Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/18a67e-7cbd-4c45-889c-ae7b89174710/1/3Mx29__HFoYLOtY56_kdxN1hMAA.mft
File:                     3Mx29__HFoYLOtY56_kdxN1hMAA.mft (raw, json)
Hash identifier:          Tobla6V/6TL+A+hHMg3rJvlXSD+hE8VtOj0yMfFQ3So=
Subject key identifier:   95:7F:CB:70:19:55:1C:57:D1:A0:DA:8A:DE:AA:52:76:29:D3:6F:54
Authority key identifier: DC:CC:76:F7:FF:C7:16:86:0B:3A:D6:39:EB:F9:1D:C4:DD:61:30:00
Certificate issuer:       /CN=dccc76f7ffc716860b3ad639ebf91dc4dd613000
Certificate serial:       0197488C85670630ABA4972031E871295940
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3Mx29__HFoYLOtY56_kdxN1hMAA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/18a67e-7cbd-4c45-889c-ae7b89174710/1/3Mx29__HFoYLOtY56_kdxN1hMAA.mft
Manifest number:          093F
Signing time:             Sat 07 Jun 2025 04:00:58 +0000
Manifest this update:     Sat 07 Jun 2025 04:00:58 +0000
Manifest next update:     Sun 08 Jun 2025 04:00:58 +0000
Files and hashes:         1: 3Mx29__HFoYLOtY56_kdxN1hMAA.crl (hash: zLAA2y8bb7rFtz+XJx5XSfmjt6cOeQs0mgc0MPwDXu4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b8/18a67e-7cbd-4c45-889c-ae7b89174710/1/3Mx29__HFoYLOtY56_kdxN1hMAA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b8/18a67e-7cbd-4c45-889c-ae7b89174710/1/3Mx29__HFoYLOtY56_kdxN1hMAA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3Mx29__HFoYLOtY56_kdxN1hMAA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 04:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8c:85:67:06:30:ab:a4:97:20:31:e8:71:29:59:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dccc76f7ffc716860b3ad639ebf91dc4dd613000
        Validity
            Not Before: Jun  7 04:00:58 2025 GMT
            Not After : Jun  8 04:00:58 2025 GMT
        Subject: CN=957fcb7019551c57d1a0da8adeaa527629d36f54
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:7d:82:68:f2:4d:97:a4:72:0a:55:49:b7:e9:
                    86:86:0c:ab:58:c2:83:a5:8f:10:c0:85:af:1e:dd:
                    4c:29:5a:4f:28:29:4a:51:98:79:d8:6f:85:44:91:
                    fb:aa:c8:91:99:58:0c:13:b9:40:3b:e9:84:ad:ad:
                    59:d6:9c:3a:89:d3:72:a0:c3:1f:6e:08:da:0f:51:
                    21:02:96:d7:76:8e:7d:1f:fd:5f:2a:11:a8:36:4e:
                    e1:18:c3:99:ba:cf:39:2a:00:aa:5c:75:be:1e:7f:
                    e8:5d:e7:3a:72:9d:91:67:bb:16:71:7f:31:48:dd:
                    39:9b:2a:ac:1c:91:8d:31:b3:e1:4d:b0:7e:83:d9:
                    6d:3b:97:33:6b:ac:5d:20:58:18:12:c4:b0:01:d5:
                    9a:fc:77:de:97:eb:1d:90:bd:73:23:da:7a:2e:28:
                    9e:00:0f:d8:75:02:d1:fe:b8:f6:2f:2d:16:cb:d6:
                    3c:92:2f:6b:30:4b:7d:08:6a:fb:c7:1d:d4:d4:49:
                    0c:a0:67:96:be:c5:99:fe:8d:31:9d:8c:90:fd:9f:
                    44:1b:67:cc:78:56:38:b0:44:9f:ae:c1:1c:b4:5d:
                    7b:0e:10:16:bb:41:f2:8f:cd:48:72:7b:ae:b6:50:
                    f7:e7:4c:de:f7:aa:09:4e:cf:c2:77:a3:60:09:c4:
                    d8:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:7F:CB:70:19:55:1C:57:D1:A0:DA:8A:DE:AA:52:76:29:D3:6F:54
            X509v3 Authority Key Identifier:
                keyid:DC:CC:76:F7:FF:C7:16:86:0B:3A:D6:39:EB:F9:1D:C4:DD:61:30:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Mx29__HFoYLOtY56_kdxN1hMAA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/18a67e-7cbd-4c45-889c-ae7b89174710/1/3Mx29__HFoYLOtY56_kdxN1hMAA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/18a67e-7cbd-4c45-889c-ae7b89174710/1/3Mx29__HFoYLOtY56_kdxN1hMAA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:b3:2a:e5:37:db:7a:a2:0a:9c:c1:5f:cf:0d:01:55:81:3b:
         80:85:83:5c:67:8c:f8:dc:07:f1:e3:7c:99:ed:85:44:c6:de:
         05:8c:03:8e:0f:97:24:ea:b1:88:78:6c:66:9d:ed:49:7d:c8:
         d2:b5:56:f1:7c:f9:c5:91:51:15:59:aa:0d:51:01:43:a1:c6:
         95:e4:d3:a5:09:92:c1:df:c2:bc:7c:8c:d2:39:0a:3f:ed:89:
         a7:26:5d:2a:af:e0:3f:3b:77:6c:94:29:1a:62:ac:e6:bc:14:
         62:b5:48:b9:8c:13:80:2c:ff:0c:6f:6f:4d:97:6b:84:bd:38:
         ea:3d:d3:5a:0e:2c:35:fc:95:01:ee:2c:2f:41:a6:2b:14:43:
         dd:c8:41:96:0b:f7:da:dc:2b:79:b6:d0:c4:23:2a:61:f7:55:
         a1:78:63:65:00:7a:a7:51:68:d8:bb:40:9d:5c:c9:d4:8d:67:
         f6:32:0e:0d:f5:9c:c1:35:ec:c1:32:b6:67:e9:e9:15:4b:f8:
         35:d8:3e:78:05:f8:39:60:8f:6c:6c:31:1b:3d:b0:e2:bb:68:
         c8:96:fa:fc:de:0f:4a:03:0d:fc:66:d1:9c:c3:dd:0d:6e:ca:
         c4:25:b7:66:0c:a8:d3:72:63:11:a3:bd:aa:69:98:c4:a9:a5:
         16:28:e9:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjIVnBjCrpJcgMehxKVlAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjY2M3NmY3ZmZjNzE2ODYwYjNhZDYzOWViZjkxZGM0ZGQ2
MTMwMDAwHhcNMjUwNjA3MDQwMDU4WhcNMjUwNjA4MDQwMDU4WjAzMTEwLwYDVQQD
Eyg5NTdmY2I3MDE5NTUxYzU3ZDFhMGRhOGFkZWFhNTI3NjI5ZDM2ZjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr32CaPJNl6RyClVJt+mGhgyrWMKD
pY8QwIWvHt1MKVpPKClKUZh52G+FRJH7qsiRmVgME7lAO+mEra1Z1pw6idNyoMMf
bgjaD1EhApbXdo59H/1fKhGoNk7hGMOZus85KgCqXHW+Hn/oXec6cp2RZ7sWcX8x
SN05myqsHJGNMbPhTbB+g9ltO5cza6xdIFgYEsSwAdWa/Hfel+sdkL1zI9p6Liie
AA/YdQLR/rj2Ly0Wy9Y8ki9rMEt9CGr7xx3U1EkMoGeWvsWZ/o0xnYyQ/Z9EG2fM
eFY4sESfrsEctF17DhAWu0Hyj81IcnuutlD350ze96oJTs/Cd6NgCcTY1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJV/y3AZVRxX0aDait6qUnYp029UMB8GA1UdIwQY
MBaAFNzMdvf/xxaGCzrWOev5HcTdYTAAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM014MjlfX0hGb1lMT3RZNTZfa2R4TjFoTUFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC8xOGE2N2UtN2NiZC00YzQ1LTg4OWMt
YWU3Yjg5MTc0NzEwLzEvM014MjlfX0hGb1lMT3RZNTZfa2R4TjFoTUFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC8xOGE2N2UtN2NiZC00YzQ1LTg4OWMtYWU3Yjg5MTc0NzEw
LzEvM014MjlfX0hGb1lMT3RZNTZfa2R4TjFoTUFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJLMq5Tfb
eqIKnMFfzw0BVYE7gIWDXGeM+NwH8eN8me2FRMbeBYwDjg+XJOqxiHhsZp3tSX3I
0rVW8Xz5xZFRFVmqDVEBQ6HGleTTpQmSwd/CvHyM0jkKP+2JpyZdKq/gPzt3bJQp
GmKs5rwUYrVIuYwTgCz/DG9vTZdrhL046j3TWg4sNfyVAe4sL0GmKxRD3chBlgv3
2twrebbQxCMqYfdVoXhjZQB6p1Fo2LtAnVzJ1I1n9jIODfWcwTXswTK2Z+npFUv4
Ndg+eAX4OWCPbGwxGz2w4rtoyJb6/N4PSgMN/GbRnMPdDW7KxCW3Zgyo03JjEaO9
qmmYxKmlFijpMg==
-----END CERTIFICATE-----