Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/37f0bd-ad1a-42f9-b948-b294f6bf8137/1/PKE4ItxLDjEIGkhX_QQHDW2svgw.mft
File:                     PKE4ItxLDjEIGkhX_QQHDW2svgw.mft (raw, json)
Hash identifier:          hUFhht3CVk9LSHeEk+77DlzclBIXaNgxDZdd153dh5Y=
Subject key identifier:   0E:72:76:60:BD:1C:AE:D1:2C:8E:8D:AD:E9:F7:F8:B2:3D:1F:C3:DD
Authority key identifier: 3C:A1:38:22:DC:4B:0E:31:08:1A:48:57:FD:04:07:0D:6D:AC:BE:0C
Certificate issuer:       /CN=3ca13822dc4b0e31081a4857fd04070d6dacbe0c
Certificate serial:       01974BC3EEF0E97AFA4B42683C0DDBACDB53
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PKE4ItxLDjEIGkhX_QQHDW2svgw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/37f0bd-ad1a-42f9-b948-b294f6bf8137/1/PKE4ItxLDjEIGkhX_QQHDW2svgw.mft
Manifest number:          157A
Signing time:             Sat 07 Jun 2025 19:00:21 +0000
Manifest this update:     Sat 07 Jun 2025 19:00:21 +0000
Manifest next update:     Sun 08 Jun 2025 19:00:21 +0000
Files and hashes:         1: PKE4ItxLDjEIGkhX_QQHDW2svgw.crl (hash: oaqPpyJ2XqiK+VHuFNxoSjoFMjkhfIPiDHA6n0Ugois=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/37f0bd-ad1a-42f9-b948-b294f6bf8137/1/PKE4ItxLDjEIGkhX_QQHDW2svgw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/37f0bd-ad1a-42f9-b948-b294f6bf8137/1/PKE4ItxLDjEIGkhX_QQHDW2svgw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PKE4ItxLDjEIGkhX_QQHDW2svgw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 18:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4b:c3:ee:f0:e9:7a:fa:4b:42:68:3c:0d:db:ac:db:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ca13822dc4b0e31081a4857fd04070d6dacbe0c
        Validity
            Not Before: Jun  7 19:00:21 2025 GMT
            Not After : Jun  8 19:00:21 2025 GMT
        Subject: CN=0e727660bd1caed12c8e8dade9f7f8b23d1fc3dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:b6:a1:66:67:7a:af:39:7f:cd:bd:78:e1:38:
                    34:f3:df:94:cc:d2:60:5d:9d:bc:76:3c:82:1f:9b:
                    18:f1:46:f1:c3:fd:53:81:dc:14:65:e7:24:13:a7:
                    48:23:d3:45:ba:c9:4f:3c:31:39:59:52:c1:cb:0a:
                    f5:6b:ba:33:39:d8:76:40:ab:9b:d2:16:23:ce:b2:
                    1e:98:ad:51:5e:09:b5:bf:87:e2:73:5d:a7:7c:9a:
                    20:c7:74:47:77:2e:19:c1:8f:c3:00:d8:99:14:d4:
                    9b:44:bd:47:c1:34:19:d6:cf:87:e5:69:2f:15:43:
                    6b:3d:44:65:45:ad:50:9a:e1:0a:0f:92:60:b3:41:
                    bc:a0:0d:ee:bf:b0:90:0c:68:a8:c2:14:89:d7:51:
                    4c:95:27:04:1a:1a:f3:5c:53:9c:85:9d:42:4c:ea:
                    a6:79:94:ba:a8:eb:42:d7:ed:82:9f:fa:b9:87:fa:
                    18:89:91:62:be:e2:9c:89:5f:af:fe:29:59:d8:67:
                    10:c8:74:2a:29:97:06:b5:32:8e:a3:7e:62:c8:eb:
                    46:ec:96:14:a3:38:5c:9a:3a:f4:bc:c1:e6:43:79:
                    a3:14:ea:f5:b6:ed:9f:ec:a9:10:4b:cb:02:7f:0c:
                    b8:3a:b4:9c:4c:43:46:fc:49:fe:7f:ac:5d:4d:8a:
                    0c:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:72:76:60:BD:1C:AE:D1:2C:8E:8D:AD:E9:F7:F8:B2:3D:1F:C3:DD
            X509v3 Authority Key Identifier:
                keyid:3C:A1:38:22:DC:4B:0E:31:08:1A:48:57:FD:04:07:0D:6D:AC:BE:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PKE4ItxLDjEIGkhX_QQHDW2svgw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/37f0bd-ad1a-42f9-b948-b294f6bf8137/1/PKE4ItxLDjEIGkhX_QQHDW2svgw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/37f0bd-ad1a-42f9-b948-b294f6bf8137/1/PKE4ItxLDjEIGkhX_QQHDW2svgw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:5a:00:b7:7b:96:26:64:74:ec:32:24:68:0a:69:c0:57:f3:
         93:43:8e:2d:3f:80:cd:f4:2a:7a:44:06:8c:1f:33:5a:40:a6:
         74:8b:9c:a1:f3:a3:58:13:fd:20:3d:fa:05:98:95:8d:fe:6f:
         1f:7e:2a:98:7f:cc:fd:7d:f3:cc:13:55:f4:89:1c:74:a6:cc:
         d6:73:ff:07:c2:70:05:6b:b2:ad:6c:8a:99:fd:3d:9d:cf:70:
         5b:4f:9a:6c:9a:18:88:04:32:5b:5e:f5:98:37:09:1d:8d:36:
         90:66:0a:3e:f6:72:01:dc:60:24:7c:bc:33:68:da:09:80:ef:
         90:89:41:08:b5:e4:b2:74:0e:82:36:91:5a:90:e0:0d:0f:71:
         43:46:2e:3a:36:7a:6d:fc:b4:94:e9:2d:38:1f:f1:a0:d3:94:
         10:70:54:b6:2e:c6:f1:d1:db:aa:3f:55:35:c7:57:76:58:c8:
         1f:18:7b:f3:5f:a3:97:19:e8:d3:b6:38:bc:9c:30:20:70:fa:
         1f:88:a7:79:34:e2:8e:09:03:35:ac:e7:4f:6d:59:62:07:7d:
         e4:7d:fc:38:b4:b4:82:2e:26:03:f3:11:68:a4:ca:10:19:db:
         8f:03:9a:e0:ee:4b:45:df:89:cc:5d:28:78:80:66:98:ab:83:
         ce:b0:1e:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdLw+7w6Xr6S0JoPA3brNtTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjYTEzODIyZGM0YjBlMzEwODFhNDg1N2ZkMDQwNzBkNmRh
Y2JlMGMwHhcNMjUwNjA3MTkwMDIxWhcNMjUwNjA4MTkwMDIxWjAzMTEwLwYDVQQD
EygwZTcyNzY2MGJkMWNhZWQxMmM4ZThkYWRlOWY3ZjhiMjNkMWZjM2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7ahZmd6rzl/zb144Tg089+UzNJg
XZ28djyCH5sY8Ubxw/1TgdwUZeckE6dII9NFuslPPDE5WVLBywr1a7ozOdh2QKub
0hYjzrIemK1RXgm1v4fic12nfJogx3RHdy4ZwY/DANiZFNSbRL1HwTQZ1s+H5Wkv
FUNrPURlRa1QmuEKD5Jgs0G8oA3uv7CQDGiowhSJ11FMlScEGhrzXFOchZ1CTOqm
eZS6qOtC1+2Cn/q5h/oYiZFivuKciV+v/ilZ2GcQyHQqKZcGtTKOo35iyOtG7JYU
ozhcmjr0vMHmQ3mjFOr1tu2f7KkQS8sCfwy4OrScTENG/En+f6xdTYoMiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA5ydmC9HK7RLI6Nren3+LI9H8PdMB8GA1UdIwQY
MBaAFDyhOCLcSw4xCBpIV/0EBw1trL4MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEtFNEl0eExEakVJR2toWF9RUUhEVzJzdmd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8zN2YwYmQtYWQxYS00MmY5LWI5NDgt
YjI5NGY2YmY4MTM3LzEvUEtFNEl0eExEakVJR2toWF9RUUhEVzJzdmd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8zN2YwYmQtYWQxYS00MmY5LWI5NDgtYjI5NGY2YmY4MTM3
LzEvUEtFNEl0eExEakVJR2toWF9RUUhEVzJzdmd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdVoAt3uW
JmR07DIkaAppwFfzk0OOLT+AzfQqekQGjB8zWkCmdIucofOjWBP9ID36BZiVjf5v
H34qmH/M/X3zzBNV9IkcdKbM1nP/B8JwBWuyrWyKmf09nc9wW0+abJoYiAQyW171
mDcJHY02kGYKPvZyAdxgJHy8M2jaCYDvkIlBCLXksnQOgjaRWpDgDQ9xQ0YuOjZ6
bfy0lOktOB/xoNOUEHBUti7G8dHbqj9VNcdXdljIHxh781+jlxno07Y4vJwwIHD6
H4ineTTijgkDNaznT21ZYgd95H38OLS0gi4mA/MRaKTKEBnbjwOa4O5LRd+JzF0o
eIBmmKuDzrAeCA==
-----END CERTIFICATE-----