Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft
File:                     vPI0wEREFriFL7NHh4rTdtCBjWQ.mft (raw, json)
Hash identifier:          b0BFQRvvM3o2vLEDZ1BBx86CxR1rdyrDbDbWsgB/elk=
Subject key identifier:   A4:94:49:23:32:5D:35:A1:01:45:C3:41:A3:5A:21:C8:48:2E:A1:94
Authority key identifier: BC:F2:34:C0:44:44:16:B8:85:2F:B3:47:87:8A:D3:76:D0:81:8D:64
Certificate issuer:       /CN=bcf234c0444416b8852fb347878ad376d0818d64
Certificate serial:       019766CDA23D971637C0913BB3A8A5CCE2B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vPI0wEREFriFL7NHh4rTdtCBjWQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft
Manifest number:          0916
Signing time:             Fri 13 Jun 2025 01:00:41 +0000
Manifest this update:     Fri 13 Jun 2025 01:00:41 +0000
Manifest next update:     Sat 14 Jun 2025 01:00:41 +0000
Files and hashes:         1: vPI0wEREFriFL7NHh4rTdtCBjWQ.crl (hash: rGcV9OryvuDaMN9IKbLYWotzA75ieTSuh9wxqvAdMQw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vPI0wEREFriFL7NHh4rTdtCBjWQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 22:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:66:cd:a2:3d:97:16:37:c0:91:3b:b3:a8:a5:cc:e2:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bcf234c0444416b8852fb347878ad376d0818d64
        Validity
            Not Before: Jun 13 01:00:41 2025 GMT
            Not After : Jun 14 01:00:41 2025 GMT
        Subject: CN=a4944923325d35a10145c341a35a21c8482ea194
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:39:b6:58:14:2f:7c:dd:ea:30:af:85:31:e4:
                    12:5c:78:67:b1:ba:82:2e:86:f0:a0:7e:ae:82:23:
                    bc:97:82:c7:69:54:bd:64:cf:0e:84:06:55:1f:bf:
                    86:a5:f5:0e:a1:d3:b5:c6:c5:10:39:60:ab:31:b5:
                    45:24:c0:b3:f6:4e:e7:5d:d6:6a:b9:65:d7:69:b7:
                    f9:d2:63:1f:9f:a2:cf:24:37:e9:0a:45:b9:8c:32:
                    d4:98:e7:11:91:2d:b6:33:4a:95:64:a2:bf:5c:7e:
                    bc:76:be:80:4b:f1:ea:60:33:51:2f:af:11:a3:5a:
                    d8:2e:d5:23:91:26:a8:da:ee:55:0e:e3:18:0e:cb:
                    33:0d:e7:b6:59:e8:53:4b:81:08:20:5d:d2:cd:d4:
                    9d:2d:29:dc:84:0f:da:c4:2c:8c:14:b5:c2:49:02:
                    e7:9d:29:b3:f8:77:ff:d0:22:ee:af:98:40:cd:14:
                    27:a6:89:f1:93:91:74:d2:b4:bd:f1:45:6e:43:31:
                    96:50:4b:a7:0a:45:11:44:20:79:9c:40:75:ce:ba:
                    c4:26:99:e2:63:d1:59:4d:5f:d0:1c:65:27:c7:9f:
                    42:e4:a9:f9:2c:5a:ce:6f:a7:f7:b5:26:8c:59:f3:
                    90:69:87:16:36:1f:8d:36:b5:ff:17:fa:57:e3:a0:
                    75:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:94:49:23:32:5D:35:A1:01:45:C3:41:A3:5A:21:C8:48:2E:A1:94
            X509v3 Authority Key Identifier:
                keyid:BC:F2:34:C0:44:44:16:B8:85:2F:B3:47:87:8A:D3:76:D0:81:8D:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vPI0wEREFriFL7NHh4rTdtCBjWQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:b1:21:50:f4:c6:d3:72:e8:96:4f:1a:13:d2:96:7d:50:99:
         bf:fc:b4:07:90:36:3b:17:e2:ed:5d:ac:bb:11:6b:81:3e:d7:
         9f:19:eb:15:14:32:19:82:47:9c:9a:18:37:10:1f:cf:5b:b8:
         72:7d:91:75:80:b9:c4:e6:f8:fa:af:58:f8:d0:3b:19:fb:ce:
         f0:52:09:70:8b:27:4a:be:9a:8b:d8:52:70:de:da:e4:84:4c:
         47:06:f0:f1:b7:26:a8:9c:e5:5f:20:d0:64:89:dc:b8:84:94:
         0d:1e:de:9d:a3:3d:67:75:29:46:05:c3:cd:f4:cd:1e:88:5a:
         46:f4:2e:db:d3:f1:37:56:18:c8:19:0d:12:22:53:8d:a4:12:
         36:72:e1:43:ef:44:0d:c6:b8:45:9d:f1:7c:37:22:61:db:9c:
         47:04:60:57:ea:1a:96:40:2e:63:16:8c:59:e4:55:58:e9:3d:
         ae:c5:37:d3:c0:cc:3e:d3:52:3e:a9:c0:bb:13:bb:bf:92:3e:
         2d:ed:a7:6c:60:b2:be:0d:7a:af:d7:45:a4:b0:31:d7:eb:d0:
         40:72:4d:23:81:81:7e:cf:78:82:82:41:34:d1:52:f9:08:47:
         1e:e2:be:a9:be:5c:0f:9a:47:96:1d:05:58:bf:3f:d9:82:3c:
         4f:40:84:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdmzaI9lxY3wJE7s6ilzOKxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZjIzNGMwNDQ0NDE2Yjg4NTJmYjM0Nzg3OGFkMzc2ZDA4
MThkNjQwHhcNMjUwNjEzMDEwMDQxWhcNMjUwNjE0MDEwMDQxWjAzMTEwLwYDVQQD
EyhhNDk0NDkyMzMyNWQzNWExMDE0NWMzNDFhMzVhMjFjODQ4MmVhMTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzm2WBQvfN3qMK+FMeQSXHhnsbqC
LobwoH6ugiO8l4LHaVS9ZM8OhAZVH7+GpfUOodO1xsUQOWCrMbVFJMCz9k7nXdZq
uWXXabf50mMfn6LPJDfpCkW5jDLUmOcRkS22M0qVZKK/XH68dr6AS/HqYDNRL68R
o1rYLtUjkSao2u5VDuMYDsszDee2WehTS4EIIF3SzdSdLSnchA/axCyMFLXCSQLn
nSmz+Hf/0CLur5hAzRQnponxk5F00rS98UVuQzGWUEunCkURRCB5nEB1zrrEJpni
Y9FZTV/QHGUnx59C5Kn5LFrOb6f3tSaMWfOQaYcWNh+NNrX/F/pX46B1wQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKSUSSMyXTWhAUXDQaNaIchILqGUMB8GA1UdIwQY
MBaAFLzyNMBERBa4hS+zR4eK03bQgY1kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlBJMHdFUkVGcmlGTDdOSGg0clRkdENCaldRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9iYjdhN2EtMzAzZi00MjM0LTgyYTEt
OWFjYTdiZDhlYzBmLzEvdlBJMHdFUkVGcmlGTDdOSGg0clRkdENCaldRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9iYjdhN2EtMzAzZi00MjM0LTgyYTEtOWFjYTdiZDhlYzBm
LzEvdlBJMHdFUkVGcmlGTDdOSGg0clRkdENCaldRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT7EhUPTG
03Lolk8aE9KWfVCZv/y0B5A2Oxfi7V2suxFrgT7XnxnrFRQyGYJHnJoYNxAfz1u4
cn2RdYC5xOb4+q9Y+NA7GfvO8FIJcIsnSr6ai9hScN7a5IRMRwbw8bcmqJzlXyDQ
ZIncuISUDR7enaM9Z3UpRgXDzfTNHohaRvQu29PxN1YYyBkNEiJTjaQSNnLhQ+9E
Dca4RZ3xfDciYducRwRgV+oalkAuYxaMWeRVWOk9rsU308DMPtNSPqnAuxO7v5I+
Le2nbGCyvg16r9dFpLAx1+vQQHJNI4GBfs94goJBNNFS+QhHHuK+qb5cD5pHlh0F
WL8/2YI8T0CEgQ==
-----END CERTIFICATE-----
Generated at Fri Jun 13 08:02:16 2025 by rpki-client