Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.mft
File:                     4KM3CoQbiT57aPhqOTNjWC4QVkg.mft (raw, json)
Hash identifier:          siy/jjj9yASm4ZdSUbO2BiVY7xumdsO0mDhiHKesAkY=
Subject key identifier:   02:7C:FF:59:41:7D:70:F4:C7:26:22:BC:C9:2A:0E:04:D3:64:40:7E
Authority key identifier: E0:A3:37:0A:84:1B:89:3E:7B:68:F8:6A:39:33:63:58:2E:10:56:48
Certificate issuer:       /CN=e0a3370a841b893e7b68f86a393363582e105648
Certificate serial:       0197B70EE3CFA9A3297D19674D16B46C8C0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4KM3CoQbiT57aPhqOTNjWC4QVkg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.mft
Manifest number:          0A8F
Signing time:             Sat 28 Jun 2025 15:01:35 +0000
Manifest this update:     Sat 28 Jun 2025 15:01:35 +0000
Manifest next update:     Sun 29 Jun 2025 15:01:35 +0000
Files and hashes:         1: 4KM3CoQbiT57aPhqOTNjWC4QVkg.crl (hash: BsZPYCfsQ6VkZKPR00OW1QQ5CWM1uQDF9b7NXlhBL7A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4KM3CoQbiT57aPhqOTNjWC4QVkg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0e:e3:cf:a9:a3:29:7d:19:67:4d:16:b4:6c:8c:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e0a3370a841b893e7b68f86a393363582e105648
        Validity
            Not Before: Jun 28 15:01:35 2025 GMT
            Not After : Jun 29 15:01:35 2025 GMT
        Subject: CN=027cff59417d70f4c72622bcc92a0e04d364407e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:55:6d:ba:34:08:ed:76:3a:12:57:2f:93:a8:
                    ae:a0:cf:c5:b7:80:03:5b:57:2f:11:7e:69:13:e3:
                    a6:b3:c0:fc:bc:94:30:0a:f8:50:f6:90:1a:0e:c2:
                    ac:5b:5c:c9:7a:1d:66:d7:f4:8a:62:68:4e:fa:ad:
                    f3:1a:2a:e2:e7:73:09:64:30:f6:df:0d:5a:1c:7f:
                    86:ea:b2:72:bd:c4:b9:04:8e:ad:3f:d8:72:39:8e:
                    e9:ff:73:0c:18:90:90:d6:64:75:2d:ef:7e:6c:fa:
                    f1:44:32:ec:63:63:24:de:15:f4:43:1f:c1:9a:6f:
                    c2:f2:9c:f3:cb:70:5a:78:96:38:06:29:4a:16:3f:
                    83:e3:5b:91:d6:4c:d9:ea:34:6c:4d:b4:d8:c1:a2:
                    74:8c:7e:94:4d:96:c4:54:60:c3:74:18:8b:0f:b2:
                    55:1e:ad:a6:bb:82:2a:04:a1:1d:c9:41:41:86:e0:
                    52:e0:b0:51:51:2d:8b:dd:62:be:08:22:ad:a9:73:
                    b4:cf:e3:75:af:d9:2d:d0:16:f2:20:5e:4f:60:32:
                    f7:d4:9d:89:af:00:5c:58:b3:d3:4d:39:c7:a8:15:
                    10:80:83:5a:c0:e1:ae:98:7e:c5:a1:e4:26:44:87:
                    80:05:f4:d3:09:21:b5:94:fa:36:62:84:89:c2:07:
                    b0:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:7C:FF:59:41:7D:70:F4:C7:26:22:BC:C9:2A:0E:04:D3:64:40:7E
            X509v3 Authority Key Identifier:
                keyid:E0:A3:37:0A:84:1B:89:3E:7B:68:F8:6A:39:33:63:58:2E:10:56:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4KM3CoQbiT57aPhqOTNjWC4QVkg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:5a:8d:73:ef:a4:71:3d:2b:d3:3f:d5:ab:64:67:55:70:a1:
         9f:bc:25:86:b8:be:d6:ee:ec:39:fe:69:2a:2d:59:a3:4b:f5:
         76:08:51:e4:67:5c:2a:57:7b:4d:a4:53:72:d0:39:fd:90:dc:
         7d:29:d0:c4:ec:3d:6b:28:6b:97:51:39:54:5c:8e:01:3b:35:
         36:6c:8a:59:b6:bb:1a:dc:c8:19:2c:93:43:cb:5f:6e:f5:a6:
         45:1e:ba:f3:fc:27:3b:e5:46:9a:2b:d9:05:e1:a6:fa:04:29:
         aa:3e:e0:8c:9e:00:13:0b:42:d8:0a:55:c3:30:76:1f:fe:11:
         94:aa:91:31:e1:b1:c6:f0:39:15:19:55:52:24:56:dd:cd:bd:
         8a:2d:0f:04:c4:fa:66:bd:43:c2:83:81:2d:b9:be:bc:ea:be:
         57:33:7e:58:f5:cd:b3:d3:ad:fc:89:1f:65:c8:49:9c:04:a4:
         6c:26:e6:98:f3:84:1a:40:c5:de:fe:5b:66:6e:b1:7a:8d:07:
         79:5f:4a:6a:d9:63:dd:11:1d:71:29:eb:f7:e5:98:25:82:28:
         7e:d2:1f:78:27:ff:9a:d5:fa:c3:88:64:a6:af:47:39:5b:e2:
         0e:2b:09:1c:a4:de:69:7b:67:0c:d0:82:c6:93:a2:6c:dc:d6:
         2f:6b:5a:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3DuPPqaMpfRlnTRa0bIwKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwYTMzNzBhODQxYjg5M2U3YjY4Zjg2YTM5MzM2MzU4MmUx
MDU2NDgwHhcNMjUwNjI4MTUwMTM1WhcNMjUwNjI5MTUwMTM1WjAzMTEwLwYDVQQD
EygwMjdjZmY1OTQxN2Q3MGY0YzcyNjIyYmNjOTJhMGUwNGQzNjQ0MDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6VVtujQI7XY6Elcvk6iuoM/Ft4AD
W1cvEX5pE+Oms8D8vJQwCvhQ9pAaDsKsW1zJeh1m1/SKYmhO+q3zGiri53MJZDD2
3w1aHH+G6rJyvcS5BI6tP9hyOY7p/3MMGJCQ1mR1Le9+bPrxRDLsY2Mk3hX0Qx/B
mm/C8pzzy3BaeJY4BilKFj+D41uR1kzZ6jRsTbTYwaJ0jH6UTZbEVGDDdBiLD7JV
Hq2mu4IqBKEdyUFBhuBS4LBRUS2L3WK+CCKtqXO0z+N1r9kt0BbyIF5PYDL31J2J
rwBcWLPTTTnHqBUQgINawOGumH7FoeQmRIeABfTTCSG1lPo2YoSJwgewjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAJ8/1lBfXD0xyYivMkqDgTTZEB+MB8GA1UdIwQY
MBaAFOCjNwqEG4k+e2j4ajkzY1guEFZIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEtNM0NvUWJpVDU3YVBocU9UTmpXQzRRVmtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC85NTc0NmUtYmU1Mi00MmVlLTljYzgt
YzNlZGI0ZDhmNzFlLzEvNEtNM0NvUWJpVDU3YVBocU9UTmpXQzRRVmtnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC85NTc0NmUtYmU1Mi00MmVlLTljYzgtYzNlZGI0ZDhmNzFl
LzEvNEtNM0NvUWJpVDU3YVBocU9UTmpXQzRRVmtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ1qNc++k
cT0r0z/Vq2RnVXChn7wlhri+1u7sOf5pKi1Zo0v1dghR5GdcKld7TaRTctA5/ZDc
fSnQxOw9ayhrl1E5VFyOATs1NmyKWba7GtzIGSyTQ8tfbvWmRR668/wnO+VGmivZ
BeGm+gQpqj7gjJ4AEwtC2ApVwzB2H/4RlKqRMeGxxvA5FRlVUiRW3c29ii0PBMT6
Zr1DwoOBLbm+vOq+VzN+WPXNs9Ot/IkfZchJnASkbCbmmPOEGkDF3v5bZm6xeo0H
eV9Katlj3REdcSnr9+WYJYIoftIfeCf/mtX6w4hkpq9HOVviDisJHKTeaXtnDNCC
xpOibNzWL2taEA==
-----END CERTIFICATE-----