Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/87e9b7-ead4-4b5b-bc88-691ee41a6014/1/8VzG8-5-0llTHW0Izp4JNztxYGI.mft
File:                     8VzG8-5-0llTHW0Izp4JNztxYGI.mft (raw, json)
Hash identifier:          VhGECVHkXXcLSqRRmVLUJUFZdedFZ0WUey+T8wg4zXE=
Subject key identifier:   D3:C7:63:D6:5B:36:79:9E:C1:87:03:11:C7:29:45:8F:DF:CE:95:0F
Authority key identifier: F1:5C:C6:F3:EE:7E:D2:59:53:1D:6D:08:CE:9E:09:37:3B:71:60:62
Certificate issuer:       /CN=f15cc6f3ee7ed259531d6d08ce9e09373b716062
Certificate serial:       0197643A4CD2BB401582EE248778DCE33B9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8VzG8-5-0llTHW0Izp4JNztxYGI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/87e9b7-ead4-4b5b-bc88-691ee41a6014/1/8VzG8-5-0llTHW0Izp4JNztxYGI.mft
Manifest number:          0327
Signing time:             Thu 12 Jun 2025 13:00:31 +0000
Manifest this update:     Thu 12 Jun 2025 13:00:31 +0000
Manifest next update:     Fri 13 Jun 2025 13:00:31 +0000
Files and hashes:         1: 8VzG8-5-0llTHW0Izp4JNztxYGI.crl (hash: k1a7ewcjukUx9wyxUi/Kpa+Z7Ridrk/Tymo3Teq91+Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/87e9b7-ead4-4b5b-bc88-691ee41a6014/1/8VzG8-5-0llTHW0Izp4JNztxYGI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/87e9b7-ead4-4b5b-bc88-691ee41a6014/1/8VzG8-5-0llTHW0Izp4JNztxYGI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8VzG8-5-0llTHW0Izp4JNztxYGI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 13:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:64:3a:4c:d2:bb:40:15:82:ee:24:87:78:dc:e3:3b:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f15cc6f3ee7ed259531d6d08ce9e09373b716062
        Validity
            Not Before: Jun 12 13:00:31 2025 GMT
            Not After : Jun 13 13:00:31 2025 GMT
        Subject: CN=d3c763d65b36799ec1870311c729458fdfce950f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:e5:54:22:8b:e7:02:af:18:5b:a4:cc:6f:0e:
                    41:1b:c2:a1:85:36:47:fd:d3:f6:77:15:2e:6b:78:
                    48:e3:8a:f3:6f:f3:13:37:2d:90:4f:12:d6:98:93:
                    fe:4f:55:64:85:12:65:f2:44:84:95:ed:1f:f3:b2:
                    56:6e:8e:48:8b:eb:93:a3:e7:0e:6a:6d:a7:18:43:
                    0e:d2:0a:0a:a6:17:fb:85:fd:30:0b:29:f1:05:fe:
                    2e:50:86:58:e4:b5:2c:0b:1e:8a:5a:8e:42:51:d1:
                    3d:4b:2a:c6:14:66:e3:cb:b7:2f:fa:b8:ce:ee:f1:
                    dd:84:a5:ba:f7:46:1d:b0:ff:f7:5e:da:6d:54:2f:
                    95:66:19:1e:38:b4:2a:4b:c4:06:b9:43:19:c7:a9:
                    6c:fa:84:19:0a:e8:63:b0:e4:4e:3c:55:37:16:fd:
                    fd:6a:90:05:1f:c3:fe:e7:d4:67:ce:ae:e1:a6:f5:
                    98:72:a2:0a:58:01:db:dc:7d:1b:e7:54:b1:9f:81:
                    c5:db:4e:dd:6b:18:ce:43:d8:95:d4:f3:62:bc:de:
                    4f:84:ed:ed:7a:c5:57:65:4b:8a:db:c6:e5:d3:31:
                    ef:33:63:78:c8:37:ee:62:a9:4b:e4:0f:81:f4:3d:
                    62:ad:89:3e:a4:82:88:67:54:d2:a3:a7:b2:ae:6a:
                    a6:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:C7:63:D6:5B:36:79:9E:C1:87:03:11:C7:29:45:8F:DF:CE:95:0F
            X509v3 Authority Key Identifier:
                keyid:F1:5C:C6:F3:EE:7E:D2:59:53:1D:6D:08:CE:9E:09:37:3B:71:60:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8VzG8-5-0llTHW0Izp4JNztxYGI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/87e9b7-ead4-4b5b-bc88-691ee41a6014/1/8VzG8-5-0llTHW0Izp4JNztxYGI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/87e9b7-ead4-4b5b-bc88-691ee41a6014/1/8VzG8-5-0llTHW0Izp4JNztxYGI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:1f:63:c8:46:5f:c2:bd:47:6e:34:84:a1:b4:59:72:30:63:
         71:59:d2:83:45:3d:dd:84:d8:3a:1a:d9:f5:1a:44:8a:32:5d:
         9e:bf:16:3c:07:cc:48:52:29:36:a6:71:32:7a:3f:0b:60:3d:
         e8:1b:45:58:73:ee:3b:ca:61:28:c6:3e:76:73:e1:0c:d3:f2:
         b9:a9:b2:90:c9:e4:0c:c2:9d:b5:b9:74:35:98:23:9c:40:7b:
         98:6f:04:59:47:91:b2:f5:23:50:e3:19:f3:6b:32:8c:20:23:
         83:8a:bd:e8:69:33:b1:ef:a8:66:43:c8:22:84:02:30:23:dc:
         d9:1d:24:bb:c1:c9:5c:65:0a:94:9f:9a:18:ba:00:b5:78:fe:
         eb:6e:93:d1:59:5f:32:91:29:92:c2:8f:c5:03:ff:97:06:fa:
         cc:a4:cb:cd:d7:4f:99:a7:f8:67:6f:87:4f:ac:d1:36:cc:24:
         11:69:29:89:66:a0:34:68:59:ba:ed:77:aa:1b:4f:f4:64:89:
         32:d5:e4:33:d4:47:90:8b:d4:e1:91:96:c2:a0:6d:12:97:f0:
         3e:8f:88:79:3d:32:d7:a6:9e:39:a3:95:a5:0d:0e:b4:8f:d4:
         03:0a:8a:ba:46:68:4d:a3:d5:91:90:45:93:ab:a9:67:53:03:
         e1:a2:ad:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdkOkzSu0AVgu4kh3jc4zucMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNWNjNmYzZWU3ZWQyNTk1MzFkNmQwOGNlOWUwOTM3M2I3
MTYwNjIwHhcNMjUwNjEyMTMwMDMxWhcNMjUwNjEzMTMwMDMxWjAzMTEwLwYDVQQD
EyhkM2M3NjNkNjViMzY3OTllYzE4NzAzMTFjNzI5NDU4ZmRmY2U5NTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseVUIovnAq8YW6TMbw5BG8KhhTZH
/dP2dxUua3hI44rzb/MTNy2QTxLWmJP+T1VkhRJl8kSEle0f87JWbo5Ii+uTo+cO
am2nGEMO0goKphf7hf0wCynxBf4uUIZY5LUsCx6KWo5CUdE9SyrGFGbjy7cv+rjO
7vHdhKW690YdsP/3XtptVC+VZhkeOLQqS8QGuUMZx6ls+oQZCuhjsOROPFU3Fv39
apAFH8P+59Rnzq7hpvWYcqIKWAHb3H0b51Sxn4HF207daxjOQ9iV1PNivN5PhO3t
esVXZUuK28bl0zHvM2N4yDfuYqlL5A+B9D1irYk+pIKIZ1TSo6eyrmqmPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNPHY9ZbNnmewYcDEccpRY/fzpUPMB8GA1UdIwQY
MBaAFPFcxvPuftJZUx1tCM6eCTc7cWBiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFZ6RzgtNS0wbGxUSFcwSXpwNEpOenR4WUdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi84N2U5YjctZWFkNC00YjViLWJjODgt
NjkxZWU0MWE2MDE0LzEvOFZ6RzgtNS0wbGxUSFcwSXpwNEpOenR4WUdJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi84N2U5YjctZWFkNC00YjViLWJjODgtNjkxZWU0MWE2MDE0
LzEvOFZ6RzgtNS0wbGxUSFcwSXpwNEpOenR4WUdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHx9jyEZf
wr1HbjSEobRZcjBjcVnSg0U93YTYOhrZ9RpEijJdnr8WPAfMSFIpNqZxMno/C2A9
6BtFWHPuO8phKMY+dnPhDNPyuamykMnkDMKdtbl0NZgjnEB7mG8EWUeRsvUjUOMZ
82syjCAjg4q96Gkzse+oZkPIIoQCMCPc2R0ku8HJXGUKlJ+aGLoAtXj+626T0Vlf
MpEpksKPxQP/lwb6zKTLzddPmaf4Z2+HT6zRNswkEWkpiWagNGhZuu13qhtP9GSJ
MtXkM9RHkIvU4ZGWwqBtEpfwPo+IeT0y16aeOaOVpQ0OtI/UAwqKukZoTaPVkZBF
k6upZ1MD4aKtTQ==
-----END CERTIFICATE-----
Generated at Thu Jun 12 20:58:19 2025 by rpki-client