Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.mft
File:                     PDetizomkODPRy2ybo_isWgBkiQ.mft (raw, json)
Hash identifier:          gTEcd3GqkHGh4GjI7TZ2TlFv2ZS1SAh/iBW42PYa3wc=
Subject key identifier:   36:BD:6B:08:8F:F0:91:4D:DB:BD:C9:7F:C0:DC:86:D5:E6:B9:7D:22
Authority key identifier: 3C:37:AD:8B:3A:26:90:E0:CF:47:2D:B2:6E:8F:E2:B1:68:01:92:24
Certificate issuer:       /CN=3c37ad8b3a2690e0cf472db26e8fe2b168019224
Certificate serial:       01974CD68C8DF3DA5E8F76E23D54748CB1C2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PDetizomkODPRy2ybo_isWgBkiQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.mft
Manifest number:          139F
Signing time:             Sun 08 Jun 2025 00:00:18 +0000
Manifest this update:     Sun 08 Jun 2025 00:00:18 +0000
Manifest next update:     Mon 09 Jun 2025 00:00:18 +0000
Files and hashes:         1: PDetizomkODPRy2ybo_isWgBkiQ.crl (hash: gOqrM3Y070WTMHGovHveAjL+7UZiMjKUAp5fpKOWn/E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PDetizomkODPRy2ybo_isWgBkiQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 18:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:d6:8c:8d:f3:da:5e:8f:76:e2:3d:54:74:8c:b1:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c37ad8b3a2690e0cf472db26e8fe2b168019224
        Validity
            Not Before: Jun  8 00:00:18 2025 GMT
            Not After : Jun  9 00:00:18 2025 GMT
        Subject: CN=36bd6b088ff0914ddbbdc97fc0dc86d5e6b97d22
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:c8:f9:88:04:4a:5a:cd:94:a7:eb:d4:08:2a:
                    e7:c1:80:74:a7:24:6e:ee:2b:97:28:43:02:b3:35:
                    e1:4a:c7:d4:9c:1d:4b:0c:ec:bc:48:3b:77:98:e0:
                    bb:21:74:a8:ff:53:8b:2d:da:a4:b2:e8:c1:90:bc:
                    ed:c5:bb:fd:24:4f:5a:b6:36:39:41:31:ed:ae:ef:
                    40:88:ed:f2:d4:c9:dd:7c:82:e8:de:55:3e:37:68:
                    16:af:ee:77:c9:85:b1:79:7e:7a:61:04:57:ec:60:
                    0a:f7:c6:53:bb:b7:9a:6a:6f:90:b0:bb:20:f5:c4:
                    97:d5:ae:69:2d:98:12:6a:9b:b5:95:70:d1:2e:df:
                    ad:28:df:39:82:a9:53:0c:72:5b:96:c9:1f:5c:da:
                    3f:98:b6:78:d5:3b:50:0a:06:99:05:d0:e0:d7:55:
                    ba:5b:5b:81:3b:c6:2c:f8:88:00:32:b8:43:30:92:
                    79:7e:df:b8:18:29:2e:c0:ed:2a:ea:04:66:26:45:
                    0a:84:a4:70:90:99:a2:47:e7:cf:08:f8:9e:18:81:
                    92:9a:d8:6b:ac:c3:0f:39:b5:63:d2:1e:70:0e:bf:
                    72:d0:59:9b:59:58:75:b2:33:1a:a4:e5:aa:5b:ab:
                    d1:ed:c2:fb:ea:55:c3:13:4a:08:82:90:2f:61:f8:
                    1b:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:BD:6B:08:8F:F0:91:4D:DB:BD:C9:7F:C0:DC:86:D5:E6:B9:7D:22
            X509v3 Authority Key Identifier:
                keyid:3C:37:AD:8B:3A:26:90:E0:CF:47:2D:B2:6E:8F:E2:B1:68:01:92:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PDetizomkODPRy2ybo_isWgBkiQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:71:e1:56:26:ab:6c:ca:1c:c8:60:bd:86:b0:3d:ad:a4:86:
         d7:94:fc:9d:03:01:68:b5:50:85:e9:81:5b:ff:9c:16:9b:fb:
         bf:4e:3c:a0:4d:33:20:44:1f:f3:93:91:04:d4:1e:7c:3a:04:
         1f:19:b5:c4:8a:48:8b:5a:84:62:6e:47:d3:24:fb:b3:19:57:
         6a:5e:1f:b4:58:b0:22:08:3b:72:56:de:60:37:49:01:0c:75:
         36:a4:29:bc:70:ff:0b:8f:21:80:59:11:5b:e4:29:1c:50:aa:
         4e:ef:43:fd:39:55:92:31:d9:22:d0:ff:0a:ae:33:e0:38:9d:
         9e:df:8f:c8:bf:6f:5c:da:e1:7e:bd:f6:f7:50:fa:8d:4d:aa:
         b1:62:8f:b7:dd:24:2c:d3:6f:53:62:7e:a2:31:bc:5c:69:c7:
         45:a7:cb:04:8e:b6:8e:c3:d7:61:4e:84:a1:e8:d7:37:79:19:
         d2:24:fd:d3:17:f4:1a:56:10:7f:51:da:5a:25:dd:6f:99:37:
         5f:7e:b9:c8:e7:20:2f:aa:a9:21:06:0e:72:77:da:6c:c7:c9:
         66:42:5b:fb:c2:a2:69:13:b9:a0:cd:ad:3b:96:24:63:d4:00:
         d5:cc:61:32:16:30:da:3a:f2:ac:c1:43:32:6c:cf:57:58:d0:
         bf:86:44:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdM1oyN89pej3biPVR0jLHCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMzdhZDhiM2EyNjkwZTBjZjQ3MmRiMjZlOGZlMmIxNjgw
MTkyMjQwHhcNMjUwNjA4MDAwMDE4WhcNMjUwNjA5MDAwMDE4WjAzMTEwLwYDVQQD
EygzNmJkNmIwODhmZjA5MTRkZGJiZGM5N2ZjMGRjODZkNWU2Yjk3ZDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMj5iARKWs2Up+vUCCrnwYB0pyRu
7iuXKEMCszXhSsfUnB1LDOy8SDt3mOC7IXSo/1OLLdqksujBkLztxbv9JE9atjY5
QTHtru9AiO3y1MndfILo3lU+N2gWr+53yYWxeX56YQRX7GAK98ZTu7eaam+QsLsg
9cSX1a5pLZgSapu1lXDRLt+tKN85gqlTDHJblskfXNo/mLZ41TtQCgaZBdDg11W6
W1uBO8Ys+IgAMrhDMJJ5ft+4GCkuwO0q6gRmJkUKhKRwkJmiR+fPCPieGIGSmthr
rMMPObVj0h5wDr9y0FmbWVh1sjMapOWqW6vR7cL76lXDE0oIgpAvYfgbxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDa9awiP8JFN273Jf8DchtXmuX0iMB8GA1UdIwQY
MBaAFDw3rYs6JpDgz0ctsm6P4rFoAZIkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUERldGl6b21rT0RQUnkyeWJvX2lzV2dCa2lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi81NWNiZWYtNThlYy00MDE0LTg2Njct
MmUyYjU2YjQxNWMxLzEvUERldGl6b21rT0RQUnkyeWJvX2lzV2dCa2lRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi81NWNiZWYtNThlYy00MDE0LTg2NjctMmUyYjU2YjQxNWMx
LzEvUERldGl6b21rT0RQUnkyeWJvX2lzV2dCa2lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMXHhViar
bMocyGC9hrA9raSG15T8nQMBaLVQhemBW/+cFpv7v048oE0zIEQf85ORBNQefDoE
Hxm1xIpIi1qEYm5H0yT7sxlXal4ftFiwIgg7clbeYDdJAQx1NqQpvHD/C48hgFkR
W+QpHFCqTu9D/TlVkjHZItD/Cq4z4Didnt+PyL9vXNrhfr3291D6jU2qsWKPt90k
LNNvU2J+ojG8XGnHRafLBI62jsPXYU6EoejXN3kZ0iT90xf0GlYQf1HaWiXdb5k3
X365yOcgL6qpIQYOcnfabMfJZkJb+8KiaRO5oM2tO5YkY9QA1cxhMhYw2jryrMFD
MmzPV1jQv4ZE2A==
-----END CERTIFICATE-----