Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft
File:                     3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft (raw, json)
Hash identifier:          +LmcUyKpMAPgbnHp6K7gz+FXArdN58z3775pBXxPapc=
Subject key identifier:   12:C1:A9:1B:53:78:EF:87:61:62:B9:10:D7:3E:E8:6D:FB:F2:C1:33
Authority key identifier: DD:39:9E:49:41:89:F6:91:A5:ED:64:F3:BE:3A:6A:3B:50:22:50:91
Certificate issuer:       /CN=dd399e494189f691a5ed64f3be3a6a3b50225091
Certificate serial:       019752D8FB980C7CEF78AE0FD8793BD54511
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft
Manifest number:          04EE
Signing time:             Mon 09 Jun 2025 04:00:41 +0000
Manifest this update:     Mon 09 Jun 2025 04:00:41 +0000
Manifest next update:     Tue 10 Jun 2025 04:00:41 +0000
Files and hashes:         1: 3TmeSUGJ9pGl7WTzvjpqO1AiUJE.crl (hash: 0Kp1zIvi+zIf8zpzVB/yiZJGJiV0XNz6ezpCAS2U5lw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 21:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:52:d8:fb:98:0c:7c:ef:78:ae:0f:d8:79:3b:d5:45:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd399e494189f691a5ed64f3be3a6a3b50225091
        Validity
            Not Before: Jun  9 04:00:41 2025 GMT
            Not After : Jun 10 04:00:41 2025 GMT
        Subject: CN=12c1a91b5378ef876162b910d73ee86dfbf2c133
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:a9:37:b1:e9:ad:e4:14:76:1d:9e:6d:48:fd:
                    7c:00:94:5d:9f:e9:07:42:25:5c:e2:39:0d:6b:a1:
                    e5:e5:55:46:11:ab:d6:b5:53:ee:b0:8c:4a:22:ea:
                    88:be:39:b3:86:d0:c1:e8:15:73:ce:cb:4a:58:b9:
                    c1:46:bb:f6:72:07:88:cf:7c:2e:f9:b8:f8:81:8f:
                    4f:4c:8c:06:42:3e:37:2b:68:3a:cd:8e:47:57:d1:
                    d3:83:24:e1:6e:6d:90:dc:e4:b1:d4:0b:62:b2:82:
                    b2:0d:ea:56:bd:0b:92:32:b5:fe:39:5c:a9:36:6c:
                    c2:7e:85:18:29:14:ae:a7:13:2c:61:05:a9:47:8f:
                    3b:d4:0a:de:05:77:da:f2:f8:b9:4c:be:a7:7a:ce:
                    cf:d4:00:13:ec:96:31:b7:ef:d4:3b:5f:14:d5:47:
                    ed:6b:33:da:3c:03:1d:47:ec:06:96:90:24:de:47:
                    34:36:e0:3a:06:eb:59:8a:c0:b8:7b:36:d7:12:f8:
                    a2:7e:8b:a9:3a:6b:28:d0:93:7f:fa:c5:11:d4:58:
                    c1:79:c8:03:21:78:ee:fd:95:dc:8d:9c:0b:4c:3b:
                    bd:94:bb:76:3d:fe:1e:8e:b8:27:2e:85:78:ec:3c:
                    75:2a:38:44:eb:01:54:bd:41:c6:cf:c1:8c:43:71:
                    0f:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:C1:A9:1B:53:78:EF:87:61:62:B9:10:D7:3E:E8:6D:FB:F2:C1:33
            X509v3 Authority Key Identifier:
                keyid:DD:39:9E:49:41:89:F6:91:A5:ED:64:F3:BE:3A:6A:3B:50:22:50:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:a3:c0:45:c4:09:17:47:3f:91:48:2e:ec:4d:4c:71:11:47:
         53:5d:c2:6f:c2:75:bb:a8:55:3f:ec:5a:6d:46:23:a9:6c:a2:
         f7:61:a2:4a:e5:9c:63:ae:6f:0a:7b:5e:ff:91:8d:4e:9c:25:
         d4:bd:f4:2b:4b:d7:68:33:4e:ed:35:60:7e:15:9e:ac:cb:fa:
         69:6e:d9:cd:68:6f:34:69:b4:fd:a4:10:26:46:0f:e7:88:24:
         af:f7:dd:a3:bd:a5:78:ad:07:10:06:4d:67:fa:0e:a2:1c:a2:
         9a:90:6e:97:55:df:a2:bb:de:b1:be:0d:88:29:ec:37:9a:fb:
         ad:6f:51:db:d4:0d:18:99:32:50:1c:89:b2:45:02:45:98:a7:
         56:c6:f8:f0:9c:58:00:f9:14:c5:00:ba:e0:88:9b:7b:dd:ac:
         77:b6:41:d0:10:28:74:eb:60:9e:99:85:15:5c:f8:bc:79:14:
         05:6f:09:ee:d4:3a:13:5d:2c:7f:30:f8:64:c9:d7:4a:30:68:
         dc:c3:90:7b:c7:a9:40:ad:bc:93:3c:c1:f9:4a:74:83:11:bf:
         32:8f:e4:4f:ea:e7:89:9d:14:50:0f:bf:e0:e3:83:63:06:05:
         47:ca:67:1f:af:5b:23:05:27:2e:c2:7c:c7:d4:fe:83:d3:a2:
         70:5e:03:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdS2PuYDHzveK4P2Hk71UURMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMzk5ZTQ5NDE4OWY2OTFhNWVkNjRmM2JlM2E2YTNiNTAy
MjUwOTEwHhcNMjUwNjA5MDQwMDQxWhcNMjUwNjEwMDQwMDQxWjAzMTEwLwYDVQQD
EygxMmMxYTkxYjUzNzhlZjg3NjE2MmI5MTBkNzNlZTg2ZGZiZjJjMTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKk3semt5BR2HZ5tSP18AJRdn+kH
QiVc4jkNa6Hl5VVGEavWtVPusIxKIuqIvjmzhtDB6BVzzstKWLnBRrv2cgeIz3wu
+bj4gY9PTIwGQj43K2g6zY5HV9HTgyThbm2Q3OSx1AtisoKyDepWvQuSMrX+OVyp
NmzCfoUYKRSupxMsYQWpR4871AreBXfa8vi5TL6nes7P1AAT7JYxt+/UO18U1Uft
azPaPAMdR+wGlpAk3kc0NuA6ButZisC4ezbXEviifoupOmso0JN/+sUR1FjBecgD
IXju/ZXcjZwLTDu9lLt2Pf4ejrgnLoV47Dx1KjhE6wFUvUHGz8GMQ3EP5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBLBqRtTeO+HYWK5ENc+6G378sEzMB8GA1UdIwQY
MBaAFN05nklBifaRpe1k8746ajtQIlCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1RtZVNVR0o5cEdsN1dUenZqcHFPMUFpVUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8yN2JhNjgtZjE3OC00OTkxLTk2YTct
NDQyYTAzYjdmMDg0LzEvM1RtZVNVR0o5cEdsN1dUenZqcHFPMUFpVUpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8yN2JhNjgtZjE3OC00OTkxLTk2YTctNDQyYTAzYjdmMDg0
LzEvM1RtZVNVR0o5cEdsN1dUenZqcHFPMUFpVUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmqPARcQJ
F0c/kUgu7E1McRFHU13Cb8J1u6hVP+xabUYjqWyi92GiSuWcY65vCnte/5GNTpwl
1L30K0vXaDNO7TVgfhWerMv6aW7ZzWhvNGm0/aQQJkYP54gkr/fdo72leK0HEAZN
Z/oOohyimpBul1Xforvesb4NiCnsN5r7rW9R29QNGJkyUByJskUCRZinVsb48JxY
APkUxQC64Iibe92sd7ZB0BAodOtgnpmFFVz4vHkUBW8J7tQ6E10sfzD4ZMnXSjBo
3MOQe8epQK28kzzB+Up0gxG/Mo/kT+rniZ0UUA+/4OODYwYFR8pnH69bIwUnLsJ8
x9T+g9OicF4DIg==
-----END CERTIFICATE-----