Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/da33ae-16cc-4c9a-bf9c-717998aa3cff/1/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.mft
File:                     dOQ_nlrj9ur7UGiuiPGMKeRDWQc.mft (raw, json)
Hash identifier:          nXoso8MtubSS84YjUvETF0GXS1miGSlp7CRKILbnVpw=
Subject key identifier:   A1:07:EE:D0:28:55:67:FD:8A:95:3B:E4:5B:A9:7F:9A:BE:47:FB:C4
Authority key identifier: 74:E4:3F:9E:5A:E3:F6:EA:FB:50:68:AE:88:F1:8C:29:E4:43:59:07
Certificate issuer:       /CN=74e43f9e5ae3f6eafb5068ae88f18c29e4435907
Certificate serial:       0197CDCD70F3F8EC5944892A7168F31A0A29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/da33ae-16cc-4c9a-bf9c-717998aa3cff/1/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.mft
Manifest number:          15BD
Signing time:             Thu 03 Jul 2025 01:01:22 +0000
Manifest this update:     Thu 03 Jul 2025 01:01:22 +0000
Manifest next update:     Fri 04 Jul 2025 01:01:22 +0000
Files and hashes:         1: dOQ_nlrj9ur7UGiuiPGMKeRDWQc.crl (hash: h0rIiT83SouPagcVzZ076CwFsu/qUG2Qg7z8kfgnQPA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/da33ae-16cc-4c9a-bf9c-717998aa3cff/1/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/da33ae-16cc-4c9a-bf9c-717998aa3cff/1/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 04 Jul 2025 01:01:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:cd:cd:70:f3:f8:ec:59:44:89:2a:71:68:f3:1a:0a:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74e43f9e5ae3f6eafb5068ae88f18c29e4435907
        Validity
            Not Before: Jul  3 01:01:22 2025 GMT
            Not After : Jul  4 01:01:22 2025 GMT
        Subject: CN=a107eed0285567fd8a953be45ba97f9abe47fbc4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:98:cf:bd:24:3e:83:04:a2:79:c4:d5:e5:25:
                    9a:5a:5a:34:ee:87:4a:5f:e0:b6:ed:13:6a:6d:1a:
                    f2:51:4a:15:7a:d2:29:a1:b3:95:6d:e7:8a:63:3a:
                    01:8b:06:f0:98:bd:ba:22:88:ba:35:0f:34:8f:74:
                    bf:60:f1:f6:2e:79:09:c3:68:df:6d:4e:9d:a4:a3:
                    6c:a8:1c:4b:8f:aa:5e:9b:f1:cf:90:fe:12:1a:f7:
                    f4:b8:7d:80:da:ea:2b:4c:7f:fc:25:44:40:0c:fc:
                    53:69:8c:15:f6:19:c5:64:2a:5a:46:90:63:a2:ee:
                    e9:af:c7:93:76:a2:32:d7:10:49:1d:48:ae:29:49:
                    b4:b4:23:4f:85:cf:93:3c:3f:c3:2b:83:0d:60:cd:
                    b5:e9:81:c3:60:44:64:c6:f2:5f:be:38:49:03:fd:
                    ca:4f:c8:ad:92:15:5a:7d:a7:f3:d6:f3:fb:0c:8a:
                    2f:be:11:c9:d7:32:21:36:f5:da:c6:1a:2a:25:82:
                    8d:15:6e:2c:4b:69:1d:6b:de:a5:a8:54:ed:0c:10:
                    0b:0e:a2:47:92:3b:d7:17:1b:75:0a:34:63:4e:70:
                    cf:d4:52:1a:84:49:e4:c0:10:b0:21:59:12:94:fe:
                    4b:ef:d1:a4:2f:22:5a:a2:10:36:eb:57:c0:7f:d1:
                    13:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:07:EE:D0:28:55:67:FD:8A:95:3B:E4:5B:A9:7F:9A:BE:47:FB:C4
            X509v3 Authority Key Identifier:
                keyid:74:E4:3F:9E:5A:E3:F6:EA:FB:50:68:AE:88:F1:8C:29:E4:43:59:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/da33ae-16cc-4c9a-bf9c-717998aa3cff/1/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/da33ae-16cc-4c9a-bf9c-717998aa3cff/1/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:f8:37:9b:73:e3:f0:9d:69:21:2d:f5:71:87:c8:cb:60:6b:
         c6:8d:2a:a0:d4:95:2b:ed:2b:bf:79:91:b7:3f:3d:4c:90:76:
         d5:52:d9:c0:a0:b8:66:ac:9d:94:99:05:94:70:41:db:e7:47:
         c4:a4:a7:56:e8:d6:53:58:c5:01:4f:29:44:a2:43:1d:8c:07:
         1b:81:6c:b6:02:d1:f7:8b:f4:27:e9:f1:f5:61:83:ce:f6:62:
         7b:4f:3a:f2:bf:77:ad:28:bc:19:62:5a:03:1f:fc:49:fb:05:
         35:c0:28:f7:b1:ac:4c:a5:39:96:53:48:56:a7:92:b5:3e:74:
         f5:c4:40:21:04:39:3a:36:ad:5e:13:3c:07:7c:2f:33:74:f8:
         d1:d5:53:a9:b9:53:69:04:a7:96:0d:b6:3c:99:08:4f:74:f9:
         55:a4:cd:e1:7c:8f:5e:2f:a8:ab:d1:92:b0:11:44:72:b0:a9:
         e6:72:95:70:96:79:73:d9:cd:18:6e:01:88:ea:27:82:47:57:
         6e:f7:e8:04:41:66:3c:1e:94:a5:aa:25:d5:fa:c6:2c:d2:d8:
         bd:6d:52:81:e2:73:97:8e:da:14:d5:6d:41:2d:de:15:b7:09:
         b9:79:49:84:b8:9c:ed:b4:53:dc:60:2a:48:f9:4c:d6:cd:1f:
         94:74:87:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfNzXDz+OxZRIkqcWjzGgopMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZTQzZjllNWFlM2Y2ZWFmYjUwNjhhZTg4ZjE4YzI5ZTQ0
MzU5MDcwHhcNMjUwNzAzMDEwMTIyWhcNMjUwNzA0MDEwMTIyWjAzMTEwLwYDVQQD
EyhhMTA3ZWVkMDI4NTU2N2ZkOGE5NTNiZTQ1YmE5N2Y5YWJlNDdmYmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZjPvSQ+gwSiecTV5SWaWlo07odK
X+C27RNqbRryUUoVetIpobOVbeeKYzoBiwbwmL26Ioi6NQ80j3S/YPH2LnkJw2jf
bU6dpKNsqBxLj6pem/HPkP4SGvf0uH2A2uorTH/8JURADPxTaYwV9hnFZCpaRpBj
ou7pr8eTdqIy1xBJHUiuKUm0tCNPhc+TPD/DK4MNYM216YHDYERkxvJfvjhJA/3K
T8itkhVafafz1vP7DIovvhHJ1zIhNvXaxhoqJYKNFW4sS2kda96lqFTtDBALDqJH
kjvXFxt1CjRjTnDP1FIahEnkwBCwIVkSlP5L79GkLyJaohA261fAf9ETfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKEH7tAoVWf9ipU75Fupf5q+R/vEMB8GA1UdIwQY
MBaAFHTkP55a4/bq+1BorojxjCnkQ1kHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZE9RX25scmo5dXI3VUdpdWlQR01LZVJEV1FjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9kYTMzYWUtMTZjYy00YzlhLWJmOWMt
NzE3OTk4YWEzY2ZmLzEvZE9RX25scmo5dXI3VUdpdWlQR01LZVJEV1FjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9kYTMzYWUtMTZjYy00YzlhLWJmOWMtNzE3OTk4YWEzY2Zm
LzEvZE9RX25scmo5dXI3VUdpdWlQR01LZVJEV1FjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFvg3m3Pj
8J1pIS31cYfIy2Brxo0qoNSVK+0rv3mRtz89TJB21VLZwKC4ZqydlJkFlHBB2+dH
xKSnVujWU1jFAU8pRKJDHYwHG4FstgLR94v0J+nx9WGDzvZie0868r93rSi8GWJa
Ax/8SfsFNcAo97GsTKU5llNIVqeStT509cRAIQQ5OjatXhM8B3wvM3T40dVTqblT
aQSnlg22PJkIT3T5VaTN4XyPXi+oq9GSsBFEcrCp5nKVcJZ5c9nNGG4BiOongkdX
bvfoBEFmPB6Upaol1frGLNLYvW1SgeJzl47aFNVtQS3eFbcJuXlJhLic7bRT3GAq
SPlM1s0flHSHbg==
-----END CERTIFICATE-----