Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/fbbe41-15b7-4f6e-9e07-8bcce303b919/1/DZHf1FaDQonB_QOg_vG1Kl79HZE.mft
File:                     DZHf1FaDQonB_QOg_vG1Kl79HZE.mft (raw, json)
Hash identifier:          rWSrp5oUF8lcGjy0WboiJiy2UrXapsinHG4RHEzqHRg=
Subject key identifier:   75:44:10:00:6F:86:90:BF:B8:63:53:C0:3B:FD:5A:9D:27:3E:85:97
Authority key identifier: 0D:91:DF:D4:56:83:42:89:C1:FD:03:A0:FE:F1:B5:2A:5E:FD:1D:91
Certificate issuer:       /CN=0d91dfd456834289c1fd03a0fef1b52a5efd1d91
Certificate serial:       01975121A2303E7B6316F505531CD5823772
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DZHf1FaDQonB_QOg_vG1Kl79HZE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ec/fbbe41-15b7-4f6e-9e07-8bcce303b919/1/DZHf1FaDQonB_QOg_vG1Kl79HZE.mft
Manifest number:          0DE8
Signing time:             Sun 08 Jun 2025 20:00:48 +0000
Manifest this update:     Sun 08 Jun 2025 20:00:48 +0000
Manifest next update:     Mon 09 Jun 2025 20:00:48 +0000
Files and hashes:         1: DZHf1FaDQonB_QOg_vG1Kl79HZE.crl (hash: gRkLA33YuSYk2oOdAkYaNoU13PUcI0S4SsA8HNtMzu0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ec/fbbe41-15b7-4f6e-9e07-8bcce303b919/1/DZHf1FaDQonB_QOg_vG1Kl79HZE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ec/fbbe41-15b7-4f6e-9e07-8bcce303b919/1/DZHf1FaDQonB_QOg_vG1Kl79HZE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DZHf1FaDQonB_QOg_vG1Kl79HZE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 17:19:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:51:21:a2:30:3e:7b:63:16:f5:05:53:1c:d5:82:37:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d91dfd456834289c1fd03a0fef1b52a5efd1d91
        Validity
            Not Before: Jun  8 20:00:48 2025 GMT
            Not After : Jun  9 20:00:48 2025 GMT
        Subject: CN=754410006f8690bfb86353c03bfd5a9d273e8597
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:02:c7:ae:27:ec:cd:8a:4d:e0:fe:97:fb:95:
                    75:0e:a6:e0:6f:b7:48:a7:68:e3:08:5e:0b:b8:39:
                    93:57:0b:ae:b5:55:f8:fa:46:8f:3e:6e:d1:e0:0a:
                    13:4c:31:9b:44:0f:e7:64:7e:c2:12:97:c9:52:74:
                    5f:2a:15:20:50:d5:f9:b6:9d:ca:f3:2b:6a:3d:19:
                    ae:17:97:81:d1:f9:e1:8b:f4:98:99:f8:a7:c1:ab:
                    f4:e1:6c:68:2a:96:80:0e:9c:8d:8a:85:b9:80:97:
                    12:d3:e1:6b:f0:95:d0:96:29:1f:b5:e2:6c:16:5a:
                    61:d1:e5:0e:f4:e9:96:90:ec:be:cb:54:11:f2:47:
                    0f:e5:5e:83:6d:f7:96:ad:28:a1:2f:69:cd:22:5d:
                    43:9e:88:81:27:6e:83:b6:8a:38:27:0b:ed:fa:cd:
                    86:c0:16:60:8d:d5:85:c4:b8:e6:eb:06:e8:35:29:
                    3c:bf:6f:c7:19:73:11:08:1b:60:13:ad:4b:10:e4:
                    29:ce:af:29:e8:bc:7f:ce:0e:05:7f:c7:fb:d2:bf:
                    29:b8:3d:4e:9f:09:02:ee:99:fa:bf:03:f1:3e:15:
                    39:a7:f0:52:85:c0:3e:93:9b:37:e1:de:ae:0d:fa:
                    05:09:59:4c:61:b7:2f:7c:52:93:4d:49:fb:ed:83:
                    7f:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:44:10:00:6F:86:90:BF:B8:63:53:C0:3B:FD:5A:9D:27:3E:85:97
            X509v3 Authority Key Identifier:
                keyid:0D:91:DF:D4:56:83:42:89:C1:FD:03:A0:FE:F1:B5:2A:5E:FD:1D:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DZHf1FaDQonB_QOg_vG1Kl79HZE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/fbbe41-15b7-4f6e-9e07-8bcce303b919/1/DZHf1FaDQonB_QOg_vG1Kl79HZE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/fbbe41-15b7-4f6e-9e07-8bcce303b919/1/DZHf1FaDQonB_QOg_vG1Kl79HZE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:fd:ed:46:07:e0:4e:01:7f:d9:18:e3:78:1c:f6:2b:f3:fc:
         a7:98:be:a0:4a:60:d0:0f:40:8e:7d:c7:a1:fe:13:fb:6d:96:
         f4:1e:54:49:9a:0a:ca:9b:69:68:05:07:f6:04:df:d5:ef:c9:
         6e:16:fd:f2:f9:72:02:4e:37:c3:ba:71:25:a1:79:b6:5c:df:
         48:05:63:bd:36:4f:c8:6c:bd:60:92:a9:61:0a:c9:8a:d6:c7:
         d7:bd:de:d9:59:5b:c8:69:d8:32:55:aa:a6:67:01:27:e7:df:
         c4:ff:49:96:4d:fc:b9:45:24:4a:0e:3d:f5:ba:a7:f8:e0:eb:
         c7:99:0c:ab:a9:01:a4:64:bb:fa:73:96:c6:08:59:39:c9:62:
         62:29:08:d7:81:53:25:fe:56:bd:dc:74:1d:fb:26:04:ce:55:
         b4:54:72:76:86:bf:28:00:47:54:5a:fc:72:0b:86:f5:d0:dd:
         75:26:28:51:62:91:c1:8b:79:df:d2:39:c8:a6:e1:64:6e:9f:
         b5:14:b3:bc:dc:26:82:cb:30:f4:54:0e:58:13:e3:4d:be:de:
         ca:54:3c:1d:15:1c:8b:6c:d6:a0:df:85:9d:60:c3:0c:84:53:
         aa:e2:43:2b:00:ac:b8:ce:b2:8a:75:ac:d0:1b:7d:68:5e:7d:
         4a:a7:47:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdRIaIwPntjFvUFUxzVgjdyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkOTFkZmQ0NTY4MzQyODljMWZkMDNhMGZlZjFiNTJhNWVm
ZDFkOTEwHhcNMjUwNjA4MjAwMDQ4WhcNMjUwNjA5MjAwMDQ4WjAzMTEwLwYDVQQD
Eyg3NTQ0MTAwMDZmODY5MGJmYjg2MzUzYzAzYmZkNWE5ZDI3M2U4NTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgLHrifszYpN4P6X+5V1Dqbgb7dI
p2jjCF4LuDmTVwuutVX4+kaPPm7R4AoTTDGbRA/nZH7CEpfJUnRfKhUgUNX5tp3K
8ytqPRmuF5eB0fnhi/SYmfinwav04WxoKpaADpyNioW5gJcS0+Fr8JXQlikfteJs
Flph0eUO9OmWkOy+y1QR8kcP5V6DbfeWrSihL2nNIl1DnoiBJ26Dtoo4Jwvt+s2G
wBZgjdWFxLjm6wboNSk8v2/HGXMRCBtgE61LEOQpzq8p6Lx/zg4Ff8f70r8puD1O
nwkC7pn6vwPxPhU5p/BShcA+k5s34d6uDfoFCVlMYbcvfFKTTUn77YN/3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHVEEABvhpC/uGNTwDv9Wp0nPoWXMB8GA1UdIwQY
MBaAFA2R39RWg0KJwf0DoP7xtSpe/R2RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFpIZjFGYURRb25CX1FPZ192RzFLbDc5SFpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9mYmJlNDEtMTViNy00ZjZlLTllMDct
OGJjY2UzMDNiOTE5LzEvRFpIZjFGYURRb25CX1FPZ192RzFLbDc5SFpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy9mYmJlNDEtMTViNy00ZjZlLTllMDctOGJjY2UzMDNiOTE5
LzEvRFpIZjFGYURRb25CX1FPZ192RzFLbDc5SFpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPP3tRgfg
TgF/2RjjeBz2K/P8p5i+oEpg0A9Ajn3Hof4T+22W9B5USZoKyptpaAUH9gTf1e/J
bhb98vlyAk43w7pxJaF5tlzfSAVjvTZPyGy9YJKpYQrJitbH173e2VlbyGnYMlWq
pmcBJ+ffxP9Jlk38uUUkSg499bqn+ODrx5kMq6kBpGS7+nOWxghZOcliYikI14FT
Jf5Wvdx0HfsmBM5VtFRydoa/KABHVFr8cguG9dDddSYoUWKRwYt539I5yKbhZG6f
tRSzvNwmgssw9FQOWBPjTb7eylQ8HRUci2zWoN+FnWDDDIRTquJDKwCsuM6yinWs
0Bt9aF59SqdHNw==
-----END CERTIFICATE-----