Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft
File:                     pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft (raw, json)
Hash identifier:          ANc8+QBByBb81SwPlQRbrqje5Zj5CHjAe56PPboO1x4=
Subject key identifier:   4A:F2:B3:16:28:A6:37:09:D6:3F:C0:27:CC:FB:48:EC:54:24:FC:AD
Authority key identifier: A4:D3:80:41:AE:4E:73:15:77:24:AA:9F:3E:E0:43:05:E5:F1:28:34
Certificate issuer:       /CN=a4d38041ae4e73157724aa9f3ee04305e5f12834
Certificate serial:       01976D3D4B4694A71CB29B298E3ECB8A604E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft
Manifest number:          155F
Signing time:             Sat 14 Jun 2025 07:00:22 +0000
Manifest this update:     Sat 14 Jun 2025 07:00:22 +0000
Manifest next update:     Sun 15 Jun 2025 07:00:22 +0000
Files and hashes:         1: pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl (hash: bfUiTbokPKvrvV4jhx1NFZpySThUwwGS9hlL61OmwiY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3d:4b:46:94:a7:1c:b2:9b:29:8e:3e:cb:8a:60:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a4d38041ae4e73157724aa9f3ee04305e5f12834
        Validity
            Not Before: Jun 14 07:00:22 2025 GMT
            Not After : Jun 15 07:00:22 2025 GMT
        Subject: CN=4af2b31628a63709d63fc027ccfb48ec5424fcad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:bc:bc:ef:66:eb:59:94:ea:41:be:9d:9a:d2:
                    31:a7:62:60:34:f0:e4:73:84:c5:60:0d:42:bf:95:
                    36:48:1c:9d:53:09:10:eb:b9:2b:0b:6c:9a:d9:df:
                    f7:5b:91:0b:05:67:c7:d0:b9:17:8f:e8:1c:a5:53:
                    60:f7:b5:7e:e9:f1:05:40:05:2a:70:c2:c2:0c:95:
                    3a:f0:1c:01:7c:f5:63:6e:de:e5:00:c9:ae:92:fa:
                    73:96:bd:ae:83:2b:37:14:df:d7:d7:05:13:d0:a5:
                    c3:e5:96:8a:8e:17:b6:5e:f6:ee:47:e3:21:77:f7:
                    bb:0e:91:55:da:bb:e0:ed:f5:35:ee:f4:50:a3:3e:
                    c3:92:4d:10:1b:2c:ea:d0:81:82:e7:8e:9e:59:99:
                    41:50:d2:88:c0:34:b0:f4:17:67:7a:76:c4:e1:a4:
                    b3:1a:8b:23:87:16:0a:64:e9:2d:15:2a:fb:ef:bd:
                    92:2e:45:35:db:a8:f8:61:ae:b4:3b:0c:d9:4d:72:
                    4c:1d:ba:d9:ee:20:f9:ae:3a:24:df:b2:82:30:9d:
                    3e:94:98:b2:e0:36:d2:24:88:1e:2e:3e:c2:2a:30:
                    4f:41:ff:b2:b4:4a:55:db:0e:3c:e8:db:ee:48:89:
                    2a:87:ae:09:71:4d:d9:b8:1d:bf:2f:25:78:14:8e:
                    43:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:F2:B3:16:28:A6:37:09:D6:3F:C0:27:CC:FB:48:EC:54:24:FC:AD
            X509v3 Authority Key Identifier:
                keyid:A4:D3:80:41:AE:4E:73:15:77:24:AA:9F:3E:E0:43:05:E5:F1:28:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:7a:61:ff:bf:7f:d4:fc:bb:27:b9:5d:d5:62:a3:20:16:7d:
         f2:32:47:69:ae:97:f8:41:2c:f2:3b:f5:aa:14:0d:e3:59:85:
         d6:66:a2:cd:e0:9b:46:12:ff:f5:b1:5d:3d:7d:0b:00:52:3c:
         a7:7d:b2:c7:9e:5f:7c:e3:69:b4:6a:44:d4:71:b6:69:16:2d:
         dc:02:7b:1b:9d:c3:d9:5c:ae:e6:a0:db:50:5f:72:1f:32:b3:
         27:d7:dc:12:98:b2:c5:f2:03:43:4b:38:56:c0:9f:1b:30:c6:
         69:8e:35:7f:c5:5f:66:db:68:c1:29:ad:f2:45:b6:8c:4e:be:
         7a:8a:c1:93:3d:60:f7:d3:cb:70:fe:81:85:10:fb:25:ad:5a:
         c0:a7:bb:7f:78:8f:7c:7b:09:18:bb:b6:05:bd:92:bd:95:bf:
         02:97:34:33:90:f6:b9:50:ad:bc:64:fb:a1:7f:e0:ba:b4:dd:
         4d:03:d5:4f:40:bc:0d:f1:4b:6b:a2:08:59:33:6d:31:8f:bb:
         cf:c5:b4:e2:d2:97:58:eb:30:7b:53:f8:82:f3:13:f3:b1:3e:
         00:a3:46:5f:6a:bb:64:cd:a0:0f:97:6a:b5:da:b1:78:05:64:
         a7:a0:de:df:a4:75:5c:43:26:95:19:82:65:a4:3f:05:0d:87:
         73:47:de:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPUtGlKccspspjj7LimBOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZDM4MDQxYWU0ZTczMTU3NzI0YWE5ZjNlZTA0MzA1ZTVm
MTI4MzQwHhcNMjUwNjE0MDcwMDIyWhcNMjUwNjE1MDcwMDIyWjAzMTEwLwYDVQQD
Eyg0YWYyYjMxNjI4YTYzNzA5ZDYzZmMwMjdjY2ZiNDhlYzU0MjRmY2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoby872brWZTqQb6dmtIxp2JgNPDk
c4TFYA1Cv5U2SBydUwkQ67krC2ya2d/3W5ELBWfH0LkXj+gcpVNg97V+6fEFQAUq
cMLCDJU68BwBfPVjbt7lAMmukvpzlr2ugys3FN/X1wUT0KXD5ZaKjhe2XvbuR+Mh
d/e7DpFV2rvg7fU17vRQoz7Dkk0QGyzq0IGC546eWZlBUNKIwDSw9BdnenbE4aSz
GosjhxYKZOktFSr7772SLkU126j4Ya60OwzZTXJMHbrZ7iD5rjok37KCMJ0+lJiy
4DbSJIgeLj7CKjBPQf+ytEpV2w486NvuSIkqh64JcU3ZuB2/LyV4FI5DnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFErysxYopjcJ1j/AJ8z7SOxUJPytMB8GA1UdIwQY
MBaAFKTTgEGuTnMVdySqnz7gQwXl8Sg0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi80YjQ4ZjMtODgwOC00NzNkLWE3ZTYt
MTg2YjI4Njg1NGJlLzEvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi80YjQ4ZjMtODgwOC00NzNkLWE3ZTYtMTg2YjI4Njg1NGJl
LzEvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG3ph/79/
1Py7J7ld1WKjIBZ98jJHaa6X+EEs8jv1qhQN41mF1maizeCbRhL/9bFdPX0LAFI8
p32yx55ffONptGpE1HG2aRYt3AJ7G53D2Vyu5qDbUF9yHzKzJ9fcEpiyxfIDQ0s4
VsCfGzDGaY41f8VfZttowSmt8kW2jE6+eorBkz1g99PLcP6BhRD7Ja1awKe7f3iP
fHsJGLu2Bb2SvZW/Apc0M5D2uVCtvGT7oX/gurTdTQPVT0C8DfFLa6IIWTNtMY+7
z8W04tKXWOswe1P4gvMT87E+AKNGX2q7ZM2gD5dqtdqxeAVkp6De36R1XEMmlRmC
ZaQ/BQ2Hc0fe5g==
-----END CERTIFICATE-----