Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft
File:                     Bv170s3aV23AzQiOvm7mAZceEjQ.mft (raw, json)
Hash identifier:          EafLum82Q9jXPkISQ5+suR5gE1XSc3HGSSE/bIQlLHk=
Subject key identifier:   E3:B3:BD:4F:E3:B0:F2:D3:17:4B:3B:7D:EE:F1:5A:56:CB:FE:53:DA
Authority key identifier: 06:FD:7B:D2:CD:DA:57:6D:C0:CD:08:8E:BE:6E:E6:01:97:1E:12:34
Certificate issuer:       /CN=06fd7bd2cdda576dc0cd088ebe6ee601971e1234
Certificate serial:       0198D54DDDF7B4BFA8FF32A8EE7BB00FE7E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Bv170s3aV23AzQiOvm7mAZceEjQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft
Manifest number:          0E20
Signing time:             Sat 23 Aug 2025 05:01:46 +0000
Manifest this update:     Sat 23 Aug 2025 05:01:46 +0000
Manifest next update:     Sun 24 Aug 2025 05:01:46 +0000
Files and hashes:         1: Bv170s3aV23AzQiOvm7mAZceEjQ.crl (hash: pbRmGRYGFNtGMOTeUs4Ylkj8Mc013ebyUAoK8Cj7USE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Bv170s3aV23AzQiOvm7mAZceEjQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:4d:dd:f7:b4:bf:a8:ff:32:a8:ee:7b:b0:0f:e7:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=06fd7bd2cdda576dc0cd088ebe6ee601971e1234
        Validity
            Not Before: Aug 23 05:01:46 2025 GMT
            Not After : Aug 24 05:01:46 2025 GMT
        Subject: CN=e3b3bd4fe3b0f2d3174b3b7deef15a56cbfe53da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:74:16:33:50:ef:24:9f:28:09:db:0a:ee:67:
                    aa:6a:ab:7b:16:b4:1c:e9:1f:4e:fe:f1:ce:9c:e4:
                    ff:12:50:73:fa:39:86:82:05:c2:69:72:94:e7:2d:
                    45:69:51:4c:dc:47:d0:ce:98:49:5c:69:8e:b1:fb:
                    d0:79:8b:02:cf:7d:06:68:a9:1e:a1:1c:2b:f8:b3:
                    d4:6d:8b:b4:fd:f8:25:64:a0:41:c2:c5:f3:c1:4c:
                    3a:32:a5:4a:f3:84:7a:2e:8f:03:54:59:59:04:04:
                    ff:93:14:20:18:d6:d6:1f:bb:ae:94:43:44:94:06:
                    b3:59:82:28:71:c5:d9:42:f4:b2:6f:89:75:33:5b:
                    98:4a:0f:38:68:66:bd:5a:fe:93:37:1b:20:4f:14:
                    43:61:ea:cc:ad:60:2b:7e:7b:6a:a9:11:01:0c:7c:
                    03:31:51:d5:56:c8:f0:39:43:b4:b3:41:a0:69:76:
                    71:17:b2:38:5a:4b:b1:fa:a5:02:15:a2:23:92:e8:
                    e1:e8:c2:76:b3:0d:c6:34:ac:47:ff:95:d5:4b:e9:
                    3e:65:b5:c4:a4:44:6d:88:bb:6b:47:85:d1:55:b7:
                    bd:65:59:ac:e0:c9:dd:00:92:d2:83:22:bf:b3:f6:
                    c7:9c:14:fd:73:ba:56:b2:ca:28:71:cc:70:e4:7f:
                    55:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:B3:BD:4F:E3:B0:F2:D3:17:4B:3B:7D:EE:F1:5A:56:CB:FE:53:DA
            X509v3 Authority Key Identifier:
                keyid:06:FD:7B:D2:CD:DA:57:6D:C0:CD:08:8E:BE:6E:E6:01:97:1E:12:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bv170s3aV23AzQiOvm7mAZceEjQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:fd:85:dd:ac:9e:dc:04:5e:9f:de:87:64:35:d3:61:ca:c5:
         18:fb:a4:55:11:93:55:b8:4e:bb:cb:0c:d3:72:7d:37:32:74:
         19:74:3e:d9:2f:66:a5:0d:40:fc:96:d8:88:51:04:1c:8a:d3:
         03:6b:38:65:6b:49:d5:72:6e:17:7e:f5:55:f9:79:8f:27:84:
         04:f8:cd:e1:5a:85:aa:9d:13:5c:18:65:7c:cd:12:a5:33:33:
         6a:6d:cc:69:3e:e5:32:ee:8e:e3:3f:07:e3:d9:b9:92:e9:79:
         4b:53:39:bf:75:87:05:96:be:9f:3b:6e:17:8e:cf:e1:2f:71:
         4a:f6:4f:80:24:65:da:3e:ff:98:c3:8f:cf:2a:3d:5a:cb:1a:
         0d:e9:99:b4:20:f6:27:28:b4:f2:87:18:15:65:13:d7:66:fa:
         ce:37:0f:bd:f6:6a:e9:c9:89:97:83:54:2b:36:50:39:a7:c6:
         3d:c4:b3:b2:48:fe:f2:89:34:b6:bb:be:82:09:6e:0c:14:02:
         48:90:07:23:ae:44:fa:46:87:46:3c:ca:0b:c6:7c:18:98:8a:
         21:be:40:5d:f7:ad:c8:e2:3f:1a:f8:17:fa:bf:34:59:d8:2f:
         61:66:ec:34:38:03:c5:01:74:c2:3b:49:7a:d5:2e:f2:2a:6c:
         85:5b:91:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTd33tL+o/zKo7nuwD+foMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2ZmQ3YmQyY2RkYTU3NmRjMGNkMDg4ZWJlNmVlNjAxOTcx
ZTEyMzQwHhcNMjUwODIzMDUwMTQ2WhcNMjUwODI0MDUwMTQ2WjAzMTEwLwYDVQQD
EyhlM2IzYmQ0ZmUzYjBmMmQzMTc0YjNiN2RlZWYxNWE1NmNiZmU1M2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXQWM1DvJJ8oCdsK7meqaqt7FrQc
6R9O/vHOnOT/ElBz+jmGggXCaXKU5y1FaVFM3EfQzphJXGmOsfvQeYsCz30GaKke
oRwr+LPUbYu0/fglZKBBwsXzwUw6MqVK84R6Lo8DVFlZBAT/kxQgGNbWH7uulENE
lAazWYIoccXZQvSyb4l1M1uYSg84aGa9Wv6TNxsgTxRDYerMrWArfntqqREBDHwD
MVHVVsjwOUO0s0GgaXZxF7I4Wkux+qUCFaIjkujh6MJ2sw3GNKxH/5XVS+k+ZbXE
pERtiLtrR4XRVbe9ZVms4MndAJLSgyK/s/bHnBT9c7pWssooccxw5H9VVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOOzvU/jsPLTF0s7fe7xWlbL/lPaMB8GA1UdIwQY
MBaAFAb9e9LN2ldtwM0Ijr5u5gGXHhI0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnYxNzBzM2FWMjNBelFpT3ZtN21BWmNlRWpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC82MjBkZjEtMzRjYS00ZTU3LWIzZTEt
YjhkNGJiYTcwMjFlLzEvQnYxNzBzM2FWMjNBelFpT3ZtN21BWmNlRWpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC82MjBkZjEtMzRjYS00ZTU3LWIzZTEtYjhkNGJiYTcwMjFl
LzEvQnYxNzBzM2FWMjNBelFpT3ZtN21BWmNlRWpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADf2F3aye
3ARen96HZDXTYcrFGPukVRGTVbhOu8sM03J9NzJ0GXQ+2S9mpQ1A/JbYiFEEHIrT
A2s4ZWtJ1XJuF371Vfl5jyeEBPjN4VqFqp0TXBhlfM0SpTMzam3MaT7lMu6O4z8H
49m5kul5S1M5v3WHBZa+nztuF47P4S9xSvZPgCRl2j7/mMOPzyo9WssaDemZtCD2
Jyi08ocYFWUT12b6zjcPvfZq6cmJl4NUKzZQOafGPcSzskj+8ok0tru+ggluDBQC
SJAHI65E+kaHRjzKC8Z8GJiKIb5AXfetyOI/GvgX+r80WdgvYWbsNDgDxQF0wjtJ
etUu8ipshVuR2w==
-----END CERTIFICATE-----