Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft
File:                     3k_14NZGWzwsc6LG4Q5WovpzFic.mft (raw, json)
Hash identifier:          sdOa5rrNeInUrE841sZ3Ng1xNhFJbPvuB+ehoauWfVw=
Subject key identifier:   8C:30:3C:B4:6E:7B:59:76:2D:7C:C5:A8:A7:CF:B4:DC:4C:56:8D:A1
Authority key identifier: DE:4F:F5:E0:D6:46:5B:3C:2C:73:A2:C6:E1:0E:56:A2:FA:73:16:27
Certificate issuer:       /CN=de4ff5e0d6465b3c2c73a2c6e10e56a2fa731627
Certificate serial:       01975F146442BFD28157D8A74025E3933F04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3k_14NZGWzwsc6LG4Q5WovpzFic.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft
Manifest number:          0D20
Signing time:             Wed 11 Jun 2025 13:01:01 +0000
Manifest this update:     Wed 11 Jun 2025 13:01:01 +0000
Manifest next update:     Thu 12 Jun 2025 13:01:01 +0000
Files and hashes:         1: 3k_14NZGWzwsc6LG4Q5WovpzFic.crl (hash: LNk+k8EdnRmp2Mki+nRP4Vw96EKtkayrgmjouuIhyCg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3k_14NZGWzwsc6LG4Q5WovpzFic.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 13:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5f:14:64:42:bf:d2:81:57:d8:a7:40:25:e3:93:3f:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de4ff5e0d6465b3c2c73a2c6e10e56a2fa731627
        Validity
            Not Before: Jun 11 13:01:01 2025 GMT
            Not After : Jun 12 13:01:01 2025 GMT
        Subject: CN=8c303cb46e7b59762d7cc5a8a7cfb4dc4c568da1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:15:8e:55:11:b5:23:09:15:c4:bd:e9:15:45:
                    19:ba:40:70:dd:a0:18:4a:20:7b:3e:ec:3e:e2:a9:
                    d5:31:87:2a:f5:6c:1b:02:a6:5c:14:08:06:44:7c:
                    b6:4d:e0:e8:ad:77:0f:4b:af:8b:98:f9:13:46:67:
                    ee:3d:7e:ac:60:22:d7:1f:c6:5b:f0:84:c4:c6:f5:
                    36:cc:97:5b:10:18:35:ec:fc:c6:59:46:04:6d:6a:
                    c6:30:5a:27:d4:60:e5:8a:6f:4b:1d:44:3b:5e:b2:
                    f1:03:52:56:9a:14:80:3b:30:bd:33:a5:da:50:12:
                    bb:a9:17:02:bc:88:87:ab:13:5c:21:bf:7d:3b:a5:
                    d9:36:2e:13:24:d5:ef:12:c7:f3:6c:cb:8a:b7:18:
                    7b:f4:4c:89:bb:95:5b:41:db:b4:6d:db:ae:51:b7:
                    6c:65:9a:c0:f5:33:f1:08:03:a6:43:bd:8b:6e:ff:
                    c8:a4:9f:6f:ac:14:5a:24:d8:6c:12:44:f1:8b:30:
                    43:b2:73:a4:fe:a1:16:d0:a8:88:24:ec:d2:d7:3a:
                    c7:cc:cd:e4:d9:06:c1:c7:b0:2b:80:3d:46:a2:a1:
                    6e:4f:f4:b9:27:c8:c8:b6:b7:e4:d4:a0:f9:c5:bf:
                    7b:f1:d2:fb:7e:26:96:5b:67:7e:89:57:3d:01:a3:
                    8f:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:30:3C:B4:6E:7B:59:76:2D:7C:C5:A8:A7:CF:B4:DC:4C:56:8D:A1
            X509v3 Authority Key Identifier:
                keyid:DE:4F:F5:E0:D6:46:5B:3C:2C:73:A2:C6:E1:0E:56:A2:FA:73:16:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3k_14NZGWzwsc6LG4Q5WovpzFic.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:23:b4:5d:10:05:ff:d3:31:8e:49:95:3b:96:0c:e9:4a:b8:
         7f:4a:86:8c:f5:b1:97:51:32:e3:05:52:e2:99:14:8e:d3:2f:
         7d:6c:78:c7:b1:e7:7f:d2:4e:95:b0:a4:40:6d:97:44:35:e9:
         1d:16:03:22:60:2d:0b:67:66:b6:13:79:76:d9:95:63:fe:a0:
         21:93:26:85:28:9a:20:27:1f:ef:63:48:01:89:3a:83:b9:d0:
         42:81:31:b4:a7:92:8f:f9:88:7c:d2:3c:9f:21:f2:db:56:98:
         f7:2c:e3:2e:e3:a5:a4:19:5c:62:2f:ec:a5:2e:e2:d0:ab:ad:
         61:2e:dd:eb:37:95:ff:e6:cc:56:b5:63:55:52:94:9a:19:a5:
         e4:2a:08:aa:c6:16:50:a1:a8:7e:d5:17:d5:f8:01:52:3e:de:
         db:c6:77:cf:52:a9:5a:c2:cb:3a:51:38:7d:17:ee:7b:ea:cb:
         39:75:7e:b2:bc:c6:38:5f:1c:bd:45:ca:68:07:18:15:39:d0:
         87:35:ef:e6:0f:28:11:d6:4a:a7:ad:23:38:ca:91:a8:e8:0c:
         98:71:33:ee:94:77:59:c9:c9:df:a9:1f:d5:71:d6:fa:ab:56:
         e7:ed:dc:7c:1e:17:95:71:29:f5:76:53:5a:2a:64:3b:96:26:
         0b:29:73:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdfFGRCv9KBV9inQCXjkz8EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNGZmNWUwZDY0NjViM2MyYzczYTJjNmUxMGU1NmEyZmE3
MzE2MjcwHhcNMjUwNjExMTMwMTAxWhcNMjUwNjEyMTMwMTAxWjAzMTEwLwYDVQQD
Eyg4YzMwM2NiNDZlN2I1OTc2MmQ3Y2M1YThhN2NmYjRkYzRjNTY4ZGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshWOVRG1IwkVxL3pFUUZukBw3aAY
SiB7Puw+4qnVMYcq9WwbAqZcFAgGRHy2TeDorXcPS6+LmPkTRmfuPX6sYCLXH8Zb
8ITExvU2zJdbEBg17PzGWUYEbWrGMFon1GDlim9LHUQ7XrLxA1JWmhSAOzC9M6Xa
UBK7qRcCvIiHqxNcIb99O6XZNi4TJNXvEsfzbMuKtxh79EyJu5VbQdu0bduuUbds
ZZrA9TPxCAOmQ72Lbv/IpJ9vrBRaJNhsEkTxizBDsnOk/qEW0KiIJOzS1zrHzM3k
2QbBx7ArgD1GoqFuT/S5J8jItrfk1KD5xb978dL7fiaWW2d+iVc9AaOPpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIwwPLRue1l2LXzFqKfPtNxMVo2hMB8GA1UdIwQY
MBaAFN5P9eDWRls8LHOixuEOVqL6cxYnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2tfMTROWkdXendzYzZMRzRRNVdvdnB6RmljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9kNmE2NDgtMjI4Ni00MjlmLTk4ZmEt
ODg0ZTgxYTE3ODZhLzEvM2tfMTROWkdXendzYzZMRzRRNVdvdnB6RmljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9kNmE2NDgtMjI4Ni00MjlmLTk4ZmEtODg0ZTgxYTE3ODZh
LzEvM2tfMTROWkdXendzYzZMRzRRNVdvdnB6RmljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANCO0XRAF
/9MxjkmVO5YM6Uq4f0qGjPWxl1Ey4wVS4pkUjtMvfWx4x7Hnf9JOlbCkQG2XRDXp
HRYDImAtC2dmthN5dtmVY/6gIZMmhSiaICcf72NIAYk6g7nQQoExtKeSj/mIfNI8
nyHy21aY9yzjLuOlpBlcYi/spS7i0KutYS7d6zeV/+bMVrVjVVKUmhml5CoIqsYW
UKGoftUX1fgBUj7e28Z3z1KpWsLLOlE4fRfue+rLOXV+srzGOF8cvUXKaAcYFTnQ
hzXv5g8oEdZKp60jOMqRqOgMmHEz7pR3WcnJ36kf1XHW+qtW5+3cfB4XlXEp9XZT
WipkO5YmCylzWg==
-----END CERTIFICATE-----
Generated at Wed Jun 11 23:11:12 2025 by rpki-client