Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.mft
File:                     dCMNFC7sf2qZsNtAlvk6BCBIP-Y.mft (raw, json)
Hash identifier:          jIDpBAJWWNFl5uDlhwv2O/bKtS6CQifuMzVV7zhoJgo=
Subject key identifier:   85:38:0C:95:AB:8A:CC:13:BC:7C:9F:A5:CC:54:E1:46:0C:B1:6E:D8
Authority key identifier: 74:23:0D:14:2E:EC:7F:6A:99:B0:DB:40:96:F9:3A:04:20:48:3F:E6
Certificate issuer:       /CN=74230d142eec7f6a99b0db4096f93a0420483fe6
Certificate serial:       0197C9F1BD8B2E94ABC7C1F21C63A6F1E1E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.mft
Manifest number:          07B4
Signing time:             Wed 02 Jul 2025 07:02:32 +0000
Manifest this update:     Wed 02 Jul 2025 07:02:32 +0000
Manifest next update:     Thu 03 Jul 2025 07:02:32 +0000
Files and hashes:         1: dCMNFC7sf2qZsNtAlvk6BCBIP-Y.crl (hash: Pl27okjAHXPAHV9GLan3GLQ+Y5fTExZLTCk1zaO/tkY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 03 Jul 2025 07:02:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c9:f1:bd:8b:2e:94:ab:c7:c1:f2:1c:63:a6:f1:e1:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74230d142eec7f6a99b0db4096f93a0420483fe6
        Validity
            Not Before: Jul  2 07:02:32 2025 GMT
            Not After : Jul  3 07:02:32 2025 GMT
        Subject: CN=85380c95ab8acc13bc7c9fa5cc54e1460cb16ed8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:ec:38:32:ec:4a:8c:ff:66:63:90:53:3e:7f:
                    5a:7a:a6:f0:47:55:5c:e3:e0:c3:18:cb:d5:68:7d:
                    3c:22:c9:ad:12:e3:b0:73:b3:7f:1b:08:04:3f:92:
                    e8:94:95:2a:bc:a7:39:8a:c8:00:94:28:eb:b8:80:
                    b2:fc:75:96:67:35:4f:c0:08:eb:b2:75:23:cc:16:
                    96:3b:80:fb:5e:61:a8:a9:bd:15:64:fb:32:ae:e2:
                    82:30:98:11:74:26:da:57:47:5f:7f:c3:a1:86:d6:
                    96:51:f1:2d:14:43:ce:3e:dd:3f:9f:e2:29:2e:84:
                    6b:79:60:fc:83:6e:28:c9:28:0b:e9:c1:a3:88:a2:
                    6c:6c:d4:fb:a7:76:5a:f2:c2:53:25:f7:15:73:e6:
                    f7:58:fc:e1:70:26:a5:30:47:1a:fe:95:36:ec:81:
                    59:0f:b6:88:e8:f6:2e:01:8b:c5:28:d7:90:88:37:
                    ee:eb:c4:96:26:2c:8a:67:9b:8e:47:02:44:de:94:
                    71:4d:b8:78:50:74:d8:de:3a:31:aa:ee:49:25:5f:
                    bf:10:57:69:07:a0:64:b9:02:be:87:17:d7:ec:98:
                    8c:b0:4a:51:8d:93:8c:20:87:29:b2:f7:d1:ab:fe:
                    6b:50:6f:b6:74:21:60:0e:8b:ed:fb:e4:23:7a:b7:
                    31:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:38:0C:95:AB:8A:CC:13:BC:7C:9F:A5:CC:54:E1:46:0C:B1:6E:D8
            X509v3 Authority Key Identifier:
                keyid:74:23:0D:14:2E:EC:7F:6A:99:B0:DB:40:96:F9:3A:04:20:48:3F:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:96:2a:c1:92:d0:50:9e:97:58:57:cc:ca:f3:a5:c0:56:4e:
         6d:b6:9c:09:02:82:f4:a6:96:6c:47:0b:6b:bf:a8:77:73:63:
         7e:4e:fb:26:8e:c4:21:12:57:2a:98:8f:44:2e:27:a9:3f:bd:
         ac:b1:b2:8b:d9:c6:26:07:50:96:07:34:67:07:4a:ff:39:17:
         c6:b8:a1:01:eb:8e:ef:62:02:ad:84:83:7b:dd:42:5b:35:a2:
         46:3c:22:0a:76:fc:b2:47:c8:47:b3:ba:e2:6f:5a:42:e4:42:
         1a:69:36:f8:98:c4:57:0e:d4:fd:9e:08:8c:12:d1:49:af:b7:
         8c:61:35:2d:a9:37:73:c5:49:0e:2a:82:13:97:e2:5a:ad:c7:
         c9:39:a0:b5:c2:a1:be:9e:4b:71:2b:f4:6e:9b:f4:cb:87:04:
         74:e3:0a:59:39:91:23:69:f8:fc:ee:7c:18:2d:c2:5d:b9:20:
         47:61:34:12:5c:2d:48:d8:b6:9a:f1:87:56:4b:f6:e5:43:38:
         30:cf:bc:1c:45:b7:8e:3f:d4:55:6b:8c:a4:90:4e:3a:18:a1:
         83:dc:1e:3d:5f:5f:60:b2:1c:a3:44:8f:95:c2:c3:67:91:f8:
         67:6e:9f:f7:95:3e:18:e0:a6:3f:6d:4b:ef:a1:5f:13:c9:dc:
         6f:d8:bb:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfJ8b2LLpSrx8HyHGOm8eHhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MjMwZDE0MmVlYzdmNmE5OWIwZGI0MDk2ZjkzYTA0MjA0
ODNmZTYwHhcNMjUwNzAyMDcwMjMyWhcNMjUwNzAzMDcwMjMyWjAzMTEwLwYDVQQD
Eyg4NTM4MGM5NWFiOGFjYzEzYmM3YzlmYTVjYzU0ZTE0NjBjYjE2ZWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhew4MuxKjP9mY5BTPn9aeqbwR1Vc
4+DDGMvVaH08IsmtEuOwc7N/GwgEP5LolJUqvKc5isgAlCjruICy/HWWZzVPwAjr
snUjzBaWO4D7XmGoqb0VZPsyruKCMJgRdCbaV0dff8OhhtaWUfEtFEPOPt0/n+Ip
LoRreWD8g24oySgL6cGjiKJsbNT7p3Za8sJTJfcVc+b3WPzhcCalMEca/pU27IFZ
D7aI6PYuAYvFKNeQiDfu68SWJiyKZ5uORwJE3pRxTbh4UHTY3joxqu5JJV+/EFdp
B6BkuQK+hxfX7JiMsEpRjZOMIIcpsvfRq/5rUG+2dCFgDovt++QjercxPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIU4DJWriswTvHyfpcxU4UYMsW7YMB8GA1UdIwQY
MBaAFHQjDRQu7H9qmbDbQJb5OgQgSD/mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZENNTkZDN3NmMnFac050QWx2azZCQ0JJUC1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC82OTc1NjQtMDAyNS00ZjkyLThkZmQt
Y2UxYzAzNDAwZDRkLzEvZENNTkZDN3NmMnFac050QWx2azZCQ0JJUC1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC82OTc1NjQtMDAyNS00ZjkyLThkZmQtY2UxYzAzNDAwZDRk
LzEvZENNTkZDN3NmMnFac050QWx2azZCQ0JJUC1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYZYqwZLQ
UJ6XWFfMyvOlwFZObbacCQKC9KaWbEcLa7+od3Njfk77Jo7EIRJXKpiPRC4nqT+9
rLGyi9nGJgdQlgc0ZwdK/zkXxrihAeuO72ICrYSDe91CWzWiRjwiCnb8skfIR7O6
4m9aQuRCGmk2+JjEVw7U/Z4IjBLRSa+3jGE1Lak3c8VJDiqCE5fiWq3HyTmgtcKh
vp5LcSv0bpv0y4cEdOMKWTmRI2n4/O58GC3CXbkgR2E0ElwtSNi2mvGHVkv25UM4
MM+8HEW3jj/UVWuMpJBOOhihg9wePV9fYLIco0SPlcLDZ5H4Z26f95U+GOCmP21L
76FfE8ncb9i7Rw==
-----END CERTIFICATE-----