Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/21de67-4975-47a8-846c-808feaaf987d/1/veOk-yaB2yi1w_Xx1GotNZlg-qQ.mft
File:                     veOk-yaB2yi1w_Xx1GotNZlg-qQ.mft (raw, json)
Hash identifier:          x5z5vVYhjpyWCW9Zm0WSaKxFxcD7Z745WkzrFUzrBOk=
Subject key identifier:   BE:9D:FC:72:72:BF:2F:50:01:B4:B8:D7:38:C8:4F:87:88:66:53:5B
Authority key identifier: BD:E3:A4:FB:26:81:DB:28:B5:C3:F5:F1:D4:6A:2D:35:99:60:FA:A4
Certificate issuer:       /CN=bde3a4fb2681db28b5c3f5f1d46a2d359960faa4
Certificate serial:       019765F1A7546684A4C7904727BE955FBB5D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/veOk-yaB2yi1w_Xx1GotNZlg-qQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/21de67-4975-47a8-846c-808feaaf987d/1/veOk-yaB2yi1w_Xx1GotNZlg-qQ.mft
Manifest number:          11DC
Signing time:             Thu 12 Jun 2025 21:00:25 +0000
Manifest this update:     Thu 12 Jun 2025 21:00:25 +0000
Manifest next update:     Fri 13 Jun 2025 21:00:25 +0000
Files and hashes:         1: veOk-yaB2yi1w_Xx1GotNZlg-qQ.crl (hash: e7oegyHOQb7r240446oTBmyJ85erLZYwUb77K6/AUBA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/21de67-4975-47a8-846c-808feaaf987d/1/veOk-yaB2yi1w_Xx1GotNZlg-qQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/21de67-4975-47a8-846c-808feaaf987d/1/veOk-yaB2yi1w_Xx1GotNZlg-qQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/veOk-yaB2yi1w_Xx1GotNZlg-qQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 21:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:65:f1:a7:54:66:84:a4:c7:90:47:27:be:95:5f:bb:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bde3a4fb2681db28b5c3f5f1d46a2d359960faa4
        Validity
            Not Before: Jun 12 21:00:25 2025 GMT
            Not After : Jun 13 21:00:25 2025 GMT
        Subject: CN=be9dfc7272bf2f5001b4b8d738c84f878866535b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:58:f1:3c:48:57:4a:ca:df:ce:a9:f7:73:66:
                    93:e4:91:32:c1:6e:81:2f:5a:c9:f6:dc:4a:c0:e1:
                    03:e0:56:e4:8b:06:7c:72:08:a8:53:8f:b7:2d:5a:
                    11:5f:19:f9:b0:ea:57:83:41:38:78:37:15:7a:4a:
                    37:21:47:88:3b:a7:7f:c8:f8:18:73:31:05:4a:5e:
                    4c:fb:ef:f1:24:78:ce:67:ac:fa:7c:30:0f:2f:31:
                    16:bc:3a:eb:7e:9a:be:a8:cc:ed:31:94:16:91:73:
                    d6:38:b8:82:9a:02:81:dc:ea:47:e2:5d:72:4e:72:
                    8c:30:7a:2c:19:42:cd:50:bd:33:5f:37:fa:11:64:
                    dc:9b:e6:a0:ec:8a:f4:e8:85:6d:e5:3a:9e:12:9b:
                    94:bb:99:f0:42:ad:b3:1a:77:ec:ee:60:e4:68:b9:
                    51:67:9c:9c:77:9f:bc:19:1a:cc:b6:48:9d:b0:ac:
                    de:39:d7:23:91:36:3a:84:41:f7:72:69:de:b5:14:
                    e9:60:d4:86:e5:ef:c2:88:8e:2d:be:50:b8:68:f8:
                    da:8f:3e:9f:f7:f6:b6:ea:f8:71:39:89:9a:a9:ec:
                    88:c9:1c:80:03:53:40:f7:f6:72:6e:ed:d0:14:5b:
                    7b:72:2e:ba:f6:31:19:a6:ea:9d:c4:52:8d:66:fe:
                    3c:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:9D:FC:72:72:BF:2F:50:01:B4:B8:D7:38:C8:4F:87:88:66:53:5B
            X509v3 Authority Key Identifier:
                keyid:BD:E3:A4:FB:26:81:DB:28:B5:C3:F5:F1:D4:6A:2D:35:99:60:FA:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/veOk-yaB2yi1w_Xx1GotNZlg-qQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/21de67-4975-47a8-846c-808feaaf987d/1/veOk-yaB2yi1w_Xx1GotNZlg-qQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/21de67-4975-47a8-846c-808feaaf987d/1/veOk-yaB2yi1w_Xx1GotNZlg-qQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         be:8c:4b:31:c7:7f:db:4d:9e:f9:7f:41:6e:09:eb:a7:8d:35:
         b7:0a:cf:6d:3d:77:00:51:d3:de:e1:ae:c2:3c:3e:73:77:ba:
         65:e4:96:eb:da:78:73:76:c0:00:3a:46:a0:11:b5:b2:39:48:
         8a:91:21:8c:e8:67:19:b8:29:05:00:e9:c7:92:0e:81:52:0b:
         08:f4:a7:ec:6e:2b:a1:16:c3:59:19:b0:0f:e0:98:66:17:91:
         06:17:8b:47:ea:06:3f:a4:c7:a5:63:e1:af:76:68:7a:2f:31:
         34:df:ff:75:c8:82:57:77:d3:9c:4a:35:cc:85:c2:bd:3d:ec:
         2b:b5:a0:42:4e:0d:40:e1:d0:71:0a:c0:5d:52:22:26:d2:9f:
         2b:84:24:36:76:42:97:4b:ab:d0:99:35:8f:f6:d9:96:57:fc:
         fe:b2:b0:2f:1a:d9:76:ef:2e:e4:3d:b0:fc:5e:0d:21:91:ae:
         7e:86:8c:91:d9:28:bd:32:69:d9:18:d4:0a:ef:4c:0f:d6:34:
         c1:d7:ec:ac:cb:90:6e:dd:74:0e:94:8f:66:dd:1b:93:c1:65:
         b8:cb:d7:55:4e:41:6e:dd:49:41:3c:84:64:9e:80:3e:2e:1c:
         61:f5:93:c5:58:e3:b0:62:ff:54:a3:82:b5:55:04:3c:c5:ce:
         67:99:0a:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdl8adUZoSkx5BHJ76VX7tdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZTNhNGZiMjY4MWRiMjhiNWMzZjVmMWQ0NmEyZDM1OTk2
MGZhYTQwHhcNMjUwNjEyMjEwMDI1WhcNMjUwNjEzMjEwMDI1WjAzMTEwLwYDVQQD
EyhiZTlkZmM3MjcyYmYyZjUwMDFiNGI4ZDczOGM4NGY4Nzg4NjY1MzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2VjxPEhXSsrfzqn3c2aT5JEywW6B
L1rJ9txKwOED4FbkiwZ8cgioU4+3LVoRXxn5sOpXg0E4eDcVeko3IUeIO6d/yPgY
czEFSl5M++/xJHjOZ6z6fDAPLzEWvDrrfpq+qMztMZQWkXPWOLiCmgKB3OpH4l1y
TnKMMHosGULNUL0zXzf6EWTcm+ag7Ir06IVt5TqeEpuUu5nwQq2zGnfs7mDkaLlR
Z5ycd5+8GRrMtkidsKzeOdcjkTY6hEH3cmnetRTpYNSG5e/CiI4tvlC4aPjajz6f
9/a26vhxOYmaqeyIyRyAA1NA9/Zybu3QFFt7ci669jEZpuqdxFKNZv48hwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL6d/HJyvy9QAbS41zjIT4eIZlNbMB8GA1UdIwQY
MBaAFL3jpPsmgdsotcP18dRqLTWZYPqkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmVPay15YUIyeWkxd19YeDFHb3ROWmxnLXFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi8yMWRlNjctNDk3NS00N2E4LTg0NmMt
ODA4ZmVhYWY5ODdkLzEvdmVPay15YUIyeWkxd19YeDFHb3ROWmxnLXFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi8yMWRlNjctNDk3NS00N2E4LTg0NmMtODA4ZmVhYWY5ODdk
LzEvdmVPay15YUIyeWkxd19YeDFHb3ROWmxnLXFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvoxLMcd/
202e+X9Bbgnrp401twrPbT13AFHT3uGuwjw+c3e6ZeSW69p4c3bAADpGoBG1sjlI
ipEhjOhnGbgpBQDpx5IOgVILCPSn7G4roRbDWRmwD+CYZheRBheLR+oGP6THpWPh
r3Zoei8xNN//dciCV3fTnEo1zIXCvT3sK7WgQk4NQOHQcQrAXVIiJtKfK4QkNnZC
l0ur0Jk1j/bZllf8/rKwLxrZdu8u5D2w/F4NIZGufoaMkdkovTJp2RjUCu9MD9Y0
wdfsrMuQbt10DpSPZt0bk8FluMvXVU5Bbt1JQTyEZJ6APi4cYfWTxVjjsGL/VKOC
tVUEPMXOZ5kKTw==
-----END CERTIFICATE-----
Generated at Fri Jun 13 06:55:29 2025 by rpki-client