Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft
File:                     ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft (raw, json)
Hash identifier:          kZ90c4B4OgRk5XDVipWX1IfKeF7jQ1LwxG1GunbvxlE=
Subject key identifier:   42:1C:63:1D:D0:E1:C4:BB:FA:49:F0:46:CC:C8:28:67:06:B6:24:84
Authority key identifier: 89:B9:8B:1D:BC:4D:B0:FB:D8:65:6D:2B:2B:8A:53:E2:C3:DC:A6:AB
Certificate issuer:       /CN=89b98b1dbc4db0fbd8656d2b2b8a53e2c3dca6ab
Certificate serial:       019747796FE21E08D51D78C4E9BB94B92EEE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ibmLHbxNsPvYZW0rK4pT4sPcpqs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft
Manifest number:          0E78
Signing time:             Fri 06 Jun 2025 23:00:30 +0000
Manifest this update:     Fri 06 Jun 2025 23:00:30 +0000
Manifest next update:     Sat 07 Jun 2025 23:00:30 +0000
Files and hashes:         1: ibmLHbxNsPvYZW0rK4pT4sPcpqs.crl (hash: cg3K5T9dKBBElQkVEFsl3WNkMXaT2Nue6tVODSg35nE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ibmLHbxNsPvYZW0rK4pT4sPcpqs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 23:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:47:79:6f:e2:1e:08:d5:1d:78:c4:e9:bb:94:b9:2e:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89b98b1dbc4db0fbd8656d2b2b8a53e2c3dca6ab
        Validity
            Not Before: Jun  6 23:00:30 2025 GMT
            Not After : Jun  7 23:00:30 2025 GMT
        Subject: CN=421c631dd0e1c4bbfa49f046ccc8286706b62484
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:e4:30:e2:57:a9:12:31:35:91:a8:e3:66:51:
                    70:15:52:ac:b8:87:e3:88:08:eb:d1:3b:5b:57:4e:
                    b1:c8:a1:57:31:3c:6a:b2:2b:ad:23:b6:6c:21:28:
                    36:e6:c0:bf:2c:f4:1e:42:95:17:9e:5b:14:20:22:
                    56:41:5c:e6:4e:16:04:1b:05:72:58:37:3a:4f:63:
                    b4:f1:f6:c0:bd:80:60:70:9f:39:37:c2:aa:ee:ef:
                    5a:7d:24:c2:f8:91:8b:49:bb:8b:9e:1a:0e:8d:9f:
                    65:76:d4:52:86:17:a0:04:9e:5b:97:58:9d:ca:c3:
                    2c:aa:26:2c:b8:08:6c:04:78:25:ce:00:b4:e3:26:
                    ae:7f:1c:48:35:7c:b2:58:46:fb:4f:f7:cc:76:2e:
                    4c:bc:45:45:b3:bd:cc:76:62:bd:2d:05:93:d8:0f:
                    b5:57:69:a1:41:cb:1c:4b:08:50:57:0a:99:22:fe:
                    f4:92:30:d7:4e:83:7f:4a:6c:78:e8:fd:78:d8:1b:
                    dc:49:54:b1:a1:ff:e7:62:8c:65:83:d1:33:72:ba:
                    d1:ce:47:a9:18:16:bf:69:a8:77:02:68:f8:00:a2:
                    32:11:fc:c6:ac:04:c3:40:59:7a:8f:fc:81:2c:c8:
                    7e:8e:5c:63:b0:53:0a:c2:d7:e5:3b:86:67:f5:05:
                    64:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:1C:63:1D:D0:E1:C4:BB:FA:49:F0:46:CC:C8:28:67:06:B6:24:84
            X509v3 Authority Key Identifier:
                keyid:89:B9:8B:1D:BC:4D:B0:FB:D8:65:6D:2B:2B:8A:53:E2:C3:DC:A6:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ibmLHbxNsPvYZW0rK4pT4sPcpqs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:97:1e:c4:ef:0e:70:49:4d:8f:bf:bf:e0:e3:bd:84:d6:9c:
         5b:4a:d3:e7:b2:15:72:14:50:61:bd:12:18:8b:8a:d9:21:03:
         4a:5c:70:61:7b:e5:ff:29:8e:f2:e5:0b:c0:60:16:05:62:82:
         ab:51:5b:63:60:f7:2d:bd:f4:7c:1a:46:c4:15:7d:07:34:c4:
         02:2f:fa:f8:b7:d1:d3:c6:41:f3:b2:94:40:89:ed:a9:cc:54:
         eb:b0:77:9c:e1:bb:e9:d5:b1:57:a3:be:ac:09:f2:52:4e:f9:
         dc:3e:b1:cd:79:93:5a:bf:9e:2e:c6:fd:a5:ee:36:eb:f5:d5:
         e0:9f:f8:fc:cf:f8:36:ff:e8:b7:a4:85:fc:c6:b3:64:78:79:
         1e:a0:a8:32:76:5d:51:59:87:18:2c:f5:f7:af:82:81:e4:43:
         52:51:2e:85:9b:a8:a0:20:51:ca:d8:88:3f:75:51:a4:2c:0a:
         96:58:c9:12:b8:a1:7d:c7:f1:89:dd:93:6b:04:10:c2:28:67:
         b1:e3:c6:4f:7e:33:e5:d5:d2:f5:a4:20:57:2b:f9:6b:2c:8c:
         1f:56:22:98:e7:ee:68:91:ca:28:f9:44:5a:14:91:63:c7:de:
         9b:95:71:d9:7e:67:1e:8a:d5:af:7d:57:a0:52:3b:73:6c:de:
         b5:09:f3:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdHeW/iHgjVHXjE6buUuS7uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5Yjk4YjFkYmM0ZGIwZmJkODY1NmQyYjJiOGE1M2UyYzNk
Y2E2YWIwHhcNMjUwNjA2MjMwMDMwWhcNMjUwNjA3MjMwMDMwWjAzMTEwLwYDVQQD
Eyg0MjFjNjMxZGQwZTFjNGJiZmE0OWYwNDZjY2M4Mjg2NzA2YjYyNDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4+Qw4lepEjE1kajjZlFwFVKsuIfj
iAjr0TtbV06xyKFXMTxqsiutI7ZsISg25sC/LPQeQpUXnlsUICJWQVzmThYEGwVy
WDc6T2O08fbAvYBgcJ85N8Kq7u9afSTC+JGLSbuLnhoOjZ9ldtRShhegBJ5bl1id
ysMsqiYsuAhsBHglzgC04yaufxxINXyyWEb7T/fMdi5MvEVFs73MdmK9LQWT2A+1
V2mhQcscSwhQVwqZIv70kjDXToN/Smx46P142BvcSVSxof/nYoxlg9EzcrrRzkep
GBa/aah3Amj4AKIyEfzGrATDQFl6j/yBLMh+jlxjsFMKwtflO4Zn9QVkOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEIcYx3Q4cS7+knwRszIKGcGtiSEMB8GA1UdIwQY
MBaAFIm5ix28TbD72GVtKyuKU+LD3KarMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWJtTEhieE5zUHZZWlcwcks0cFQ0c1BjcHFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9iNGI2MDAtNDdhNy00NzA3LTlhOWUt
NGRhNTQ0NzE3NjJlLzEvaWJtTEhieE5zUHZZWlcwcks0cFQ0c1BjcHFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9iNGI2MDAtNDdhNy00NzA3LTlhOWUtNGRhNTQ0NzE3NjJl
LzEvaWJtTEhieE5zUHZZWlcwcks0cFQ0c1BjcHFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGZcexO8O
cElNj7+/4OO9hNacW0rT57IVchRQYb0SGIuK2SEDSlxwYXvl/ymO8uULwGAWBWKC
q1FbY2D3Lb30fBpGxBV9BzTEAi/6+LfR08ZB87KUQIntqcxU67B3nOG76dWxV6O+
rAnyUk753D6xzXmTWr+eLsb9pe426/XV4J/4/M/4Nv/ot6SF/MazZHh5HqCoMnZd
UVmHGCz196+CgeRDUlEuhZuooCBRytiIP3VRpCwKlljJErihfcfxid2TawQQwihn
sePGT34z5dXS9aQgVyv5ayyMH1YimOfuaJHKKPlEWhSRY8fem5Vx2X5nHorVr31X
oFI7c2zetQnzOQ==
-----END CERTIFICATE-----