Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft
File:                     3k_14NZGWzwsc6LG4Q5WovpzFic.mft (raw, json)
Hash identifier:          LiC9xoG7UgVIMLNvobn7fOfbqOvaLumiI1QFO+saW3A=
Subject key identifier:   5E:7F:55:37:31:4C:35:AB:3C:F3:2C:4F:34:4F:04:91:75:7B:3B:49
Authority key identifier: DE:4F:F5:E0:D6:46:5B:3C:2C:73:A2:C6:E1:0E:56:A2:FA:73:16:27
Certificate issuer:       /CN=de4ff5e0d6465b3c2c73a2c6e10e56a2fa731627
Certificate serial:       019764DF4732CF4C5EECF1D996B2F0150E68
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3k_14NZGWzwsc6LG4Q5WovpzFic.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft
Manifest number:          0D23
Signing time:             Thu 12 Jun 2025 16:00:43 +0000
Manifest this update:     Thu 12 Jun 2025 16:00:43 +0000
Manifest next update:     Fri 13 Jun 2025 16:00:43 +0000
Files and hashes:         1: 3k_14NZGWzwsc6LG4Q5WovpzFic.crl (hash: 1bUvFkstyBPvr/yQFrTpkWasfsLL+kgyAVC03xaBUb4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3k_14NZGWzwsc6LG4Q5WovpzFic.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 13:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:64:df:47:32:cf:4c:5e:ec:f1:d9:96:b2:f0:15:0e:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de4ff5e0d6465b3c2c73a2c6e10e56a2fa731627
        Validity
            Not Before: Jun 12 16:00:43 2025 GMT
            Not After : Jun 13 16:00:43 2025 GMT
        Subject: CN=5e7f5537314c35ab3cf32c4f344f0491757b3b49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:1d:63:72:1e:a5:e8:f0:6f:71:34:cc:19:4d:
                    bd:bb:4f:80:e8:a8:c1:23:3a:7c:25:74:3d:47:7a:
                    70:97:db:38:b3:5c:06:52:8d:ad:85:ae:03:11:b5:
                    4f:e2:f6:30:f8:79:5e:5e:a0:c0:29:ed:47:79:92:
                    da:8e:e0:54:32:ab:71:0e:82:2c:7d:37:40:56:bc:
                    e7:0e:28:8e:8d:00:ef:2b:e2:03:64:36:a7:73:eb:
                    c4:7f:b8:13:93:e2:73:8a:c5:ef:5f:0c:60:d6:3a:
                    d3:a8:97:1f:4d:fa:6f:77:b8:b5:62:ad:9b:01:1e:
                    38:e9:e6:bc:68:0c:76:6c:1b:00:df:5f:b2:cd:d6:
                    c4:79:9d:ce:25:20:a2:c1:9a:08:90:8d:23:f7:a8:
                    dd:93:81:21:0f:ca:6b:66:c3:8a:22:51:b3:a0:21:
                    49:44:1a:70:62:c2:fb:b7:f3:3b:1b:cc:75:3c:78:
                    65:8c:af:16:a6:ce:f7:93:d8:5d:10:b2:58:cb:6c:
                    85:da:30:86:e8:cc:55:a3:0c:f4:b9:de:c7:21:8e:
                    a0:2a:5a:91:09:b1:34:30:70:23:92:d5:66:6d:6c:
                    08:a3:86:65:66:fd:b8:de:21:73:75:f8:0d:24:78:
                    e5:26:13:c1:54:7e:ab:7c:52:10:af:78:7c:2e:2f:
                    82:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:7F:55:37:31:4C:35:AB:3C:F3:2C:4F:34:4F:04:91:75:7B:3B:49
            X509v3 Authority Key Identifier:
                keyid:DE:4F:F5:E0:D6:46:5B:3C:2C:73:A2:C6:E1:0E:56:A2:FA:73:16:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3k_14NZGWzwsc6LG4Q5WovpzFic.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:c9:17:3f:e4:c3:2c:8f:22:40:90:b9:1b:86:4b:b3:e9:37:
         4a:f9:40:b3:32:00:ef:d0:e5:cb:06:c3:3b:55:25:57:65:ba:
         77:39:e2:df:58:86:65:d2:3e:93:b3:d2:0b:d2:c3:f9:f1:f6:
         94:4c:96:b7:30:da:a5:cb:47:d2:66:69:e9:c1:0c:29:48:70:
         2f:6d:46:87:96:5b:38:9b:b5:70:59:64:39:a3:e7:e1:b3:4a:
         0c:cd:5f:45:43:e7:43:d6:42:6e:9c:3b:78:4f:ca:a9:f3:d8:
         fd:f7:d3:3c:75:7f:79:0f:5c:46:3c:fd:08:46:bb:cd:af:0d:
         0b:f0:86:3c:23:12:af:b1:cc:c8:89:df:f8:0c:7a:53:83:d6:
         64:b2:a3:8c:5e:5d:4f:cd:e5:de:25:fd:ff:c9:7d:77:79:1f:
         6b:06:87:b0:f4:80:08:e6:51:14:45:13:f2:ea:fa:fd:8b:6b:
         b3:5b:64:dc:93:1d:ee:a2:8d:2d:cd:68:39:07:d4:c2:8f:8a:
         9b:e2:b7:df:ba:10:93:a4:5e:17:48:3c:76:84:5d:ae:b5:8b:
         b9:20:fe:fe:d3:d1:4e:8b:e3:fc:8b:db:25:cd:bd:f7:c1:72:
         ab:64:5e:ac:c2:13:91:33:f0:0b:c6:3b:bc:94:36:fd:da:a2:
         12:c1:10:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdk30cyz0xe7PHZlrLwFQ5oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNGZmNWUwZDY0NjViM2MyYzczYTJjNmUxMGU1NmEyZmE3
MzE2MjcwHhcNMjUwNjEyMTYwMDQzWhcNMjUwNjEzMTYwMDQzWjAzMTEwLwYDVQQD
Eyg1ZTdmNTUzNzMxNGMzNWFiM2NmMzJjNGYzNDRmMDQ5MTc1N2IzYjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvR1jch6l6PBvcTTMGU29u0+A6KjB
Izp8JXQ9R3pwl9s4s1wGUo2tha4DEbVP4vYw+HleXqDAKe1HeZLajuBUMqtxDoIs
fTdAVrznDiiOjQDvK+IDZDanc+vEf7gTk+JzisXvXwxg1jrTqJcfTfpvd7i1Yq2b
AR446ea8aAx2bBsA31+yzdbEeZ3OJSCiwZoIkI0j96jdk4EhD8prZsOKIlGzoCFJ
RBpwYsL7t/M7G8x1PHhljK8Wps73k9hdELJYy2yF2jCG6MxVowz0ud7HIY6gKlqR
CbE0MHAjktVmbWwIo4ZlZv243iFzdfgNJHjlJhPBVH6rfFIQr3h8Li+CmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF5/VTcxTDWrPPMsTzRPBJF1eztJMB8GA1UdIwQY
MBaAFN5P9eDWRls8LHOixuEOVqL6cxYnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2tfMTROWkdXendzYzZMRzRRNVdvdnB6RmljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9kNmE2NDgtMjI4Ni00MjlmLTk4ZmEt
ODg0ZTgxYTE3ODZhLzEvM2tfMTROWkdXendzYzZMRzRRNVdvdnB6RmljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9kNmE2NDgtMjI4Ni00MjlmLTk4ZmEtODg0ZTgxYTE3ODZh
LzEvM2tfMTROWkdXendzYzZMRzRRNVdvdnB6RmljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnskXP+TD
LI8iQJC5G4ZLs+k3SvlAszIA79DlywbDO1UlV2W6dzni31iGZdI+k7PSC9LD+fH2
lEyWtzDapctH0mZp6cEMKUhwL21Gh5ZbOJu1cFlkOaPn4bNKDM1fRUPnQ9ZCbpw7
eE/KqfPY/ffTPHV/eQ9cRjz9CEa7za8NC/CGPCMSr7HMyInf+Ax6U4PWZLKjjF5d
T83l3iX9/8l9d3kfawaHsPSACOZRFEUT8ur6/Ytrs1tk3JMd7qKNLc1oOQfUwo+K
m+K337oQk6ReF0g8doRdrrWLuSD+/tPRTovj/IvbJc2998Fyq2RerMITkTPwC8Y7
vJQ2/dqiEsEQBw==
-----END CERTIFICATE-----
Generated at Thu Jun 12 22:11:30 2025 by rpki-client