Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/800e39-f9b1-4f8d-9c10-10357b87cb23/1/PI0Z2SQBkcNql0ti35PCIUNtm90.mft
File:                     PI0Z2SQBkcNql0ti35PCIUNtm90.mft (raw, json)
Hash identifier:          3Yz9dc+eYw1RtuyD8rJhy5kNeGkey0IrTJJxBeUgF9M=
Subject key identifier:   37:E9:21:33:90:C2:D7:86:87:35:C8:09:57:3B:CB:D3:68:A0:E5:B1
Authority key identifier: 3C:8D:19:D9:24:01:91:C3:6A:97:4B:62:DF:93:C2:21:43:6D:9B:DD
Certificate issuer:       /CN=3c8d19d9240191c36a974b62df93c221436d9bdd
Certificate serial:       0197B6A19F008B0B868C65A43112814866FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PI0Z2SQBkcNql0ti35PCIUNtm90.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/800e39-f9b1-4f8d-9c10-10357b87cb23/1/PI0Z2SQBkcNql0ti35PCIUNtm90.mft
Manifest number:          09EF
Signing time:             Sat 28 Jun 2025 13:02:14 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:14 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:14 +0000
Files and hashes:         1: PI0Z2SQBkcNql0ti35PCIUNtm90.crl (hash: Tg5iKNu9Izu1uRsssSKlbyNZYKuwOxKjeA1ojnSmrqQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/800e39-f9b1-4f8d-9c10-10357b87cb23/1/PI0Z2SQBkcNql0ti35PCIUNtm90.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/800e39-f9b1-4f8d-9c10-10357b87cb23/1/PI0Z2SQBkcNql0ti35PCIUNtm90.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PI0Z2SQBkcNql0ti35PCIUNtm90.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:9f:00:8b:0b:86:8c:65:a4:31:12:81:48:66:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c8d19d9240191c36a974b62df93c221436d9bdd
        Validity
            Not Before: Jun 28 13:02:14 2025 GMT
            Not After : Jun 29 13:02:14 2025 GMT
        Subject: CN=37e9213390c2d7868735c809573bcbd368a0e5b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:df:94:16:cc:81:4f:cc:b9:69:8c:46:4f:57:
                    18:1c:99:95:dc:0f:cf:d1:e2:5c:01:36:c6:be:78:
                    0c:a6:e5:2c:59:cc:57:b7:ec:50:ac:b5:9e:2e:6f:
                    5e:99:51:a9:19:76:21:65:97:0f:da:8f:f9:a2:d1:
                    b9:32:53:20:30:bd:1e:f5:6f:cf:fa:c1:ed:d1:9c:
                    74:cf:e7:bc:0f:6f:fd:34:94:cc:d0:4b:10:9e:c5:
                    98:30:72:50:aa:80:e4:b1:f0:41:96:60:c7:6c:d6:
                    0b:50:d4:b3:ea:73:4d:c4:8d:51:9e:98:d5:92:1b:
                    94:f7:b5:2a:ca:58:00:43:0e:a8:86:20:94:33:1c:
                    01:02:07:cd:25:a7:fe:0f:43:5e:f8:9d:cd:e3:33:
                    18:56:60:8f:cb:4d:ec:14:f9:62:a3:e5:ef:be:09:
                    7b:81:e2:1e:51:ba:38:0c:90:98:29:1e:74:93:e0:
                    50:e0:b2:24:47:29:3e:73:0a:a9:c9:d6:7e:7b:9c:
                    77:1c:55:48:ef:f1:d4:57:d8:09:83:ee:c2:4a:f4:
                    3e:4d:61:f9:f5:ef:e1:6a:25:c0:e3:9b:af:cb:66:
                    9e:e5:da:93:45:21:c0:4f:25:f6:37:bb:ec:47:4a:
                    bc:9f:59:ca:3d:8c:ea:84:a3:dd:54:ef:a4:3c:81:
                    cb:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:E9:21:33:90:C2:D7:86:87:35:C8:09:57:3B:CB:D3:68:A0:E5:B1
            X509v3 Authority Key Identifier:
                keyid:3C:8D:19:D9:24:01:91:C3:6A:97:4B:62:DF:93:C2:21:43:6D:9B:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PI0Z2SQBkcNql0ti35PCIUNtm90.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/800e39-f9b1-4f8d-9c10-10357b87cb23/1/PI0Z2SQBkcNql0ti35PCIUNtm90.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/800e39-f9b1-4f8d-9c10-10357b87cb23/1/PI0Z2SQBkcNql0ti35PCIUNtm90.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:ee:ea:9c:ce:53:ed:1a:b7:ae:1a:df:0e:95:40:87:46:bf:
         05:b2:6d:24:89:34:55:c0:f2:89:f6:4d:b1:6c:c6:ab:2e:e1:
         8e:89:a1:d1:dd:1c:42:3d:96:2b:0b:bd:2b:98:3e:68:dc:a5:
         f7:f9:44:96:c3:35:3d:89:7a:ae:36:34:3f:ae:4f:0a:85:6d:
         bf:e3:3b:6d:c1:2a:b6:9b:05:b7:81:2e:37:ad:92:1b:29:a5:
         d8:9c:c5:36:b9:53:fc:e4:3a:48:22:28:8f:58:a5:8d:20:7b:
         dd:34:3e:84:59:cc:51:f4:73:1d:48:c8:18:e5:33:2a:e0:1c:
         2f:50:89:9a:16:5e:c0:97:b3:b3:44:af:25:d1:dd:6f:67:8b:
         46:a3:0b:8b:ec:88:4d:08:10:55:b0:0e:be:05:e4:80:db:38:
         de:51:8e:ed:d9:3b:db:33:a0:c3:66:57:de:f4:51:a4:37:a0:
         7c:81:b0:f9:0e:18:2a:3c:a8:a7:d5:73:86:8b:a3:90:9b:54:
         27:a7:3c:2e:b1:4f:72:ab:fb:d9:17:aa:7b:2c:f4:33:3d:3e:
         b8:25:f0:eb:db:c9:b4:5e:ae:05:b4:d2:9f:91:60:83:7c:05:
         bf:85:55:5b:fd:bc:6b:a9:4b:2c:87:76:72:52:d3:a5:d6:9d:
         db:87:b2:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oZ8AiwuGjGWkMRKBSGb8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjOGQxOWQ5MjQwMTkxYzM2YTk3NGI2MmRmOTNjMjIxNDM2
ZDliZGQwHhcNMjUwNjI4MTMwMjE0WhcNMjUwNjI5MTMwMjE0WjAzMTEwLwYDVQQD
EygzN2U5MjEzMzkwYzJkNzg2ODczNWM4MDk1NzNiY2JkMzY4YTBlNWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA49+UFsyBT8y5aYxGT1cYHJmV3A/P
0eJcATbGvngMpuUsWcxXt+xQrLWeLm9emVGpGXYhZZcP2o/5otG5MlMgML0e9W/P
+sHt0Zx0z+e8D2/9NJTM0EsQnsWYMHJQqoDksfBBlmDHbNYLUNSz6nNNxI1RnpjV
khuU97UqylgAQw6ohiCUMxwBAgfNJaf+D0Ne+J3N4zMYVmCPy03sFPlio+Xvvgl7
geIeUbo4DJCYKR50k+BQ4LIkRyk+cwqpydZ+e5x3HFVI7/HUV9gJg+7CSvQ+TWH5
9e/haiXA45uvy2ae5dqTRSHATyX2N7vsR0q8n1nKPYzqhKPdVO+kPIHL9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDfpITOQwteGhzXICVc7y9NooOWxMB8GA1UdIwQY
MBaAFDyNGdkkAZHDapdLYt+TwiFDbZvdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEkwWjJTUUJrY05xbDB0aTM1UENJVU50bTkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS84MDBlMzktZjliMS00ZjhkLTljMTAt
MTAzNTdiODdjYjIzLzEvUEkwWjJTUUJrY05xbDB0aTM1UENJVU50bTkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS84MDBlMzktZjliMS00ZjhkLTljMTAtMTAzNTdiODdjYjIz
LzEvUEkwWjJTUUJrY05xbDB0aTM1UENJVU50bTkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWu7qnM5T
7Rq3rhrfDpVAh0a/BbJtJIk0VcDyifZNsWzGqy7hjomh0d0cQj2WKwu9K5g+aNyl
9/lElsM1PYl6rjY0P65PCoVtv+M7bcEqtpsFt4EuN62SGyml2JzFNrlT/OQ6SCIo
j1iljSB73TQ+hFnMUfRzHUjIGOUzKuAcL1CJmhZewJezs0SvJdHdb2eLRqMLi+yI
TQgQVbAOvgXkgNs43lGO7dk72zOgw2ZX3vRRpDegfIGw+Q4YKjyop9VzhoujkJtU
J6c8LrFPcqv72Reqeyz0Mz0+uCXw69vJtF6uBbTSn5Fgg3wFv4VVW/28a6lLLId2
clLTpdad24eyAQ==
-----END CERTIFICATE-----