Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.mft
File:                     Pgq6MPS0BP9N7J_AAWwLvuS2uHc.mft (raw, json)
Hash identifier:          3A/uxvPwElu0eP0NkCWkPnOm2+OyfzLjUeM281zr8Js=
Subject key identifier:   DA:60:AC:06:C0:E5:8B:70:44:20:99:E1:A3:71:A6:F0:37:AB:D5:91
Authority key identifier: 3E:0A:BA:30:F4:B4:04:FF:4D:EC:9F:C0:01:6C:0B:BE:E4:B6:B8:77
Certificate issuer:       /CN=3e0aba30f4b404ff4dec9fc0016c0bbee4b6b877
Certificate serial:       01992255A8C46CFD4764B91F0BFCE012546A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.mft
Manifest number:          04F0
Signing time:             Sun 07 Sep 2025 04:01:03 +0000
Manifest this update:     Sun 07 Sep 2025 04:01:03 +0000
Manifest next update:     Mon 08 Sep 2025 04:01:03 +0000
Files and hashes:         1: Pgq6MPS0BP9N7J_AAWwLvuS2uHc.crl (hash: Db+H0gJQXmBa0g3wK6xxWUcBgHwGdfcnXIhtNQldBzk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 04:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:55:a8:c4:6c:fd:47:64:b9:1f:0b:fc:e0:12:54:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3e0aba30f4b404ff4dec9fc0016c0bbee4b6b877
        Validity
            Not Before: Sep  7 04:01:03 2025 GMT
            Not After : Sep  8 04:01:03 2025 GMT
        Subject: CN=da60ac06c0e58b70442099e1a371a6f037abd591
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:23:05:fa:fe:74:7d:ff:df:38:40:91:71:1f:
                    66:96:84:a7:e3:dc:33:f5:67:2e:0d:11:e9:d1:64:
                    2d:5c:6c:0d:c9:d5:13:0c:ac:c2:5d:be:6a:85:0e:
                    e2:03:57:b7:21:90:50:e9:2f:6d:d3:6c:79:08:90:
                    ab:67:dd:6b:77:84:18:f9:80:63:18:ec:93:9f:93:
                    49:a3:bc:39:09:7e:61:93:5b:bd:1f:8b:b1:45:28:
                    dc:cf:13:d7:b0:cb:23:d3:70:81:e7:ce:11:df:27:
                    86:57:9d:fe:ad:00:39:69:85:2a:db:75:86:c0:f6:
                    55:12:69:0c:fb:bd:0b:26:b2:e3:5d:dd:34:6e:40:
                    17:b3:d4:ac:9f:6b:04:77:89:1e:c3:38:2a:55:32:
                    64:72:7c:7e:50:57:c2:75:ea:66:8c:0b:f8:bd:8f:
                    7b:06:ef:42:12:e5:13:55:25:17:43:4d:ef:bf:89:
                    f9:f5:a8:e7:28:bf:b0:86:51:ab:b1:3f:b6:7a:8c:
                    69:0c:e2:10:16:7a:0d:df:ba:0e:91:20:71:9a:f6:
                    40:75:8c:b6:c3:c6:0b:62:80:7a:72:32:f7:7d:66:
                    56:c1:0f:ee:2f:eb:9c:60:6d:c2:b9:96:2e:68:76:
                    3d:87:5f:fc:c3:f4:1e:c8:97:d4:79:75:52:61:4d:
                    b8:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:60:AC:06:C0:E5:8B:70:44:20:99:E1:A3:71:A6:F0:37:AB:D5:91
            X509v3 Authority Key Identifier:
                keyid:3E:0A:BA:30:F4:B4:04:FF:4D:EC:9F:C0:01:6C:0B:BE:E4:B6:B8:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:eb:0d:a7:d4:5b:53:4a:c3:e7:66:90:0e:3a:cc:98:7c:93:
         7a:66:79:e1:45:5c:d2:47:1d:34:e3:64:e5:19:b1:6a:d7:35:
         79:38:24:18:33:df:87:04:62:05:8d:bf:75:82:21:30:33:ff:
         f7:60:43:bc:00:12:fd:10:ed:00:f8:51:d0:5b:c2:1a:5d:f7:
         6a:ac:58:93:e3:3c:89:b7:01:6b:4e:42:48:9e:15:b7:cf:b3:
         68:dc:7e:23:e0:e5:21:cc:95:48:3d:7c:9b:c0:da:90:23:1f:
         3e:60:ef:eb:3c:47:54:65:8e:51:de:e3:df:9b:22:95:7f:59:
         e5:6a:dd:d3:a5:49:95:64:51:b2:71:39:3a:4e:a2:41:39:1d:
         81:e4:c2:2b:3f:f0:8c:ff:c1:96:07:f9:7b:af:5e:c1:b8:ee:
         a4:f8:e0:7f:b0:85:d3:6f:a9:da:94:61:4d:bd:40:cd:b7:33:
         4f:05:cb:36:4b:76:ec:46:e8:35:fe:c6:a0:79:4a:b6:d6:12:
         40:2b:04:f2:7b:d2:0a:52:99:cb:3f:e2:c8:70:d7:5a:c5:92:
         f1:b2:22:0c:70:67:90:01:d0:3e:d4:59:b0:51:36:4e:98:e7:
         7b:35:04:ec:f3:8b:81:ea:07:d1:7b:8c:f9:dd:91:34:ff:58:
         7b:6c:c0:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVajEbP1HZLkfC/zgElRqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMGFiYTMwZjRiNDA0ZmY0ZGVjOWZjMDAxNmMwYmJlZTRi
NmI4NzcwHhcNMjUwOTA3MDQwMTAzWhcNMjUwOTA4MDQwMTAzWjAzMTEwLwYDVQQD
EyhkYTYwYWMwNmMwZTU4YjcwNDQyMDk5ZTFhMzcxYTZmMDM3YWJkNTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSMF+v50ff/fOECRcR9mloSn49wz
9WcuDRHp0WQtXGwNydUTDKzCXb5qhQ7iA1e3IZBQ6S9t02x5CJCrZ91rd4QY+YBj
GOyTn5NJo7w5CX5hk1u9H4uxRSjczxPXsMsj03CB584R3yeGV53+rQA5aYUq23WG
wPZVEmkM+70LJrLjXd00bkAXs9Ssn2sEd4kewzgqVTJkcnx+UFfCdepmjAv4vY97
Bu9CEuUTVSUXQ03vv4n59ajnKL+whlGrsT+2eoxpDOIQFnoN37oOkSBxmvZAdYy2
w8YLYoB6cjL3fWZWwQ/uL+ucYG3CuZYuaHY9h1/8w/QeyJfUeXVSYU24jQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNpgrAbA5YtwRCCZ4aNxpvA3q9WRMB8GA1UdIwQY
MBaAFD4KujD0tAT/TeyfwAFsC77ktrh3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGdxNk1QUzBCUDlON0pfQUFXd0x2dVMydUhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9kNGU1NTctMDY0MC00OGQzLTg3ZDYt
NTkwMjlhOGI1MzNhLzEvUGdxNk1QUzBCUDlON0pfQUFXd0x2dVMydUhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9kNGU1NTctMDY0MC00OGQzLTg3ZDYtNTkwMjlhOGI1MzNh
LzEvUGdxNk1QUzBCUDlON0pfQUFXd0x2dVMydUhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFOsNp9Rb
U0rD52aQDjrMmHyTemZ54UVc0kcdNONk5Rmxatc1eTgkGDPfhwRiBY2/dYIhMDP/
92BDvAAS/RDtAPhR0FvCGl33aqxYk+M8ibcBa05CSJ4Vt8+zaNx+I+DlIcyVSD18
m8DakCMfPmDv6zxHVGWOUd7j35silX9Z5Wrd06VJlWRRsnE5Ok6iQTkdgeTCKz/w
jP/Blgf5e69ewbjupPjgf7CF02+p2pRhTb1AzbczTwXLNkt27EboNf7GoHlKttYS
QCsE8nvSClKZyz/iyHDXWsWS8bIiDHBnkAHQPtRZsFE2TpjnezUE7POLgeoH0XuM
+d2RNP9Ye2zAlw==
-----END CERTIFICATE-----