Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/bd8ec1-17a4-44df-883d-e97d226fbeea/1/aeOtiwIkUhzQrnSSxpS8LU7h_bI.mft
File:                     aeOtiwIkUhzQrnSSxpS8LU7h_bI.mft (raw, json)
Hash identifier:          fV2Pt4to1R/0lhiSJwVVsZ29s3fdVnWGCLhgKWP+X2E=
Subject key identifier:   62:60:9B:00:0A:8D:EF:C1:5B:6A:F6:F5:BE:24:9E:B3:BE:C8:10:4F
Authority key identifier: 69:E3:AD:8B:02:24:52:1C:D0:AE:74:92:C6:94:BC:2D:4E:E1:FD:B2
Certificate issuer:       /CN=69e3ad8b0224521cd0ae7492c694bc2d4ee1fdb2
Certificate serial:       0197BA7E09DBD0D44797D2AFA3371EEC9A88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aeOtiwIkUhzQrnSSxpS8LU7h_bI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/bd8ec1-17a4-44df-883d-e97d226fbeea/1/aeOtiwIkUhzQrnSSxpS8LU7h_bI.mft
Manifest number:          0A3E
Signing time:             Sun 29 Jun 2025 07:01:51 +0000
Manifest this update:     Sun 29 Jun 2025 07:01:51 +0000
Manifest next update:     Mon 30 Jun 2025 07:01:51 +0000
Files and hashes:         1: aeOtiwIkUhzQrnSSxpS8LU7h_bI.crl (hash: 3UC5RjpY6lrhdW3WLdJ9yiC/JSPYh1rhVb12/0TX+Nw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/bd8ec1-17a4-44df-883d-e97d226fbeea/1/aeOtiwIkUhzQrnSSxpS8LU7h_bI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/bd8ec1-17a4-44df-883d-e97d226fbeea/1/aeOtiwIkUhzQrnSSxpS8LU7h_bI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aeOtiwIkUhzQrnSSxpS8LU7h_bI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 04:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:ba:7e:09:db:d0:d4:47:97:d2:af:a3:37:1e:ec:9a:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69e3ad8b0224521cd0ae7492c694bc2d4ee1fdb2
        Validity
            Not Before: Jun 29 07:01:51 2025 GMT
            Not After : Jun 30 07:01:51 2025 GMT
        Subject: CN=62609b000a8defc15b6af6f5be249eb3bec8104f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:af:6d:b3:e3:6b:b5:9b:44:4f:bf:03:ba:16:
                    55:85:37:d9:07:70:da:a7:dc:12:81:86:0a:e4:39:
                    4e:b3:11:51:6b:e2:59:a1:d1:e8:9b:ca:5d:7c:db:
                    6d:cd:d8:6a:d7:4d:f9:b2:ad:e8:9f:5f:52:5c:58:
                    a0:b9:f0:1f:14:95:5c:97:d3:f5:c1:dc:ec:62:f6:
                    4c:ec:72:80:09:d8:28:0a:04:c9:8e:f3:58:5f:75:
                    fb:4e:f8:c4:92:bb:a6:68:4c:b4:31:a0:bc:b1:b3:
                    e7:1b:e2:c7:f6:60:4c:96:a7:1d:02:9b:67:4a:c6:
                    f2:d4:78:33:5b:60:11:44:d9:dc:bd:89:15:8a:7c:
                    53:4a:75:42:1a:53:55:d9:a4:dc:6a:b1:64:24:32:
                    c7:54:63:69:ea:67:46:fb:d8:72:2b:d6:3a:d5:07:
                    4b:3e:5f:aa:1c:f2:2f:a4:b4:fd:0d:4b:1e:32:07:
                    5d:61:7d:46:aa:65:4d:86:d4:62:58:c2:2b:f4:cc:
                    79:51:72:ed:18:04:85:37:85:8f:13:3c:db:84:b2:
                    f0:f2:2c:62:99:70:40:7d:0b:3c:88:50:9e:9f:5b:
                    9a:b5:46:4b:b2:0d:86:b8:27:ea:f9:39:0d:84:c1:
                    32:df:4d:1b:9d:98:7c:df:bc:e1:39:58:f4:17:23:
                    e8:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:60:9B:00:0A:8D:EF:C1:5B:6A:F6:F5:BE:24:9E:B3:BE:C8:10:4F
            X509v3 Authority Key Identifier:
                keyid:69:E3:AD:8B:02:24:52:1C:D0:AE:74:92:C6:94:BC:2D:4E:E1:FD:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aeOtiwIkUhzQrnSSxpS8LU7h_bI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/bd8ec1-17a4-44df-883d-e97d226fbeea/1/aeOtiwIkUhzQrnSSxpS8LU7h_bI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/bd8ec1-17a4-44df-883d-e97d226fbeea/1/aeOtiwIkUhzQrnSSxpS8LU7h_bI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:64:ee:d3:08:85:16:ea:a3:14:a6:fa:5c:f3:a3:02:95:99:
         9a:00:47:13:00:1d:a1:92:54:58:48:f4:b7:95:95:af:7e:47:
         e7:91:cf:b4:8d:0e:9a:94:9e:62:7e:80:83:b0:62:97:cc:ee:
         27:b9:90:44:ae:72:2e:70:d5:de:9b:0c:40:6e:93:69:47:f9:
         bd:ec:27:88:17:9d:84:c3:db:dc:8b:54:fd:f1:8b:b5:93:3f:
         89:bc:46:82:76:29:d2:18:98:cd:4e:87:26:62:20:79:81:a9:
         da:b1:1a:65:b5:3a:a4:22:fa:ca:5c:ba:0f:89:c3:82:50:e3:
         5f:01:b2:b0:dc:c3:13:83:3d:c0:29:b4:02:36:22:95:34:25:
         98:f1:0b:8c:8e:1f:36:f1:bb:e7:5a:aa:90:b8:18:30:7c:86:
         cf:d5:e2:2e:23:65:13:ba:6b:84:c4:91:9f:cd:a0:ed:44:99:
         42:c6:e5:90:e6:73:52:ab:76:7e:76:ab:89:f8:11:ec:90:92:
         35:38:a9:24:0e:6d:c1:5c:af:9c:8e:23:96:e1:fe:7b:32:42:
         12:85:cc:a9:f5:ec:8c:6c:a8:79:ca:3a:96:9c:64:f3:6c:4e:
         eb:e7:00:64:e4:df:3e:bc:3a:60:e0:86:be:9b:ef:2f:98:6b:
         59:e9:83:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe6fgnb0NRHl9Kvozce7JqIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZTNhZDhiMDIyNDUyMWNkMGFlNzQ5MmM2OTRiYzJkNGVl
MWZkYjIwHhcNMjUwNjI5MDcwMTUxWhcNMjUwNjMwMDcwMTUxWjAzMTEwLwYDVQQD
Eyg2MjYwOWIwMDBhOGRlZmMxNWI2YWY2ZjViZTI0OWViM2JlYzgxMDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2q9ts+NrtZtET78DuhZVhTfZB3Da
p9wSgYYK5DlOsxFRa+JZodHom8pdfNttzdhq1035sq3on19SXFigufAfFJVcl9P1
wdzsYvZM7HKACdgoCgTJjvNYX3X7TvjEkrumaEy0MaC8sbPnG+LH9mBMlqcdAptn
Ssby1HgzW2ARRNncvYkVinxTSnVCGlNV2aTcarFkJDLHVGNp6mdG+9hyK9Y61QdL
Pl+qHPIvpLT9DUseMgddYX1GqmVNhtRiWMIr9Mx5UXLtGASFN4WPEzzbhLLw8ixi
mXBAfQs8iFCen1uatUZLsg2GuCfq+TkNhMEy300bnZh837zhOVj0FyPoEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGJgmwAKje/BW2r29b4knrO+yBBPMB8GA1UdIwQY
MBaAFGnjrYsCJFIc0K50ksaUvC1O4f2yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWVPdGl3SWtVaHpRcm5TU3hwUzhMVTdoX2JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9iZDhlYzEtMTdhNC00NGRmLTg4M2Qt
ZTk3ZDIyNmZiZWVhLzEvYWVPdGl3SWtVaHpRcm5TU3hwUzhMVTdoX2JJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9iZDhlYzEtMTdhNC00NGRmLTg4M2QtZTk3ZDIyNmZiZWVh
LzEvYWVPdGl3SWtVaHpRcm5TU3hwUzhMVTdoX2JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJWTu0wiF
FuqjFKb6XPOjApWZmgBHEwAdoZJUWEj0t5WVr35H55HPtI0OmpSeYn6Ag7Bil8zu
J7mQRK5yLnDV3psMQG6TaUf5vewniBedhMPb3ItU/fGLtZM/ibxGgnYp0hiYzU6H
JmIgeYGp2rEaZbU6pCL6yly6D4nDglDjXwGysNzDE4M9wCm0AjYilTQlmPELjI4f
NvG751qqkLgYMHyGz9XiLiNlE7prhMSRn82g7USZQsblkOZzUqt2fnarifgR7JCS
NTipJA5twVyvnI4jluH+ezJCEoXMqfXsjGyoeco6lpxk82xO6+cAZOTfPrw6YOCG
vpvvL5hrWemDkw==
-----END CERTIFICATE-----