Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft
File:                     0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft (raw, json)
Hash identifier:          CbS0fCsM1newaL3aw1TeWP3qCW7i1okEleHGb1vIAPs=
Subject key identifier:   38:F6:79:E2:50:B5:29:31:A2:46:F7:4F:A9:82:3B:25:A0:14:A3:AF
Authority key identifier: D1:DB:4A:7D:1E:6A:BF:FB:CD:A7:8B:FC:33:12:50:DD:16:BE:3D:E0
Certificate issuer:       /CN=d1db4a7d1e6abffbcda78bfc331250dd16be3de0
Certificate serial:       01976027904AF89666BA4411683085ECB592
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft
Manifest number:          0C32
Signing time:             Wed 11 Jun 2025 18:01:34 +0000
Manifest this update:     Wed 11 Jun 2025 18:01:34 +0000
Manifest next update:     Thu 12 Jun 2025 18:01:34 +0000
Files and hashes:         1: 0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl (hash: JMadVsJSkNVVscFiyFOiNO0gv7wIv8byNnzLUa7/aPI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 15:40:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:60:27:90:4a:f8:96:66:ba:44:11:68:30:85:ec:b5:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d1db4a7d1e6abffbcda78bfc331250dd16be3de0
        Validity
            Not Before: Jun 11 18:01:34 2025 GMT
            Not After : Jun 12 18:01:34 2025 GMT
        Subject: CN=38f679e250b52931a246f74fa9823b25a014a3af
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:ae:96:fd:83:8d:01:23:f9:45:f9:38:41:7a:
                    fa:b2:6d:7c:40:2e:19:30:3b:80:52:53:3d:31:9c:
                    11:4a:9c:70:f2:b0:97:c5:11:7b:37:e8:74:07:bf:
                    bc:a8:1c:3d:95:73:b3:ed:c5:95:2c:11:27:ec:65:
                    d7:0b:c6:cd:0a:42:40:59:b5:99:65:19:d5:c2:c0:
                    2b:d7:29:ed:ee:a7:57:1a:c2:4a:34:9b:e8:17:28:
                    21:da:5c:33:da:8f:36:39:eb:69:5e:d9:5f:36:35:
                    9f:c4:05:ac:f3:70:a1:96:1b:ea:52:dd:a0:df:c6:
                    17:53:5f:ee:b5:97:f5:05:22:39:23:4a:e9:4f:60:
                    95:2c:6f:23:5b:cb:3e:12:ce:5a:1d:65:8c:f0:e6:
                    db:6c:6a:4f:84:a8:1e:72:34:6d:f0:29:e5:65:f9:
                    f2:fa:a4:7d:83:be:80:43:d6:98:5a:42:43:ae:e2:
                    4c:42:d8:e5:b1:d6:ae:f0:cd:ca:8a:b2:37:36:73:
                    cf:c9:0a:22:fc:3a:b2:02:5a:9e:6c:78:17:4a:78:
                    e8:e5:8b:d2:6a:05:da:26:17:3c:1f:90:16:a1:83:
                    3f:82:f4:25:cc:bc:2b:ca:2c:10:47:a8:3f:48:f6:
                    90:90:9d:68:bc:9f:44:bd:21:17:e0:9e:f8:51:a8:
                    e4:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:F6:79:E2:50:B5:29:31:A2:46:F7:4F:A9:82:3B:25:A0:14:A3:AF
            X509v3 Authority Key Identifier:
                keyid:D1:DB:4A:7D:1E:6A:BF:FB:CD:A7:8B:FC:33:12:50:DD:16:BE:3D:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:a0:32:2d:c7:3d:54:df:db:00:da:4f:1d:7e:d2:d8:05:1c:
         02:23:3b:69:2a:90:88:6a:4b:a6:e3:ed:28:d5:27:c4:1b:d8:
         28:33:8f:98:98:30:d8:d7:46:8e:84:d0:9b:42:38:bf:bb:78:
         1d:6a:5b:b3:f5:cc:29:3f:71:45:82:ac:12:b1:dd:2b:9d:1e:
         32:40:4c:58:e9:98:7b:9c:7a:e0:af:f2:a8:a8:0e:5c:e5:a4:
         5a:79:ab:51:3d:1d:62:83:1f:71:cd:eb:ae:46:bc:02:28:e0:
         3d:29:fd:89:11:d3:ae:c3:2a:93:69:b0:cc:92:c3:cc:95:0a:
         2a:ca:44:38:30:d6:d6:96:93:bb:15:76:e8:a2:84:25:02:04:
         59:66:bd:8b:ed:dc:c5:0b:21:49:0f:8a:29:22:12:07:ab:5b:
         69:bd:72:f0:d9:fc:be:f3:c5:3a:9b:5f:e1:39:07:4f:fb:66:
         44:f3:e0:03:14:5f:94:8e:4c:13:57:af:71:94:73:22:4e:4e:
         c5:60:2e:ab:17:6a:5d:83:e7:73:d9:56:5f:31:51:ad:51:a3:
         60:90:ba:3c:82:ca:88:71:a6:e7:8f:9c:33:f9:9a:bb:46:05:
         0b:f9:d7:7c:8d:54:d9:65:02:c7:80:a3:28:61:07:e1:3d:ce:
         a9:8f:45:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdgJ5BK+JZmukQRaDCF7LWSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZGI0YTdkMWU2YWJmZmJjZGE3OGJmYzMzMTI1MGRkMTZi
ZTNkZTAwHhcNMjUwNjExMTgwMTM0WhcNMjUwNjEyMTgwMTM0WjAzMTEwLwYDVQQD
EygzOGY2NzllMjUwYjUyOTMxYTI0NmY3NGZhOTgyM2IyNWEwMTRhM2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkq6W/YONASP5Rfk4QXr6sm18QC4Z
MDuAUlM9MZwRSpxw8rCXxRF7N+h0B7+8qBw9lXOz7cWVLBEn7GXXC8bNCkJAWbWZ
ZRnVwsAr1ynt7qdXGsJKNJvoFygh2lwz2o82OetpXtlfNjWfxAWs83ChlhvqUt2g
38YXU1/utZf1BSI5I0rpT2CVLG8jW8s+Es5aHWWM8ObbbGpPhKgecjRt8CnlZfny
+qR9g76AQ9aYWkJDruJMQtjlsdau8M3KirI3NnPPyQoi/DqyAlqebHgXSnjo5YvS
agXaJhc8H5AWoYM/gvQlzLwryiwQR6g/SPaQkJ1ovJ9EvSEX4J74UajkCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDj2eeJQtSkxokb3T6mCOyWgFKOvMB8GA1UdIwQY
MBaAFNHbSn0ear/7zaeL/DMSUN0Wvj3gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8xNWFkMDgtMGZkMC00MDAwLTk2NjIt
Y2M3OGFmNGU4MDE2LzEvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi8xNWFkMDgtMGZkMC00MDAwLTk2NjItY2M3OGFmNGU4MDE2
LzEvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACqAyLcc9
VN/bANpPHX7S2AUcAiM7aSqQiGpLpuPtKNUnxBvYKDOPmJgw2NdGjoTQm0I4v7t4
HWpbs/XMKT9xRYKsErHdK50eMkBMWOmYe5x64K/yqKgOXOWkWnmrUT0dYoMfcc3r
rka8AijgPSn9iRHTrsMqk2mwzJLDzJUKKspEODDW1paTuxV26KKEJQIEWWa9i+3c
xQshSQ+KKSISB6tbab1y8Nn8vvPFOptf4TkHT/tmRPPgAxRflI5ME1evcZRzIk5O
xWAuqxdqXYPnc9lWXzFRrVGjYJC6PILKiHGm54+cM/mau0YFC/nXfI1U2WUCx4Cj
KGEH4T3OqY9Fyg==
-----END CERTIFICATE-----
Generated at Wed Jun 11 23:43:59 2025 by rpki-client