Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
File:                     RNvjYmp2sEoSCIlwSViGPUJjLw8.mft (raw, json)
Hash identifier:          r3Xlnb2+WQ3bptiQGtVn4J5YKjSJnXAHVTQcFs103Zk=
Subject key identifier:   D7:61:BE:3A:74:42:BE:3B:A4:E4:8A:C4:2C:15:0B:37:81:57:63:71
Authority key identifier: 44:DB:E3:62:6A:76:B0:4A:12:08:89:70:49:58:86:3D:42:63:2F:0F
Certificate issuer:       /CN=44dbe3626a76b04a120889704958863d42632f0f
Certificate serial:       0197B6D737A005E490B0179BB9BF138B10C3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
Manifest number:          03C4
Signing time:             Sat 28 Jun 2025 14:00:47 +0000
Manifest this update:     Sat 28 Jun 2025 14:00:47 +0000
Manifest next update:     Sun 29 Jun 2025 14:00:47 +0000
Files and hashes:         1: RNvjYmp2sEoSCIlwSViGPUJjLw8.crl (hash: 9dYI1mydD+pMJAN4IXs/7zt4ZuECo5xTJYpJVI8/TSU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:d7:37:a0:05:e4:90:b0:17:9b:b9:bf:13:8b:10:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44dbe3626a76b04a120889704958863d42632f0f
        Validity
            Not Before: Jun 28 14:00:47 2025 GMT
            Not After : Jun 29 14:00:47 2025 GMT
        Subject: CN=d761be3a7442be3ba4e48ac42c150b3781576371
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:d8:26:49:58:04:f3:95:39:7a:d3:e0:90:88:
                    63:54:29:d3:c1:e9:18:55:da:41:bf:55:04:34:90:
                    ff:26:38:eb:b3:eb:41:06:40:ee:ca:51:ae:45:f1:
                    2f:9a:11:cc:71:df:54:36:db:70:e6:a6:37:ab:74:
                    76:d2:1a:3b:0d:f9:49:72:ec:c2:78:47:35:e9:fe:
                    84:b3:50:88:a9:64:04:09:6e:db:9c:01:f7:fd:d5:
                    6a:d9:d8:65:1a:a9:e4:7b:db:ac:da:ac:d9:d0:b0:
                    6e:0c:54:a9:42:80:61:8f:5c:2d:56:36:52:74:d1:
                    17:02:89:6d:4c:64:58:4b:84:23:fa:3c:41:1a:15:
                    ed:e4:ce:5f:8e:92:10:d0:08:25:c8:fd:95:bd:88:
                    ee:aa:55:b6:e2:51:ae:0e:ed:50:98:67:5f:3b:1b:
                    4b:06:58:99:73:73:01:7a:42:5f:31:16:89:14:26:
                    b8:d4:e1:50:bf:1f:56:67:f2:ab:03:2f:a1:cc:b6:
                    13:6f:77:99:dd:30:12:f5:83:c1:cf:3f:5b:6c:b4:
                    41:a3:8f:ac:de:e0:7f:58:bc:46:5a:64:65:37:f1:
                    aa:80:81:d6:ab:c8:31:0f:7d:85:4a:e1:e6:3d:c2:
                    e0:46:11:1c:08:99:55:8d:fd:c8:65:52:5f:1f:e0:
                    7c:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:61:BE:3A:74:42:BE:3B:A4:E4:8A:C4:2C:15:0B:37:81:57:63:71
            X509v3 Authority Key Identifier:
                keyid:44:DB:E3:62:6A:76:B0:4A:12:08:89:70:49:58:86:3D:42:63:2F:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:e9:cd:c6:ad:82:54:83:a6:a2:0a:f3:cf:7f:56:58:bc:e4:
         0f:6e:c8:43:9c:5f:e0:b0:78:5c:b9:6b:20:3d:ee:b0:9c:06:
         8b:22:81:18:98:c9:43:15:62:9b:9e:88:1e:a4:6e:43:45:80:
         79:a7:43:a9:fb:8f:4e:41:38:5f:7f:7d:cb:ff:83:b2:2a:9b:
         62:46:26:eb:0e:66:33:76:f8:b6:4d:25:b5:e6:6c:dd:eb:a5:
         38:5b:18:5d:67:1a:ef:73:37:69:f9:6d:4b:2d:f9:59:3c:10:
         2a:1c:e2:6d:04:c2:3b:5c:b2:f5:6b:9c:ad:3a:a9:f9:e1:05:
         66:cb:56:f1:b7:09:2d:49:4b:1b:96:3a:1c:ac:3f:11:58:f9:
         ff:79:1c:d4:4a:d1:b2:83:85:ea:8a:08:f4:ee:58:e4:89:fc:
         ba:4c:5a:1d:1f:b1:68:35:e4:95:e2:1e:e5:57:3d:70:85:fb:
         6d:bf:8d:51:0e:15:21:5f:6e:ed:dc:a7:d5:06:fc:b2:ba:ef:
         2f:96:a4:f8:23:ea:5d:43:58:fc:bc:19:c7:b2:29:a2:f8:7b:
         16:c2:d9:3b:b6:6f:cc:7c:87:67:86:85:4e:d5:40:47:57:61:
         57:c0:4a:ad:8a:42:f3:3b:76:f6:2d:76:6c:fb:5a:75:28:83:
         18:93:71:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe21zegBeSQsBebub8TixDDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZGJlMzYyNmE3NmIwNGExMjA4ODk3MDQ5NTg4NjNkNDI2
MzJmMGYwHhcNMjUwNjI4MTQwMDQ3WhcNMjUwNjI5MTQwMDQ3WjAzMTEwLwYDVQQD
EyhkNzYxYmUzYTc0NDJiZTNiYTRlNDhhYzQyYzE1MGIzNzgxNTc2MzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstgmSVgE85U5etPgkIhjVCnTwekY
VdpBv1UENJD/Jjjrs+tBBkDuylGuRfEvmhHMcd9UNttw5qY3q3R20ho7DflJcuzC
eEc16f6Es1CIqWQECW7bnAH3/dVq2dhlGqnke9us2qzZ0LBuDFSpQoBhj1wtVjZS
dNEXAoltTGRYS4Qj+jxBGhXt5M5fjpIQ0AglyP2VvYjuqlW24lGuDu1QmGdfOxtL
BliZc3MBekJfMRaJFCa41OFQvx9WZ/KrAy+hzLYTb3eZ3TAS9YPBzz9bbLRBo4+s
3uB/WLxGWmRlN/GqgIHWq8gxD32FSuHmPcLgRhEcCJlVjf3IZVJfH+B8EwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNdhvjp0Qr47pOSKxCwVCzeBV2NxMB8GA1UdIwQY
MBaAFETb42JqdrBKEgiJcElYhj1CYy8PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9jOGU0MTktMDM0Ni00MzNmLTkzMDkt
ZGU4MWY5YWQ3NzljLzEvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9jOGU0MTktMDM0Ni00MzNmLTkzMDktZGU4MWY5YWQ3Nzlj
LzEvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIOnNxq2C
VIOmogrzz39WWLzkD27IQ5xf4LB4XLlrID3usJwGiyKBGJjJQxVim56IHqRuQ0WA
eadDqfuPTkE4X399y/+DsiqbYkYm6w5mM3b4tk0lteZs3eulOFsYXWca73M3aflt
Sy35WTwQKhzibQTCO1yy9WucrTqp+eEFZstW8bcJLUlLG5Y6HKw/EVj5/3kc1ErR
soOF6ooI9O5Y5In8ukxaHR+xaDXkleIe5Vc9cIX7bb+NUQ4VIV9u7dyn1Qb8srrv
L5ak+CPqXUNY/LwZx7Ipovh7FsLZO7ZvzHyHZ4aFTtVAR1dhV8BKrYpC8zt29i12
bPtadSiDGJNxSA==
-----END CERTIFICATE-----