Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/5fb803-4333-4175-90df-aec14ea17ebf/1/PWq-XEiuzr1KI34VPDaE8wYI1EQ.mft
File:                     PWq-XEiuzr1KI34VPDaE8wYI1EQ.mft (raw, json)
Hash identifier:          rdu2n36ThZ/P8O3G0sVzVVRb6gDNFr5lMuXDuF4zFOQ=
Subject key identifier:   B3:F2:D5:4E:60:D0:47:C5:51:D9:7A:6A:08:1C:2D:4A:48:CD:30:5D
Authority key identifier: 3D:6A:BE:5C:48:AE:CE:BD:4A:23:7E:15:3C:36:84:F3:06:08:D4:44
Certificate issuer:       /CN=3d6abe5c48aecebd4a237e153c3684f30608d444
Certificate serial:       0197567F4453F068022ED6F9EAC485B78DDC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PWq-XEiuzr1KI34VPDaE8wYI1EQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/5fb803-4333-4175-90df-aec14ea17ebf/1/PWq-XEiuzr1KI34VPDaE8wYI1EQ.mft
Manifest number:          0388
Signing time:             Mon 09 Jun 2025 21:01:10 +0000
Manifest this update:     Mon 09 Jun 2025 21:01:10 +0000
Manifest next update:     Tue 10 Jun 2025 21:01:10 +0000
Files and hashes:         1: 0-NbRqc8zQ3-jTIYZOwXbybz260.roa (hash: F4aAH1P/CqccbM0rJQ6/jB1mC+tQi8oCbtTD8Uif+I8=)
                          2: PWq-XEiuzr1KI34VPDaE8wYI1EQ.crl (hash: Agvqt0hQijgcthwk6smf+c6vSMnBpIWLIcmcP7haGqk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4d/5fb803-4333-4175-90df-aec14ea17ebf/1/PWq-XEiuzr1KI34VPDaE8wYI1EQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4d/5fb803-4333-4175-90df-aec14ea17ebf/1/PWq-XEiuzr1KI34VPDaE8wYI1EQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PWq-XEiuzr1KI34VPDaE8wYI1EQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:56:7f:44:53:f0:68:02:2e:d6:f9:ea:c4:85:b7:8d:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d6abe5c48aecebd4a237e153c3684f30608d444
        Validity
            Not Before: Jun  9 21:01:10 2025 GMT
            Not After : Jun 10 21:01:10 2025 GMT
        Subject: CN=b3f2d54e60d047c551d97a6a081c2d4a48cd305d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:8d:7c:69:59:ad:5c:34:69:13:1e:40:1d:68:
                    48:67:85:a4:b2:02:46:8e:75:db:f8:c2:a2:09:50:
                    33:5c:33:e7:ad:bf:4a:71:3e:08:26:9f:2a:fc:52:
                    52:11:0e:7b:d3:33:0f:a9:4a:9e:c8:63:a2:03:51:
                    39:f0:18:f6:9b:c4:94:c0:61:16:ac:6b:43:f9:c8:
                    4c:96:65:5f:75:27:2f:57:ec:79:17:9a:3a:cc:90:
                    4b:24:92:a8:50:46:2e:b8:0a:99:c5:92:d2:68:e1:
                    14:ed:fe:be:d3:f8:81:4c:42:ab:c4:82:79:9a:2f:
                    73:ed:9b:7d:9f:0e:b1:91:52:24:80:5c:c4:2e:93:
                    da:9a:e8:e4:9a:f1:3c:7a:c0:5c:54:20:6d:1d:52:
                    c4:3d:cb:e8:76:f2:38:7a:3c:a6:69:31:26:e3:d8:
                    2a:db:3f:10:0f:85:e3:51:11:90:86:a8:27:12:74:
                    ea:98:13:74:1c:fa:b2:36:78:6f:67:ba:87:cd:e6:
                    c4:3b:3f:fb:f7:8d:b2:a1:c8:80:17:f2:a9:79:e1:
                    23:4a:36:7b:18:3b:b1:0f:6a:85:03:61:68:e8:de:
                    04:8d:27:35:85:ba:da:a8:bd:0b:ab:84:40:de:23:
                    59:bf:72:62:8f:17:8e:3b:b0:3b:cf:b5:73:87:d5:
                    d0:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:F2:D5:4E:60:D0:47:C5:51:D9:7A:6A:08:1C:2D:4A:48:CD:30:5D
            X509v3 Authority Key Identifier:
                keyid:3D:6A:BE:5C:48:AE:CE:BD:4A:23:7E:15:3C:36:84:F3:06:08:D4:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PWq-XEiuzr1KI34VPDaE8wYI1EQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/5fb803-4333-4175-90df-aec14ea17ebf/1/PWq-XEiuzr1KI34VPDaE8wYI1EQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/5fb803-4333-4175-90df-aec14ea17ebf/1/PWq-XEiuzr1KI34VPDaE8wYI1EQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:67:17:3c:8f:06:96:46:b7:f6:02:f6:bd:a7:b9:6c:ff:00:
         c8:4c:ce:e9:3e:3a:2d:9a:0f:b6:ff:ac:3d:00:d8:a1:a3:eb:
         03:1e:1b:41:e8:43:b6:5b:9f:41:1f:e9:e2:fe:71:a4:93:58:
         74:cc:e0:be:ef:ac:b8:a0:f6:e1:ba:79:33:a3:c0:31:9a:5c:
         ea:52:b9:86:c8:58:c0:60:f6:11:67:be:e7:56:85:e4:55:9c:
         be:37:2b:8f:d8:f0:66:92:0c:02:2c:15:30:05:9d:d4:1a:a2:
         78:33:b3:cc:4f:e3:d7:3b:23:90:32:45:ae:09:db:08:19:38:
         bf:2d:33:2e:b8:91:a8:c9:df:a2:af:e0:30:34:43:ff:ed:44:
         7e:ae:f4:3e:aa:a7:2a:f0:30:a2:28:6a:14:74:46:57:ff:ba:
         29:6c:05:16:f0:77:a1:4d:a6:6c:67:9b:f3:29:4c:2c:3d:df:
         f9:8e:08:30:f0:3f:70:39:b6:f9:6c:f0:ec:cc:14:f0:13:e1:
         fa:7d:5b:7e:c3:48:34:8d:23:00:e7:d2:69:7c:47:53:d5:77:
         d4:ef:0c:52:be:4a:31:65:48:07:e5:70:3b:9f:79:f3:19:dd:
         87:dd:d9:33:c4:05:d9:b2:6b:2b:36:ee:5a:09:73:5c:be:98:
         d5:47:bd:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdWf0RT8GgCLtb56sSFt43cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkNmFiZTVjNDhhZWNlYmQ0YTIzN2UxNTNjMzY4NGYzMDYw
OGQ0NDQwHhcNMjUwNjA5MjEwMTEwWhcNMjUwNjEwMjEwMTEwWjAzMTEwLwYDVQQD
EyhiM2YyZDU0ZTYwZDA0N2M1NTFkOTdhNmEwODFjMmQ0YTQ4Y2QzMDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtY18aVmtXDRpEx5AHWhIZ4WksgJG
jnXb+MKiCVAzXDPnrb9KcT4IJp8q/FJSEQ570zMPqUqeyGOiA1E58Bj2m8SUwGEW
rGtD+chMlmVfdScvV+x5F5o6zJBLJJKoUEYuuAqZxZLSaOEU7f6+0/iBTEKrxIJ5
mi9z7Zt9nw6xkVIkgFzELpPamujkmvE8esBcVCBtHVLEPcvodvI4ejymaTEm49gq
2z8QD4XjURGQhqgnEnTqmBN0HPqyNnhvZ7qHzebEOz/7942yociAF/KpeeEjSjZ7
GDuxD2qFA2Fo6N4EjSc1hbraqL0Lq4RA3iNZv3JijxeOO7A7z7Vzh9XQQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLPy1U5g0EfFUdl6aggcLUpIzTBdMB8GA1UdIwQY
MBaAFD1qvlxIrs69SiN+FTw2hPMGCNREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFdxLVhFaXV6cjFLSTM0VlBEYUU4d1lJMUVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC81ZmI4MDMtNDMzMy00MTc1LTkwZGYt
YWVjMTRlYTE3ZWJmLzEvUFdxLVhFaXV6cjFLSTM0VlBEYUU4d1lJMUVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC81ZmI4MDMtNDMzMy00MTc1LTkwZGYtYWVjMTRlYTE3ZWJm
LzEvUFdxLVhFaXV6cjFLSTM0VlBEYUU4d1lJMUVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARmcXPI8G
lka39gL2vae5bP8AyEzO6T46LZoPtv+sPQDYoaPrAx4bQehDtlufQR/p4v5xpJNY
dMzgvu+suKD24bp5M6PAMZpc6lK5hshYwGD2EWe+51aF5FWcvjcrj9jwZpIMAiwV
MAWd1BqieDOzzE/j1zsjkDJFrgnbCBk4vy0zLriRqMnfoq/gMDRD/+1Efq70Pqqn
KvAwoihqFHRGV/+6KWwFFvB3oU2mbGeb8ylMLD3f+Y4IMPA/cDm2+Wzw7MwU8BPh
+n1bfsNINI0jAOfSaXxHU9V31O8MUr5KMWVIB+VwO5958xndh93ZM8QF2bJrKzbu
WglzXL6Y1Ue9dw==
-----END CERTIFICATE-----
Generated at Tue Jun 10 01:43:42 2025 by rpki-client