Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
File:                     3kK6kvCUZ8GIi16eNEiVB0SweYE.mft (raw, json)
Hash identifier:          66aKuztITQEEgRGZqsp1jqvjkjXx5BKoUyZ+qeSl8tE=
Subject key identifier:   BF:E4:F4:B5:F7:BA:0D:09:89:06:81:06:20:8C:7D:53:CC:BD:21:1B
Authority key identifier: DE:42:BA:92:F0:94:67:C1:88:8B:5E:9E:34:48:95:07:44:B0:79:81
Certificate issuer:       /CN=de42ba92f09467c1888b5e9e3448950744b07981
Certificate serial:       0197469E4B231094FBAFCC106792DC538B68
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
Manifest number:          0FEA
Signing time:             Fri 06 Jun 2025 19:01:08 +0000
Manifest this update:     Fri 06 Jun 2025 19:01:08 +0000
Manifest next update:     Sat 07 Jun 2025 19:01:08 +0000
Files and hashes:         1: 3kK6kvCUZ8GIi16eNEiVB0SweYE.crl (hash: D/v7rZmacuSWJ6S4AIjWUwJpfM+7mpelONfc3eMfUDg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:46:9e:4b:23:10:94:fb:af:cc:10:67:92:dc:53:8b:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de42ba92f09467c1888b5e9e3448950744b07981
        Validity
            Not Before: Jun  6 19:01:08 2025 GMT
            Not After : Jun  7 19:01:08 2025 GMT
        Subject: CN=bfe4f4b5f7ba0d0989068106208c7d53ccbd211b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:d1:22:40:b8:f2:1f:e6:3b:3c:03:98:85:70:
                    c6:e5:e4:68:34:b4:ac:cb:ee:3e:e9:cd:b0:72:cb:
                    31:b1:ba:51:93:3f:9c:da:22:fe:e9:dc:fb:e1:40:
                    92:65:59:57:9b:11:c8:3d:4c:22:12:50:40:36:97:
                    98:59:98:44:1b:88:9f:46:34:10:db:9b:1d:e0:c8:
                    c7:94:86:d4:09:7c:4b:d4:72:59:f2:ae:f2:d8:99:
                    23:8c:bc:b4:06:ec:39:ae:2b:98:4c:ea:fa:d1:96:
                    1e:03:70:39:08:c7:24:ee:47:e1:b6:48:b5:e8:27:
                    26:71:35:a9:b1:7d:a1:14:eb:84:f0:6b:15:8c:f3:
                    16:8a:4f:72:dc:69:37:19:ae:fb:88:4e:cc:81:27:
                    f1:0c:00:f1:ab:1c:d0:d6:4c:12:bf:7a:26:cf:85:
                    15:2e:05:ba:a5:d5:cb:79:4c:7a:3c:f0:09:3b:ab:
                    f3:f5:d6:1e:3b:42:4b:b4:88:bc:0a:55:ff:26:d8:
                    7d:53:68:78:3c:81:32:7b:0d:67:a2:19:9f:fd:3d:
                    66:92:11:1e:95:81:ea:41:28:1f:dd:52:54:60:52:
                    82:53:ef:15:1e:05:e0:07:50:48:41:0e:fd:44:0c:
                    de:71:ae:a8:24:68:8b:29:3e:c0:d5:e5:a5:ce:22:
                    ba:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:E4:F4:B5:F7:BA:0D:09:89:06:81:06:20:8C:7D:53:CC:BD:21:1B
            X509v3 Authority Key Identifier:
                keyid:DE:42:BA:92:F0:94:67:C1:88:8B:5E:9E:34:48:95:07:44:B0:79:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bd:0a:be:ef:41:51:1c:ea:57:a6:ca:67:53:ab:e1:9e:a7:56:
         b2:09:44:a6:35:d9:8a:c7:94:7a:38:45:2b:6d:9a:ac:1d:d3:
         82:ac:79:9d:3e:7f:92:53:9f:fa:d0:e9:54:3f:1b:f3:18:da:
         2b:89:7f:47:a0:3b:a5:1e:e8:c7:ba:8d:70:b7:ed:eb:20:89:
         3f:5d:23:dd:e0:fe:2e:5e:e4:fe:f3:75:e6:11:f6:25:7f:39:
         f9:98:57:a1:3b:8f:60:5c:45:a5:03:e8:3f:63:0a:32:e9:3d:
         e9:8b:b3:84:dc:0d:68:ab:f8:df:9b:3a:05:8a:e0:30:fc:f1:
         b6:01:05:cf:b2:98:07:af:d3:44:69:8d:3f:3b:7f:96:f1:d7:
         a8:3a:05:3d:cd:4d:7c:39:4a:c2:90:e9:4a:fb:4f:39:6f:8c:
         63:b8:a6:01:24:1a:c4:e7:38:49:b7:e4:23:9e:61:cc:4e:96:
         e1:8e:11:36:54:45:70:aa:31:18:79:2a:eb:8f:31:7e:46:27:
         52:8b:73:bb:87:b8:90:c7:4b:fb:10:ac:cc:87:35:5c:be:fb:
         d4:28:cd:84:5d:d4:d2:62:f5:0d:6a:69:c1:a1:86:11:05:48:
         e3:df:57:fe:f9:68:c4:d4:b2:c6:6f:f7:66:32:68:c6:90:d0:
         5f:c4:5f:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdGnksjEJT7r8wQZ5LcU4toMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNDJiYTkyZjA5NDY3YzE4ODhiNWU5ZTM0NDg5NTA3NDRi
MDc5ODEwHhcNMjUwNjA2MTkwMTA4WhcNMjUwNjA3MTkwMTA4WjAzMTEwLwYDVQQD
EyhiZmU0ZjRiNWY3YmEwZDA5ODkwNjgxMDYyMDhjN2Q1M2NjYmQyMTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdEiQLjyH+Y7PAOYhXDG5eRoNLSs
y+4+6c2wcssxsbpRkz+c2iL+6dz74UCSZVlXmxHIPUwiElBANpeYWZhEG4ifRjQQ
25sd4MjHlIbUCXxL1HJZ8q7y2JkjjLy0Buw5riuYTOr60ZYeA3A5CMck7kfhtki1
6CcmcTWpsX2hFOuE8GsVjPMWik9y3Gk3Ga77iE7MgSfxDADxqxzQ1kwSv3omz4UV
LgW6pdXLeUx6PPAJO6vz9dYeO0JLtIi8ClX/Jth9U2h4PIEyew1nohmf/T1mkhEe
lYHqQSgf3VJUYFKCU+8VHgXgB1BIQQ79RAzeca6oJGiLKT7A1eWlziK6vwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL/k9LX3ug0JiQaBBiCMfVPMvSEbMB8GA1UdIwQY
MBaAFN5CupLwlGfBiItenjRIlQdEsHmBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zZmY0NjMtMGUzZC00ZTc3LWJkMTMt
NWIzYjRiOTEzY2Y4LzEvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zZmY0NjMtMGUzZC00ZTc3LWJkMTMtNWIzYjRiOTEzY2Y4
LzEvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvQq+70FR
HOpXpspnU6vhnqdWsglEpjXZiseUejhFK22arB3Tgqx5nT5/klOf+tDpVD8b8xja
K4l/R6A7pR7ox7qNcLft6yCJP10j3eD+Ll7k/vN15hH2JX85+ZhXoTuPYFxFpQPo
P2MKMuk96YuzhNwNaKv435s6BYrgMPzxtgEFz7KYB6/TRGmNPzt/lvHXqDoFPc1N
fDlKwpDpSvtPOW+MY7imASQaxOc4SbfkI55hzE6W4Y4RNlRFcKoxGHkq648xfkYn
Uotzu4e4kMdL+xCszIc1XL771CjNhF3U0mL1DWppwaGGEQVI499X/vloxNSyxm/3
ZjJoxpDQX8RfCA==
-----END CERTIFICATE-----