Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft
File:                     3IiUXIhnpyYro3mzpphACRpPGQQ.mft (raw, json)
Hash identifier:          C1rQlhD2Gb/gCd+j67eaCIZx5GSlkPpVDhdzPyjXddE=
Subject key identifier:   AC:77:B1:A6:C8:1C:2E:3F:47:84:3F:02:63:11:7C:5D:D3:FC:57:D7
Authority key identifier: DC:88:94:5C:88:67:A7:26:2B:A3:79:B3:A6:98:40:09:1A:4F:19:04
Certificate issuer:       /CN=dc88945c8867a7262ba379b3a69840091a4f1904
Certificate serial:       019749314E7577EF157DFFC4BD83766579D2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft
Manifest number:          094E
Signing time:             Sat 07 Jun 2025 07:00:57 +0000
Manifest this update:     Sat 07 Jun 2025 07:00:57 +0000
Manifest next update:     Sun 08 Jun 2025 07:00:57 +0000
Files and hashes:         1: 3IiUXIhnpyYro3mzpphACRpPGQQ.crl (hash: mz/Xa0kC41pzqmQFZmOnm7kusIe7tAVIuR7cUogAx+k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:31:4e:75:77:ef:15:7d:ff:c4:bd:83:76:65:79:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc88945c8867a7262ba379b3a69840091a4f1904
        Validity
            Not Before: Jun  7 07:00:57 2025 GMT
            Not After : Jun  8 07:00:57 2025 GMT
        Subject: CN=ac77b1a6c81c2e3f47843f0263117c5dd3fc57d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:14:96:c4:79:0e:14:cf:e2:0e:7f:d3:00:2e:
                    fe:7d:6c:85:ef:03:01:85:9a:b3:d9:70:77:19:16:
                    7c:b1:44:a8:63:af:d7:fc:82:33:57:90:d4:14:b2:
                    66:22:3a:46:2f:8a:32:5a:7a:0e:e2:5a:68:78:64:
                    49:c8:b8:f4:d8:d3:7e:46:0a:06:95:e9:59:ad:eb:
                    75:05:eb:bf:a3:89:fa:ec:b4:07:b8:26:93:75:d0:
                    8d:08:04:68:3e:bf:87:45:55:52:e9:e5:53:1f:8e:
                    ad:9d:72:ed:9d:0c:e2:2e:67:45:22:12:6a:20:94:
                    eb:07:9d:a6:a1:95:bf:d4:bd:90:dc:3a:81:81:9a:
                    f5:7b:ec:df:7e:93:19:99:5d:f6:9a:fd:52:d7:50:
                    28:cc:41:ad:cd:a3:11:9a:4d:be:df:a5:55:fe:c2:
                    74:0a:06:9f:82:01:81:3d:1b:b7:50:29:9e:0a:63:
                    37:76:ca:bd:95:2f:92:8b:21:2d:25:58:f0:aa:c5:
                    53:61:2b:dd:d3:31:ea:90:ff:4b:ec:cf:47:d0:b0:
                    44:ea:fc:c4:c4:ac:99:f1:fd:c4:b5:ad:61:cc:4d:
                    32:1d:3a:10:c9:f8:07:84:71:a2:61:87:55:ba:ad:
                    08:74:49:92:a9:63:9f:04:15:37:2d:c8:9c:ba:c1:
                    eb:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:77:B1:A6:C8:1C:2E:3F:47:84:3F:02:63:11:7C:5D:D3:FC:57:D7
            X509v3 Authority Key Identifier:
                keyid:DC:88:94:5C:88:67:A7:26:2B:A3:79:B3:A6:98:40:09:1A:4F:19:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:d6:4b:6f:47:17:2b:e2:c3:33:36:bb:ce:e0:4a:6c:ca:be:
         14:c2:dd:1e:6c:4b:c3:15:26:5a:d4:06:3c:db:00:f1:a9:d1:
         8a:45:14:3c:a1:c9:6f:59:a8:84:e8:10:63:a2:e3:f7:f9:97:
         c0:4d:a1:e5:ad:85:43:cd:4a:e0:ff:71:db:29:9e:e8:12:9f:
         d5:2c:59:1a:5a:77:c8:f5:e2:2f:05:4d:51:1f:02:5d:c5:c2:
         47:c5:ab:3d:30:31:28:b4:3b:e3:34:98:06:7a:97:5e:11:9f:
         e0:35:39:ac:38:4a:b7:b0:36:01:4e:23:c9:2f:3c:ac:4b:0a:
         66:d3:2f:bf:18:8f:16:0b:ff:26:fd:52:ec:c2:f4:48:48:3a:
         a5:04:fa:df:54:4a:ab:6f:b4:94:26:f1:d7:3b:c1:32:5c:e9:
         f5:3b:b6:7f:4a:e7:d6:ee:8a:f4:ec:f3:d5:10:3b:06:78:55:
         c6:2e:66:78:65:9a:ef:91:68:d6:0f:03:8b:ad:76:7f:7b:ef:
         4f:a8:1a:5a:40:50:9d:98:37:7b:2e:6c:63:e9:6d:ec:03:40:
         76:e9:76:0c:30:da:32:49:5f:11:f5:6e:af:5b:17:ec:54:29:
         02:50:97:e1:e8:90:f4:cc:5e:76:6a:c0:05:cf:ef:df:4d:85:
         f9:92:d6:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJMU51d+8Vff/EvYN2ZXnSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjODg5NDVjODg2N2E3MjYyYmEzNzliM2E2OTg0MDA5MWE0
ZjE5MDQwHhcNMjUwNjA3MDcwMDU3WhcNMjUwNjA4MDcwMDU3WjAzMTEwLwYDVQQD
EyhhYzc3YjFhNmM4MWMyZTNmNDc4NDNmMDI2MzExN2M1ZGQzZmM1N2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRSWxHkOFM/iDn/TAC7+fWyF7wMB
hZqz2XB3GRZ8sUSoY6/X/IIzV5DUFLJmIjpGL4oyWnoO4lpoeGRJyLj02NN+RgoG
lelZret1Beu/o4n67LQHuCaTddCNCARoPr+HRVVS6eVTH46tnXLtnQziLmdFIhJq
IJTrB52moZW/1L2Q3DqBgZr1e+zffpMZmV32mv1S11AozEGtzaMRmk2+36VV/sJ0
CgafggGBPRu3UCmeCmM3dsq9lS+SiyEtJVjwqsVTYSvd0zHqkP9L7M9H0LBE6vzE
xKyZ8f3Eta1hzE0yHToQyfgHhHGiYYdVuq0IdEmSqWOfBBU3LcicusHrKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKx3sabIHC4/R4Q/AmMRfF3T/FfXMB8GA1UdIwQY
MBaAFNyIlFyIZ6cmK6N5s6aYQAkaTxkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS82MjEwMjItNDM1MC00MTlmLTk0N2Et
OWNmZjFhZWUyYjBjLzEvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS82MjEwMjItNDM1MC00MTlmLTk0N2EtOWNmZjFhZWUyYjBj
LzEvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi9ZLb0cX
K+LDMza7zuBKbMq+FMLdHmxLwxUmWtQGPNsA8anRikUUPKHJb1mohOgQY6Lj9/mX
wE2h5a2FQ81K4P9x2yme6BKf1SxZGlp3yPXiLwVNUR8CXcXCR8WrPTAxKLQ74zSY
BnqXXhGf4DU5rDhKt7A2AU4jyS88rEsKZtMvvxiPFgv/Jv1S7ML0SEg6pQT631RK
q2+0lCbx1zvBMlzp9Tu2f0rn1u6K9Ozz1RA7BnhVxi5meGWa75Fo1g8Di612f3vv
T6gaWkBQnZg3ey5sY+lt7ANAdul2DDDaMklfEfVur1sX7FQpAlCX4eiQ9MxedmrA
Bc/v302F+ZLWPg==
-----END CERTIFICATE-----