Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/3645b2-af2e-4c0d-9812-69eec5b4b505/1/PuzUyqmjpXcV49XWa8zXGFr-QNo.mft
File:                     PuzUyqmjpXcV49XWa8zXGFr-QNo.mft (raw, json)
Hash identifier:          ccVbxWjtmkaZbyLwcH7Acauz6W+5R2jf+6Zl92zXxSw=
Subject key identifier:   34:D0:AE:91:C4:48:B3:92:24:77:DC:0D:C9:1A:43:7D:3F:47:01:DE
Authority key identifier: 3E:EC:D4:CA:A9:A3:A5:77:15:E3:D5:D6:6B:CC:D7:18:5A:FE:40:DA
Certificate issuer:       /CN=3eecd4caa9a3a57715e3d5d66bccd7185afe40da
Certificate serial:       019754237FEF60439633710C8780614FBC61
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PuzUyqmjpXcV49XWa8zXGFr-QNo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/3645b2-af2e-4c0d-9812-69eec5b4b505/1/PuzUyqmjpXcV49XWa8zXGFr-QNo.mft
Manifest number:          158B
Signing time:             Mon 09 Jun 2025 10:01:41 +0000
Manifest this update:     Mon 09 Jun 2025 10:01:41 +0000
Manifest next update:     Tue 10 Jun 2025 10:01:41 +0000
Files and hashes:         1: GTSqn8ohuN-MHhN18mr9Itlt7ao.roa (hash: lFLyLMK3dWhD600oT7fgmI5ccuGsQ2tgFOCCKMH2dCM=)
                          2: PuzUyqmjpXcV49XWa8zXGFr-QNo.crl (hash: J03xPyigDE62433Wqf9OatiQk74xY6ZyIStEhJZd4sU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/73/3645b2-af2e-4c0d-9812-69eec5b4b505/1/PuzUyqmjpXcV49XWa8zXGFr-QNo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/73/3645b2-af2e-4c0d-9812-69eec5b4b505/1/PuzUyqmjpXcV49XWa8zXGFr-QNo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PuzUyqmjpXcV49XWa8zXGFr-QNo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 06:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:54:23:7f:ef:60:43:96:33:71:0c:87:80:61:4f:bc:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3eecd4caa9a3a57715e3d5d66bccd7185afe40da
        Validity
            Not Before: Jun  9 10:01:41 2025 GMT
            Not After : Jun 10 10:01:41 2025 GMT
        Subject: CN=34d0ae91c448b3922477dc0dc91a437d3f4701de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:84:07:0d:56:cb:e1:45:d7:88:e2:68:fb:ea:
                    42:5b:17:24:22:6c:b2:8c:57:7b:d8:4a:b9:10:53:
                    6c:6d:16:f6:15:99:74:38:6f:f9:19:12:d7:61:98:
                    9e:47:41:9a:88:f3:58:55:13:90:8d:3e:17:a3:db:
                    ba:02:1d:d3:4d:1f:63:ea:aa:a3:8d:b9:b7:4d:7d:
                    ba:9f:2d:61:8d:57:d9:01:4d:d9:84:de:cf:e9:34:
                    37:ae:75:bc:c9:d5:37:57:0b:ab:c6:ab:a6:1c:de:
                    c9:57:02:30:5b:e8:9e:af:c5:0f:5c:59:e5:7f:88:
                    7f:b9:1d:a7:97:b9:39:0e:58:a2:30:d1:c7:b3:8f:
                    ae:92:b8:9a:b4:d4:09:7a:7d:cb:bf:d9:22:65:88:
                    26:ac:87:49:cb:14:de:35:77:5d:05:8d:b3:4d:6e:
                    8f:4f:9e:12:5a:af:53:b9:6b:43:96:6a:71:6a:38:
                    79:fe:4f:1e:7c:73:d4:38:a1:05:f0:04:71:cf:11:
                    02:cf:ac:f7:2e:1b:08:ec:30:bf:7a:53:b8:75:a1:
                    4c:b0:ea:e0:bc:6f:06:f3:fe:cd:c8:f7:e4:ba:ee:
                    53:6a:9e:e4:4e:76:8e:ae:25:a9:5f:bc:dd:ce:aa:
                    87:e2:7a:49:f1:bf:a3:ef:63:f0:83:0b:21:64:ea:
                    e7:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:D0:AE:91:C4:48:B3:92:24:77:DC:0D:C9:1A:43:7D:3F:47:01:DE
            X509v3 Authority Key Identifier:
                keyid:3E:EC:D4:CA:A9:A3:A5:77:15:E3:D5:D6:6B:CC:D7:18:5A:FE:40:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PuzUyqmjpXcV49XWa8zXGFr-QNo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/3645b2-af2e-4c0d-9812-69eec5b4b505/1/PuzUyqmjpXcV49XWa8zXGFr-QNo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/3645b2-af2e-4c0d-9812-69eec5b4b505/1/PuzUyqmjpXcV49XWa8zXGFr-QNo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:0e:5e:f4:37:67:f3:bd:22:22:d7:0a:01:db:7f:a0:0a:db:
         83:85:3c:ce:ac:0c:01:f2:c7:b9:3b:6a:07:38:cf:1a:49:c9:
         87:0b:d5:a2:8b:1f:15:f3:33:ff:be:36:e5:7a:49:ad:9f:fc:
         8f:45:df:07:6e:3a:09:6f:1b:6c:b3:44:be:93:12:0d:ea:fe:
         ef:a0:56:5c:c8:12:25:9b:56:58:14:fe:8f:97:c2:6c:c4:1a:
         b8:6b:89:92:ad:95:ef:35:c5:16:e1:3c:c1:21:7c:f7:9c:1e:
         e1:e6:2d:f4:99:46:5c:f5:90:2e:5a:02:9f:50:82:8f:d1:55:
         62:56:1d:d4:64:8d:44:19:e5:e9:67:b7:1e:f8:5d:b3:90:aa:
         ba:e2:2d:06:e7:25:31:06:23:b7:af:a6:53:a4:88:5a:76:fe:
         4f:9f:47:a4:71:5e:6e:75:6b:94:51:6f:36:cb:54:ae:0b:a9:
         11:c2:dc:08:da:84:b5:ec:82:2e:7d:bd:d5:ab:3d:61:5d:02:
         36:7c:16:6d:33:09:ea:7c:d1:ff:b4:83:b5:a7:0f:96:c2:c9:
         d5:bf:2a:97:69:cf:60:b6:78:bd:94:53:70:0a:2f:05:37:23:
         21:58:6a:ec:01:ff:89:4b:ab:fb:7a:fd:f7:05:f3:58:3e:3b:
         7b:54:4c:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdUI3/vYEOWM3EMh4BhT7xhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZWNkNGNhYTlhM2E1NzcxNWUzZDVkNjZiY2NkNzE4NWFm
ZTQwZGEwHhcNMjUwNjA5MTAwMTQxWhcNMjUwNjEwMTAwMTQxWjAzMTEwLwYDVQQD
EygzNGQwYWU5MWM0NDhiMzkyMjQ3N2RjMGRjOTFhNDM3ZDNmNDcwMWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA04QHDVbL4UXXiOJo++pCWxckImyy
jFd72Eq5EFNsbRb2FZl0OG/5GRLXYZieR0GaiPNYVROQjT4Xo9u6Ah3TTR9j6qqj
jbm3TX26ny1hjVfZAU3ZhN7P6TQ3rnW8ydU3VwurxqumHN7JVwIwW+ier8UPXFnl
f4h/uR2nl7k5DliiMNHHs4+ukriatNQJen3Lv9kiZYgmrIdJyxTeNXddBY2zTW6P
T54SWq9TuWtDlmpxajh5/k8efHPUOKEF8ARxzxECz6z3LhsI7DC/elO4daFMsOrg
vG8G8/7NyPfkuu5Tap7kTnaOriWpX7zdzqqH4npJ8b+j72PwgwshZOrnEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDTQrpHESLOSJHfcDckaQ30/RwHeMB8GA1UdIwQY
MBaAFD7s1Mqpo6V3FePV1mvM1xha/kDaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHV6VXlxbWpwWGNWNDlYV2E4elhHRnItUU5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8zNjQ1YjItYWYyZS00YzBkLTk4MTIt
NjllZWM1YjRiNTA1LzEvUHV6VXlxbWpwWGNWNDlYV2E4elhHRnItUU5vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My8zNjQ1YjItYWYyZS00YzBkLTk4MTItNjllZWM1YjRiNTA1
LzEvUHV6VXlxbWpwWGNWNDlYV2E4elhHRnItUU5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWg5e9Ddn
870iItcKAdt/oArbg4U8zqwMAfLHuTtqBzjPGknJhwvVoosfFfMz/7425XpJrZ/8
j0XfB246CW8bbLNEvpMSDer+76BWXMgSJZtWWBT+j5fCbMQauGuJkq2V7zXFFuE8
wSF895we4eYt9JlGXPWQLloCn1CCj9FVYlYd1GSNRBnl6We3Hvhds5CquuItBucl
MQYjt6+mU6SIWnb+T59HpHFebnVrlFFvNstUrgupEcLcCNqEteyCLn291as9YV0C
NnwWbTMJ6nzR/7SDtacPlsLJ1b8ql2nPYLZ4vZRTcAovBTcjIVhq7AH/iUur+3r9
9wXzWD47e1RMYA==
-----END CERTIFICATE-----
Generated at Mon Jun 9 13:34:38 2025 by rpki-client