Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft
File:                     3k_14NZGWzwsc6LG4Q5WovpzFic.mft (raw, json)
Hash identifier:          bjZ+WU22pkR9RtSL4eJeleNeqXZahWjIrvsP2Yn+jnc=
Subject key identifier:   C6:EC:67:EF:F4:51:FF:CD:9B:01:0E:50:D5:24:D9:52:3F:93:AB:B3
Authority key identifier: DE:4F:F5:E0:D6:46:5B:3C:2C:73:A2:C6:E1:0E:56:A2:FA:73:16:27
Certificate issuer:       /CN=de4ff5e0d6465b3c2c73a2c6e10e56a2fa731627
Certificate serial:       019762F0B63627A185D55D9773DDBCA19682
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3k_14NZGWzwsc6LG4Q5WovpzFic.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft
Manifest number:          0D22
Signing time:             Thu 12 Jun 2025 07:00:31 +0000
Manifest this update:     Thu 12 Jun 2025 07:00:31 +0000
Manifest next update:     Fri 13 Jun 2025 07:00:31 +0000
Files and hashes:         1: 3k_14NZGWzwsc6LG4Q5WovpzFic.crl (hash: +zjSebifDUHndeESGQF9b7zjjDF5/oQp0jF+WnwsNCQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3k_14NZGWzwsc6LG4Q5WovpzFic.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 07:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:62:f0:b6:36:27:a1:85:d5:5d:97:73:dd:bc:a1:96:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de4ff5e0d6465b3c2c73a2c6e10e56a2fa731627
        Validity
            Not Before: Jun 12 07:00:31 2025 GMT
            Not After : Jun 13 07:00:31 2025 GMT
        Subject: CN=c6ec67eff451ffcd9b010e50d524d9523f93abb3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:38:c6:34:65:e8:bf:4d:9a:f3:fb:ff:19:0f:
                    5e:d6:5d:19:d0:e6:86:b8:fb:8b:ff:d5:16:c8:7c:
                    b7:e0:4f:e8:b9:b1:a0:59:b9:aa:8b:2b:76:f9:ad:
                    2c:1a:a1:6f:4b:45:db:d6:4c:71:ec:56:b5:2c:d5:
                    3b:c3:d7:ff:43:a6:fe:1d:50:ba:bb:20:28:3c:f7:
                    2d:59:30:68:dd:83:28:61:d0:77:e7:50:35:64:ee:
                    5b:32:c7:88:e5:9e:c2:fb:36:a4:8d:24:23:9f:b2:
                    a2:db:35:eb:d1:d0:6a:05:29:c8:87:13:5e:80:99:
                    bc:a1:2f:78:e8:a2:9b:fd:1e:41:26:30:95:f9:42:
                    d1:f1:ab:f8:cc:1f:40:8a:e8:6f:25:38:d5:35:f3:
                    04:64:27:12:ed:08:ee:83:f1:6c:ad:f2:df:3b:50:
                    38:20:c2:fc:5b:fb:55:5f:0b:89:b4:85:7c:85:28:
                    db:0e:06:63:3d:26:bd:25:bb:7a:42:61:42:9e:c9:
                    af:ed:dc:5e:a7:77:54:78:0b:da:64:8d:ae:6d:5f:
                    2d:8e:4d:a8:e8:31:c2:3c:08:81:d2:2e:57:d0:b8:
                    c8:48:7d:59:ca:8b:08:6e:83:52:51:f1:39:3d:ca:
                    d4:cb:ce:24:a9:87:0b:65:e2:73:0a:b2:54:67:60:
                    4f:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:EC:67:EF:F4:51:FF:CD:9B:01:0E:50:D5:24:D9:52:3F:93:AB:B3
            X509v3 Authority Key Identifier:
                keyid:DE:4F:F5:E0:D6:46:5B:3C:2C:73:A2:C6:E1:0E:56:A2:FA:73:16:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3k_14NZGWzwsc6LG4Q5WovpzFic.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:31:fb:4f:00:fb:28:6e:47:65:ab:90:19:d7:68:a5:b1:91:
         b2:3c:d1:9e:8e:55:ca:77:ac:4c:bc:10:d1:65:2e:98:2e:f0:
         a3:08:85:50:88:5a:30:04:82:0a:bb:ba:bf:8c:e2:0c:6a:e9:
         f0:4b:04:88:67:75:92:b1:6b:8c:b1:6c:6a:82:32:51:d8:18:
         2c:83:ec:12:27:74:1d:5b:ce:4f:6a:b1:3f:89:8e:0c:01:99:
         f0:a6:aa:ae:72:e1:49:b7:d4:ae:4d:1c:5b:1d:78:4c:90:01:
         ad:63:85:04:16:77:31:de:5c:d0:d6:5d:9c:cb:8d:ee:bf:95:
         a7:05:ba:09:3e:5c:95:da:92:1e:a2:26:3f:aa:3d:98:33:e3:
         ce:63:8e:d1:c2:0a:08:4b:bb:ba:f4:df:e9:43:f0:52:bd:48:
         39:75:04:c3:c0:93:5a:0d:82:b5:cd:ce:bb:d2:aa:1a:7e:a7:
         11:e3:c5:f5:b2:da:c7:9f:ac:a8:4d:2a:2f:3e:94:a8:d7:94:
         21:32:49:2e:c0:61:2c:76:94:87:5b:dd:e7:15:62:16:61:18:
         79:3f:b9:8b:c4:ba:17:3d:f1:05:b3:60:46:cf:c9:0b:4a:62:
         68:63:cf:06:8e:2b:87:b7:a7:a0:fc:5b:54:18:0a:c8:6a:c2:
         b0:32:19:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdi8LY2J6GF1V2Xc928oZaCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNGZmNWUwZDY0NjViM2MyYzczYTJjNmUxMGU1NmEyZmE3
MzE2MjcwHhcNMjUwNjEyMDcwMDMxWhcNMjUwNjEzMDcwMDMxWjAzMTEwLwYDVQQD
EyhjNmVjNjdlZmY0NTFmZmNkOWIwMTBlNTBkNTI0ZDk1MjNmOTNhYmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTjGNGXov02a8/v/GQ9e1l0Z0OaG
uPuL/9UWyHy34E/oubGgWbmqiyt2+a0sGqFvS0Xb1kxx7Fa1LNU7w9f/Q6b+HVC6
uyAoPPctWTBo3YMoYdB351A1ZO5bMseI5Z7C+zakjSQjn7Ki2zXr0dBqBSnIhxNe
gJm8oS946KKb/R5BJjCV+ULR8av4zB9AiuhvJTjVNfMEZCcS7Qjug/FsrfLfO1A4
IML8W/tVXwuJtIV8hSjbDgZjPSa9Jbt6QmFCnsmv7dxep3dUeAvaZI2ubV8tjk2o
6DHCPAiB0i5X0LjISH1ZyosIboNSUfE5PcrUy84kqYcLZeJzCrJUZ2BPwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMbsZ+/0Uf/NmwEOUNUk2VI/k6uzMB8GA1UdIwQY
MBaAFN5P9eDWRls8LHOixuEOVqL6cxYnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2tfMTROWkdXendzYzZMRzRRNVdvdnB6RmljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9kNmE2NDgtMjI4Ni00MjlmLTk4ZmEt
ODg0ZTgxYTE3ODZhLzEvM2tfMTROWkdXendzYzZMRzRRNVdvdnB6RmljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9kNmE2NDgtMjI4Ni00MjlmLTk4ZmEtODg0ZTgxYTE3ODZh
LzEvM2tfMTROWkdXendzYzZMRzRRNVdvdnB6RmljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbTH7TwD7
KG5HZauQGddopbGRsjzRno5VynesTLwQ0WUumC7wowiFUIhaMASCCru6v4ziDGrp
8EsEiGd1krFrjLFsaoIyUdgYLIPsEid0HVvOT2qxP4mODAGZ8KaqrnLhSbfUrk0c
Wx14TJABrWOFBBZ3Md5c0NZdnMuN7r+VpwW6CT5cldqSHqImP6o9mDPjzmOO0cIK
CEu7uvTf6UPwUr1IOXUEw8CTWg2Ctc3Ou9KqGn6nEePF9bLax5+sqE0qLz6UqNeU
ITJJLsBhLHaUh1vd5xViFmEYeT+5i8S6Fz3xBbNgRs/JC0piaGPPBo4rh7enoPxb
VBgKyGrCsDIZ+A==
-----END CERTIFICATE-----