Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft
File:                     bLdrU2M4PWjlVeUnClkx2DQOGA0.mft (raw, json)
Hash identifier:          9zInsyAZ+HJuQ9CEUxUL+gSnrkckuR9ItzbBj5dKqKE=
Subject key identifier:   CE:1B:09:5F:0E:8B:A6:8C:06:49:C8:86:D5:6C:4D:2D:81:42:BA:F3
Authority key identifier: 6C:B7:6B:53:63:38:3D:68:E5:55:E5:27:0A:59:31:D8:34:0E:18:0D
Certificate issuer:       /CN=6cb76b5363383d68e555e5270a5931d8340e180d
Certificate serial:       01974A7B6AB126E028B9F5F322C37DE3A9AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bLdrU2M4PWjlVeUnClkx2DQOGA0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft
Manifest number:          0D0A
Signing time:             Sat 07 Jun 2025 13:01:31 +0000
Manifest this update:     Sat 07 Jun 2025 13:01:31 +0000
Manifest next update:     Sun 08 Jun 2025 13:01:31 +0000
Files and hashes:         1: bLdrU2M4PWjlVeUnClkx2DQOGA0.crl (hash: TrpAOphM89EBLzstdat1Qx9urUKUQ++nrUfdbX9f9g8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bLdrU2M4PWjlVeUnClkx2DQOGA0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7b:6a:b1:26:e0:28:b9:f5:f3:22:c3:7d:e3:a9:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6cb76b5363383d68e555e5270a5931d8340e180d
        Validity
            Not Before: Jun  7 13:01:31 2025 GMT
            Not After : Jun  8 13:01:31 2025 GMT
        Subject: CN=ce1b095f0e8ba68c0649c886d56c4d2d8142baf3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:7d:66:2b:d6:6c:71:0d:c1:1d:0d:04:5e:e3:
                    d2:08:82:fc:10:26:e3:62:b3:bf:7b:1d:b0:dc:f1:
                    45:86:08:58:90:8e:73:4b:bf:e0:29:1e:53:c7:47:
                    4c:85:26:0b:42:66:62:d0:8c:92:93:c2:a7:20:79:
                    27:69:9c:f7:90:04:71:ee:87:88:3e:38:c4:73:bc:
                    e7:50:64:46:58:a7:cf:5d:6a:f2:7f:43:36:dc:92:
                    73:1a:e2:28:2c:8f:6b:78:b1:2d:07:74:2a:39:c6:
                    ec:01:4c:02:48:21:de:f9:47:af:0d:64:b7:59:fd:
                    e7:75:4e:ec:a9:07:7f:17:3e:d8:4a:c7:b0:a2:86:
                    50:33:ba:0d:f8:12:b4:c8:e5:6a:42:80:e8:36:b0:
                    26:80:c8:c5:2a:f3:2f:54:fb:f5:3b:8d:62:6f:c7:
                    c8:8f:17:c2:9d:75:e6:3e:bf:7c:00:6d:b7:c2:4a:
                    86:8b:cf:a9:01:dc:b0:3a:9a:95:ad:66:55:ab:0f:
                    33:40:70:f3:0f:eb:5f:a1:0e:38:9c:03:58:09:16:
                    f0:02:e3:76:39:b1:88:4e:78:3c:94:5a:d7:69:c0:
                    ec:fa:1a:82:ba:9e:23:9b:65:54:f9:0d:5b:8d:80:
                    eb:0e:09:f5:a4:44:22:b1:ff:57:ad:26:3d:bd:7d:
                    08:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:1B:09:5F:0E:8B:A6:8C:06:49:C8:86:D5:6C:4D:2D:81:42:BA:F3
            X509v3 Authority Key Identifier:
                keyid:6C:B7:6B:53:63:38:3D:68:E5:55:E5:27:0A:59:31:D8:34:0E:18:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bLdrU2M4PWjlVeUnClkx2DQOGA0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:08:8d:9a:9a:1b:3b:e3:4a:51:3c:fa:71:9b:7a:40:c6:25:
         d1:ab:02:14:3c:a9:14:91:ee:9d:1a:21:bb:33:22:eb:94:a3:
         ff:79:22:6f:e4:6a:5d:21:c7:3a:24:36:ab:79:47:7f:a8:11:
         69:27:bc:f0:dd:a0:0e:02:38:a4:ef:bb:80:8f:ac:50:f0:fd:
         6f:fc:18:ec:0b:e5:51:d6:b2:05:f3:47:02:0a:59:53:9b:4d:
         78:33:77:c4:93:61:7b:9d:bb:ca:bb:88:1b:32:32:42:e2:54:
         46:6c:4f:39:a5:90:8a:e1:7b:f8:ef:48:62:11:67:25:42:92:
         7a:5e:0e:f8:f0:54:9c:70:6b:9f:2c:9b:c4:74:0e:93:b2:4c:
         0c:24:a2:8b:fa:64:b1:50:25:40:86:fa:36:7a:86:99:9e:b7:
         40:fc:0a:09:89:c2:ae:0a:ef:04:b0:38:fe:00:b2:01:e4:79:
         e0:d2:70:90:18:33:b7:35:6f:2e:c8:02:00:8f:a4:4e:58:5b:
         42:b4:15:66:f6:86:d2:82:b3:d6:6d:41:52:98:ee:06:3a:7d:
         86:8d:96:12:07:21:11:d3:e1:e0:d8:28:99:3b:db:6a:ef:ad:
         03:38:84:0f:13:1b:c2:56:48:ba:9a:00:53:51:5b:08:5e:f0:
         f3:68:b1:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKe2qxJuAoufXzIsN946mvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYjc2YjUzNjMzODNkNjhlNTU1ZTUyNzBhNTkzMWQ4MzQw
ZTE4MGQwHhcNMjUwNjA3MTMwMTMxWhcNMjUwNjA4MTMwMTMxWjAzMTEwLwYDVQQD
EyhjZTFiMDk1ZjBlOGJhNjhjMDY0OWM4ODZkNTZjNGQyZDgxNDJiYWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0H1mK9ZscQ3BHQ0EXuPSCIL8ECbj
YrO/ex2w3PFFhghYkI5zS7/gKR5Tx0dMhSYLQmZi0IySk8KnIHknaZz3kARx7oeI
PjjEc7znUGRGWKfPXWryf0M23JJzGuIoLI9reLEtB3QqOcbsAUwCSCHe+UevDWS3
Wf3ndU7sqQd/Fz7YSsewooZQM7oN+BK0yOVqQoDoNrAmgMjFKvMvVPv1O41ib8fI
jxfCnXXmPr98AG23wkqGi8+pAdywOpqVrWZVqw8zQHDzD+tfoQ44nANYCRbwAuN2
ObGITng8lFrXacDs+hqCup4jm2VU+Q1bjYDrDgn1pEQisf9XrSY9vX0IIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM4bCV8Oi6aMBknIhtVsTS2BQrrzMB8GA1UdIwQY
MBaAFGy3a1NjOD1o5VXlJwpZMdg0DhgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkxkclUyTTRQV2psVmVVbkNsa3gyRFFPR0EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My82ZGU3MjktOGMyZC00ZTEyLTg3YWEt
Y2I0NTI2ZmIxN2QwLzEvYkxkclUyTTRQV2psVmVVbkNsa3gyRFFPR0EwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My82ZGU3MjktOGMyZC00ZTEyLTg3YWEtY2I0NTI2ZmIxN2Qw
LzEvYkxkclUyTTRQV2psVmVVbkNsa3gyRFFPR0EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANAiNmpob
O+NKUTz6cZt6QMYl0asCFDypFJHunRohuzMi65Sj/3kib+RqXSHHOiQ2q3lHf6gR
aSe88N2gDgI4pO+7gI+sUPD9b/wY7AvlUdayBfNHAgpZU5tNeDN3xJNhe527yruI
GzIyQuJURmxPOaWQiuF7+O9IYhFnJUKSel4O+PBUnHBrnyybxHQOk7JMDCSii/pk
sVAlQIb6NnqGmZ63QPwKCYnCrgrvBLA4/gCyAeR54NJwkBgztzVvLsgCAI+kTlhb
QrQVZvaG0oKz1m1BUpjuBjp9ho2WEgchEdPh4NgomTvbau+tAziEDxMbwlZIupoA
U1FbCF7w82ixPw==
-----END CERTIFICATE-----