Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft
File:                     3DC4_dBG72WGgJfwNrinyFVyqtA.mft (raw, json)
Hash identifier:          vmWsgFTbwD380Xl5f+8K0XAO3fuLtJwtCeVcTbWKNEU=
Subject key identifier:   D0:70:7B:30:00:4F:73:34:0E:BF:EC:8E:3B:D2:B6:C5:20:7F:3C:60
Authority key identifier: DC:30:B8:FD:D0:46:EF:65:86:80:97:F0:36:B8:A7:C8:55:72:AA:D0
Certificate issuer:       /CN=dc30b8fdd046ef65868097f036b8a7c85572aad0
Certificate serial:       01974AE89D6932772611130E906C5C8CD1C3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3DC4_dBG72WGgJfwNrinyFVyqtA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft
Manifest number:          157A
Signing time:             Sat 07 Jun 2025 15:00:47 +0000
Manifest this update:     Sat 07 Jun 2025 15:00:47 +0000
Manifest next update:     Sun 08 Jun 2025 15:00:47 +0000
Files and hashes:         1: 3DC4_dBG72WGgJfwNrinyFVyqtA.crl (hash: s7YDLWcPvIUQ5vhY3nhY/1lS3OkXoYv+qCyZWTcSqqU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3DC4_dBG72WGgJfwNrinyFVyqtA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 11:24:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:e8:9d:69:32:77:26:11:13:0e:90:6c:5c:8c:d1:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc30b8fdd046ef65868097f036b8a7c85572aad0
        Validity
            Not Before: Jun  7 15:00:47 2025 GMT
            Not After : Jun  8 15:00:47 2025 GMT
        Subject: CN=d0707b30004f73340ebfec8e3bd2b6c5207f3c60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:59:cc:26:9d:e2:33:14:10:cd:6e:da:c1:88:
                    c7:6a:11:43:aa:4d:c0:a3:8e:c8:21:a5:31:32:12:
                    b7:bc:8f:a4:41:23:94:eb:77:fc:39:2e:88:d9:86:
                    20:40:84:30:59:b4:ec:34:ff:cb:28:b5:6c:68:75:
                    7e:7a:53:01:df:67:de:8f:59:31:67:4e:51:12:79:
                    d2:28:b9:0b:24:40:a5:27:a3:cb:15:2c:61:ed:07:
                    01:c0:e7:ab:84:73:d3:99:eb:cf:22:2c:72:34:8d:
                    ca:28:fb:04:97:4d:6e:e2:87:45:4c:f1:b4:ba:39:
                    0f:43:d6:85:40:d7:c5:7c:6c:ac:20:5d:5a:5b:e3:
                    95:28:87:a9:86:c0:08:84:95:5d:46:58:a8:a8:44:
                    c6:b5:a7:13:41:b5:b5:36:bf:5b:bb:a1:c7:f9:2e:
                    14:1d:71:77:6b:35:c4:0b:13:e4:6d:bb:11:29:ee:
                    a2:65:b5:82:d8:ec:c2:cd:2e:ee:05:e5:aa:b4:60:
                    0b:8a:f5:97:e0:c7:b6:87:ac:a9:c6:04:b0:b9:21:
                    ae:d3:41:24:dc:41:b6:eb:ff:51:cf:54:ec:f5:65:
                    83:07:39:12:0b:9b:58:10:e8:c3:8f:86:b8:75:50:
                    7d:34:09:29:21:ac:ab:12:07:c4:32:74:22:c4:e0:
                    bb:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:70:7B:30:00:4F:73:34:0E:BF:EC:8E:3B:D2:B6:C5:20:7F:3C:60
            X509v3 Authority Key Identifier:
                keyid:DC:30:B8:FD:D0:46:EF:65:86:80:97:F0:36:B8:A7:C8:55:72:AA:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3DC4_dBG72WGgJfwNrinyFVyqtA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:fe:81:ed:76:87:40:b2:b3:7c:be:ab:cd:29:59:64:23:d9:
         53:d5:f3:10:19:0a:57:12:61:c9:3e:b7:cd:95:63:e3:1b:02:
         6e:ea:91:f1:44:5d:a7:c5:fb:78:73:c5:1a:40:a2:45:9e:82:
         0e:65:61:92:b2:71:0d:3c:0e:9a:51:32:77:63:d9:44:d0:bb:
         14:22:ef:1c:ac:14:06:c0:31:cd:80:e8:f7:ed:ef:e5:89:64:
         0d:9c:f0:23:c2:0b:83:b9:8f:9b:c9:a4:09:7c:80:09:b3:cc:
         54:c1:fa:f8:df:74:31:c0:99:24:30:4e:f8:2a:f9:18:7d:0a:
         77:7b:88:f7:e1:59:46:c2:40:3a:50:d0:7b:92:dd:fd:0f:c6:
         f7:01:4f:2e:c5:e8:1a:35:09:ab:e6:85:dc:e9:69:c3:5b:56:
         b8:2c:e8:8e:4a:b9:26:47:7e:d7:ee:54:ac:26:89:d5:4c:9b:
         10:93:b2:50:dc:af:59:08:7b:00:54:3b:99:0e:51:9f:d9:08:
         2e:51:d1:bd:61:27:d2:4f:05:14:ab:06:cf:1c:ec:98:87:0a:
         23:00:e1:a9:a9:27:f2:5e:58:33:b1:d7:5b:4f:4c:aa:b9:3f:
         ad:30:81:16:9b:32:3f:d8:c6:c6:79:ad:91:30:2c:64:86:f0:
         73:4d:8e:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdK6J1pMncmERMOkGxcjNHDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMzBiOGZkZDA0NmVmNjU4NjgwOTdmMDM2YjhhN2M4NTU3
MmFhZDAwHhcNMjUwNjA3MTUwMDQ3WhcNMjUwNjA4MTUwMDQ3WjAzMTEwLwYDVQQD
EyhkMDcwN2IzMDAwNGY3MzM0MGViZmVjOGUzYmQyYjZjNTIwN2YzYzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAylnMJp3iMxQQzW7awYjHahFDqk3A
o47IIaUxMhK3vI+kQSOU63f8OS6I2YYgQIQwWbTsNP/LKLVsaHV+elMB32fej1kx
Z05REnnSKLkLJEClJ6PLFSxh7QcBwOerhHPTmevPIixyNI3KKPsEl01u4odFTPG0
ujkPQ9aFQNfFfGysIF1aW+OVKIephsAIhJVdRlioqETGtacTQbW1Nr9bu6HH+S4U
HXF3azXECxPkbbsRKe6iZbWC2OzCzS7uBeWqtGALivWX4Me2h6ypxgSwuSGu00Ek
3EG26/9Rz1Ts9WWDBzkSC5tYEOjDj4a4dVB9NAkpIayrEgfEMnQixOC7oQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNBwezAAT3M0Dr/sjjvStsUgfzxgMB8GA1UdIwQY
MBaAFNwwuP3QRu9lhoCX8Da4p8hVcqrQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0RDNF9kQkc3MldHZ0pmd05yaW55RlZ5cXRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS81MzkzM2MtZDFiOC00MzYyLTllMWYt
MjlhMGFhNmM0YWQxLzEvM0RDNF9kQkc3MldHZ0pmd05yaW55RlZ5cXRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS81MzkzM2MtZDFiOC00MzYyLTllMWYtMjlhMGFhNmM0YWQx
LzEvM0RDNF9kQkc3MldHZ0pmd05yaW55RlZ5cXRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApv6B7XaH
QLKzfL6rzSlZZCPZU9XzEBkKVxJhyT63zZVj4xsCbuqR8URdp8X7eHPFGkCiRZ6C
DmVhkrJxDTwOmlEyd2PZRNC7FCLvHKwUBsAxzYDo9+3v5YlkDZzwI8ILg7mPm8mk
CXyACbPMVMH6+N90McCZJDBO+Cr5GH0Kd3uI9+FZRsJAOlDQe5Ld/Q/G9wFPLsXo
GjUJq+aF3Olpw1tWuCzojkq5Jkd+1+5UrCaJ1UybEJOyUNyvWQh7AFQ7mQ5Rn9kI
LlHRvWEn0k8FFKsGzxzsmIcKIwDhqakn8l5YM7HXW09Mqrk/rTCBFpsyP9jGxnmt
kTAsZIbwc02OdQ==
-----END CERTIFICATE-----