Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft
File:                     249r9UNKqjLT5fETsAxbsUAvZ_Y.mft (raw, json)
Hash identifier:          pRus1dWABZJSLEMkw71AhH2U/Ufmcms7xrsIEQKQffU=
Subject key identifier:   0C:80:F0:D1:2D:9B:A8:07:B6:C9:65:89:1D:9E:5C:54:B9:21:62:A0
Authority key identifier: DB:8F:6B:F5:43:4A:AA:32:D3:E5:F1:13:B0:0C:5B:B1:40:2F:67:F6
Certificate issuer:       /CN=db8f6bf5434aaa32d3e5f113b00c5bb1402f67f6
Certificate serial:       0197B7EACD5737702D651EF8B74D8CD45C62
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/249r9UNKqjLT5fETsAxbsUAvZ_Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft
Manifest number:          06AA
Signing time:             Sat 28 Jun 2025 19:01:47 +0000
Manifest this update:     Sat 28 Jun 2025 19:01:47 +0000
Manifest next update:     Sun 29 Jun 2025 19:01:47 +0000
Files and hashes:         1: 249r9UNKqjLT5fETsAxbsUAvZ_Y.crl (hash: wHCr6bIA4KGEzHxq+J1ebJdhfSMz32rVSIK/z0MqSME=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/249r9UNKqjLT5fETsAxbsUAvZ_Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:ea:cd:57:37:70:2d:65:1e:f8:b7:4d:8c:d4:5c:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db8f6bf5434aaa32d3e5f113b00c5bb1402f67f6
        Validity
            Not Before: Jun 28 19:01:47 2025 GMT
            Not After : Jun 29 19:01:47 2025 GMT
        Subject: CN=0c80f0d12d9ba807b6c965891d9e5c54b92162a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:49:b3:9f:9d:0b:13:51:71:d2:ad:24:c3:33:
                    f7:34:4d:e9:79:60:2a:10:95:e3:4b:31:4a:a4:39:
                    c8:fd:71:f6:f8:17:56:a0:0a:c3:95:d4:cf:95:34:
                    16:9d:7f:9e:da:44:c8:f1:52:6b:eb:35:1e:81:2d:
                    8b:c1:9f:cf:64:bc:fb:5a:b9:d4:75:ce:55:db:4f:
                    c0:d7:a6:94:fe:40:6b:98:28:61:cd:b0:3d:01:3d:
                    e5:f0:d8:f8:b7:30:94:1c:fc:87:94:b5:4c:34:f5:
                    78:c8:91:7f:07:73:02:57:04:b9:e4:aa:de:e1:c8:
                    c3:d5:47:3b:ba:46:5e:82:51:fa:e9:d6:3e:b8:64:
                    f7:de:8d:47:c0:ba:d8:4f:0c:14:2a:83:5e:0e:39:
                    68:e2:34:8e:b2:ed:49:63:d7:8b:03:87:95:69:e9:
                    66:eb:08:d2:d0:f9:44:48:d6:ed:36:43:aa:d3:39:
                    c4:1e:db:96:4d:9f:c9:0b:0c:9c:0c:54:a9:a3:8f:
                    5a:8b:e0:57:b0:11:71:9e:d2:d7:e2:04:de:f8:fe:
                    ca:13:eb:5f:4d:c7:96:fd:02:97:3a:27:0b:a1:73:
                    e8:76:3a:95:7e:20:09:16:9a:92:88:bb:ba:65:e4:
                    08:aa:bd:e1:45:c3:8a:20:9f:a5:24:87:9e:50:41:
                    20:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:80:F0:D1:2D:9B:A8:07:B6:C9:65:89:1D:9E:5C:54:B9:21:62:A0
            X509v3 Authority Key Identifier:
                keyid:DB:8F:6B:F5:43:4A:AA:32:D3:E5:F1:13:B0:0C:5B:B1:40:2F:67:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/249r9UNKqjLT5fETsAxbsUAvZ_Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:68:41:9d:e5:87:7e:e7:f7:8d:cc:6b:d5:88:bd:fb:c9:9b:
         a4:01:32:f8:f6:cc:8b:e0:4a:e3:fb:02:ae:ed:40:34:58:ee:
         44:68:c0:1d:99:00:eb:a5:2e:7e:46:40:35:fc:b3:1e:0c:89:
         4b:0a:fd:d7:57:2f:e3:af:ea:6c:ed:2d:65:6d:11:0f:3e:95:
         87:bf:a1:9c:a1:37:65:aa:11:b7:d5:b9:fb:f8:55:bc:2a:8b:
         47:83:74:e0:90:02:03:52:6e:72:e3:22:0a:0f:5a:c0:51:82:
         d2:24:77:c5:55:ce:a4:f6:44:b6:64:25:0a:88:19:2e:99:10:
         f5:a1:e5:f0:99:c9:9d:1e:b6:26:77:82:3c:28:47:23:5d:f1:
         ab:9b:f6:64:f3:f7:06:cc:7e:14:73:8b:1d:d5:6d:e7:00:7c:
         4f:1a:7f:43:55:2c:7d:31:84:15:7a:26:9d:14:c1:c0:5e:5e:
         e8:89:be:77:84:8c:e9:7e:7a:46:2a:34:cf:c4:bb:c3:e7:19:
         a4:48:f8:f6:62:c3:7b:33:eb:53:9a:63:ba:de:e1:22:14:f8:
         b9:76:05:4a:42:43:4b:18:5c:f8:3d:7e:31:e0:47:d4:59:44:
         d8:d4:4f:02:5a:e1:03:08:14:40:e5:53:db:14:2c:fe:94:5e:
         bf:4d:af:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36s1XN3AtZR74t02M1FxiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiOGY2YmY1NDM0YWFhMzJkM2U1ZjExM2IwMGM1YmIxNDAy
ZjY3ZjYwHhcNMjUwNjI4MTkwMTQ3WhcNMjUwNjI5MTkwMTQ3WjAzMTEwLwYDVQQD
EygwYzgwZjBkMTJkOWJhODA3YjZjOTY1ODkxZDllNWM1NGI5MjE2MmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhEmzn50LE1Fx0q0kwzP3NE3peWAq
EJXjSzFKpDnI/XH2+BdWoArDldTPlTQWnX+e2kTI8VJr6zUegS2LwZ/PZLz7WrnU
dc5V20/A16aU/kBrmChhzbA9AT3l8Nj4tzCUHPyHlLVMNPV4yJF/B3MCVwS55Kre
4cjD1Uc7ukZeglH66dY+uGT33o1HwLrYTwwUKoNeDjlo4jSOsu1JY9eLA4eVaelm
6wjS0PlESNbtNkOq0znEHtuWTZ/JCwycDFSpo49ai+BXsBFxntLX4gTe+P7KE+tf
TceW/QKXOicLoXPodjqVfiAJFpqSiLu6ZeQIqr3hRcOKIJ+lJIeeUEEg6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAyA8NEtm6gHtslliR2eXFS5IWKgMB8GA1UdIwQY
MBaAFNuPa/VDSqoy0+XxE7AMW7FAL2f2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjQ5cjlVTktxakxUNWZFVHNBeGJzVUF2Wl9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS85ZjMzOTQtNmI3Yi00Y2EwLTllMjEt
ZDk3OTY3OTRjNjFjLzEvMjQ5cjlVTktxakxUNWZFVHNBeGJzVUF2Wl9ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS85ZjMzOTQtNmI3Yi00Y2EwLTllMjEtZDk3OTY3OTRjNjFj
LzEvMjQ5cjlVTktxakxUNWZFVHNBeGJzVUF2Wl9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUGhBneWH
fuf3jcxr1Yi9+8mbpAEy+PbMi+BK4/sCru1ANFjuRGjAHZkA66UufkZANfyzHgyJ
Swr911cv46/qbO0tZW0RDz6Vh7+hnKE3ZaoRt9W5+/hVvCqLR4N04JACA1JucuMi
Cg9awFGC0iR3xVXOpPZEtmQlCogZLpkQ9aHl8JnJnR62JneCPChHI13xq5v2ZPP3
Bsx+FHOLHdVt5wB8Txp/Q1UsfTGEFXomnRTBwF5e6Im+d4SM6X56Rio0z8S7w+cZ
pEj49mLDezPrU5pjut7hIhT4uXYFSkJDSxhc+D1+MeBH1FlE2NRPAlrhAwgUQOVT
2xQs/pRev02vmg==
-----END CERTIFICATE-----