Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/680e29-7d83-4558-b411-e7fbd50e0349/1/3pj4NjKYKX-6uupodyArXEQOWpA.mft
File:                     3pj4NjKYKX-6uupodyArXEQOWpA.mft (raw, json)
Hash identifier:          So45kbd3Z0FxqZMhBCYnAmFilxczbEakJf4Zk6Z6qDc=
Subject key identifier:   D5:BC:55:F4:38:F1:54:87:CE:49:73:B9:00:3D:65:9C:F2:9D:C9:B4
Authority key identifier: DE:98:F8:36:32:98:29:7F:BA:BA:EA:68:77:20:2B:5C:44:0E:5A:90
Certificate issuer:       /CN=de98f8363298297fbabaea6877202b5c440e5a90
Certificate serial:       01975045F8476D290194226636BAB61F53A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3pj4NjKYKX-6uupodyArXEQOWpA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/680e29-7d83-4558-b411-e7fbd50e0349/1/3pj4NjKYKX-6uupodyArXEQOWpA.mft
Manifest number:          0C0F
Signing time:             Sun 08 Jun 2025 16:00:52 +0000
Manifest this update:     Sun 08 Jun 2025 16:00:52 +0000
Manifest next update:     Mon 09 Jun 2025 16:00:52 +0000
Files and hashes:         1: 3pj4NjKYKX-6uupodyArXEQOWpA.crl (hash: 6RD2uO9QBBNrSdR49jIWxfbLkPeKvfWogU3IBQecXn0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/680e29-7d83-4558-b411-e7fbd50e0349/1/3pj4NjKYKX-6uupodyArXEQOWpA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/680e29-7d83-4558-b411-e7fbd50e0349/1/3pj4NjKYKX-6uupodyArXEQOWpA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3pj4NjKYKX-6uupodyArXEQOWpA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 12:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:50:45:f8:47:6d:29:01:94:22:66:36:ba:b6:1f:53:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de98f8363298297fbabaea6877202b5c440e5a90
        Validity
            Not Before: Jun  8 16:00:52 2025 GMT
            Not After : Jun  9 16:00:52 2025 GMT
        Subject: CN=d5bc55f438f15487ce4973b9003d659cf29dc9b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:0e:8e:1f:8c:22:84:71:fd:d5:fe:98:a5:9f:
                    ac:df:52:9b:d9:6a:30:6f:4a:ef:b1:13:90:88:82:
                    3a:29:c6:d0:ec:00:7f:97:78:f6:09:36:04:ae:9f:
                    cf:66:e2:8f:10:70:b2:ec:66:e8:65:9d:7f:73:a7:
                    9b:12:0f:db:aa:9c:8a:8f:58:ef:b8:cf:53:92:f2:
                    74:3a:42:58:82:81:93:82:64:ee:a0:2b:e5:75:b6:
                    05:25:51:23:59:0b:c7:cb:e9:97:65:d1:67:a3:81:
                    9c:2e:f4:e8:6d:8d:df:f9:31:20:21:7d:bc:52:ea:
                    bc:23:69:b0:39:db:ac:e9:d8:77:db:a5:95:5a:a5:
                    0f:2a:eb:fb:e8:b1:03:3b:d4:a7:38:35:e7:f7:d9:
                    eb:40:75:53:b7:f7:f4:a2:40:8e:39:06:27:12:b6:
                    3f:7f:1b:17:6e:fb:5c:85:d0:fc:b3:70:c1:30:3d:
                    91:9d:ce:95:a3:13:b3:ac:42:ab:b3:a8:4e:12:e8:
                    7b:92:f2:9c:21:aa:bb:37:10:f9:1e:82:3d:ee:63:
                    f4:27:d5:c7:6b:90:89:4b:af:3c:af:ed:6f:a9:21:
                    17:0e:8f:7f:59:df:14:50:0c:0f:75:63:33:8d:a4:
                    48:8d:d1:0e:04:53:c3:69:63:a0:cb:aa:cc:10:40:
                    d5:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:BC:55:F4:38:F1:54:87:CE:49:73:B9:00:3D:65:9C:F2:9D:C9:B4
            X509v3 Authority Key Identifier:
                keyid:DE:98:F8:36:32:98:29:7F:BA:BA:EA:68:77:20:2B:5C:44:0E:5A:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3pj4NjKYKX-6uupodyArXEQOWpA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/680e29-7d83-4558-b411-e7fbd50e0349/1/3pj4NjKYKX-6uupodyArXEQOWpA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/680e29-7d83-4558-b411-e7fbd50e0349/1/3pj4NjKYKX-6uupodyArXEQOWpA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b2:8f:45:40:d0:80:d8:cb:61:16:52:78:89:34:fa:a6:aa:6a:
         98:8d:08:e2:08:86:40:57:fe:5d:a1:85:65:57:e3:23:6c:fc:
         ba:c4:54:aa:40:49:7d:2a:e0:97:ae:ff:e8:ad:4e:e9:a5:94:
         87:fd:3b:cc:25:1d:d2:40:13:61:2e:4b:ac:cb:fd:e0:05:0f:
         1b:0e:ae:81:5e:dd:5d:fa:e6:bd:f1:b9:b5:9b:5a:d9:9a:1b:
         25:93:a0:26:08:0d:d0:84:69:7a:de:90:40:5d:98:bd:28:30:
         d2:01:a0:36:22:b3:22:fd:28:b0:45:34:20:28:6d:74:70:12:
         7a:76:a5:a8:ea:c1:f2:e8:fb:9d:d7:ca:a8:8f:c3:47:da:32:
         24:a6:e4:ce:0e:02:30:36:aa:02:41:be:c3:4d:b1:62:0b:82:
         7c:12:69:9b:7e:74:3b:f6:f2:bf:d6:fd:3e:a5:35:b5:a6:f5:
         7b:33:9b:29:bf:35:7b:69:ae:02:eb:1f:4d:0a:4d:7a:57:ea:
         8f:32:51:60:a2:ef:8e:da:89:cd:e5:e1:4f:08:7d:ed:f2:ed:
         31:97:6a:df:6d:61:11:aa:9a:03:81:f2:e3:21:66:f4:44:b7:
         3f:c4:5d:c8:88:8d:7a:97:c8:8e:78:8c:7a:e5:36:3e:56:48:
         5e:30:32:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdQRfhHbSkBlCJmNrq2H1OkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlOThmODM2MzI5ODI5N2ZiYWJhZWE2ODc3MjAyYjVjNDQw
ZTVhOTAwHhcNMjUwNjA4MTYwMDUyWhcNMjUwNjA5MTYwMDUyWjAzMTEwLwYDVQQD
EyhkNWJjNTVmNDM4ZjE1NDg3Y2U0OTczYjkwMDNkNjU5Y2YyOWRjOWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Q6OH4wihHH91f6YpZ+s31Kb2Wow
b0rvsROQiII6KcbQ7AB/l3j2CTYErp/PZuKPEHCy7GboZZ1/c6ebEg/bqpyKj1jv
uM9TkvJ0OkJYgoGTgmTuoCvldbYFJVEjWQvHy+mXZdFno4GcLvTobY3f+TEgIX28
Uuq8I2mwOdus6dh326WVWqUPKuv76LEDO9SnODXn99nrQHVTt/f0okCOOQYnErY/
fxsXbvtchdD8s3DBMD2Rnc6VoxOzrEKrs6hOEuh7kvKcIaq7NxD5HoI97mP0J9XH
a5CJS688r+1vqSEXDo9/Wd8UUAwPdWMzjaRIjdEOBFPDaWOgy6rMEEDVvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNW8VfQ48VSHzklzuQA9ZZzyncm0MB8GA1UdIwQY
MBaAFN6Y+DYymCl/urrqaHcgK1xEDlqQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3BqNE5qS1lLWC02dXVwb2R5QXJYRVFPV3BBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS82ODBlMjktN2Q4My00NTU4LWI0MTEt
ZTdmYmQ1MGUwMzQ5LzEvM3BqNE5qS1lLWC02dXVwb2R5QXJYRVFPV3BBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS82ODBlMjktN2Q4My00NTU4LWI0MTEtZTdmYmQ1MGUwMzQ5
LzEvM3BqNE5qS1lLWC02dXVwb2R5QXJYRVFPV3BBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAso9FQNCA
2MthFlJ4iTT6pqpqmI0I4giGQFf+XaGFZVfjI2z8usRUqkBJfSrgl67/6K1O6aWU
h/07zCUd0kATYS5LrMv94AUPGw6ugV7dXfrmvfG5tZta2ZobJZOgJggN0IRpet6Q
QF2YvSgw0gGgNiKzIv0osEU0IChtdHASenalqOrB8uj7ndfKqI/DR9oyJKbkzg4C
MDaqAkG+w02xYguCfBJpm350O/byv9b9PqU1tab1ezObKb81e2muAusfTQpNelfq
jzJRYKLvjtqJzeXhTwh97fLtMZdq321hEaqaA4Hy4yFm9ES3P8RdyIiNepfIjniM
euU2PlZIXjAyJw==
-----END CERTIFICATE-----