Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
File:                     DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft (raw, json)
Hash identifier:          6AwS0vvEnRhmB3ZBiM9R2TM7XjWNGYUFmoCmQRLnLOM=
Subject key identifier:   DF:55:57:3F:6B:B5:E8:F5:73:7A:93:A2:BE:37:E9:42:E6:9C:46:12
Authority key identifier: 0E:85:FD:3C:9F:95:58:B2:18:02:2F:F4:09:FC:55:4F:AE:E7:90:90
Certificate issuer:       /CN=0e85fd3c9f9558b218022ff409fc554faee79090
Certificate serial:       019749311B85F45613CC4D4A1C75B0917D51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
Manifest number:          1579
Signing time:             Sat 07 Jun 2025 07:00:44 +0000
Manifest this update:     Sat 07 Jun 2025 07:00:44 +0000
Manifest next update:     Sun 08 Jun 2025 07:00:44 +0000
Files and hashes:         1: DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl (hash: Dm3MhtYPNfoMNCOKmG6vqq1WZD/693MirXLX8S4NQKY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 07:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:31:1b:85:f4:56:13:cc:4d:4a:1c:75:b0:91:7d:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e85fd3c9f9558b218022ff409fc554faee79090
        Validity
            Not Before: Jun  7 07:00:44 2025 GMT
            Not After : Jun  8 07:00:44 2025 GMT
        Subject: CN=df55573f6bb5e8f5737a93a2be37e942e69c4612
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:a0:1f:a6:0d:fe:3e:b5:db:58:a7:74:71:33:
                    68:3a:b1:33:ce:fb:c7:25:80:3f:0b:01:99:1e:c3:
                    e9:21:0c:26:5f:dd:bd:bf:c0:c2:f0:86:7e:3c:1f:
                    b8:2b:d7:c0:72:32:f4:30:6e:be:38:34:b9:b2:f2:
                    55:d1:83:11:72:8d:72:c6:8c:91:f8:15:94:4b:2a:
                    70:e9:d0:a5:91:1d:47:60:2f:0e:3a:81:00:22:7d:
                    cd:82:68:b9:03:0b:63:91:b3:92:d2:f5:c6:e3:6f:
                    e5:f9:53:1d:6f:8a:da:cb:a4:56:d2:35:0a:c7:d7:
                    1b:07:62:01:b4:b7:14:cd:4e:75:41:7c:db:6a:41:
                    99:15:db:a9:b9:28:f7:42:ec:0d:58:ba:24:dd:22:
                    34:d6:ef:14:a1:12:7e:cc:2c:d8:10:f1:bb:c7:af:
                    7b:5a:76:22:0b:d5:75:16:c0:c6:b7:86:88:2f:03:
                    ed:ac:73:1a:f5:91:27:da:78:15:a3:6c:60:ea:0c:
                    66:6b:d8:74:50:6c:d7:d2:ab:22:07:61:3b:ef:33:
                    97:5d:f4:3f:76:fd:67:36:af:90:25:2b:6b:a9:12:
                    ff:90:62:f1:e4:a3:9c:a6:0d:eb:9b:06:90:a8:ff:
                    53:4f:7e:93:99:19:e7:62:79:8d:b9:3b:85:ee:3f:
                    fe:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:55:57:3F:6B:B5:E8:F5:73:7A:93:A2:BE:37:E9:42:E6:9C:46:12
            X509v3 Authority Key Identifier:
                keyid:0E:85:FD:3C:9F:95:58:B2:18:02:2F:F4:09:FC:55:4F:AE:E7:90:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:31:e6:d2:1e:53:37:46:97:bf:2f:43:77:34:ac:39:c5:9a:
         2d:b1:0c:b1:a2:c7:e2:e5:cc:ce:cf:cc:98:e1:fb:ba:7e:53:
         ff:be:7a:a7:c3:ce:44:43:0d:b6:76:7d:4d:40:32:11:6c:0b:
         47:1e:a8:b5:6c:f3:5d:21:17:6b:dc:ac:19:5e:2b:d5:a7:2a:
         d0:1a:b8:ae:bd:02:9e:96:7d:03:e6:43:9f:61:da:12:4a:5d:
         cf:74:e6:ca:fc:d4:e5:d1:e7:3f:1b:f7:4e:ea:f3:96:9f:09:
         04:e2:9d:3b:71:38:74:0a:9c:de:2e:e9:9b:b0:b3:4c:b9:9a:
         84:92:f4:23:a6:23:31:ef:07:b5:96:36:96:d5:8f:f7:46:f4:
         bb:a3:d7:51:32:bb:ad:d8:5a:20:e1:04:40:03:11:68:f8:42:
         2d:ed:7e:a4:65:d0:90:5a:b6:9a:c5:24:ad:6a:c7:38:b6:f9:
         7b:9f:e8:a5:95:24:fc:52:97:43:6e:85:14:2f:b5:ae:e3:1a:
         4c:a7:10:b4:e6:de:63:4c:06:ec:71:61:24:4f:3f:ea:13:1e:
         c0:ea:43:86:fd:ca:a5:b2:67:eb:95:66:c5:4e:4f:6f:63:d4:
         eb:f7:e4:18:e5:80:8d:b0:bd:05:06:c0:c0:62:1a:9a:23:97:
         7d:0f:d5:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJMRuF9FYTzE1KHHWwkX1RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlODVmZDNjOWY5NTU4YjIxODAyMmZmNDA5ZmM1NTRmYWVl
NzkwOTAwHhcNMjUwNjA3MDcwMDQ0WhcNMjUwNjA4MDcwMDQ0WjAzMTEwLwYDVQQD
EyhkZjU1NTczZjZiYjVlOGY1NzM3YTkzYTJiZTM3ZTk0MmU2OWM0NjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqAfpg3+PrXbWKd0cTNoOrEzzvvH
JYA/CwGZHsPpIQwmX929v8DC8IZ+PB+4K9fAcjL0MG6+ODS5svJV0YMRco1yxoyR
+BWUSypw6dClkR1HYC8OOoEAIn3Ngmi5AwtjkbOS0vXG42/l+VMdb4ray6RW0jUK
x9cbB2IBtLcUzU51QXzbakGZFdupuSj3QuwNWLok3SI01u8UoRJ+zCzYEPG7x697
WnYiC9V1FsDGt4aILwPtrHMa9ZEn2ngVo2xg6gxma9h0UGzX0qsiB2E77zOXXfQ/
dv1nNq+QJStrqRL/kGLx5KOcpg3rmwaQqP9TT36TmRnnYnmNuTuF7j/+VwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN9VVz9rtej1c3qTor436ULmnEYSMB8GA1UdIwQY
MBaAFA6F/TyflViyGAIv9An8VU+u55CQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9iM2QzZDktNzkyOC00NThkLTgzNmUt
MzMwM2FmZTVjODliLzEvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9iM2QzZDktNzkyOC00NThkLTgzNmUtMzMwM2FmZTVjODli
LzEvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHjHm0h5T
N0aXvy9DdzSsOcWaLbEMsaLH4uXMzs/MmOH7un5T/756p8POREMNtnZ9TUAyEWwL
Rx6otWzzXSEXa9ysGV4r1acq0Bq4rr0CnpZ9A+ZDn2HaEkpdz3TmyvzU5dHnPxv3
Turzlp8JBOKdO3E4dAqc3i7pm7CzTLmahJL0I6YjMe8HtZY2ltWP90b0u6PXUTK7
rdhaIOEEQAMRaPhCLe1+pGXQkFq2msUkrWrHOLb5e5/opZUk/FKXQ26FFC+1ruMa
TKcQtObeY0wG7HFhJE8/6hMewOpDhv3KpbJn65VmxU5Pb2PU6/fkGOWAjbC9BQbA
wGIamiOXfQ/Veg==
-----END CERTIFICATE-----