Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
File:                     3APMhzX27sAjqfI6BLLpDVOpIVI.mft (raw, json)
Hash identifier:          0TwTCjMK+TZOsHpTwtAkcE94s+UqQqY1WGv2H4xRAiI=
Subject key identifier:   FF:78:94:6D:47:39:34:2D:9C:49:70:40:9A:2E:F9:C3:6E:5D:5E:D0
Authority key identifier: DC:03:CC:87:35:F6:EE:C0:23:A9:F2:3A:04:B2:E9:0D:53:A9:21:52
Certificate issuer:       /CN=dc03cc8735f6eec023a9f23a04b2e90d53a92152
Certificate serial:       0197B8905BA45951F061893DA7F3DEEA55B8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
Manifest number:          0647
Signing time:             Sat 28 Jun 2025 22:02:37 +0000
Manifest this update:     Sat 28 Jun 2025 22:02:37 +0000
Manifest next update:     Sun 29 Jun 2025 22:02:37 +0000
Files and hashes:         1: 3APMhzX27sAjqfI6BLLpDVOpIVI.crl (hash: CzjpU4WtoQrzASX23yUSWYyC4vBFCEyZ+9mT5iT6VDM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:90:5b:a4:59:51:f0:61:89:3d:a7:f3:de:ea:55:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc03cc8735f6eec023a9f23a04b2e90d53a92152
        Validity
            Not Before: Jun 28 22:02:37 2025 GMT
            Not After : Jun 29 22:02:37 2025 GMT
        Subject: CN=ff78946d4739342d9c4970409a2ef9c36e5d5ed0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:9c:b4:fb:a3:68:89:08:f8:87:81:1f:6f:19:
                    5d:68:58:86:69:02:8e:fb:84:00:31:bb:39:2d:a5:
                    2f:17:e2:55:60:53:9e:85:9d:db:07:95:fb:91:b7:
                    b9:6f:a1:c7:c6:87:3f:c8:b8:8d:68:8e:c6:69:f4:
                    5e:30:14:0d:8d:d4:84:67:65:21:9c:b3:6e:bc:80:
                    8d:a7:c7:b0:d1:a5:42:e2:de:4d:3d:97:02:bc:7a:
                    64:39:d7:3a:b0:17:3c:40:d6:f7:2a:16:c2:ba:4b:
                    5f:a3:fe:94:4d:47:a6:35:3a:57:68:04:60:6f:40:
                    4d:b8:fb:91:f6:b0:31:df:f0:c0:e3:02:e4:e2:0e:
                    aa:89:38:8f:f8:04:36:4b:fc:91:cd:f8:f0:86:2f:
                    4b:c7:fd:4e:5f:25:d5:f3:18:39:59:39:c4:37:04:
                    a0:d2:68:1b:39:c6:b0:ca:96:37:6d:e9:11:0f:4e:
                    8c:ff:14:6f:5d:18:b4:e7:3f:53:f0:df:b6:2c:5c:
                    f4:eb:7e:9c:83:97:cc:a9:0e:33:26:65:25:e3:58:
                    cd:d5:73:e2:ef:91:9a:cf:56:09:f5:cb:11:8c:fe:
                    93:47:53:b4:85:fa:b2:c6:6b:a3:c1:b5:e2:4d:53:
                    b8:c5:4d:bb:9d:1f:48:19:a3:7b:c2:c4:9a:f3:af:
                    ea:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:78:94:6D:47:39:34:2D:9C:49:70:40:9A:2E:F9:C3:6E:5D:5E:D0
            X509v3 Authority Key Identifier:
                keyid:DC:03:CC:87:35:F6:EE:C0:23:A9:F2:3A:04:B2:E9:0D:53:A9:21:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:34:e5:dc:5b:16:17:ae:39:38:0f:8d:98:72:88:b4:15:df:
         7d:40:04:66:33:b3:bb:2d:28:9c:f4:d4:e0:c5:c7:e3:09:b1:
         38:42:61:44:ac:1b:7d:83:e5:0b:6f:5e:ac:14:66:a1:92:49:
         55:b4:30:7a:a2:77:45:34:a7:d7:c7:62:ca:de:bd:c4:1d:b0:
         c1:f8:e9:7f:d1:eb:67:2c:14:82:2f:14:08:5a:83:00:f5:0e:
         ca:47:27:58:70:37:44:4c:dd:2a:01:12:b4:9e:a4:f8:d7:2a:
         60:20:07:76:ed:4b:a7:0c:23:9b:73:51:4d:ee:bb:61:50:4a:
         cc:81:62:70:15:4e:38:a6:b5:64:7f:e6:67:61:40:aa:a7:bc:
         6f:de:07:a6:58:8b:2b:f3:73:79:eb:b4:83:ba:5c:8d:21:16:
         0f:dc:4e:c0:46:dc:ab:48:6d:50:72:fe:56:e9:2a:07:4a:48:
         86:e8:8c:47:1c:7f:03:2d:83:ec:25:d9:b3:b3:6f:5a:c9:26:
         7b:17:b7:c0:f6:a7:6b:33:b7:12:79:26:ad:b5:2e:21:7d:e4:
         87:4c:8a:3f:99:eb:6c:73:eb:94:cf:58:3a:1d:79:f4:d2:69:
         bd:3a:24:7d:ed:e2:ac:f8:d8:7b:82:d4:c6:0e:5f:3c:06:b7:
         18:ac:84:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4kFukWVHwYYk9p/Pe6lW4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMDNjYzg3MzVmNmVlYzAyM2E5ZjIzYTA0YjJlOTBkNTNh
OTIxNTIwHhcNMjUwNjI4MjIwMjM3WhcNMjUwNjI5MjIwMjM3WjAzMTEwLwYDVQQD
EyhmZjc4OTQ2ZDQ3MzkzNDJkOWM0OTcwNDA5YTJlZjljMzZlNWQ1ZWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJy0+6NoiQj4h4EfbxldaFiGaQKO
+4QAMbs5LaUvF+JVYFOehZ3bB5X7kbe5b6HHxoc/yLiNaI7GafReMBQNjdSEZ2Uh
nLNuvICNp8ew0aVC4t5NPZcCvHpkOdc6sBc8QNb3KhbCuktfo/6UTUemNTpXaARg
b0BNuPuR9rAx3/DA4wLk4g6qiTiP+AQ2S/yRzfjwhi9Lx/1OXyXV8xg5WTnENwSg
0mgbOcawypY3bekRD06M/xRvXRi05z9T8N+2LFz0636cg5fMqQ4zJmUl41jN1XPi
75Gaz1YJ9csRjP6TR1O0hfqyxmujwbXiTVO4xU27nR9IGaN7wsSa86/qYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP94lG1HOTQtnElwQJou+cNuXV7QMB8GA1UdIwQY
MBaAFNwDzIc19u7AI6nyOgSy6Q1TqSFSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9iNTY2MmEtNjFhNS00OGE5LTg3N2It
YzQ0NTNhZmIyOTMzLzEvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9iNTY2MmEtNjFhNS00OGE5LTg3N2ItYzQ0NTNhZmIyOTMz
LzEvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFzTl3FsW
F645OA+NmHKItBXffUAEZjOzuy0onPTU4MXH4wmxOEJhRKwbfYPlC29erBRmoZJJ
VbQweqJ3RTSn18diyt69xB2wwfjpf9HrZywUgi8UCFqDAPUOykcnWHA3REzdKgES
tJ6k+NcqYCAHdu1Lpwwjm3NRTe67YVBKzIFicBVOOKa1ZH/mZ2FAqqe8b94HpliL
K/Nzeeu0g7pcjSEWD9xOwEbcq0htUHL+VukqB0pIhuiMRxx/Ay2D7CXZs7NvWskm
exe3wPanazO3EnkmrbUuIX3kh0yKP5nrbHPrlM9YOh159NJpvTokfe3irPjYe4LU
xg5fPAa3GKyElA==
-----END CERTIFICATE-----