Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/d9be40-cd42-4a6c-9d4e-1dfbd1efd5d4/1/3plxFn-T_DSzvEebsh_2LTvzyYQ.mft
File:                     3plxFn-T_DSzvEebsh_2LTvzyYQ.mft (raw, json)
Hash identifier:          JWpsWeU/2kJ8yDLgmVFeGWFhSn4/zYHKzV3ARTrvUtU=
Subject key identifier:   72:51:54:2E:5E:26:AF:F0:D0:3B:50:DC:8E:3C:87:09:2E:09:87:12
Authority key identifier: DE:99:71:16:7F:93:FC:34:B3:BC:47:9B:B2:1F:F6:2D:3B:F3:C9:84
Certificate issuer:       /CN=de9971167f93fc34b3bc479bb21ff62d3bf3c984
Certificate serial:       019749D5C9CB5C0C0F023B8E053DBEA5FBB5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3plxFn-T_DSzvEebsh_2LTvzyYQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/d9be40-cd42-4a6c-9d4e-1dfbd1efd5d4/1/3plxFn-T_DSzvEebsh_2LTvzyYQ.mft
Manifest number:          017E
Signing time:             Sat 07 Jun 2025 10:00:36 +0000
Manifest this update:     Sat 07 Jun 2025 10:00:36 +0000
Manifest next update:     Sun 08 Jun 2025 10:00:36 +0000
Files and hashes:         1: 3plxFn-T_DSzvEebsh_2LTvzyYQ.crl (hash: t2aK428Y+twnA8WFLM0ykKM30apF2rhAJsUTiGQcjgA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/d9be40-cd42-4a6c-9d4e-1dfbd1efd5d4/1/3plxFn-T_DSzvEebsh_2LTvzyYQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/d9be40-cd42-4a6c-9d4e-1dfbd1efd5d4/1/3plxFn-T_DSzvEebsh_2LTvzyYQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3plxFn-T_DSzvEebsh_2LTvzyYQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:d5:c9:cb:5c:0c:0f:02:3b:8e:05:3d:be:a5:fb:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de9971167f93fc34b3bc479bb21ff62d3bf3c984
        Validity
            Not Before: Jun  7 10:00:36 2025 GMT
            Not After : Jun  8 10:00:36 2025 GMT
        Subject: CN=7251542e5e26aff0d03b50dc8e3c87092e098712
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:30:3c:77:3a:60:e7:83:90:90:9e:ba:12:8a:
                    78:40:af:4e:06:78:42:f3:1c:0c:3a:ee:55:61:58:
                    33:e0:0e:6a:bf:76:29:06:01:12:43:62:80:40:01:
                    c2:d5:4c:5b:10:0f:d9:1b:40:02:fc:b8:66:dc:b6:
                    ec:5c:5e:48:bb:a1:2e:c4:da:ea:73:62:06:53:03:
                    8a:1a:3d:68:f5:0f:5b:95:53:0a:87:b2:4c:c9:66:
                    3f:a2:4d:b7:c4:dc:d5:e5:1a:25:99:ce:ea:b1:1a:
                    90:48:7a:15:61:76:a5:ff:cc:63:a0:b9:f5:6a:60:
                    34:54:73:5c:f1:8d:45:02:72:5a:04:39:1d:ef:4f:
                    8a:a2:4e:aa:15:39:ce:c2:21:24:55:b7:97:44:f4:
                    43:ea:5d:e1:ad:ed:4b:9c:af:ba:52:32:8e:5b:72:
                    5f:2e:47:f4:d9:c3:d0:ea:6b:73:fc:d3:33:3f:f4:
                    4b:43:60:68:f0:9e:8d:04:58:5b:db:c0:37:c2:29:
                    3e:ed:34:5e:1b:43:e7:5e:cd:50:56:ec:fb:33:47:
                    ca:8a:20:6b:30:93:a4:6b:25:4f:2c:d8:55:27:70:
                    6a:f4:c2:5c:fa:c2:ba:c4:6d:f2:34:99:dd:99:ad:
                    50:16:27:b8:08:af:da:fa:78:2f:b5:af:91:de:f9:
                    19:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:51:54:2E:5E:26:AF:F0:D0:3B:50:DC:8E:3C:87:09:2E:09:87:12
            X509v3 Authority Key Identifier:
                keyid:DE:99:71:16:7F:93:FC:34:B3:BC:47:9B:B2:1F:F6:2D:3B:F3:C9:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3plxFn-T_DSzvEebsh_2LTvzyYQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d9be40-cd42-4a6c-9d4e-1dfbd1efd5d4/1/3plxFn-T_DSzvEebsh_2LTvzyYQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d9be40-cd42-4a6c-9d4e-1dfbd1efd5d4/1/3plxFn-T_DSzvEebsh_2LTvzyYQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:e0:20:92:02:a3:d0:19:f6:b6:6d:3f:a1:4a:58:5f:8e:9f:
         c3:9a:74:b0:ce:30:11:a5:63:5b:47:f4:df:b1:36:ed:30:5a:
         ef:09:6c:af:f1:82:73:78:33:75:60:66:e2:4a:b6:52:b2:e6:
         a9:79:21:4b:95:32:96:7e:b5:0e:e5:46:98:f1:ce:40:85:fd:
         47:14:e3:5f:4c:f8:2f:7a:2d:48:77:53:69:85:4e:12:11:5f:
         91:10:ec:df:ec:ac:ce:5a:fd:8e:d7:57:c6:de:76:fe:dd:47:
         9f:e9:55:a7:0a:91:45:c2:2b:d1:5a:b6:b8:7b:c6:5a:8c:99:
         76:e1:b2:f7:ba:51:84:91:7a:b3:04:0f:34:ec:ba:3f:bf:78:
         9d:3f:e9:01:10:6d:26:15:75:aa:7b:63:c7:aa:21:e4:ad:f8:
         53:81:10:6f:50:ae:44:46:91:e3:42:ba:6c:29:43:c6:80:c0:
         c4:ec:63:b3:56:c3:8c:29:a1:4b:54:3f:14:63:2a:67:43:c1:
         8e:2f:4c:99:4c:37:79:4f:b1:cb:4b:a7:07:69:d7:6f:f5:16:
         a0:ab:56:a0:3b:df:77:1c:0a:f5:cc:8e:f0:46:af:85:86:03:
         89:69:9d:d7:63:56:db:fa:4a:bc:a4:40:8b:86:28:7b:a6:20:
         d8:4d:bb:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJ1cnLXAwPAjuOBT2+pfu1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlOTk3MTE2N2Y5M2ZjMzRiM2JjNDc5YmIyMWZmNjJkM2Jm
M2M5ODQwHhcNMjUwNjA3MTAwMDM2WhcNMjUwNjA4MTAwMDM2WjAzMTEwLwYDVQQD
Eyg3MjUxNTQyZTVlMjZhZmYwZDAzYjUwZGM4ZTNjODcwOTJlMDk4NzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2jA8dzpg54OQkJ66Eop4QK9OBnhC
8xwMOu5VYVgz4A5qv3YpBgESQ2KAQAHC1UxbEA/ZG0AC/Lhm3LbsXF5Iu6EuxNrq
c2IGUwOKGj1o9Q9blVMKh7JMyWY/ok23xNzV5Rolmc7qsRqQSHoVYXal/8xjoLn1
amA0VHNc8Y1FAnJaBDkd70+Kok6qFTnOwiEkVbeXRPRD6l3hre1LnK+6UjKOW3Jf
Lkf02cPQ6mtz/NMzP/RLQ2Bo8J6NBFhb28A3wik+7TReG0PnXs1QVuz7M0fKiiBr
MJOkayVPLNhVJ3Bq9MJc+sK6xG3yNJndma1QFie4CK/a+ngvta+R3vkZ6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHJRVC5eJq/w0DtQ3I48hwkuCYcSMB8GA1UdIwQY
MBaAFN6ZcRZ/k/w0s7xHm7If9i0788mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3BseEZuLVRfRFN6dkVlYnNoXzJMVHZ6eVlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9kOWJlNDAtY2Q0Mi00YTZjLTlkNGUt
MWRmYmQxZWZkNWQ0LzEvM3BseEZuLVRfRFN6dkVlYnNoXzJMVHZ6eVlRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9kOWJlNDAtY2Q0Mi00YTZjLTlkNGUtMWRmYmQxZWZkNWQ0
LzEvM3BseEZuLVRfRFN6dkVlYnNoXzJMVHZ6eVlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgeAgkgKj
0Bn2tm0/oUpYX46fw5p0sM4wEaVjW0f037E27TBa7wlsr/GCc3gzdWBm4kq2UrLm
qXkhS5Uyln61DuVGmPHOQIX9RxTjX0z4L3otSHdTaYVOEhFfkRDs3+yszlr9jtdX
xt52/t1Hn+lVpwqRRcIr0Vq2uHvGWoyZduGy97pRhJF6swQPNOy6P794nT/pARBt
JhV1qntjx6oh5K34U4EQb1CuREaR40K6bClDxoDAxOxjs1bDjCmhS1Q/FGMqZ0PB
ji9MmUw3eU+xy0unB2nXb/UWoKtWoDvfdxwK9cyO8EavhYYDiWmd12NW2/pKvKRA
i4Yoe6Yg2E27Hg==
-----END CERTIFICATE-----