Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
File:                     DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft (raw, json)
Hash identifier:          vq9geba+5AE9OLvqsEqQXxtazJu44HMdXnWxlgwDD7Y=
Subject key identifier:   A6:1F:1E:08:99:63:82:65:4E:10:A0:A9:B6:3E:8F:67:AC:D3:6F:E3
Authority key identifier: 0E:85:FD:3C:9F:95:58:B2:18:02:2F:F4:09:FC:55:4F:AE:E7:90:90
Certificate issuer:       /CN=0e85fd3c9f9558b218022ff409fc554faee79090
Certificate serial:       0197B7457D15B426B82034507A0EE4B1798E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
Manifest number:          15B2
Signing time:             Sat 28 Jun 2025 16:01:13 +0000
Manifest this update:     Sat 28 Jun 2025 16:01:13 +0000
Manifest next update:     Sun 29 Jun 2025 16:01:13 +0000
Files and hashes:         1: DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl (hash: YNTh3BsMJxuBMRkoDSN6l0eqk0aafbs2PwmjOvdbS4U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:45:7d:15:b4:26:b8:20:34:50:7a:0e:e4:b1:79:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e85fd3c9f9558b218022ff409fc554faee79090
        Validity
            Not Before: Jun 28 16:01:13 2025 GMT
            Not After : Jun 29 16:01:13 2025 GMT
        Subject: CN=a61f1e08996382654e10a0a9b63e8f67acd36fe3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:fa:e2:f2:d4:45:7d:23:c7:8d:98:7d:99:d5:
                    92:77:ec:e9:1a:a4:53:de:54:72:16:81:92:c5:07:
                    2f:f5:b9:e0:82:19:14:c9:01:0b:a3:99:dd:ed:6d:
                    6f:6b:e1:48:f3:19:68:8f:e2:69:e4:39:ec:a3:f4:
                    ba:79:2a:43:11:83:3c:31:7f:12:70:9e:0d:61:b4:
                    51:6a:4c:f6:27:f7:89:0d:44:6a:07:5b:80:a6:c7:
                    12:c4:5b:a4:26:9b:b7:f9:b1:36:4d:77:6c:bf:f2:
                    e2:38:4d:ba:a8:5a:26:2a:de:b9:7d:bf:af:71:cb:
                    89:2c:c2:6d:7a:72:e7:f8:e2:30:f3:1e:76:67:c0:
                    02:83:f7:0d:23:1c:f8:a9:3d:f6:b5:86:c5:05:ce:
                    6d:38:43:a5:9d:4b:22:4d:b9:7f:34:0a:94:49:04:
                    b6:80:57:16:c3:a5:da:f1:38:f6:33:40:77:1a:87:
                    e8:22:0b:d3:f7:5c:46:20:c6:ff:22:ce:31:ba:a9:
                    a1:83:e4:9d:33:ee:0a:e3:6d:e7:33:be:d6:bf:12:
                    ba:68:6d:6b:4a:b8:93:b3:96:31:75:81:f0:d5:cf:
                    a2:18:73:5c:f8:95:72:43:a4:12:ab:43:eb:f1:6d:
                    8b:db:ec:a9:3d:ce:ac:c6:34:38:62:ac:62:56:ce:
                    53:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:1F:1E:08:99:63:82:65:4E:10:A0:A9:B6:3E:8F:67:AC:D3:6F:E3
            X509v3 Authority Key Identifier:
                keyid:0E:85:FD:3C:9F:95:58:B2:18:02:2F:F4:09:FC:55:4F:AE:E7:90:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:f5:22:8e:b2:4d:ae:21:e3:9e:3d:1f:29:64:23:1c:fc:f6:
         cf:f7:8f:c6:3d:5a:35:32:ea:43:1d:c4:70:2a:33:02:53:73:
         f6:a9:39:0d:ca:f6:63:fd:8b:b6:76:88:85:56:e8:78:10:24:
         38:02:6a:9d:f8:2b:13:ba:2d:07:c7:b6:42:6f:44:15:82:7d:
         a4:1c:3d:33:c5:8c:3a:dd:61:78:37:93:7a:71:7f:34:e3:43:
         5a:be:c1:81:7a:23:dc:c4:e8:ec:76:18:89:90:9f:0b:70:3c:
         7e:02:59:d7:66:d8:f9:e2:d0:5b:6b:5e:02:2f:b9:34:24:22:
         05:64:2b:73:d6:c0:65:a7:2b:46:9a:be:23:c2:dc:f7:21:e5:
         53:22:e2:c5:d8:60:60:f6:50:35:fc:74:8c:49:ab:03:f9:2b:
         61:2e:6f:9f:c4:1c:eb:8b:6e:66:a0:39:34:99:bb:7f:ba:0b:
         72:8b:1c:5c:e5:d5:f1:ca:e1:b7:bb:80:bb:a6:d7:8c:f9:39:
         ec:06:dd:d8:23:f2:c7:c8:6b:87:92:7e:a4:eb:e2:67:7e:17:
         ce:15:08:11:e8:27:d4:d3:a0:fd:de:a5:8d:2f:26:55:6b:3d:
         32:bf:1a:94:91:68:ca:6f:62:0a:78:87:5e:9e:89:12:38:19:
         d5:d0:64:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RX0VtCa4IDRQeg7ksXmOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlODVmZDNjOWY5NTU4YjIxODAyMmZmNDA5ZmM1NTRmYWVl
NzkwOTAwHhcNMjUwNjI4MTYwMTEzWhcNMjUwNjI5MTYwMTEzWjAzMTEwLwYDVQQD
EyhhNjFmMWUwODk5NjM4MjY1NGUxMGEwYTliNjNlOGY2N2FjZDM2ZmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Pri8tRFfSPHjZh9mdWSd+zpGqRT
3lRyFoGSxQcv9bngghkUyQELo5nd7W1va+FI8xloj+Jp5Dnso/S6eSpDEYM8MX8S
cJ4NYbRRakz2J/eJDURqB1uApscSxFukJpu3+bE2TXdsv/LiOE26qFomKt65fb+v
ccuJLMJtenLn+OIw8x52Z8ACg/cNIxz4qT32tYbFBc5tOEOlnUsiTbl/NAqUSQS2
gFcWw6Xa8Tj2M0B3GofoIgvT91xGIMb/Is4xuqmhg+SdM+4K423nM77WvxK6aG1r
SriTs5YxdYHw1c+iGHNc+JVyQ6QSq0Pr8W2L2+ypPc6sxjQ4YqxiVs5TzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKYfHgiZY4JlThCgqbY+j2es02/jMB8GA1UdIwQY
MBaAFA6F/TyflViyGAIv9An8VU+u55CQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9iM2QzZDktNzkyOC00NThkLTgzNmUt
MzMwM2FmZTVjODliLzEvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9iM2QzZDktNzkyOC00NThkLTgzNmUtMzMwM2FmZTVjODli
LzEvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKfUijrJN
riHjnj0fKWQjHPz2z/ePxj1aNTLqQx3EcCozAlNz9qk5Dcr2Y/2LtnaIhVboeBAk
OAJqnfgrE7otB8e2Qm9EFYJ9pBw9M8WMOt1heDeTenF/NONDWr7BgXoj3MTo7HYY
iZCfC3A8fgJZ12bY+eLQW2teAi+5NCQiBWQrc9bAZacrRpq+I8Lc9yHlUyLixdhg
YPZQNfx0jEmrA/krYS5vn8Qc64tuZqA5NJm7f7oLcoscXOXV8crht7uAu6bXjPk5
7Abd2CPyx8hrh5J+pOviZ34XzhUIEegn1NOg/d6ljS8mVWs9Mr8alJFoym9iCniH
Xp6JEjgZ1dBkJA==
-----END CERTIFICATE-----