Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/456a2b-8755-4bfc-8b6c-dbbc254d1c6c/1/0bDoaG99qx9kyA1DgsPFlJ_xHb8.mft
File:                     0bDoaG99qx9kyA1DgsPFlJ_xHb8.mft (raw, json)
Hash identifier:          cYbhJe2lW18sfSvYWTzt0zNhQgowZdXCekNscKnHlcU=
Subject key identifier:   E1:D3:63:B0:59:FD:9F:BB:15:D3:9B:D3:E8:DC:7E:E7:9F:8B:7F:8E
Authority key identifier: D1:B0:E8:68:6F:7D:AB:1F:64:C8:0D:43:82:C3:C5:94:9F:F1:1D:BF
Certificate issuer:       /CN=d1b0e8686f7dab1f64c80d4382c3c5949ff11dbf
Certificate serial:       0197B70E8FAE51384BF609283D1DBCA63EB3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0bDoaG99qx9kyA1DgsPFlJ_xHb8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/456a2b-8755-4bfc-8b6c-dbbc254d1c6c/1/0bDoaG99qx9kyA1DgsPFlJ_xHb8.mft
Manifest number:          040B
Signing time:             Sat 28 Jun 2025 15:01:14 +0000
Manifest this update:     Sat 28 Jun 2025 15:01:14 +0000
Manifest next update:     Sun 29 Jun 2025 15:01:14 +0000
Files and hashes:         1: 0bDoaG99qx9kyA1DgsPFlJ_xHb8.crl (hash: B20/ONN6WQ6wIe+pnuRTTgFJcDXSfWMW+kytBVY1RI0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/456a2b-8755-4bfc-8b6c-dbbc254d1c6c/1/0bDoaG99qx9kyA1DgsPFlJ_xHb8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/456a2b-8755-4bfc-8b6c-dbbc254d1c6c/1/0bDoaG99qx9kyA1DgsPFlJ_xHb8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0bDoaG99qx9kyA1DgsPFlJ_xHb8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0e:8f:ae:51:38:4b:f6:09:28:3d:1d:bc:a6:3e:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d1b0e8686f7dab1f64c80d4382c3c5949ff11dbf
        Validity
            Not Before: Jun 28 15:01:14 2025 GMT
            Not After : Jun 29 15:01:14 2025 GMT
        Subject: CN=e1d363b059fd9fbb15d39bd3e8dc7ee79f8b7f8e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:0a:75:8c:8e:81:01:2f:54:0e:67:f9:42:e1:
                    fc:4b:69:3f:4f:a5:c8:8a:8b:f7:c1:ff:64:33:de:
                    fe:e4:f0:37:6b:8f:11:f3:18:ce:af:4c:fc:89:7f:
                    a2:90:e1:11:cc:8f:30:7d:03:2e:27:89:26:1a:55:
                    6d:07:5d:75:7c:b1:87:21:b7:36:9d:57:07:20:a2:
                    9e:df:94:ac:9c:2b:1d:ad:27:96:ce:b7:15:bf:ff:
                    b9:f8:89:f0:52:62:7f:d0:3e:34:6a:41:d2:ae:51:
                    51:8f:3e:f7:6f:13:10:b4:87:8e:b1:9d:ca:d4:40:
                    2d:cd:aa:bd:df:b1:64:30:f3:9a:14:3c:1e:bd:81:
                    b4:77:d5:e0:58:22:57:48:89:ab:e4:b0:eb:c3:b2:
                    16:0f:30:f3:65:f5:35:af:08:94:00:f1:f1:f8:5c:
                    3a:99:65:83:b2:c9:9a:66:b4:c1:a2:d0:53:0e:38:
                    ff:ff:fd:01:ab:25:83:1b:6d:a4:55:a2:33:a2:4a:
                    86:59:55:6b:9e:6a:13:3e:fb:93:38:89:1a:8e:f3:
                    08:dd:e6:f5:21:b5:f9:39:9b:83:57:5a:8c:7d:a9:
                    2c:f2:54:60:b7:7f:ca:5c:5d:d8:96:76:4a:3d:1e:
                    2b:02:fc:45:0a:2b:07:f6:dc:61:ea:34:a3:70:c9:
                    59:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:D3:63:B0:59:FD:9F:BB:15:D3:9B:D3:E8:DC:7E:E7:9F:8B:7F:8E
            X509v3 Authority Key Identifier:
                keyid:D1:B0:E8:68:6F:7D:AB:1F:64:C8:0D:43:82:C3:C5:94:9F:F1:1D:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0bDoaG99qx9kyA1DgsPFlJ_xHb8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/456a2b-8755-4bfc-8b6c-dbbc254d1c6c/1/0bDoaG99qx9kyA1DgsPFlJ_xHb8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/456a2b-8755-4bfc-8b6c-dbbc254d1c6c/1/0bDoaG99qx9kyA1DgsPFlJ_xHb8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:74:35:90:14:15:90:b9:bb:d7:8d:54:44:c8:7e:b0:68:fc:
         85:27:49:78:e4:1c:c0:50:e6:4d:21:cc:58:73:4d:8c:27:e2:
         89:6d:48:be:20:b0:90:16:9f:d0:75:35:b5:de:12:c9:3f:4f:
         5b:b8:57:d7:7b:72:0d:45:3f:c8:46:07:26:54:c6:07:4d:0a:
         58:58:02:64:43:56:06:7f:d2:56:d9:a6:f2:7f:ba:9c:0a:2c:
         a5:94:fd:a5:59:98:18:c4:62:51:19:af:ce:7e:c1:23:6c:69:
         1c:d1:2e:8d:56:82:38:80:35:ef:8f:6a:65:29:e0:fc:b3:c0:
         d1:22:b4:60:1b:67:c3:65:67:9d:47:e3:a1:f7:25:6c:3c:04:
         64:fe:5f:f4:df:f3:51:d4:63:5c:82:e6:b4:02:be:63:25:57:
         b5:0f:26:a4:a2:04:46:39:73:28:44:01:fc:ce:e3:49:84:c5:
         bb:2c:28:25:a3:7a:bb:5c:8f:a6:2f:09:ac:e2:02:36:18:cc:
         b0:db:3e:bb:28:00:12:38:aa:a7:92:c5:0c:53:dd:65:cc:ee:
         89:63:9b:98:f0:2f:df:85:68:e8:c8:67:83:7a:77:9b:1e:11:
         44:2d:35:fd:99:6b:fa:7e:79:c8:8b:35:7f:82:55:d8:ce:50:
         e3:11:20:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3Do+uUThL9gkoPR28pj6zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxYjBlODY4NmY3ZGFiMWY2NGM4MGQ0MzgyYzNjNTk0OWZm
MTFkYmYwHhcNMjUwNjI4MTUwMTE0WhcNMjUwNjI5MTUwMTE0WjAzMTEwLwYDVQQD
EyhlMWQzNjNiMDU5ZmQ5ZmJiMTVkMzliZDNlOGRjN2VlNzlmOGI3ZjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Ap1jI6BAS9UDmf5QuH8S2k/T6XI
iov3wf9kM97+5PA3a48R8xjOr0z8iX+ikOERzI8wfQMuJ4kmGlVtB111fLGHIbc2
nVcHIKKe35SsnCsdrSeWzrcVv/+5+InwUmJ/0D40akHSrlFRjz73bxMQtIeOsZ3K
1EAtzaq937FkMPOaFDwevYG0d9XgWCJXSImr5LDrw7IWDzDzZfU1rwiUAPHx+Fw6
mWWDssmaZrTBotBTDjj///0BqyWDG22kVaIzokqGWVVrnmoTPvuTOIkajvMI3eb1
IbX5OZuDV1qMfaks8lRgt3/KXF3YlnZKPR4rAvxFCisH9txh6jSjcMlZTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOHTY7BZ/Z+7FdOb0+jcfuefi3+OMB8GA1UdIwQY
MBaAFNGw6GhvfasfZMgNQ4LDxZSf8R2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGJEb2FHOTlxeDlreUExRGdzUEZsSl94SGI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy80NTZhMmItODc1NS00YmZjLThiNmMt
ZGJiYzI1NGQxYzZjLzEvMGJEb2FHOTlxeDlreUExRGdzUEZsSl94SGI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy80NTZhMmItODc1NS00YmZjLThiNmMtZGJiYzI1NGQxYzZj
LzEvMGJEb2FHOTlxeDlreUExRGdzUEZsSl94SGI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR3Q1kBQV
kLm7141URMh+sGj8hSdJeOQcwFDmTSHMWHNNjCfiiW1IviCwkBaf0HU1td4SyT9P
W7hX13tyDUU/yEYHJlTGB00KWFgCZENWBn/SVtmm8n+6nAospZT9pVmYGMRiURmv
zn7BI2xpHNEujVaCOIA1749qZSng/LPA0SK0YBtnw2VnnUfjofclbDwEZP5f9N/z
UdRjXILmtAK+YyVXtQ8mpKIERjlzKEQB/M7jSYTFuywoJaN6u1yPpi8JrOICNhjM
sNs+uygAEjiqp5LFDFPdZczuiWObmPAv34Vo6Mhng3p3mx4RRC01/Zlr+n55yIs1
f4JV2M5Q4xEg3w==
-----END CERTIFICATE-----