Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/6e1f38-6807-4866-a9ed-43bf1c43ec0f/1/uF4L5rcnnN7PeL3WQQX4RD0MDAI.mft
File:                     uF4L5rcnnN7PeL3WQQX4RD0MDAI.mft (raw, json)
Hash identifier:          VlrxYqQNRdiCD6DL2M1orSYNqdIHb4xt7Zl6l1Indjg=
Subject key identifier:   E6:30:12:16:76:D2:62:FF:98:39:CA:6D:F0:FF:70:28:85:2A:60:1F
Authority key identifier: B8:5E:0B:E6:B7:27:9C:DE:CF:78:BD:D6:41:05:F8:44:3D:0C:0C:02
Certificate issuer:       /CN=b85e0be6b7279cdecf78bdd64105f8443d0c0c02
Certificate serial:       01974E57B71339FFBE7318683CE221367301
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uF4L5rcnnN7PeL3WQQX4RD0MDAI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/94/6e1f38-6807-4866-a9ed-43bf1c43ec0f/1/uF4L5rcnnN7PeL3WQQX4RD0MDAI.mft
Manifest number:          0FD0
Signing time:             Sun 08 Jun 2025 07:01:00 +0000
Manifest this update:     Sun 08 Jun 2025 07:01:00 +0000
Manifest next update:     Mon 09 Jun 2025 07:01:00 +0000
Files and hashes:         1: uF4L5rcnnN7PeL3WQQX4RD0MDAI.crl (hash: Gj/Kn+RpRWPTWAQC9qWAAdFMCeg8dZ448CL8LEzC6fw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/94/6e1f38-6807-4866-a9ed-43bf1c43ec0f/1/uF4L5rcnnN7PeL3WQQX4RD0MDAI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/94/6e1f38-6807-4866-a9ed-43bf1c43ec0f/1/uF4L5rcnnN7PeL3WQQX4RD0MDAI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uF4L5rcnnN7PeL3WQQX4RD0MDAI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4e:57:b7:13:39:ff:be:73:18:68:3c:e2:21:36:73:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b85e0be6b7279cdecf78bdd64105f8443d0c0c02
        Validity
            Not Before: Jun  8 07:01:00 2025 GMT
            Not After : Jun  9 07:01:00 2025 GMT
        Subject: CN=e630121676d262ff9839ca6df0ff7028852a601f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:8b:ed:c1:4e:48:e4:de:36:86:3d:e2:09:2a:
                    1d:0e:00:e4:5d:6e:d3:ad:8e:9d:9d:34:cc:f8:50:
                    6c:de:f1:3b:d7:50:a5:d9:10:01:d2:15:ac:01:69:
                    e4:73:51:b3:22:96:87:7a:06:b4:2c:ff:3a:2d:c3:
                    67:5b:89:19:d8:b2:0d:42:08:62:30:33:2b:36:06:
                    dc:4b:a0:5d:47:8b:48:86:19:5c:99:4c:a8:ed:92:
                    af:e1:a6:04:b8:a7:56:f3:e5:b1:c2:17:cd:1d:b8:
                    98:d2:73:f3:fe:c9:b4:f7:53:40:79:97:80:bc:21:
                    46:41:b5:f1:29:a0:51:0e:10:f2:7d:c3:4e:40:af:
                    6e:90:d5:0b:59:13:58:06:dd:eb:b0:6c:43:e0:64:
                    f3:e2:35:e6:e2:b5:e5:00:94:7f:29:3b:5f:a1:18:
                    a3:e1:9f:af:bd:00:0a:58:07:38:70:b3:07:ec:39:
                    92:3d:83:37:a0:ce:b6:d0:c0:84:65:9b:c7:0b:4c:
                    3b:a6:df:4c:fd:0e:64:4f:71:66:8e:17:ce:f5:86:
                    97:5a:96:70:64:06:da:f2:f3:43:b0:d5:9f:d2:35:
                    23:ed:72:82:01:c5:6f:9f:03:ab:3f:67:4d:d6:e6:
                    db:c5:86:4b:4e:ce:ef:d6:94:93:c0:4f:c9:e5:f5:
                    4b:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:30:12:16:76:D2:62:FF:98:39:CA:6D:F0:FF:70:28:85:2A:60:1F
            X509v3 Authority Key Identifier:
                keyid:B8:5E:0B:E6:B7:27:9C:DE:CF:78:BD:D6:41:05:F8:44:3D:0C:0C:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uF4L5rcnnN7PeL3WQQX4RD0MDAI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/6e1f38-6807-4866-a9ed-43bf1c43ec0f/1/uF4L5rcnnN7PeL3WQQX4RD0MDAI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/94/6e1f38-6807-4866-a9ed-43bf1c43ec0f/1/uF4L5rcnnN7PeL3WQQX4RD0MDAI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:c7:c7:f0:9f:d0:79:1b:57:eb:0c:b0:49:61:65:e7:42:61:
         bf:0c:c9:de:a6:5d:2a:89:ca:56:57:95:03:fb:74:e6:df:79:
         dd:a3:e2:d0:f1:bb:23:28:d9:98:e9:78:26:c8:ce:1d:bd:b9:
         64:aa:36:ac:45:eb:eb:3c:72:fd:7c:96:50:a6:9f:42:26:2a:
         82:35:0d:39:e2:dc:ed:ab:09:20:64:e6:4f:eb:19:0b:ce:c9:
         65:8d:d2:53:f8:ba:4f:69:f7:a8:7e:ae:92:12:8a:99:af:a1:
         8b:97:d7:bc:c5:5d:bf:8c:19:b1:eb:91:ff:ee:dc:ef:a7:2d:
         e9:f1:c8:f6:ff:35:d4:ea:f3:ea:fe:0d:5d:ac:4d:2d:a2:7b:
         2f:ae:52:42:c8:7f:e3:ad:ff:2d:ce:f1:bd:3e:df:f6:d7:2c:
         7a:da:25:b8:19:bb:83:ec:fb:0f:54:1d:3c:d3:2d:64:54:ad:
         f5:6a:b8:09:95:d5:47:b9:63:49:4b:50:b7:f0:db:26:97:10:
         d5:13:d1:8c:ad:7a:61:a8:f1:1c:4c:c3:d0:65:bd:e4:f3:97:
         eb:4d:dc:13:54:c6:40:38:d8:6f:b3:b4:5b:20:2b:dc:5c:5b:
         e4:05:d5:41:eb:8e:a3:5b:2c:98:81:ec:94:d5:66:3c:2e:72:
         f2:38:0b:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdOV7cTOf++cxhoPOIhNnMBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4NWUwYmU2YjcyNzljZGVjZjc4YmRkNjQxMDVmODQ0M2Qw
YzBjMDIwHhcNMjUwNjA4MDcwMTAwWhcNMjUwNjA5MDcwMTAwWjAzMTEwLwYDVQQD
EyhlNjMwMTIxNjc2ZDI2MmZmOTgzOWNhNmRmMGZmNzAyODg1MmE2MDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmovtwU5I5N42hj3iCSodDgDkXW7T
rY6dnTTM+FBs3vE711Cl2RAB0hWsAWnkc1GzIpaHega0LP86LcNnW4kZ2LINQghi
MDMrNgbcS6BdR4tIhhlcmUyo7ZKv4aYEuKdW8+WxwhfNHbiY0nPz/sm091NAeZeA
vCFGQbXxKaBRDhDyfcNOQK9ukNULWRNYBt3rsGxD4GTz4jXm4rXlAJR/KTtfoRij
4Z+vvQAKWAc4cLMH7DmSPYM3oM620MCEZZvHC0w7pt9M/Q5kT3FmjhfO9YaXWpZw
ZAba8vNDsNWf0jUj7XKCAcVvnwOrP2dN1ubbxYZLTs7v1pSTwE/J5fVLnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOYwEhZ20mL/mDnKbfD/cCiFKmAfMB8GA1UdIwQY
MBaAFLheC+a3J5zez3i91kEF+EQ9DAwCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUY0TDVyY25uTjdQZUwzV1FRWDRSRDBNREFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC82ZTFmMzgtNjgwNy00ODY2LWE5ZWQt
NDNiZjFjNDNlYzBmLzEvdUY0TDVyY25uTjdQZUwzV1FRWDRSRDBNREFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC82ZTFmMzgtNjgwNy00ODY2LWE5ZWQtNDNiZjFjNDNlYzBm
LzEvdUY0TDVyY25uTjdQZUwzV1FRWDRSRDBNREFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn8fH8J/Q
eRtX6wywSWFl50JhvwzJ3qZdKonKVleVA/t05t953aPi0PG7IyjZmOl4JsjOHb25
ZKo2rEXr6zxy/XyWUKafQiYqgjUNOeLc7asJIGTmT+sZC87JZY3SU/i6T2n3qH6u
khKKma+hi5fXvMVdv4wZseuR/+7c76ct6fHI9v811Orz6v4NXaxNLaJ7L65SQsh/
463/Lc7xvT7f9tcsetoluBm7g+z7D1QdPNMtZFSt9Wq4CZXVR7ljSUtQt/DbJpcQ
1RPRjK16YajxHEzD0GW95POX603cE1TGQDjYb7O0WyAr3Fxb5AXVQeuOo1ssmIHs
lNVmPC5y8jgL6Q==
-----END CERTIFICATE-----