71-b71a-3e424056948f/1/ojOmr19ohDKHnH4MB3LN3Y8XbbU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fd/54d38e-c90b-4b71-b71a-3e424056948f/1/ojOmr19ohDKHnH4MB3LN3Y8XbbU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ojOmr19ohDKHnH4MB3LN3Y8XbbU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:73:01:8b:f0:a5:a5:55:a8:0f:df:e4:5f:8d:d7:c2:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a233a6af5f688432879c7e0c0772cddd8f176db5
        Validity
            Not Before: Nov 11 13:01:12 2025 GMT
            Not After : Nov 12 13:01:12 2025 GMT
        Subject: CN=5bbda6973bf16e15c7f3abdba71ea928ec29d438
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:6e:0f:1c:9e:fd:5d:3b:9c:10:a2:a1:92:05:
                    25:4f:58:7e:5c:46:b9:1c:17:92:c1:7a:18:55:d7:
                    8c:63:b8:cb:95:47:9e:fe:fe:28:c3:59:1d:3f:0d:
                    f1:56:77:c7:15:18:3b:54:ee:83:81:11:eb:ee:01:
                    f6:ad:e4:15:b5:a6:ac:14:00:78:7d:ab:cf:e1:64:
                    a5:05:24:f6:2e:4e:d7:35:14:a8:d4:8f:87:f4:9e:
                    20:99:d9:c5:3c:82:7b:30:e7:f8:c7:d6:29:74:95:
                    74:5a:f7:c4:91:e7:3a:f6:2a:da:c3:fe:9f:ff:1e:
                    0e:a0:de:20:78:e3:dd:62:8f:65:56:f5:f9:26:ba:
                    33:71:a7:bb:8c:db:b0:c8:9e:e1:11:64:79:f0:a6:
                    c8:b9:e9:ce:f1:8d:40:6d:04:b2:b9:d5:a0:dd:0a:
                    ba:af:4f:be:81:d7:e2:67:9c:68:47:0b:7b:be:de:
                    6a:79:23:11:67:63:91:70:7b:6c:6b:7e:f8:55:f6:
                    4e:b7:98:3a:47:f9:3b:f5:77:cf:d9:75:a1:4b:e2:
                    cf:a3:3f:1f:fe:da:54:e1:6c:40:6f:22:f0:dc:ac:
                    23:7e:19:46:06:50:27:b5:8c:90:a8:be:88:e9:8d:
                    04:30:5e:56:95:40:3d:29:74:81:c7:5e:68:21:93:
                    e8:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:BD:A6:97:3B:F1:6E:15:C7:F3:AB:DB:A7:1E:A9:28:EC:29:D4:38
            X509v3 Authority Key Identifier:
                keyid:A2:33:A6:AF:5F:68:84:32:87:9C:7E:0C:07:72:CD:DD:8F:17:6D:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ojOmr19ohDKHnH4MB3LN3Y8XbbU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/54d38e-c90b-4b71-b71a-3e424056948f/1/ojOmr19ohDKHnH4MB3LN3Y8XbbU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/54d38e-c90b-4b71-b71a-3e424056948f/1/ojOmr19ohDKHnH4MB3LN3Y8XbbU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:f6:5b:2b:46:b8:ff:77:b3:0c:99:e3:7e:17:3a:3a:c2:dc:
         1e:24:a3:13:c8:ff:eb:51:5c:41:cc:d0:5a:98:50:84:a2:3e:
         74:ac:b6:b3:7a:e1:c1:50:bd:f5:b8:04:d3:20:24:74:8c:13:
         cb:71:8d:be:db:d5:a2:9a:7f:29:4d:6c:f3:41:7e:3b:57:08:
         66:1b:df:23:77:ce:fe:e5:cf:39:ce:0c:ff:8a:4b:b3:67:63:
         ff:1f:34:f5:9d:b7:d2:8b:6d:0f:b0:20:51:c8:d1:b5:b3:24:
         8d:63:02:05:a0:94:c8:d0:35:07:92:fe:ad:0e:12:ee:aa:90:
         70:5b:49:af:a5:26:4d:44:a6:ed:44:3c:e4:fc:f7:58:32:b6:
         52:4c:20:79:39:ff:d0:2c:bd:d4:c8:73:2e:34:cc:81:80:49:
         33:13:2b:e7:0d:db:23:96:1c:52:78:3c:3d:fc:33:8f:79:96:
         26:b3:77:6d:b5:4f:a8:cb:ef:77:71:1a:7f:74:be:3f:56:84:
         dc:2d:9c:dc:0c:ef:3a:d3:1a:fd:82:9e:d2:07:ac:df:06:a9:
         0e:8f:bc:3c:f2:f5:5f:bf:5c:3d:ca:23:c1:ba:fc:4a:fc:0e:
         52:e9:f2:ad:67:49:92:ac:95:ef:ed:18:bf:14:87:2c:00:fb:
         8a:cc:42:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzAYvwpaVVqA/f5F+N18LYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMzNhNmFmNWY2ODg0MzI4NzljN2UwYzA3NzJjZGRkOGYx
NzZkYjUwHhcNMjUxMTExMTMwMTEyWhcNMjUxMTEyMTMwMTEyWjAzMTEwLwYDVQQD
Eyg1YmJkYTY5NzNiZjE2ZTE1YzdmM2FiZGJhNzFlYTkyOGVjMjlkNDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmm4PHJ79XTucEKKhkgUlT1h+XEa5
HBeSwXoYVdeMY7jLlUee/v4ow1kdPw3xVnfHFRg7VO6DgRHr7gH2reQVtaasFAB4
favP4WSlBST2Lk7XNRSo1I+H9J4gmdnFPIJ7MOf4x9YpdJV0WvfEkec69iraw/6f
/x4OoN4geOPdYo9lVvX5Jrozcae7jNuwyJ7hEWR58KbIuenO8Y1AbQSyudWg3Qq6
r0++gdfiZ5xoRwt7vt5qeSMRZ2ORcHtsa374VfZOt5g6R/k79XfP2XWhS+LPoz8f
/tpU4WxAbyLw3KwjfhlGBlAntYyQqL6I6Y0EMF5WlUA9KXSBx15oIZPoCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFu9ppc78W4Vx/Or26ceqSjsKdQ4MB8GA1UdIwQY
MBaAFKIzpq9faIQyh5x+DAdyzd2PF221MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2pPbXIxOW9oREtIbkg0TUIzTE4zWThYYmJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC81NGQzOGUtYzkwYi00YjcxLWI3MWEt
M2U0MjQwNTY5NDhmLzEvb2pPbXIxOW9oREtIbkg0TUIzTE4zWThYYmJVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC81NGQzOGUtYzkwYi00YjcxLWI3MWEtM2U0MjQwNTY5NDhm
LzEvb2pPbXIxOW9oREtIbkg0TUIzTE4zWThYYmJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABvZbK0a4
/3ezDJnjfhc6OsLcHiSjE8j/61FcQczQWphQhKI+dKy2s3rhwVC99bgE0yAkdIwT
y3GNvtvVopp/KU1s80F+O1cIZhvfI3fO/uXPOc4M/4pLs2dj/x809Z230ottD7Ag
UcjRtbMkjWMCBaCUyNA1B5L+rQ4S7qqQcFtJr6UmTUSm7UQ85Pz3WDK2UkwgeTn/
0Cy91MhzLjTMgYBJMxMr5w3bI5YcUng8Pfwzj3mWJrN3bbVPqMvvd3Eaf3S+P1aE
3C2c3AzvOtMa/YKe0ges3wapDo+8PPL1X79cPcojwbr8SvwOUunyrWdJkqyV7+0Y
vxSHLAD7isxCWA==
-----END CERTIFICATE-----