Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f10f41-5a15-484d-b95f-df6bda389905/1/PbbHfudmfXoeivbnKly0P5_DSA4.mft
File:                     PbbHfudmfXoeivbnKly0P5_DSA4.mft (raw, json)
Hash identifier:          zs60dj7lJm+mhosv0n6ZIS0Is0ODUmdbnxQui15f4OU=
Subject key identifier:   D7:FA:B3:BB:99:83:A1:5C:FB:8E:06:5A:3F:09:EB:00:5D:90:4D:F3
Authority key identifier: 3D:B6:C7:7E:E7:66:7D:7A:1E:8A:F6:E7:2A:5C:B4:3F:9F:C3:48:0E
Certificate issuer:       /CN=3db6c77ee7667d7a1e8af6e72a5cb43f9fc3480e
Certificate serial:       0197C982398F734C618A0FC4FEA12256690D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PbbHfudmfXoeivbnKly0P5_DSA4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/f10f41-5a15-484d-b95f-df6bda389905/1/PbbHfudmfXoeivbnKly0P5_DSA4.mft
Manifest number:          29
Signing time:             Wed 02 Jul 2025 05:00:44 +0000
Manifest this update:     Wed 02 Jul 2025 05:00:44 +0000
Manifest next update:     Thu 03 Jul 2025 05:00:44 +0000
Files and hashes:         1: PbbHfudmfXoeivbnKly0P5_DSA4.crl (hash: qL0QYNlfgt9+fObJuDA/EetYlvfc1EEdrconjyLZsQw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/f10f41-5a15-484d-b95f-df6bda389905/1/PbbHfudmfXoeivbnKly0P5_DSA4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/f10f41-5a15-484d-b95f-df6bda389905/1/PbbHfudmfXoeivbnKly0P5_DSA4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PbbHfudmfXoeivbnKly0P5_DSA4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 03 Jul 2025 05:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c9:82:39:8f:73:4c:61:8a:0f:c4:fe:a1:22:56:69:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3db6c77ee7667d7a1e8af6e72a5cb43f9fc3480e
        Validity
            Not Before: Jul  2 05:00:44 2025 GMT
            Not After : Jul  3 05:00:44 2025 GMT
        Subject: CN=d7fab3bb9983a15cfb8e065a3f09eb005d904df3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:23:ef:e0:3a:e4:1b:27:2a:07:5e:dd:20:d1:
                    87:0a:6a:4b:31:a0:0f:29:a7:f5:f6:00:1c:78:e2:
                    0a:2d:f2:95:a6:86:dd:f6:fe:f2:21:fb:05:9b:03:
                    e1:09:ce:df:d5:4c:90:58:5c:1a:59:1d:66:f3:ee:
                    f6:24:0f:0d:7b:e8:a6:4d:cb:ee:34:7a:0a:47:0b:
                    07:48:d9:c7:23:1f:91:ba:55:a8:29:0d:83:a2:9b:
                    39:e8:fb:93:bb:31:28:13:9f:95:95:7d:26:2a:1a:
                    7a:03:a9:be:19:20:53:7f:d6:6a:1b:7f:4c:9d:fa:
                    51:4b:7a:4f:98:7a:2f:a5:48:4e:2a:6b:7f:a1:2e:
                    f3:8e:cb:44:cf:82:16:23:42:2d:28:b1:13:44:d1:
                    ff:90:bf:43:2b:dc:0b:79:4c:0d:d8:91:2c:41:b3:
                    1b:37:d9:ea:f3:51:fc:2a:6e:4a:36:70:03:95:f1:
                    05:5d:02:57:8b:a7:b4:cc:54:aa:6a:81:e2:a7:b4:
                    62:d8:e3:b9:67:98:15:a1:15:59:bc:d3:13:a7:3e:
                    a0:1d:c0:6f:9c:b2:10:77:35:0d:5b:0a:a2:e9:09:
                    8f:08:10:5a:21:6f:a5:e3:2a:89:64:5e:4b:b3:31:
                    f1:fd:84:8f:87:ba:bc:d4:32:2a:1b:fd:88:77:f2:
                    32:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:FA:B3:BB:99:83:A1:5C:FB:8E:06:5A:3F:09:EB:00:5D:90:4D:F3
            X509v3 Authority Key Identifier:
                keyid:3D:B6:C7:7E:E7:66:7D:7A:1E:8A:F6:E7:2A:5C:B4:3F:9F:C3:48:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PbbHfudmfXoeivbnKly0P5_DSA4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f10f41-5a15-484d-b95f-df6bda389905/1/PbbHfudmfXoeivbnKly0P5_DSA4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f10f41-5a15-484d-b95f-df6bda389905/1/PbbHfudmfXoeivbnKly0P5_DSA4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:ed:69:81:87:ae:49:36:c8:ce:53:af:fb:a0:d3:d2:ba:bf:
         8d:ab:13:e5:3f:da:55:22:4a:47:b0:79:a1:f8:e0:4f:a7:9c:
         64:3c:d0:29:61:98:d1:94:a4:84:8d:93:16:01:a0:f6:43:6f:
         c1:3b:f3:f4:69:fc:10:11:66:ec:6b:c6:fe:42:52:17:7a:f8:
         d8:d5:29:5a:33:b4:60:0c:63:a8:42:e3:65:7e:ee:67:02:ee:
         f5:54:f4:26:27:ef:03:75:3c:48:d6:6d:3b:3b:88:d8:65:f1:
         d2:fc:54:b3:a6:92:e5:84:3d:3f:df:6c:67:1d:e0:0d:d9:95:
         3c:87:2d:3b:50:bd:1a:e8:95:f4:af:f3:48:87:74:cf:7d:9a:
         1a:cb:25:87:29:65:d9:0d:3d:b6:84:ab:35:6b:a1:3f:5a:94:
         71:9b:ac:f7:4a:f4:4f:19:56:13:45:d0:07:c4:31:1b:ee:8e:
         5a:63:39:40:b0:23:c8:8e:83:bb:e3:c8:0e:4f:82:cc:55:33:
         57:bf:4a:89:e7:8e:e7:67:7a:f7:45:97:36:01:27:41:a4:f4:
         44:ed:ea:b1:5a:f3:58:c8:5b:f5:59:24:a1:4b:5c:be:20:ce:
         0a:42:0e:a0:76:6d:3b:44:f6:65:d8:60:49:61:2d:b7:c0:57:
         49:ed:01:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfJgjmPc0xhig/E/qEiVmkNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkYjZjNzdlZTc2NjdkN2ExZThhZjZlNzJhNWNiNDNmOWZj
MzQ4MGUwHhcNMjUwNzAyMDUwMDQ0WhcNMjUwNzAzMDUwMDQ0WjAzMTEwLwYDVQQD
EyhkN2ZhYjNiYjk5ODNhMTVjZmI4ZTA2NWEzZjA5ZWIwMDVkOTA0ZGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyyPv4DrkGycqB17dINGHCmpLMaAP
Kaf19gAceOIKLfKVpobd9v7yIfsFmwPhCc7f1UyQWFwaWR1m8+72JA8Ne+imTcvu
NHoKRwsHSNnHIx+RulWoKQ2Dops56PuTuzEoE5+VlX0mKhp6A6m+GSBTf9ZqG39M
nfpRS3pPmHovpUhOKmt/oS7zjstEz4IWI0ItKLETRNH/kL9DK9wLeUwN2JEsQbMb
N9nq81H8Km5KNnADlfEFXQJXi6e0zFSqaoHip7Ri2OO5Z5gVoRVZvNMTpz6gHcBv
nLIQdzUNWwqi6QmPCBBaIW+l4yqJZF5LszHx/YSPh7q81DIqG/2Id/Iy/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNf6s7uZg6Fc+44GWj8J6wBdkE3zMB8GA1UdIwQY
MBaAFD22x37nZn16Hor25ypctD+fw0gOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGJiSGZ1ZG1mWG9laXZibktseTBQNV9EU0E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mMTBmNDEtNWExNS00ODRkLWI5NWYt
ZGY2YmRhMzg5OTA1LzEvUGJiSGZ1ZG1mWG9laXZibktseTBQNV9EU0E0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mMTBmNDEtNWExNS00ODRkLWI5NWYtZGY2YmRhMzg5OTA1
LzEvUGJiSGZ1ZG1mWG9laXZibktseTBQNV9EU0E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYO1pgYeu
STbIzlOv+6DT0rq/jasT5T/aVSJKR7B5ofjgT6ecZDzQKWGY0ZSkhI2TFgGg9kNv
wTvz9Gn8EBFm7GvG/kJSF3r42NUpWjO0YAxjqELjZX7uZwLu9VT0JifvA3U8SNZt
OzuI2GXx0vxUs6aS5YQ9P99sZx3gDdmVPIctO1C9GuiV9K/zSId0z32aGsslhyll
2Q09toSrNWuhP1qUcZus90r0TxlWE0XQB8QxG+6OWmM5QLAjyI6Du+PIDk+CzFUz
V79KieeO52d690WXNgEnQaT0RO3qsVrzWMhb9VkkoUtcviDOCkIOoHZtO0T2Zdhg
SWEtt8BXSe0BKQ==
-----END CERTIFICATE-----