Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft
File:                     PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft (raw, json)
Hash identifier:          MzC1HQ8pPEZ6VY3fRo6nSCcpXNDmtbuEL15h4YBlXd4=
Subject key identifier:   40:06:6A:77:6F:A3:E0:19:65:D7:FC:D2:5F:6F:E5:6F:86:FE:AC:BA
Authority key identifier: 3C:0F:ED:6E:0D:14:2A:2F:09:C0:40:C9:9A:F1:C9:35:60:20:92:91
Certificate issuer:       /CN=3c0fed6e0d142a2f09c040c99af1c93560209291
Certificate serial:       0197B745585ECBE884084916C625D25C970D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PA_tbg0UKi8JwEDJmvHJNWAgkpE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft
Manifest number:          1038
Signing time:             Sat 28 Jun 2025 16:01:04 +0000
Manifest this update:     Sat 28 Jun 2025 16:01:04 +0000
Manifest next update:     Sun 29 Jun 2025 16:01:04 +0000
Files and hashes:         1: PA_tbg0UKi8JwEDJmvHJNWAgkpE.crl (hash: QLAN6zeXg7ZPio+ZlaVt/4IPLRUL/7PBDwvMJJuuS7U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PA_tbg0UKi8JwEDJmvHJNWAgkpE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:45:58:5e:cb:e8:84:08:49:16:c6:25:d2:5c:97:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c0fed6e0d142a2f09c040c99af1c93560209291
        Validity
            Not Before: Jun 28 16:01:04 2025 GMT
            Not After : Jun 29 16:01:04 2025 GMT
        Subject: CN=40066a776fa3e01965d7fcd25f6fe56f86feacba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:48:c5:2e:bd:fd:dc:24:77:27:cd:c7:be:1f:
                    53:c3:98:dd:d3:af:87:c9:c2:5f:e7:cb:27:65:7b:
                    87:ec:8f:3b:53:c3:1e:85:59:ea:4e:cf:13:a7:dc:
                    f2:6c:49:8c:8d:a4:30:76:3f:b3:26:e6:fe:20:77:
                    3e:1b:65:54:02:10:49:58:ae:73:ae:22:0f:35:76:
                    c6:e2:ed:54:a2:47:47:48:37:08:12:ef:a6:f8:3f:
                    82:0a:c2:d0:64:fe:7c:a6:4e:e3:69:cb:3b:3f:78:
                    ae:28:66:b8:ab:98:9f:79:bf:cc:8c:70:ac:f8:54:
                    d3:ea:a4:c2:fb:12:4e:af:93:7c:15:09:be:12:9e:
                    60:5b:e8:67:df:7a:80:b3:91:25:75:1c:e8:02:e1:
                    3c:63:d3:b8:15:8e:92:06:4d:d5:0f:45:41:94:84:
                    e3:09:72:6a:14:eb:ca:63:52:f7:01:43:5e:12:37:
                    87:41:0c:71:49:fc:64:d3:09:9c:44:1a:bb:0a:0d:
                    d0:05:8b:c7:b3:0d:d0:e2:0d:4f:c9:3a:60:fc:88:
                    fb:a3:f8:d7:c9:3e:d3:54:46:99:55:4d:f4:af:31:
                    ca:47:19:eb:c0:e0:55:32:bd:f8:31:85:7c:b4:c7:
                    6c:70:c9:9b:bc:ef:34:9a:51:1b:53:07:74:95:0b:
                    3e:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:06:6A:77:6F:A3:E0:19:65:D7:FC:D2:5F:6F:E5:6F:86:FE:AC:BA
            X509v3 Authority Key Identifier:
                keyid:3C:0F:ED:6E:0D:14:2A:2F:09:C0:40:C9:9A:F1:C9:35:60:20:92:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PA_tbg0UKi8JwEDJmvHJNWAgkpE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:92:7a:4b:5a:f6:53:43:b3:f2:52:13:d0:0e:93:56:9e:48:
         ef:4b:55:1d:55:0b:0e:59:e8:1e:b8:46:fd:06:68:2e:c0:6f:
         8d:e1:48:7c:56:be:e5:49:4c:54:34:5f:b6:85:5c:56:e7:52:
         c4:68:46:32:33:51:05:44:fb:9f:00:29:f8:6a:85:98:1b:dd:
         51:fd:73:86:ad:af:8a:34:00:b3:ef:4e:95:16:7b:0f:1a:2e:
         1d:ea:ff:0b:11:48:f8:35:cd:4e:a6:83:d6:f9:49:63:e0:32:
         6a:34:19:d4:5a:4d:56:43:34:b2:50:91:00:d5:0a:cb:e1:69:
         b9:fb:4c:73:d7:47:3b:99:c4:05:f6:07:ee:8e:5b:ef:7d:f4:
         1c:4a:31:ec:c9:74:0e:6c:bf:30:ab:ec:70:cf:b2:9a:07:14:
         a3:6f:87:c4:88:f1:bc:f0:84:07:77:43:69:59:db:f9:3f:ba:
         62:08:b5:ff:3c:7e:79:f8:90:58:c9:83:8b:e7:97:ad:fa:f7:
         25:d2:f5:10:a6:44:75:70:e5:c0:92:93:c7:50:1d:95:ad:3f:
         b2:15:7f:dd:d5:3f:93:f6:fc:7a:4a:fd:10:bc:22:e9:14:42:
         eb:0f:0f:69:bb:99:0f:57:28:62:b6:69:85:4e:6c:a1:8e:0d:
         79:fb:3c:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RVhey+iECEkWxiXSXJcNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMGZlZDZlMGQxNDJhMmYwOWMwNDBjOTlhZjFjOTM1NjAy
MDkyOTEwHhcNMjUwNjI4MTYwMTA0WhcNMjUwNjI5MTYwMTA0WjAzMTEwLwYDVQQD
Eyg0MDA2NmE3NzZmYTNlMDE5NjVkN2ZjZDI1ZjZmZTU2Zjg2ZmVhY2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUjFLr393CR3J83Hvh9Tw5jd06+H
ycJf58snZXuH7I87U8MehVnqTs8Tp9zybEmMjaQwdj+zJub+IHc+G2VUAhBJWK5z
riIPNXbG4u1UokdHSDcIEu+m+D+CCsLQZP58pk7jacs7P3iuKGa4q5ifeb/MjHCs
+FTT6qTC+xJOr5N8FQm+Ep5gW+hn33qAs5EldRzoAuE8Y9O4FY6SBk3VD0VBlITj
CXJqFOvKY1L3AUNeEjeHQQxxSfxk0wmcRBq7Cg3QBYvHsw3Q4g1PyTpg/Ij7o/jX
yT7TVEaZVU30rzHKRxnrwOBVMr34MYV8tMdscMmbvO80mlEbUwd0lQs+uQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEAGandvo+AZZdf80l9v5W+G/qy6MB8GA1UdIwQY
MBaAFDwP7W4NFCovCcBAyZrxyTVgIJKRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEFfdGJnMFVLaThKd0VESm12SEpOV0Fna3BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8xOGE1YzItMjVmNC00NWZjLWJiNDEt
OWFmZGMzNDVlM2QzLzEvUEFfdGJnMFVLaThKd0VESm12SEpOV0Fna3BFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8xOGE1YzItMjVmNC00NWZjLWJiNDEtOWFmZGMzNDVlM2Qz
LzEvUEFfdGJnMFVLaThKd0VESm12SEpOV0Fna3BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARZJ6S1r2
U0Oz8lIT0A6TVp5I70tVHVULDlnoHrhG/QZoLsBvjeFIfFa+5UlMVDRftoVcVudS
xGhGMjNRBUT7nwAp+GqFmBvdUf1zhq2vijQAs+9OlRZ7DxouHer/CxFI+DXNTqaD
1vlJY+AyajQZ1FpNVkM0slCRANUKy+FpuftMc9dHO5nEBfYH7o5b7330HEox7Ml0
Dmy/MKvscM+ymgcUo2+HxIjxvPCEB3dDaVnb+T+6Ygi1/zx+efiQWMmDi+eXrfr3
JdL1EKZEdXDlwJKTx1Adla0/shV/3dU/k/b8ekr9ELwi6RRC6w8PabuZD1coYrZp
hU5soY4Nefs8uw==
-----END CERTIFICATE-----