Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/3b3037-62bd-4b4d-af4d-77e3217cd39f/1/0_ULT8CViQuDHAPZliXA7lQZ01o.mft
File:                     0_ULT8CViQuDHAPZliXA7lQZ01o.mft (raw, json)
Hash identifier:          +EDg1fB07c5pmdNiLI1OjItNiRIYhJKklWrbf5JvWCM=
Subject key identifier:   24:E6:9B:60:F2:79:00:A7:F0:96:C8:AC:2D:0F:E1:48:81:70:C5:43
Authority key identifier: D3:F5:0B:4F:C0:95:89:0B:83:1C:03:D9:96:25:C0:EE:54:19:D3:5A
Certificate issuer:       /CN=d3f50b4fc095890b831c03d99625c0ee5419d35a
Certificate serial:       01984A40DDE17A9D8DA81E318592332923B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0_ULT8CViQuDHAPZliXA7lQZ01o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/3b3037-62bd-4b4d-af4d-77e3217cd39f/1/0_ULT8CViQuDHAPZliXA7lQZ01o.mft
Manifest number:          14B3
Signing time:             Sun 27 Jul 2025 05:00:21 +0000
Manifest this update:     Sun 27 Jul 2025 05:00:21 +0000
Manifest next update:     Mon 28 Jul 2025 05:00:21 +0000
Files and hashes:         1: 0_ULT8CViQuDHAPZliXA7lQZ01o.crl (hash: Q7WFWQqT/q9zZZEduisB9yRLDw+YwodLfa0su4AZ+qs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/3b3037-62bd-4b4d-af4d-77e3217cd39f/1/0_ULT8CViQuDHAPZliXA7lQZ01o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/3b3037-62bd-4b4d-af4d-77e3217cd39f/1/0_ULT8CViQuDHAPZliXA7lQZ01o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0_ULT8CViQuDHAPZliXA7lQZ01o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 00:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:4a:40:dd:e1:7a:9d:8d:a8:1e:31:85:92:33:29:23:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3f50b4fc095890b831c03d99625c0ee5419d35a
        Validity
            Not Before: Jul 27 05:00:21 2025 GMT
            Not After : Jul 28 05:00:21 2025 GMT
        Subject: CN=24e69b60f27900a7f096c8ac2d0fe1488170c543
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:b3:cf:7e:73:ca:6f:c4:d0:64:a1:e2:23:c4:
                    a4:ca:ae:83:33:91:53:77:16:d8:a7:fe:0e:ac:f5:
                    d8:f8:e5:5d:4b:e7:12:db:fc:57:73:06:3a:cb:93:
                    68:fc:61:26:b5:f1:49:e2:e1:45:6e:0b:f3:97:49:
                    ff:19:bf:c6:4e:17:4b:21:54:ef:83:a4:3a:53:ac:
                    9d:fd:60:50:65:0f:e5:40:a5:f2:b1:42:82:58:ae:
                    4f:52:e1:b9:73:ca:75:b1:44:56:28:28:b9:74:5e:
                    8f:25:b8:22:7e:fe:29:96:96:96:e4:ec:c4:63:32:
                    9c:fe:6e:53:69:c2:aa:fa:f4:5e:b9:db:88:d5:87:
                    47:e2:79:06:cd:7e:ab:c8:b2:a5:58:00:ce:ac:2e:
                    85:ca:d7:3e:e2:87:b3:6b:b8:1f:80:57:5b:7b:ef:
                    1a:d2:14:a9:e3:6d:bd:fd:d9:11:43:a7:a3:27:0e:
                    76:b7:24:7d:a2:19:eb:5e:e2:2f:7e:6f:a4:34:e9:
                    c7:df:93:60:58:2c:ba:8b:73:80:41:4a:68:b6:9c:
                    45:4c:65:3c:49:23:cb:4d:3e:f1:b7:40:65:ec:c8:
                    7b:02:74:03:48:7c:11:69:bf:77:56:a6:c0:f2:8b:
                    b9:bc:35:a1:76:9f:d4:aa:4a:73:43:de:28:f4:85:
                    3a:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:E6:9B:60:F2:79:00:A7:F0:96:C8:AC:2D:0F:E1:48:81:70:C5:43
            X509v3 Authority Key Identifier:
                keyid:D3:F5:0B:4F:C0:95:89:0B:83:1C:03:D9:96:25:C0:EE:54:19:D3:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0_ULT8CViQuDHAPZliXA7lQZ01o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/3b3037-62bd-4b4d-af4d-77e3217cd39f/1/0_ULT8CViQuDHAPZliXA7lQZ01o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/3b3037-62bd-4b4d-af4d-77e3217cd39f/1/0_ULT8CViQuDHAPZliXA7lQZ01o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:9a:d2:6d:e1:df:e9:09:18:4f:d1:6c:bf:4d:6f:85:35:a6:
         46:16:12:e9:eb:42:18:11:11:6e:b8:1d:d2:69:d5:88:f5:52:
         27:85:6c:82:4f:0f:90:7a:1a:d5:6d:57:69:2b:d7:1d:07:d1:
         3d:12:b8:5e:25:3d:d8:40:75:40:e9:dc:dd:1c:3b:46:28:1d:
         a1:26:57:c8:28:57:bd:bc:c1:59:69:b3:9e:3e:60:88:a5:89:
         c1:11:b9:f3:64:1c:d6:36:0f:9f:02:76:6e:70:35:33:d5:c2:
         c5:5c:d5:f0:39:7b:d0:1e:c8:28:a2:3c:af:27:61:3f:5c:96:
         17:23:0b:d2:83:42:71:29:d4:b8:e7:4f:8c:38:d4:3c:e9:21:
         ec:59:86:16:1c:ec:11:32:d9:21:f4:f3:cb:8a:9a:85:7e:74:
         6d:3b:32:4e:11:1e:f0:34:17:00:29:9d:af:c1:23:99:90:02:
         1a:5e:5e:31:6d:80:cf:a9:1c:02:fd:65:57:f9:1e:22:89:31:
         da:84:55:21:9f:d9:ff:af:ea:9d:50:c0:45:38:d6:0e:b6:2c:
         3e:17:ba:5c:0b:43:83:46:86:63:cd:03:1d:cf:dd:61:ae:8c:
         65:c6:f3:26:ab:b9:f8:1d:c1:07:b2:25:a2:e8:cf:45:53:96:
         ce:4e:0d:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhKQN3hep2NqB4xhZIzKSOwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZjUwYjRmYzA5NTg5MGI4MzFjMDNkOTk2MjVjMGVlNTQx
OWQzNWEwHhcNMjUwNzI3MDUwMDIxWhcNMjUwNzI4MDUwMDIxWjAzMTEwLwYDVQQD
EygyNGU2OWI2MGYyNzkwMGE3ZjA5NmM4YWMyZDBmZTE0ODgxNzBjNTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7PPfnPKb8TQZKHiI8Skyq6DM5FT
dxbYp/4OrPXY+OVdS+cS2/xXcwY6y5No/GEmtfFJ4uFFbgvzl0n/Gb/GThdLIVTv
g6Q6U6yd/WBQZQ/lQKXysUKCWK5PUuG5c8p1sURWKCi5dF6PJbgifv4plpaW5OzE
YzKc/m5TacKq+vReuduI1YdH4nkGzX6ryLKlWADOrC6Fytc+4oeza7gfgFdbe+8a
0hSp4229/dkRQ6ejJw52tyR9ohnrXuIvfm+kNOnH35NgWCy6i3OAQUpotpxFTGU8
SSPLTT7xt0Bl7Mh7AnQDSHwRab93VqbA8ou5vDWhdp/UqkpzQ94o9IU6MwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCTmm2DyeQCn8JbIrC0P4UiBcMVDMB8GA1UdIwQY
MBaAFNP1C0/AlYkLgxwD2ZYlwO5UGdNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMF9VTFQ4Q1ZpUXVESEFQWmxpWEE3bFFaMDFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8zYjMwMzctNjJiZC00YjRkLWFmNGQt
NzdlMzIxN2NkMzlmLzEvMF9VTFQ4Q1ZpUXVESEFQWmxpWEE3bFFaMDFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8zYjMwMzctNjJiZC00YjRkLWFmNGQtNzdlMzIxN2NkMzlm
LzEvMF9VTFQ4Q1ZpUXVESEFQWmxpWEE3bFFaMDFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcZrSbeHf
6QkYT9Fsv01vhTWmRhYS6etCGBERbrgd0mnViPVSJ4Vsgk8PkHoa1W1XaSvXHQfR
PRK4XiU92EB1QOnc3Rw7RigdoSZXyChXvbzBWWmznj5giKWJwRG582Qc1jYPnwJ2
bnA1M9XCxVzV8Dl70B7IKKI8rydhP1yWFyML0oNCcSnUuOdPjDjUPOkh7FmGFhzs
ETLZIfTzy4qahX50bTsyThEe8DQXACmdr8EjmZACGl5eMW2Az6kcAv1lV/keIokx
2oRVIZ/Z/6/qnVDARTjWDrYsPhe6XAtDg0aGY80DHc/dYa6MZcbzJqu5+B3BB7Il
oujPRVOWzk4NVQ==
-----END CERTIFICATE-----