Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/efa3f1-7671-4ce3-9fe1-a86df983a74c/1/3bewAZ4Z8RL00rz9bqEtkIH8WH4.mft
File:                     3bewAZ4Z8RL00rz9bqEtkIH8WH4.mft (raw, json)
Hash identifier:          GolIJLd1hLeM3v38VGETw772nK+w2d7yBiJ1M+w3PVU=
Subject key identifier:   33:47:CD:20:8A:7D:95:DC:A6:5D:01:41:AD:25:A6:01:22:A5:C9:8C
Authority key identifier: DD:B7:B0:01:9E:19:F1:12:F4:D2:BC:FD:6E:A1:2D:90:81:FC:58:7E
Certificate issuer:       /CN=ddb7b0019e19f112f4d2bcfd6ea12d9081fc587e
Certificate serial:       019750B44EEB02D814DD311BBE6CCD39ADE7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3bewAZ4Z8RL00rz9bqEtkIH8WH4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/76/efa3f1-7671-4ce3-9fe1-a86df983a74c/1/3bewAZ4Z8RL00rz9bqEtkIH8WH4.mft
Manifest number:          157B
Signing time:             Sun 08 Jun 2025 18:01:23 +0000
Manifest this update:     Sun 08 Jun 2025 18:01:23 +0000
Manifest next update:     Mon 09 Jun 2025 18:01:23 +0000
Files and hashes:         1: 3bewAZ4Z8RL00rz9bqEtkIH8WH4.crl (hash: t3yNoFSmxTj2aALDjSnSIWLqL7raqUQJ9WlSZ4+1UuE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/76/efa3f1-7671-4ce3-9fe1-a86df983a74c/1/3bewAZ4Z8RL00rz9bqEtkIH8WH4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/76/efa3f1-7671-4ce3-9fe1-a86df983a74c/1/3bewAZ4Z8RL00rz9bqEtkIH8WH4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3bewAZ4Z8RL00rz9bqEtkIH8WH4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 12:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:50:b4:4e:eb:02:d8:14:dd:31:1b:be:6c:cd:39:ad:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddb7b0019e19f112f4d2bcfd6ea12d9081fc587e
        Validity
            Not Before: Jun  8 18:01:23 2025 GMT
            Not After : Jun  9 18:01:23 2025 GMT
        Subject: CN=3347cd208a7d95dca65d0141ad25a60122a5c98c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:d7:0a:16:e2:40:b6:4f:ef:55:ac:7c:a9:0c:
                    78:79:a1:fc:0e:c2:42:62:45:93:a3:1a:ce:1f:1d:
                    8a:d4:c6:a9:0a:cd:32:14:ea:18:27:a9:65:11:92:
                    f8:94:71:9a:66:5e:ac:4c:f6:f2:67:c9:58:61:b6:
                    55:f5:14:c6:a0:c6:ec:68:17:37:2b:09:6d:80:34:
                    f4:7d:95:b6:f2:2c:89:29:34:92:4f:15:4e:d8:85:
                    34:f9:ae:6d:ea:fd:b0:be:51:79:19:37:bd:dc:38:
                    a0:c1:85:21:45:48:71:4e:3d:24:c1:ad:2f:c1:88:
                    10:c7:86:a9:8c:16:35:02:c8:ab:e9:d3:8d:c7:39:
                    27:43:26:02:cd:d8:7b:f8:54:82:cd:0a:83:04:3c:
                    f0:b5:da:0d:eb:5f:97:01:05:15:0f:db:38:03:b8:
                    06:82:59:32:74:7b:df:6d:52:35:ff:cd:dd:52:20:
                    b0:06:91:5e:3e:ff:4f:60:ea:16:00:8d:26:32:b8:
                    e0:94:85:88:68:8c:bc:37:4e:c9:7b:b4:f0:68:d7:
                    3c:d9:3e:c1:9f:b1:3c:d7:d0:c1:df:c2:4e:4c:6c:
                    82:5b:fa:52:af:46:25:9e:1c:dc:26:9b:94:dd:ea:
                    7c:96:af:59:93:44:55:77:12:97:0f:d8:eb:40:2c:
                    b5:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:47:CD:20:8A:7D:95:DC:A6:5D:01:41:AD:25:A6:01:22:A5:C9:8C
            X509v3 Authority Key Identifier:
                keyid:DD:B7:B0:01:9E:19:F1:12:F4:D2:BC:FD:6E:A1:2D:90:81:FC:58:7E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3bewAZ4Z8RL00rz9bqEtkIH8WH4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/efa3f1-7671-4ce3-9fe1-a86df983a74c/1/3bewAZ4Z8RL00rz9bqEtkIH8WH4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/76/efa3f1-7671-4ce3-9fe1-a86df983a74c/1/3bewAZ4Z8RL00rz9bqEtkIH8WH4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:6f:6e:19:73:5d:4e:88:6c:31:99:30:96:cb:c5:78:cf:72:
         a9:f9:77:5a:88:2a:59:e3:44:83:fe:28:99:62:47:05:dd:10:
         e9:cb:4e:16:47:a5:6f:51:7e:3d:bf:56:97:6d:79:42:3c:fc:
         30:75:c3:71:be:4e:a6:de:83:74:fd:1e:57:d2:0d:15:10:ec:
         c1:a4:90:75:c1:29:7c:32:d7:5d:b5:19:9f:44:4d:99:5c:4b:
         49:70:2a:68:91:a6:14:c4:91:27:1d:ad:65:fc:c1:a5:aa:e3:
         8e:fe:10:55:20:5c:7f:e9:ee:07:b7:79:e6:51:b1:9e:13:69:
         8a:9e:df:53:5c:3a:83:1e:73:a9:ce:a5:c1:29:79:0c:82:2f:
         5b:2f:b9:bd:f6:b0:d7:7c:b7:d0:a2:c0:97:3e:b3:38:32:da:
         e3:04:3c:b2:ff:47:48:76:66:11:24:31:38:4e:fa:73:d8:9c:
         91:98:06:60:6a:61:79:74:4d:17:8c:a6:41:b5:43:b0:ad:94:
         aa:31:d5:60:a7:d9:4b:fb:c0:aa:cb:4c:9b:cc:2c:7f:3d:35:
         57:9f:69:1b:10:d4:80:25:b2:c9:f7:07:42:fa:7c:42:44:37:
         81:06:3e:3b:fd:40:71:6d:64:4a:2b:9f:54:6c:32:8e:80:0f:
         39:6e:20:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdQtE7rAtgU3TEbvmzNOa3nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkYjdiMDAxOWUxOWYxMTJmNGQyYmNmZDZlYTEyZDkwODFm
YzU4N2UwHhcNMjUwNjA4MTgwMTIzWhcNMjUwNjA5MTgwMTIzWjAzMTEwLwYDVQQD
EygzMzQ3Y2QyMDhhN2Q5NWRjYTY1ZDAxNDFhZDI1YTYwMTIyYTVjOThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz9cKFuJAtk/vVax8qQx4eaH8DsJC
YkWToxrOHx2K1MapCs0yFOoYJ6llEZL4lHGaZl6sTPbyZ8lYYbZV9RTGoMbsaBc3
KwltgDT0fZW28iyJKTSSTxVO2IU0+a5t6v2wvlF5GTe93DigwYUhRUhxTj0kwa0v
wYgQx4apjBY1Asir6dONxzknQyYCzdh7+FSCzQqDBDzwtdoN61+XAQUVD9s4A7gG
glkydHvfbVI1/83dUiCwBpFePv9PYOoWAI0mMrjglIWIaIy8N07Je7TwaNc82T7B
n7E819DB38JOTGyCW/pSr0YlnhzcJpuU3ep8lq9Zk0RVdxKXD9jrQCy1rwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDNHzSCKfZXcpl0BQa0lpgEipcmMMB8GA1UdIwQY
MBaAFN23sAGeGfES9NK8/W6hLZCB/Fh+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2Jld0FaNFo4UkwwMHJ6OWJxRXRrSUg4V0g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni9lZmEzZjEtNzY3MS00Y2UzLTlmZTEt
YTg2ZGY5ODNhNzRjLzEvM2Jld0FaNFo4UkwwMHJ6OWJxRXRrSUg4V0g0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni9lZmEzZjEtNzY3MS00Y2UzLTlmZTEtYTg2ZGY5ODNhNzRj
LzEvM2Jld0FaNFo4UkwwMHJ6OWJxRXRrSUg4V0g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN29uGXNd
TohsMZkwlsvFeM9yqfl3WogqWeNEg/4omWJHBd0Q6ctOFkelb1F+Pb9Wl215Qjz8
MHXDcb5Opt6DdP0eV9INFRDswaSQdcEpfDLXXbUZn0RNmVxLSXAqaJGmFMSRJx2t
ZfzBparjjv4QVSBcf+nuB7d55lGxnhNpip7fU1w6gx5zqc6lwSl5DIIvWy+5vfaw
13y30KLAlz6zODLa4wQ8sv9HSHZmESQxOE76c9ickZgGYGpheXRNF4ymQbVDsK2U
qjHVYKfZS/vAqstMm8wsfz01V59pGxDUgCWyyfcHQvp8QkQ3gQY+O/1AcW1kSiuf
VGwyjoAPOW4gqw==
-----END CERTIFICATE-----