Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/144941-1354-4869-aac2-747251e49242/1/PEHqRBeKcCxQcAACPRSp-cRyYOY.mft
File:                     PEHqRBeKcCxQcAACPRSp-cRyYOY.mft (raw, json)
Hash identifier:          eyDnhrHd6WrK4fwrMfpChvMokRuoUX+IMEex3wvjyv4=
Subject key identifier:   E7:BC:72:5B:FE:82:7C:7D:6F:F6:49:F5:3D:BC:15:42:30:18:BB:FA
Authority key identifier: 3C:41:EA:44:17:8A:70:2C:50:70:00:02:3D:14:A9:F9:C4:72:60:E6
Certificate issuer:       /CN=3c41ea44178a702c507000023d14a9f9c47260e6
Certificate serial:       01974E5765309EB64AD1C275DDF3DB028C5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PEHqRBeKcCxQcAACPRSp-cRyYOY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/144941-1354-4869-aac2-747251e49242/1/PEHqRBeKcCxQcAACPRSp-cRyYOY.mft
Manifest number:          0F83
Signing time:             Sun 08 Jun 2025 07:00:39 +0000
Manifest this update:     Sun 08 Jun 2025 07:00:39 +0000
Manifest next update:     Mon 09 Jun 2025 07:00:39 +0000
Files and hashes:         1: PEHqRBeKcCxQcAACPRSp-cRyYOY.crl (hash: je4S+SFxMM/h/OUfnG5pVUZBdTKSBNVjNIaWKYBTwS8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/144941-1354-4869-aac2-747251e49242/1/PEHqRBeKcCxQcAACPRSp-cRyYOY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/144941-1354-4869-aac2-747251e49242/1/PEHqRBeKcCxQcAACPRSp-cRyYOY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PEHqRBeKcCxQcAACPRSp-cRyYOY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 07:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4e:57:65:30:9e:b6:4a:d1:c2:75:dd:f3:db:02:8c:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c41ea44178a702c507000023d14a9f9c47260e6
        Validity
            Not Before: Jun  8 07:00:39 2025 GMT
            Not After : Jun  9 07:00:39 2025 GMT
        Subject: CN=e7bc725bfe827c7d6ff649f53dbc15423018bbfa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:79:12:f0:a1:89:cc:77:2f:4b:26:fd:e4:cc:
                    4c:15:a5:c3:74:0f:25:ba:31:b8:40:f3:26:80:6e:
                    e5:cb:0f:f9:12:7b:21:8e:fb:8c:22:32:02:62:af:
                    19:38:25:bb:b7:c3:13:63:f6:3b:02:44:fd:5d:82:
                    3d:10:9b:f3:63:e4:46:f6:54:a4:bc:d8:99:b7:4d:
                    c3:ed:90:4c:70:b8:72:a5:c7:79:28:ac:a7:ba:e7:
                    f9:93:2e:dd:52:d5:92:13:6a:15:48:98:38:c9:75:
                    68:24:3a:51:76:9f:f3:5a:ee:e2:74:c9:56:47:8c:
                    af:5a:3c:44:48:a9:c4:b4:5c:23:1c:82:5c:06:bb:
                    02:cd:09:37:c8:a9:c0:e8:5e:f9:b8:de:5d:ec:89:
                    96:ea:79:37:a5:12:0f:b0:12:33:21:cf:af:1a:de:
                    62:2e:db:fd:a0:5c:50:4c:81:6b:b4:ed:c3:ab:63:
                    76:91:a2:8c:99:1a:0a:2c:a5:84:57:84:9d:17:d6:
                    4e:3e:5e:8d:a4:37:0b:7e:b2:bd:2b:72:e6:b1:a7:
                    f6:0b:4e:a7:8e:c8:b1:70:2f:f8:bd:35:de:d7:e4:
                    e4:e4:3f:0a:97:b9:5a:39:96:75:b5:18:5e:b5:a7:
                    65:8e:1a:e9:4d:a1:28:89:f3:5b:ef:97:95:6a:a9:
                    70:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:BC:72:5B:FE:82:7C:7D:6F:F6:49:F5:3D:BC:15:42:30:18:BB:FA
            X509v3 Authority Key Identifier:
                keyid:3C:41:EA:44:17:8A:70:2C:50:70:00:02:3D:14:A9:F9:C4:72:60:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PEHqRBeKcCxQcAACPRSp-cRyYOY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/144941-1354-4869-aac2-747251e49242/1/PEHqRBeKcCxQcAACPRSp-cRyYOY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/144941-1354-4869-aac2-747251e49242/1/PEHqRBeKcCxQcAACPRSp-cRyYOY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:35:3d:01:03:c1:0a:c7:ec:0a:f3:20:b9:a9:87:62:4f:ce:
         1c:3f:53:20:9d:93:23:12:1a:27:87:b2:dd:d3:68:87:05:95:
         07:bd:e0:46:17:77:75:5a:85:64:7a:7b:df:e8:f0:65:0c:51:
         6d:6e:fa:e6:f1:f2:8c:29:8d:bc:90:03:4a:e4:4d:4c:98:b4:
         d2:5d:7e:e7:e9:67:42:68:e7:bd:f5:7e:67:9c:a4:38:57:b7:
         c3:11:3a:8b:7c:d3:39:77:b5:f3:d1:fc:26:00:03:ab:9d:79:
         57:ff:0b:f3:13:08:b5:47:b9:d8:5b:23:b9:11:63:f8:bc:86:
         db:75:ca:09:2d:61:7f:04:32:79:b1:d6:8c:73:9d:82:a5:ca:
         b4:2c:c0:47:8b:56:f1:94:2d:09:17:d4:8f:51:73:b7:1f:8b:
         aa:f3:db:aa:fd:f1:70:cb:1a:d7:ce:1d:5b:b3:d2:95:5e:1c:
         3f:6e:f1:4d:89:bc:ef:99:11:f9:e6:9f:4a:7c:18:93:a7:98:
         27:27:9e:76:7e:9b:8a:ec:88:be:55:6b:cf:fb:b7:ad:2e:4a:
         12:7e:a8:fa:93:d9:59:8f:65:15:3a:e1:d3:a4:47:7d:f1:9a:
         a2:90:05:e2:32:a3:60:80:a0:d4:c3:a1:99:db:4e:cf:02:d8:
         69:01:be:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdOV2UwnrZK0cJ13fPbAoxfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNDFlYTQ0MTc4YTcwMmM1MDcwMDAwMjNkMTRhOWY5YzQ3
MjYwZTYwHhcNMjUwNjA4MDcwMDM5WhcNMjUwNjA5MDcwMDM5WjAzMTEwLwYDVQQD
EyhlN2JjNzI1YmZlODI3YzdkNmZmNjQ5ZjUzZGJjMTU0MjMwMThiYmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHkS8KGJzHcvSyb95MxMFaXDdA8l
ujG4QPMmgG7lyw/5EnshjvuMIjICYq8ZOCW7t8MTY/Y7AkT9XYI9EJvzY+RG9lSk
vNiZt03D7ZBMcLhypcd5KKynuuf5ky7dUtWSE2oVSJg4yXVoJDpRdp/zWu7idMlW
R4yvWjxESKnEtFwjHIJcBrsCzQk3yKnA6F75uN5d7ImW6nk3pRIPsBIzIc+vGt5i
Ltv9oFxQTIFrtO3Dq2N2kaKMmRoKLKWEV4SdF9ZOPl6NpDcLfrK9K3Lmsaf2C06n
jsixcC/4vTXe1+Tk5D8Kl7laOZZ1tRhetadljhrpTaEoifNb75eVaqlwlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOe8clv+gnx9b/ZJ9T28FUIwGLv6MB8GA1UdIwQY
MBaAFDxB6kQXinAsUHAAAj0UqfnEcmDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEVIcVJCZUtjQ3hRY0FBQ1BSU3AtY1J5WU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xNDQ5NDEtMTM1NC00ODY5LWFhYzIt
NzQ3MjUxZTQ5MjQyLzEvUEVIcVJCZUtjQ3hRY0FBQ1BSU3AtY1J5WU9ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xNDQ5NDEtMTM1NC00ODY5LWFhYzItNzQ3MjUxZTQ5MjQy
LzEvUEVIcVJCZUtjQ3hRY0FBQ1BSU3AtY1J5WU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYTU9AQPB
CsfsCvMguamHYk/OHD9TIJ2TIxIaJ4ey3dNohwWVB73gRhd3dVqFZHp73+jwZQxR
bW765vHyjCmNvJADSuRNTJi00l1+5+lnQmjnvfV+Z5ykOFe3wxE6i3zTOXe189H8
JgADq515V/8L8xMItUe52FsjuRFj+LyG23XKCS1hfwQyebHWjHOdgqXKtCzAR4tW
8ZQtCRfUj1Fztx+LqvPbqv3xcMsa184dW7PSlV4cP27xTYm875kR+eafSnwYk6eY
Jyeedn6biuyIvlVrz/u3rS5KEn6o+pPZWY9lFTrh06RHffGaopAF4jKjYICg1MOh
mdtOzwLYaQG+fA==
-----END CERTIFICATE-----