Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft
File:                     3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft (raw, json)
Hash identifier:          yMtjBIX/kfmGVO58epeZnYVWGW0HH4WPjKZS8NvAOJk=
Subject key identifier:   35:51:C0:B7:67:F0:FA:C2:EC:39:18:69:8A:CE:5A:2C:CC:08:C4:88
Authority key identifier: DC:73:BE:38:7A:F5:52:97:0C:F6:2F:69:51:7E:3F:3C:9C:12:D2:F6
Certificate issuer:       /CN=dc73be387af552970cf62f69517e3f3c9c12d2f6
Certificate serial:       01975EA6297B8626FD2A62C24589976034AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3HO-OHr1UpcM9i9pUX4_PJwS0vY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft
Manifest number:          0E89
Signing time:             Wed 11 Jun 2025 11:00:37 +0000
Manifest this update:     Wed 11 Jun 2025 11:00:37 +0000
Manifest next update:     Thu 12 Jun 2025 11:00:37 +0000
Files and hashes:         1: 3HO-OHr1UpcM9i9pUX4_PJwS0vY.crl (hash: sRIB2aBKDenegnm7vBjB7G3pvLPOr8MeDOoPDfQSfCM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3HO-OHr1UpcM9i9pUX4_PJwS0vY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 11:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5e:a6:29:7b:86:26:fd:2a:62:c2:45:89:97:60:34:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc73be387af552970cf62f69517e3f3c9c12d2f6
        Validity
            Not Before: Jun 11 11:00:37 2025 GMT
            Not After : Jun 12 11:00:37 2025 GMT
        Subject: CN=3551c0b767f0fac2ec3918698ace5a2ccc08c488
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:23:5f:72:ad:ed:80:1b:e6:6a:13:cc:ca:21:
                    c6:3a:bd:a5:3e:f2:d1:69:37:33:65:a1:bf:89:d3:
                    46:79:a6:8c:b7:cb:86:d8:e1:30:04:a2:02:da:54:
                    32:44:ba:d9:96:a9:38:92:df:b9:78:da:d8:35:be:
                    ba:f1:6b:37:62:c5:c8:5f:af:4e:65:76:2a:2a:bb:
                    58:eb:11:82:ac:14:b0:7c:27:19:ce:b8:94:d4:75:
                    be:13:68:1a:07:ab:e9:1e:3a:bc:75:0e:58:63:cd:
                    b5:df:f2:16:82:24:08:75:ce:ff:a3:1b:a7:38:ec:
                    cc:fe:e6:5a:06:99:a7:56:bb:f0:26:19:3b:67:9a:
                    cf:2c:0e:f7:ac:97:13:ec:eb:9e:19:c9:fb:52:a1:
                    8d:0f:37:75:2e:8a:87:11:3e:f7:40:aa:15:0e:45:
                    b0:3e:45:13:ba:bd:28:5e:cd:3f:93:fe:51:23:08:
                    4b:68:96:34:b1:cc:d8:da:af:5a:16:af:c0:0f:9a:
                    29:20:41:45:ff:e0:ce:d3:68:1d:93:2e:62:22:09:
                    19:ee:c8:72:24:03:07:8c:6a:ab:ac:cf:c4:a0:54:
                    db:b6:18:6e:cd:30:05:32:28:74:d4:a7:c8:61:77:
                    1c:1e:b9:96:a5:76:fd:da:93:23:06:8e:11:04:74:
                    1f:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:51:C0:B7:67:F0:FA:C2:EC:39:18:69:8A:CE:5A:2C:CC:08:C4:88
            X509v3 Authority Key Identifier:
                keyid:DC:73:BE:38:7A:F5:52:97:0C:F6:2F:69:51:7E:3F:3C:9C:12:D2:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3HO-OHr1UpcM9i9pUX4_PJwS0vY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:bf:33:bc:68:d6:5c:ee:f0:b8:50:3c:22:5c:26:c9:50:20:
         da:95:c7:dc:49:11:ab:a5:e7:88:23:1c:ee:f8:7d:f1:5d:90:
         20:06:31:62:a9:b4:32:fa:98:8d:1c:9f:2d:b4:f4:20:a7:5c:
         9d:e6:02:a6:d7:c9:36:ce:6f:ef:4e:76:4c:8f:0e:2c:00:ba:
         42:1c:77:8c:9c:c6:b6:e4:8d:6e:da:1a:7d:ed:63:d9:04:5a:
         1a:dc:31:06:38:2e:3d:ec:57:66:ae:a5:bd:d8:1e:11:60:86:
         d5:64:b6:80:30:48:6d:28:98:08:b4:ab:ca:60:77:52:6b:2e:
         cd:7f:c0:b9:15:84:d4:28:34:ca:2a:eb:44:a5:fd:18:a8:c6:
         fd:46:b7:ee:e7:e8:63:f2:42:74:ce:6b:93:51:51:80:6f:fb:
         a3:26:90:65:f2:6c:79:f0:57:c2:e8:de:cb:1b:e8:50:fc:fb:
         82:cf:1e:53:f1:72:ab:16:61:d1:b2:e8:a5:51:30:30:a7:43:
         14:c8:3b:f4:8d:9e:3f:45:f0:df:75:bf:f0:cf:5c:89:7f:dc:
         ee:46:87:72:ce:ee:79:c7:b2:53:4d:cb:ed:1a:a9:52:98:5c:
         77:41:15:7c:c6:b5:5a:68:b9:77:f2:ba:eb:c6:5a:78:b6:a0:
         a8:40:5a:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdepil7hib9KmLCRYmXYDSrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNzNiZTM4N2FmNTUyOTcwY2Y2MmY2OTUxN2UzZjNjOWMx
MmQyZjYwHhcNMjUwNjExMTEwMDM3WhcNMjUwNjEyMTEwMDM3WjAzMTEwLwYDVQQD
EygzNTUxYzBiNzY3ZjBmYWMyZWMzOTE4Njk4YWNlNWEyY2NjMDhjNDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCNfcq3tgBvmahPMyiHGOr2lPvLR
aTczZaG/idNGeaaMt8uG2OEwBKIC2lQyRLrZlqk4kt+5eNrYNb668Ws3YsXIX69O
ZXYqKrtY6xGCrBSwfCcZzriU1HW+E2gaB6vpHjq8dQ5YY8213/IWgiQIdc7/oxun
OOzM/uZaBpmnVrvwJhk7Z5rPLA73rJcT7OueGcn7UqGNDzd1LoqHET73QKoVDkWw
PkUTur0oXs0/k/5RIwhLaJY0sczY2q9aFq/AD5opIEFF/+DO02gdky5iIgkZ7shy
JAMHjGqrrM/EoFTbthhuzTAFMih01KfIYXccHrmWpXb92pMjBo4RBHQf/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDVRwLdn8PrC7DkYaYrOWizMCMSIMB8GA1UdIwQY
MBaAFNxzvjh69VKXDPYvaVF+PzycEtL2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0hPLU9IcjFVcGNNOWk5cFVYNF9QSndTMHZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC81YmJkMzItYTU0MC00NzA4LTk5MjUt
YzcxZjE3YWZjNzQ5LzEvM0hPLU9IcjFVcGNNOWk5cFVYNF9QSndTMHZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC81YmJkMzItYTU0MC00NzA4LTk5MjUtYzcxZjE3YWZjNzQ5
LzEvM0hPLU9IcjFVcGNNOWk5cFVYNF9QSndTMHZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOr8zvGjW
XO7wuFA8IlwmyVAg2pXH3EkRq6XniCMc7vh98V2QIAYxYqm0MvqYjRyfLbT0IKdc
neYCptfJNs5v7052TI8OLAC6Qhx3jJzGtuSNbtoafe1j2QRaGtwxBjguPexXZq6l
vdgeEWCG1WS2gDBIbSiYCLSrymB3UmsuzX/AuRWE1Cg0yirrRKX9GKjG/Ua37ufo
Y/JCdM5rk1FRgG/7oyaQZfJsefBXwujeyxvoUPz7gs8eU/FyqxZh0bLopVEwMKdD
FMg79I2eP0Xw33W/8M9ciX/c7kaHcs7ueceyU03L7RqpUphcd0EVfMa1Wmi5d/K6
68ZaeLagqEBaAw==
-----END CERTIFICATE-----
Generated at Wed Jun 11 20:47:22 2025 by rpki-client