Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/21de67-4975-47a8-846c-808feaaf987d/1/veOk-yaB2yi1w_Xx1GotNZlg-qQ.mft
File:                     veOk-yaB2yi1w_Xx1GotNZlg-qQ.mft (raw, json)
Hash identifier:          FvEjHQ5zDNJNLJrDlk82uxUPW621XZZE31zBDlJ5fTY=
Subject key identifier:   BA:B4:4D:CA:E2:1A:01:16:2F:09:CE:E3:03:17:78:5E:91:50:40:5F
Authority key identifier: BD:E3:A4:FB:26:81:DB:28:B5:C3:F5:F1:D4:6A:2D:35:99:60:FA:A4
Certificate issuer:       /CN=bde3a4fb2681db28b5c3f5f1d46a2d359960faa4
Certificate serial:       01975E38130E020F5118DC6E3C4C47C78AFF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/veOk-yaB2yi1w_Xx1GotNZlg-qQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/21de67-4975-47a8-846c-808feaaf987d/1/veOk-yaB2yi1w_Xx1GotNZlg-qQ.mft
Manifest number:          11D8
Signing time:             Wed 11 Jun 2025 09:00:22 +0000
Manifest this update:     Wed 11 Jun 2025 09:00:22 +0000
Manifest next update:     Thu 12 Jun 2025 09:00:22 +0000
Files and hashes:         1: veOk-yaB2yi1w_Xx1GotNZlg-qQ.crl (hash: xj6FydM/vgWtVS1oAPvYsAVUXuiY4Ejy4pjNMtj5C5k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/21de67-4975-47a8-846c-808feaaf987d/1/veOk-yaB2yi1w_Xx1GotNZlg-qQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/21de67-4975-47a8-846c-808feaaf987d/1/veOk-yaB2yi1w_Xx1GotNZlg-qQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/veOk-yaB2yi1w_Xx1GotNZlg-qQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 08:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5e:38:13:0e:02:0f:51:18:dc:6e:3c:4c:47:c7:8a:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bde3a4fb2681db28b5c3f5f1d46a2d359960faa4
        Validity
            Not Before: Jun 11 09:00:22 2025 GMT
            Not After : Jun 12 09:00:22 2025 GMT
        Subject: CN=bab44dcae21a01162f09cee30317785e9150405f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:2e:5f:a1:ab:c9:99:59:f7:47:18:c4:c9:66:
                    11:17:b1:84:e0:42:e6:c3:d2:93:b4:48:ba:c4:67:
                    5c:0d:69:99:28:9c:8a:fe:1e:02:0e:78:f5:c9:db:
                    a1:ba:94:52:16:be:a1:2e:82:cf:ba:bb:ed:9f:65:
                    2e:3c:32:9f:6a:6e:67:bc:e4:78:f7:b2:3f:16:e2:
                    e1:85:09:41:a7:66:0e:38:c1:1e:9e:09:2f:48:ed:
                    24:0b:10:64:aa:0a:1e:13:c9:82:d9:6e:42:00:a2:
                    26:0d:88:2c:a1:6c:3a:ae:03:b7:79:af:17:38:fd:
                    6a:87:e5:56:16:55:13:5a:28:9a:88:74:97:a2:d0:
                    d0:2f:c4:d9:10:58:26:36:fe:6e:c4:e7:41:06:76:
                    7d:eb:5f:22:9d:bd:24:77:d1:04:80:33:18:c4:79:
                    79:b3:96:a3:52:ee:5b:75:3c:dc:00:1d:6a:78:27:
                    5a:8b:79:7f:a3:f8:de:b8:2c:ef:9b:59:0e:da:4a:
                    89:d2:6d:95:a7:bf:ae:da:99:4e:08:7b:e9:6f:bd:
                    d1:4a:2c:13:70:74:12:43:52:d1:55:16:11:48:87:
                    9b:c2:14:b5:c1:c6:fd:e2:2a:36:f3:6f:93:cb:3b:
                    8d:7a:aa:53:af:4e:4e:e8:0a:eb:42:89:95:f1:5c:
                    96:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:B4:4D:CA:E2:1A:01:16:2F:09:CE:E3:03:17:78:5E:91:50:40:5F
            X509v3 Authority Key Identifier:
                keyid:BD:E3:A4:FB:26:81:DB:28:B5:C3:F5:F1:D4:6A:2D:35:99:60:FA:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/veOk-yaB2yi1w_Xx1GotNZlg-qQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/21de67-4975-47a8-846c-808feaaf987d/1/veOk-yaB2yi1w_Xx1GotNZlg-qQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/21de67-4975-47a8-846c-808feaaf987d/1/veOk-yaB2yi1w_Xx1GotNZlg-qQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         be:66:02:b7:ce:7a:7c:5f:ce:ee:10:ac:0c:6d:95:2a:22:c9:
         7c:33:4e:18:ea:f4:c1:e3:01:2c:f0:c8:08:ac:89:dc:ad:5a:
         76:2a:df:83:33:96:72:94:cf:9f:0f:64:52:79:2f:3d:25:c9:
         63:7c:fd:ab:4d:d3:0e:fe:50:ac:1f:4f:82:4e:cb:63:ab:f5:
         9d:b3:f5:8e:c9:81:9c:76:79:61:e9:88:5f:09:84:21:51:b6:
         3b:db:09:d1:83:a9:18:b7:6f:4f:2b:ff:c2:04:2e:6f:2f:d1:
         5e:bf:14:11:08:f4:5d:a1:25:65:5d:d8:91:42:6f:18:91:16:
         ad:18:43:5c:eb:4c:c1:f9:77:34:0b:bc:bb:80:00:b0:61:7d:
         36:df:29:e0:9f:3e:e6:64:0d:45:2e:85:fc:64:4d:b4:96:d8:
         e5:6f:3f:08:1f:84:ae:13:d9:9f:aa:a5:e6:c5:1a:fa:15:4f:
         68:21:c5:fa:5a:cc:7d:69:bf:3b:09:8c:ed:b7:a1:5e:77:b1:
         82:8d:11:66:46:1f:fc:1c:81:2c:73:df:ff:0d:5c:25:9a:09:
         12:df:93:c9:c9:b0:65:4c:37:18:de:b1:05:c8:71:d7:19:bc:
         1c:cf:e7:c3:9f:08:17:78:96:bb:91:69:19:17:32:e8:a1:12:
         7d:01:cb:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdeOBMOAg9RGNxuPExHx4r/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZTNhNGZiMjY4MWRiMjhiNWMzZjVmMWQ0NmEyZDM1OTk2
MGZhYTQwHhcNMjUwNjExMDkwMDIyWhcNMjUwNjEyMDkwMDIyWjAzMTEwLwYDVQQD
EyhiYWI0NGRjYWUyMWEwMTE2MmYwOWNlZTMwMzE3Nzg1ZTkxNTA0MDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4S5foavJmVn3RxjEyWYRF7GE4ELm
w9KTtEi6xGdcDWmZKJyK/h4CDnj1yduhupRSFr6hLoLPurvtn2UuPDKfam5nvOR4
97I/FuLhhQlBp2YOOMEengkvSO0kCxBkqgoeE8mC2W5CAKImDYgsoWw6rgO3ea8X
OP1qh+VWFlUTWiiaiHSXotDQL8TZEFgmNv5uxOdBBnZ9618inb0kd9EEgDMYxHl5
s5ajUu5bdTzcAB1qeCdai3l/o/jeuCzvm1kO2kqJ0m2Vp7+u2plOCHvpb73RSiwT
cHQSQ1LRVRYRSIebwhS1wcb94io282+TyzuNeqpTr05O6ArrQomV8VyWVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLq0TcriGgEWLwnO4wMXeF6RUEBfMB8GA1UdIwQY
MBaAFL3jpPsmgdsotcP18dRqLTWZYPqkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmVPay15YUIyeWkxd19YeDFHb3ROWmxnLXFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi8yMWRlNjctNDk3NS00N2E4LTg0NmMt
ODA4ZmVhYWY5ODdkLzEvdmVPay15YUIyeWkxd19YeDFHb3ROWmxnLXFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi8yMWRlNjctNDk3NS00N2E4LTg0NmMtODA4ZmVhYWY5ODdk
LzEvdmVPay15YUIyeWkxd19YeDFHb3ROWmxnLXFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvmYCt856
fF/O7hCsDG2VKiLJfDNOGOr0weMBLPDICKyJ3K1adirfgzOWcpTPnw9kUnkvPSXJ
Y3z9q03TDv5QrB9Pgk7LY6v1nbP1jsmBnHZ5YemIXwmEIVG2O9sJ0YOpGLdvTyv/
wgQuby/RXr8UEQj0XaElZV3YkUJvGJEWrRhDXOtMwfl3NAu8u4AAsGF9Nt8p4J8+
5mQNRS6F/GRNtJbY5W8/CB+ErhPZn6ql5sUa+hVPaCHF+lrMfWm/OwmM7behXnex
go0RZkYf/ByBLHPf/w1cJZoJEt+TycmwZUw3GN6xBchx1xm8HM/nw58IF3iWu5Fp
GRcy6KESfQHLtA==
-----END CERTIFICATE-----
Generated at Wed Jun 11 11:48:01 2025 by rpki-client