Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft
File:                     3ySnzbcPLOjN3aURtEWeA0_375s.mft (raw, json)
Hash identifier:          3SMvt1WSVzOhoyaDCbszkivIwitquTKZn8uqBjwmTTc=
Subject key identifier:   D2:5F:6A:A9:63:85:F9:DC:A6:00:1A:FC:A3:47:FF:0B:F1:A0:76:54
Authority key identifier: DF:24:A7:CD:B7:0F:2C:E8:CD:DD:A5:11:B4:45:9E:03:4F:F7:EF:9B
Certificate issuer:       /CN=df24a7cdb70f2ce8cddda511b4459e034ff7ef9b
Certificate serial:       019750B43E92FEF9A2F816FA5937F88FED47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3ySnzbcPLOjN3aURtEWeA0_375s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft
Manifest number:          0D2B
Signing time:             Sun 08 Jun 2025 18:01:19 +0000
Manifest this update:     Sun 08 Jun 2025 18:01:19 +0000
Manifest next update:     Mon 09 Jun 2025 18:01:19 +0000
Files and hashes:         1: 3ySnzbcPLOjN3aURtEWeA0_375s.crl (hash: sJn9qQGJm82y75EBR5fIF0UW3vWVULNB1eHYx+noE0s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3ySnzbcPLOjN3aURtEWeA0_375s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 17:19:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:50:b4:3e:92:fe:f9:a2:f8:16:fa:59:37:f8:8f:ed:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df24a7cdb70f2ce8cddda511b4459e034ff7ef9b
        Validity
            Not Before: Jun  8 18:01:19 2025 GMT
            Not After : Jun  9 18:01:19 2025 GMT
        Subject: CN=d25f6aa96385f9dca6001afca347ff0bf1a07654
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:1c:c6:03:89:af:e4:b4:9a:64:9a:90:9e:29:
                    be:18:bb:31:4a:de:39:1e:fc:1d:1c:f6:1d:f3:92:
                    62:9d:5d:56:df:fe:fe:8c:6b:ec:e0:c3:33:fb:d7:
                    3c:42:92:c4:5f:cc:3b:25:7a:4e:4d:c7:56:c7:1c:
                    1c:32:94:1d:63:5c:25:7b:2c:57:d0:a7:43:ce:45:
                    23:3a:5b:3d:71:8a:45:9e:d8:2a:12:08:b6:57:75:
                    0e:a6:2a:cd:7b:99:22:1f:b2:ae:b1:3e:bc:da:6f:
                    c6:35:b7:4c:20:c5:b3:9f:2b:90:d5:4f:42:28:dd:
                    4e:a4:ba:69:3f:8a:78:51:24:55:c5:ba:4c:70:b4:
                    0f:2d:5a:88:e8:e7:f7:a6:b2:49:cf:cd:bd:49:f2:
                    40:7c:5b:f8:7d:10:2d:40:e6:ca:a7:8f:98:52:52:
                    98:26:62:7a:7e:c8:20:5b:66:74:13:cf:e1:21:22:
                    11:3b:5e:52:8d:2a:f6:e1:57:49:40:4a:71:e3:1a:
                    cc:98:41:39:5d:18:d3:a9:8f:e7:73:2d:f2:35:98:
                    f8:2c:17:8f:ec:9b:5c:18:31:1c:f1:0d:5c:7d:ac:
                    e9:8d:d4:ab:9f:67:d7:79:1d:fa:59:2c:d0:da:4a:
                    97:45:df:37:d4:08:3b:f8:68:44:33:ee:7b:2a:76:
                    8a:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:5F:6A:A9:63:85:F9:DC:A6:00:1A:FC:A3:47:FF:0B:F1:A0:76:54
            X509v3 Authority Key Identifier:
                keyid:DF:24:A7:CD:B7:0F:2C:E8:CD:DD:A5:11:B4:45:9E:03:4F:F7:EF:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ySnzbcPLOjN3aURtEWeA0_375s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:6a:bd:30:75:fa:1d:2a:c5:e0:3e:bb:9e:77:d7:07:f4:db:
         31:3c:b8:1b:4f:91:01:15:21:6a:65:28:cd:68:bf:2d:39:46:
         8f:85:52:06:a4:4a:3a:5e:70:1e:94:47:8c:31:8d:33:5b:4c:
         26:cb:10:b3:e3:66:a2:c0:f9:8f:4d:00:f9:8e:48:56:73:a6:
         5b:6b:61:83:33:f9:82:bb:5a:73:1e:96:07:13:b9:33:af:b2:
         65:7d:55:4d:fe:b0:1c:bd:9a:db:5f:08:e2:c0:d1:af:49:3b:
         fe:fa:4e:e8:c2:d6:04:32:1f:5e:c5:93:b2:bc:43:48:a4:1f:
         4e:f5:a1:e9:15:a6:05:3f:39:7b:29:d7:b0:5f:1e:b6:f1:02:
         a7:6a:4b:ae:06:63:34:7c:fb:92:f2:57:80:98:b9:b7:e8:1d:
         9a:bb:4d:5b:33:c8:d9:f1:92:88:cd:a8:fd:8d:bd:c5:c2:06:
         23:8d:ca:b3:8f:22:a6:93:45:d1:30:74:ba:3b:b1:41:e2:68:
         b7:a2:a8:f6:fd:07:93:08:eb:39:f5:2c:6f:af:ef:53:cd:19:
         f7:5b:d1:97:d0:a3:1d:7d:ae:fd:0a:ac:61:a6:e2:db:9b:a4:
         91:2a:98:a2:43:4d:1a:3f:a6:f3:66:71:55:e7:03:4a:28:00:
         10:7b:73:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdQtD6S/vmi+Bb6WTf4j+1HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmMjRhN2NkYjcwZjJjZThjZGRkYTUxMWI0NDU5ZTAzNGZm
N2VmOWIwHhcNMjUwNjA4MTgwMTE5WhcNMjUwNjA5MTgwMTE5WjAzMTEwLwYDVQQD
EyhkMjVmNmFhOTYzODVmOWRjYTYwMDFhZmNhMzQ3ZmYwYmYxYTA3NjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6xzGA4mv5LSaZJqQnim+GLsxSt45
HvwdHPYd85JinV1W3/7+jGvs4MMz+9c8QpLEX8w7JXpOTcdWxxwcMpQdY1wleyxX
0KdDzkUjOls9cYpFntgqEgi2V3UOpirNe5kiH7KusT682m/GNbdMIMWznyuQ1U9C
KN1OpLppP4p4USRVxbpMcLQPLVqI6Of3prJJz829SfJAfFv4fRAtQObKp4+YUlKY
JmJ6fsggW2Z0E8/hISIRO15SjSr24VdJQEpx4xrMmEE5XRjTqY/ncy3yNZj4LBeP
7JtcGDEc8Q1cfazpjdSrn2fXeR36WSzQ2kqXRd831Ag7+GhEM+57KnaKYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNJfaqljhfncpgAa/KNH/wvxoHZUMB8GA1UdIwQY
MBaAFN8kp823Dyzozd2lEbRFngNP9++bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3lTbnpiY1BMT2pOM2FVUnRFV2VBMF8zNzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi83NTcwZjgtYzJhOC00ZGQ0LTllZjIt
ZjY5ZDczOTc0NThlLzEvM3lTbnpiY1BMT2pOM2FVUnRFV2VBMF8zNzVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi83NTcwZjgtYzJhOC00ZGQ0LTllZjItZjY5ZDczOTc0NThl
LzEvM3lTbnpiY1BMT2pOM2FVUnRFV2VBMF8zNzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOmq9MHX6
HSrF4D67nnfXB/TbMTy4G0+RARUhamUozWi/LTlGj4VSBqRKOl5wHpRHjDGNM1tM
JssQs+NmosD5j00A+Y5IVnOmW2thgzP5grtacx6WBxO5M6+yZX1VTf6wHL2a218I
4sDRr0k7/vpO6MLWBDIfXsWTsrxDSKQfTvWh6RWmBT85eynXsF8etvECp2pLrgZj
NHz7kvJXgJi5t+gdmrtNWzPI2fGSiM2o/Y29xcIGI43Ks48ippNF0TB0ujuxQeJo
t6Ko9v0HkwjrOfUsb6/vU80Z91vRl9CjHX2u/QqsYabi25ukkSqYokNNGj+m82Zx
VecDSigAEHtzqA==
-----END CERTIFICATE-----