Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/21de67-4975-47a8-846c-808feaaf987d/1/veOk-yaB2yi1w_Xx1GotNZlg-qQ.mft
File:                     veOk-yaB2yi1w_Xx1GotNZlg-qQ.mft (raw, json)
Hash identifier:          K2PTirlIUhIe8aYq/v0tVvCzz3aSnJWJe30tnFklu0I=
Subject key identifier:   E2:3A:DA:60:3C:33:B6:71:FD:45:76:8C:F7:A9:D3:65:72:52:28:B4
Authority key identifier: BD:E3:A4:FB:26:81:DB:28:B5:C3:F5:F1:D4:6A:2D:35:99:60:FA:A4
Certificate issuer:       /CN=bde3a4fb2681db28b5c3f5f1d46a2d359960faa4
Certificate serial:       01975C49A2C2AE195468E00D4225CC538F5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/veOk-yaB2yi1w_Xx1GotNZlg-qQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/21de67-4975-47a8-846c-808feaaf987d/1/veOk-yaB2yi1w_Xx1GotNZlg-qQ.mft
Manifest number:          11D7
Signing time:             Wed 11 Jun 2025 00:00:19 +0000
Manifest this update:     Wed 11 Jun 2025 00:00:19 +0000
Manifest next update:     Thu 12 Jun 2025 00:00:19 +0000
Files and hashes:         1: veOk-yaB2yi1w_Xx1GotNZlg-qQ.crl (hash: ZO/9kmbWrowIM+sgn6Tn4fgJMLlNeCVSW19k/uQp4jE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/21de67-4975-47a8-846c-808feaaf987d/1/veOk-yaB2yi1w_Xx1GotNZlg-qQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/21de67-4975-47a8-846c-808feaaf987d/1/veOk-yaB2yi1w_Xx1GotNZlg-qQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/veOk-yaB2yi1w_Xx1GotNZlg-qQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 23:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5c:49:a2:c2:ae:19:54:68:e0:0d:42:25:cc:53:8f:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bde3a4fb2681db28b5c3f5f1d46a2d359960faa4
        Validity
            Not Before: Jun 11 00:00:19 2025 GMT
            Not After : Jun 12 00:00:19 2025 GMT
        Subject: CN=e23ada603c33b671fd45768cf7a9d365725228b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:5a:37:8a:9c:94:2b:61:8d:25:22:d2:3e:d6:
                    b1:f5:75:a9:11:41:e4:1b:43:e0:22:82:b1:39:b7:
                    04:9d:f4:18:ee:a7:36:5f:35:0b:1c:bd:e8:0a:d0:
                    71:51:a0:8c:97:50:ae:ab:bf:71:10:18:ea:7a:84:
                    06:df:38:f7:4c:78:9c:4b:a5:14:a5:14:dd:9d:81:
                    c9:de:96:87:13:19:a2:f2:ca:22:ef:3f:6e:de:32:
                    26:e0:a1:ce:b6:24:02:76:c7:70:53:b9:1d:8f:4d:
                    98:79:d5:1c:45:61:34:79:0f:ee:62:f4:22:0b:d5:
                    ff:3e:65:71:90:f1:4c:54:44:81:6c:d2:60:2e:ec:
                    42:27:ae:03:88:87:b8:30:01:54:c4:31:bb:6a:59:
                    e1:a2:4f:f9:26:02:9e:7f:39:74:22:20:b9:e4:cc:
                    cb:25:fc:8b:b5:67:ad:4f:e6:35:39:63:fe:2c:ee:
                    d7:11:2a:b1:71:0e:0f:fc:62:4c:e9:81:96:c3:5e:
                    92:da:6f:9e:1a:b7:7c:9e:60:b3:64:9b:39:eb:23:
                    af:06:64:b7:68:9e:bb:49:d3:38:77:01:7a:3c:de:
                    05:27:ab:e3:f3:58:23:9e:8d:92:c4:20:cf:04:f6:
                    a2:25:93:4c:3d:0e:29:54:39:62:6b:84:fe:b4:61:
                    c5:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:3A:DA:60:3C:33:B6:71:FD:45:76:8C:F7:A9:D3:65:72:52:28:B4
            X509v3 Authority Key Identifier:
                keyid:BD:E3:A4:FB:26:81:DB:28:B5:C3:F5:F1:D4:6A:2D:35:99:60:FA:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/veOk-yaB2yi1w_Xx1GotNZlg-qQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/21de67-4975-47a8-846c-808feaaf987d/1/veOk-yaB2yi1w_Xx1GotNZlg-qQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/21de67-4975-47a8-846c-808feaaf987d/1/veOk-yaB2yi1w_Xx1GotNZlg-qQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:85:c0:e8:ff:57:fb:b6:cd:d2:c6:e1:c6:e5:8c:24:de:07:
         e5:c6:e4:4d:2c:b6:1b:9d:df:b3:7f:43:02:d3:92:44:0d:86:
         af:05:61:21:32:ca:36:2e:77:b9:c8:fd:64:32:0b:0a:52:d5:
         74:c2:32:d3:0c:86:71:d4:b3:5e:e7:17:50:68:8c:6f:fa:bb:
         cd:55:c7:f2:f9:b8:f8:31:6e:67:25:db:48:02:61:32:b6:03:
         fd:34:41:21:ee:93:51:51:4b:c4:07:4c:87:20:82:ad:c5:d9:
         e3:c0:1c:75:c7:74:99:a5:44:18:03:33:88:da:a9:a7:6e:f0:
         71:d5:ad:19:75:75:d9:bc:a6:0b:fe:6a:b3:d0:0c:ce:27:f4:
         64:b1:d8:59:fa:8b:45:4c:66:1f:cc:88:12:a3:7c:5a:ea:56:
         3f:8b:c5:40:71:e5:68:1e:03:0f:12:93:0d:75:49:6c:6a:6e:
         c0:1d:86:4a:f0:f7:be:37:4c:39:bb:00:20:6c:37:4e:9d:29:
         25:84:b6:d9:86:fd:6f:a4:70:20:a4:aa:21:29:9c:f5:e9:03:
         f6:24:8f:3a:54:20:9a:ab:97:83:d4:3e:25:b2:36:e0:56:2c:
         6d:89:d1:bf:d0:62:e1:14:d5:84:3d:33:28:66:ea:60:77:a3:
         63:b0:ec:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdcSaLCrhlUaOANQiXMU49bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZTNhNGZiMjY4MWRiMjhiNWMzZjVmMWQ0NmEyZDM1OTk2
MGZhYTQwHhcNMjUwNjExMDAwMDE5WhcNMjUwNjEyMDAwMDE5WjAzMTEwLwYDVQQD
EyhlMjNhZGE2MDNjMzNiNjcxZmQ0NTc2OGNmN2E5ZDM2NTcyNTIyOGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVo3ipyUK2GNJSLSPtax9XWpEUHk
G0PgIoKxObcEnfQY7qc2XzULHL3oCtBxUaCMl1Cuq79xEBjqeoQG3zj3THicS6UU
pRTdnYHJ3paHExmi8soi7z9u3jIm4KHOtiQCdsdwU7kdj02YedUcRWE0eQ/uYvQi
C9X/PmVxkPFMVESBbNJgLuxCJ64DiIe4MAFUxDG7alnhok/5JgKefzl0IiC55MzL
JfyLtWetT+Y1OWP+LO7XESqxcQ4P/GJM6YGWw16S2m+eGrd8nmCzZJs56yOvBmS3
aJ67SdM4dwF6PN4FJ6vj81gjno2SxCDPBPaiJZNMPQ4pVDlia4T+tGHF3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOI62mA8M7Zx/UV2jPep02VyUii0MB8GA1UdIwQY
MBaAFL3jpPsmgdsotcP18dRqLTWZYPqkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmVPay15YUIyeWkxd19YeDFHb3ROWmxnLXFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi8yMWRlNjctNDk3NS00N2E4LTg0NmMt
ODA4ZmVhYWY5ODdkLzEvdmVPay15YUIyeWkxd19YeDFHb3ROWmxnLXFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi8yMWRlNjctNDk3NS00N2E4LTg0NmMtODA4ZmVhYWY5ODdk
LzEvdmVPay15YUIyeWkxd19YeDFHb3ROWmxnLXFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVoXA6P9X
+7bN0sbhxuWMJN4H5cbkTSy2G53fs39DAtOSRA2GrwVhITLKNi53ucj9ZDILClLV
dMIy0wyGcdSzXucXUGiMb/q7zVXH8vm4+DFuZyXbSAJhMrYD/TRBIe6TUVFLxAdM
hyCCrcXZ48Acdcd0maVEGAMziNqpp27wcdWtGXV12bymC/5qs9AMzif0ZLHYWfqL
RUxmH8yIEqN8WupWP4vFQHHlaB4DDxKTDXVJbGpuwB2GSvD3vjdMObsAIGw3Tp0p
JYS22Yb9b6RwIKSqISmc9ekD9iSPOlQgmquXg9Q+JbI24FYsbYnRv9Bi4RTVhD0z
KGbqYHejY7DswQ==
-----END CERTIFICATE-----
Generated at Wed Jun 11 09:49:09 2025 by rpki-client