Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/d531a8-02ae-4b0b-8f44-5287698aff3c/1/dLCDZQKVGJ8AmqdMEsvGHuI_p1M.mft
File:                     dLCDZQKVGJ8AmqdMEsvGHuI_p1M.mft (raw, json)
Hash identifier:          0bm3YHS5wqnS3GDq9zW4mMexma7QLb7uQkjOwDNYHyw=
Subject key identifier:   1C:40:62:22:3B:17:89:73:7F:AE:7A:CB:61:1F:2F:64:92:2A:17:1B
Authority key identifier: 74:B0:83:65:02:95:18:9F:00:9A:A7:4C:12:CB:C6:1E:E2:3F:A7:53
Certificate issuer:       /CN=74b083650295189f009aa74c12cbc61ee23fa753
Certificate serial:       01974C697363F30C421D586DE321F41C3BCF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dLCDZQKVGJ8AmqdMEsvGHuI_p1M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/d531a8-02ae-4b0b-8f44-5287698aff3c/1/dLCDZQKVGJ8AmqdMEsvGHuI_p1M.mft
Manifest number:          157C
Signing time:             Sat 07 Jun 2025 22:01:08 +0000
Manifest this update:     Sat 07 Jun 2025 22:01:08 +0000
Manifest next update:     Sun 08 Jun 2025 22:01:08 +0000
Files and hashes:         1: dLCDZQKVGJ8AmqdMEsvGHuI_p1M.crl (hash: fwBlQgg2wlK5XSSUdthFYWKxG+BFieMCH/Z5WBktT+8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/d531a8-02ae-4b0b-8f44-5287698aff3c/1/dLCDZQKVGJ8AmqdMEsvGHuI_p1M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/d531a8-02ae-4b0b-8f44-5287698aff3c/1/dLCDZQKVGJ8AmqdMEsvGHuI_p1M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dLCDZQKVGJ8AmqdMEsvGHuI_p1M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 18:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:69:73:63:f3:0c:42:1d:58:6d:e3:21:f4:1c:3b:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74b083650295189f009aa74c12cbc61ee23fa753
        Validity
            Not Before: Jun  7 22:01:08 2025 GMT
            Not After : Jun  8 22:01:08 2025 GMT
        Subject: CN=1c4062223b1789737fae7acb611f2f64922a171b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:61:a6:41:dd:42:fc:3c:1d:2e:dc:b3:81:53:
                    e8:69:d1:e4:e7:10:a2:29:39:fc:ed:64:9d:a4:3e:
                    f9:2f:c2:dc:b7:35:67:8a:11:f2:a0:a5:82:98:85:
                    c5:82:13:22:55:3e:6b:de:4d:0f:73:71:a2:f3:1d:
                    e0:3f:bf:e8:5e:dd:e8:82:3c:8b:5d:63:67:eb:9c:
                    77:a9:7d:b3:d5:53:da:1c:ed:d0:87:94:ca:cf:97:
                    e5:1a:7f:8b:78:ad:ec:ae:cd:9a:50:68:97:12:ed:
                    c5:05:80:b5:23:1a:ee:17:2c:d4:4e:f6:74:df:56:
                    13:db:54:90:f8:c8:4d:71:c1:ed:bf:34:8c:da:55:
                    d1:40:5e:c6:f8:37:0f:27:38:05:4e:7e:c8:e5:07:
                    f2:a9:c8:e9:12:ed:f9:57:5c:4d:dd:9b:db:c0:e1:
                    a2:73:22:2f:fe:b3:d2:34:2b:1e:62:ac:fd:9a:af:
                    ba:e7:01:8b:33:a4:9e:68:c4:92:d8:76:dc:a4:8e:
                    75:70:20:99:50:36:7c:bc:48:9c:0e:c1:5d:75:16:
                    be:3f:a8:33:7f:40:d4:a1:f6:59:30:28:4e:7f:e7:
                    7a:26:41:f3:b7:af:73:ab:26:7e:e6:e1:00:53:ac:
                    9f:69:ac:f4:19:84:ca:96:34:f9:92:e6:8e:2c:2b:
                    d1:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:40:62:22:3B:17:89:73:7F:AE:7A:CB:61:1F:2F:64:92:2A:17:1B
            X509v3 Authority Key Identifier:
                keyid:74:B0:83:65:02:95:18:9F:00:9A:A7:4C:12:CB:C6:1E:E2:3F:A7:53

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dLCDZQKVGJ8AmqdMEsvGHuI_p1M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/d531a8-02ae-4b0b-8f44-5287698aff3c/1/dLCDZQKVGJ8AmqdMEsvGHuI_p1M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/d531a8-02ae-4b0b-8f44-5287698aff3c/1/dLCDZQKVGJ8AmqdMEsvGHuI_p1M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:5a:d9:f4:c7:74:d9:eb:7e:e2:8a:de:a4:20:2e:53:82:c9:
         97:85:89:fd:6c:dc:2d:fe:24:ff:82:f3:15:57:53:bb:ae:4d:
         e8:04:6b:ed:00:79:15:10:82:3c:8d:c8:66:90:a3:32:69:a7:
         b6:78:e3:af:38:46:94:4d:5a:39:af:d0:7d:94:49:a1:e5:9f:
         46:79:67:bd:ad:94:12:de:b3:c4:6c:85:be:f1:c0:6d:69:65:
         9e:b4:b5:0d:f2:8a:ea:17:0b:73:07:f8:00:1f:0c:d2:13:60:
         9f:03:39:7b:25:09:2e:48:32:4c:31:40:b4:2f:60:f9:29:27:
         87:f2:ce:9f:f7:6f:00:cf:3d:70:e1:86:c1:8d:dc:92:b9:6b:
         de:e9:68:83:26:a6:ac:76:df:28:2f:5d:37:0a:b6:d3:88:df:
         ff:20:7c:80:c4:40:77:78:c2:8c:91:89:9f:ce:6e:9b:39:91:
         a4:51:1e:7e:48:17:db:77:ca:68:c6:4e:d5:62:29:d8:ed:2b:
         7e:5e:4a:0e:be:20:f0:17:b8:65:c0:2d:97:4e:a8:6f:a3:4e:
         eb:45:58:88:4d:98:9a:45:f8:83:77:8c:e8:cc:0c:ad:80:3a:
         a7:8c:da:e4:48:bf:e3:9a:8d:a5:ec:dc:55:ee:10:19:0d:73:
         2f:c4:d9:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdMaXNj8wxCHVht4yH0HDvPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0YjA4MzY1MDI5NTE4OWYwMDlhYTc0YzEyY2JjNjFlZTIz
ZmE3NTMwHhcNMjUwNjA3MjIwMTA4WhcNMjUwNjA4MjIwMTA4WjAzMTEwLwYDVQQD
EygxYzQwNjIyMjNiMTc4OTczN2ZhZTdhY2I2MTFmMmY2NDkyMmExNzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmGmQd1C/DwdLtyzgVPoadHk5xCi
KTn87WSdpD75L8LctzVnihHyoKWCmIXFghMiVT5r3k0Pc3Gi8x3gP7/oXt3ogjyL
XWNn65x3qX2z1VPaHO3Qh5TKz5flGn+LeK3srs2aUGiXEu3FBYC1IxruFyzUTvZ0
31YT21SQ+MhNccHtvzSM2lXRQF7G+DcPJzgFTn7I5QfyqcjpEu35V1xN3ZvbwOGi
cyIv/rPSNCseYqz9mq+65wGLM6SeaMSS2HbcpI51cCCZUDZ8vEicDsFddRa+P6gz
f0DUofZZMChOf+d6JkHzt69zqyZ+5uEAU6yfaaz0GYTKljT5kuaOLCvRhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBxAYiI7F4lzf656y2EfL2SSKhcbMB8GA1UdIwQY
MBaAFHSwg2UClRifAJqnTBLLxh7iP6dTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZExDRFpRS1ZHSjhBbXFkTUVzdkdIdUlfcDFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9kNTMxYTgtMDJhZS00YjBiLThmNDQt
NTI4NzY5OGFmZjNjLzEvZExDRFpRS1ZHSjhBbXFkTUVzdkdIdUlfcDFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9kNTMxYTgtMDJhZS00YjBiLThmNDQtNTI4NzY5OGFmZjNj
LzEvZExDRFpRS1ZHSjhBbXFkTUVzdkdIdUlfcDFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ1rZ9Md0
2et+4orepCAuU4LJl4WJ/WzcLf4k/4LzFVdTu65N6ARr7QB5FRCCPI3IZpCjMmmn
tnjjrzhGlE1aOa/QfZRJoeWfRnlnva2UEt6zxGyFvvHAbWllnrS1DfKK6hcLcwf4
AB8M0hNgnwM5eyUJLkgyTDFAtC9g+Sknh/LOn/dvAM89cOGGwY3ckrlr3ulogyam
rHbfKC9dNwq204jf/yB8gMRAd3jCjJGJn85umzmRpFEefkgX23fKaMZO1WIp2O0r
fl5KDr4g8Be4ZcAtl06ob6NO60VYiE2YmkX4g3eM6MwMrYA6p4za5Ei/45qNpezc
Ve4QGQ1zL8TZng==
-----END CERTIFICATE-----