Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.mft
File:                     9lb6GLEZw6Scu8xWpgRXQ5pEks4.mft (raw, json)
Hash identifier:          RkNK/lDr7oOhJa922zyAIIsVKhEmqhBy7FEvEtZbkt8=
Subject key identifier:   D9:7B:33:0C:43:FC:14:8A:0F:EF:01:59:BE:CC:16:24:06:61:A8:CF
Authority key identifier: F6:56:FA:18:B1:19:C3:A4:9C:BB:CC:56:A6:04:57:43:9A:44:92:CE
Certificate issuer:       /CN=f656fa18b119c3a49cbbcc56a60457439a4492ce
Certificate serial:       01974CD6CF2673F0DEE97F43681B5E751AAB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9lb6GLEZw6Scu8xWpgRXQ5pEks4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.mft
Manifest number:          150A
Signing time:             Sun 08 Jun 2025 00:00:35 +0000
Manifest this update:     Sun 08 Jun 2025 00:00:35 +0000
Manifest next update:     Mon 09 Jun 2025 00:00:35 +0000
Files and hashes:         1: 9lb6GLEZw6Scu8xWpgRXQ5pEks4.crl (hash: rcjif3V6i/M/6j9rHcCPzF6qV91rbX/dwLAf87VK4zo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9lb6GLEZw6Scu8xWpgRXQ5pEks4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 00:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:d6:cf:26:73:f0:de:e9:7f:43:68:1b:5e:75:1a:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f656fa18b119c3a49cbbcc56a60457439a4492ce
        Validity
            Not Before: Jun  8 00:00:35 2025 GMT
            Not After : Jun  9 00:00:35 2025 GMT
        Subject: CN=d97b330c43fc148a0fef0159becc16240661a8cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:9d:dc:96:90:f5:b4:e0:f9:0b:e9:d8:1a:0a:
                    af:90:b9:5a:4e:99:01:ee:99:4f:a1:de:2a:88:6f:
                    74:cf:71:37:33:28:ec:f4:74:3d:02:bb:09:26:16:
                    89:38:10:f9:20:e9:00:ae:3e:ab:94:a8:37:de:78:
                    f3:36:69:8c:c1:98:b8:82:25:f4:1d:69:df:5e:a6:
                    eb:0b:d3:c3:75:82:06:57:72:82:a8:83:67:4d:e7:
                    5f:05:22:9d:97:0d:c0:b5:13:33:29:d7:23:41:7d:
                    2e:3e:d8:4d:da:41:12:97:96:4b:74:96:94:42:7e:
                    4c:ee:07:d2:90:d2:c7:0c:85:58:11:87:61:4a:8d:
                    72:cc:fa:81:e9:8b:5a:57:4c:11:d2:a3:5e:42:cf:
                    21:b4:e9:5f:c4:ad:86:f9:14:3c:96:5f:9c:eb:2c:
                    e0:9c:83:18:07:06:f2:c9:a7:49:16:01:92:9f:7f:
                    2a:f9:1e:cd:a1:7f:c9:02:80:28:51:5e:73:9b:ef:
                    e4:ef:69:d7:89:b1:f1:47:e5:34:c8:f1:d0:b5:ad:
                    09:6c:db:91:7f:bf:54:02:4c:2f:cc:95:c4:9c:68:
                    1e:c0:ba:43:e3:0e:76:e2:f4:1a:43:92:7d:71:16:
                    0d:45:4f:62:2e:50:1a:f0:41:39:cc:0e:68:eb:80:
                    f7:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:7B:33:0C:43:FC:14:8A:0F:EF:01:59:BE:CC:16:24:06:61:A8:CF
            X509v3 Authority Key Identifier:
                keyid:F6:56:FA:18:B1:19:C3:A4:9C:BB:CC:56:A6:04:57:43:9A:44:92:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9lb6GLEZw6Scu8xWpgRXQ5pEks4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:00:1c:26:a2:ec:2e:90:45:5f:5a:32:56:ff:fa:f7:f9:b1:
         37:7b:f8:26:09:5d:ea:14:54:cc:3d:05:1e:e8:c7:6c:e6:0b:
         f1:1a:41:f7:52:3f:74:1d:68:54:de:2f:85:13:89:e3:2a:c1:
         c4:26:d0:9e:47:a9:b6:8e:a4:59:df:95:9a:f5:a9:a9:45:a7:
         76:2a:d8:cf:1b:cc:0d:4d:97:fd:ee:9e:5f:37:7f:da:f7:b2:
         59:e0:6f:90:5c:57:63:a4:3e:4c:00:cc:55:3a:f0:36:7d:f9:
         a9:f7:cd:a4:91:ba:b9:49:ce:4f:fa:8e:28:53:e8:9b:e9:5a:
         c5:da:4e:ad:76:9f:92:66:f1:41:6d:8b:5c:56:31:67:8a:32:
         98:f4:ba:93:e3:72:08:1f:5a:a2:56:39:cd:52:fe:c1:c6:47:
         24:fc:12:0f:ae:26:1d:4d:2e:31:6d:9c:30:7e:5f:e5:47:6f:
         ee:b9:c5:bb:44:ac:ed:3f:b4:eb:97:32:9a:a3:3d:c5:2f:0a:
         4c:41:e1:0c:d1:b9:d3:ef:a3:30:29:d6:b1:fc:8a:25:e5:5c:
         f8:9f:f9:83:59:48:ea:00:61:e5:9f:4c:41:fc:27:54:ab:89:
         fd:c3:60:99:32:57:ca:db:db:99:5d:66:7f:4f:d8:cf:d1:8c:
         31:4f:c8:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdM1s8mc/De6X9DaBtedRqrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2NTZmYTE4YjExOWMzYTQ5Y2JiY2M1NmE2MDQ1NzQzOWE0
NDkyY2UwHhcNMjUwNjA4MDAwMDM1WhcNMjUwNjA5MDAwMDM1WjAzMTEwLwYDVQQD
EyhkOTdiMzMwYzQzZmMxNDhhMGZlZjAxNTliZWNjMTYyNDA2NjFhOGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJ3clpD1tOD5C+nYGgqvkLlaTpkB
7plPod4qiG90z3E3Myjs9HQ9ArsJJhaJOBD5IOkArj6rlKg33njzNmmMwZi4giX0
HWnfXqbrC9PDdYIGV3KCqINnTedfBSKdlw3AtRMzKdcjQX0uPthN2kESl5ZLdJaU
Qn5M7gfSkNLHDIVYEYdhSo1yzPqB6YtaV0wR0qNeQs8htOlfxK2G+RQ8ll+c6yzg
nIMYBwbyyadJFgGSn38q+R7NoX/JAoAoUV5zm+/k72nXibHxR+U0yPHQta0JbNuR
f79UAkwvzJXEnGgewLpD4w524vQaQ5J9cRYNRU9iLlAa8EE5zA5o64D3OwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNl7MwxD/BSKD+8BWb7MFiQGYajPMB8GA1UdIwQY
MBaAFPZW+hixGcOknLvMVqYEV0OaRJLOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWxiNkdMRVp3NlNjdTh4V3BnUlhRNXBFa3M0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9mMmQzYTItYjE0YS00MTFhLTg2Mjkt
YzkyMGYxNjQ2YzljLzEvOWxiNkdMRVp3NlNjdTh4V3BnUlhRNXBFa3M0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9mMmQzYTItYjE0YS00MTFhLTg2MjktYzkyMGYxNjQ2Yzlj
LzEvOWxiNkdMRVp3NlNjdTh4V3BnUlhRNXBFa3M0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmgAcJqLs
LpBFX1oyVv/69/mxN3v4Jgld6hRUzD0FHujHbOYL8RpB91I/dB1oVN4vhROJ4yrB
xCbQnkepto6kWd+VmvWpqUWndirYzxvMDU2X/e6eXzd/2veyWeBvkFxXY6Q+TADM
VTrwNn35qffNpJG6uUnOT/qOKFPom+laxdpOrXafkmbxQW2LXFYxZ4oymPS6k+Ny
CB9aolY5zVL+wcZHJPwSD64mHU0uMW2cMH5f5Udv7rnFu0Ss7T+065cymqM9xS8K
TEHhDNG50++jMCnWsfyKJeVc+J/5g1lI6gBh5Z9MQfwnVKuJ/cNgmTJXytvbmV1m
f0/Yz9GMMU/IXA==
-----END CERTIFICATE-----