Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft
File:                     3ySnzbcPLOjN3aURtEWeA0_375s.mft (raw, json)
Hash identifier:          ofcWEd6YEcM6lclGLzX9rdbe0JKgEn+0qPDVaeOf/i8=
Subject key identifier:   1D:B4:05:2F:83:DC:A4:9A:1F:2C:D5:78:3A:03:79:A3:06:B1:71:57
Authority key identifier: DF:24:A7:CD:B7:0F:2C:E8:CD:DD:A5:11:B4:45:9E:03:4F:F7:EF:9B
Certificate issuer:       /CN=df24a7cdb70f2ce8cddda511b4459e034ff7ef9b
Certificate serial:       0197B8FD9A7FCCF149AC5F84FB8CD2ED86E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3ySnzbcPLOjN3aURtEWeA0_375s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft
Manifest number:          0D61
Signing time:             Sun 29 Jun 2025 00:01:57 +0000
Manifest this update:     Sun 29 Jun 2025 00:01:57 +0000
Manifest next update:     Mon 30 Jun 2025 00:01:57 +0000
Files and hashes:         1: 3ySnzbcPLOjN3aURtEWeA0_375s.crl (hash: JZLbBdccQDM/ynrAJJiknd7Q9OEjjcW0/j7M0SBmQc8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3ySnzbcPLOjN3aURtEWeA0_375s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 00:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:fd:9a:7f:cc:f1:49:ac:5f:84:fb:8c:d2:ed:86:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df24a7cdb70f2ce8cddda511b4459e034ff7ef9b
        Validity
            Not Before: Jun 29 00:01:57 2025 GMT
            Not After : Jun 30 00:01:57 2025 GMT
        Subject: CN=1db4052f83dca49a1f2cd5783a0379a306b17157
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:3b:91:77:47:db:58:d4:5c:18:09:e9:9f:cd:
                    c4:0f:0f:1f:33:9c:06:93:0c:77:5d:66:c2:89:d0:
                    4b:18:68:84:02:5e:45:95:a1:2f:5e:55:0a:35:83:
                    8c:6d:1e:5e:66:d0:23:21:50:d6:49:b9:d7:a0:2a:
                    8b:d7:41:18:b9:7c:b5:73:d7:c2:84:ee:a0:38:6c:
                    e4:da:d0:5e:17:8a:61:67:27:f3:26:41:4e:d8:ac:
                    fb:c4:79:15:e1:14:44:df:72:88:a3:49:9f:af:44:
                    f3:0e:fa:7c:b0:03:5a:3f:8d:04:e7:58:bc:13:4e:
                    be:87:8e:f9:ba:b4:26:70:02:7b:97:31:91:f7:01:
                    01:62:8c:f6:0d:10:ef:85:1c:c9:14:90:b3:2a:bb:
                    66:96:e6:ac:b7:c8:dc:48:f6:62:1a:db:19:36:50:
                    37:66:94:1d:b4:67:41:d6:bd:87:fd:55:32:ec:83:
                    87:f7:6b:3f:d1:aa:cf:66:59:8e:fc:54:0e:64:86:
                    3f:15:16:36:60:e5:82:a4:ef:ec:05:be:ed:36:d0:
                    2e:d2:2f:f8:87:36:34:f0:6f:4a:c1:83:8d:71:63:
                    7a:c5:d1:f8:b8:6c:90:63:8c:3c:c0:f1:bc:09:ec:
                    26:94:32:84:f3:9f:41:2a:00:d0:bb:18:03:d6:41:
                    83:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:B4:05:2F:83:DC:A4:9A:1F:2C:D5:78:3A:03:79:A3:06:B1:71:57
            X509v3 Authority Key Identifier:
                keyid:DF:24:A7:CD:B7:0F:2C:E8:CD:DD:A5:11:B4:45:9E:03:4F:F7:EF:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ySnzbcPLOjN3aURtEWeA0_375s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:f9:bf:cc:39:d0:05:e4:5b:b4:80:d3:13:14:7c:0e:a5:89:
         20:1a:21:17:e5:d7:81:22:75:18:b1:42:77:28:3e:0e:44:e7:
         28:9f:d2:3a:23:2e:80:ae:c4:dd:44:d4:56:29:b7:9f:09:fe:
         5f:7b:43:54:06:eb:ea:fa:fc:23:69:c6:74:7f:93:a5:ec:44:
         c1:ee:fe:41:88:6a:3d:0d:6a:65:16:c3:1d:43:ef:82:85:c2:
         dc:dc:5b:d1:6c:41:aa:0c:42:bf:29:5f:69:a6:8f:d3:c8:4a:
         90:11:e7:00:95:5d:41:04:0d:df:9f:a0:7e:3e:12:da:76:a1:
         28:30:ab:98:20:f3:dc:9a:07:ca:15:97:6d:f2:6f:b3:26:83:
         5b:8e:30:88:96:58:3a:54:20:77:66:03:4a:01:36:be:13:f0:
         37:04:0e:26:09:93:bc:4d:cf:8a:20:0e:c2:fe:b7:78:f8:e8:
         7b:84:53:7e:51:25:df:68:3b:f6:ab:a9:76:1b:52:e6:49:0b:
         3d:8d:fb:31:5c:ea:07:70:39:3e:06:a1:32:dd:01:21:0e:13:
         f3:65:d9:b7:d7:ed:7f:02:c9:e3:bc:75:cd:ba:62:28:7b:76:
         d2:d2:d9:a1:88:b4:a3:1d:67:fb:0a:1a:8b:e6:45:ed:00:02:
         39:4d:4a:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4/Zp/zPFJrF+E+4zS7YblMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmMjRhN2NkYjcwZjJjZThjZGRkYTUxMWI0NDU5ZTAzNGZm
N2VmOWIwHhcNMjUwNjI5MDAwMTU3WhcNMjUwNjMwMDAwMTU3WjAzMTEwLwYDVQQD
EygxZGI0MDUyZjgzZGNhNDlhMWYyY2Q1NzgzYTAzNzlhMzA2YjE3MTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1DuRd0fbWNRcGAnpn83EDw8fM5wG
kwx3XWbCidBLGGiEAl5FlaEvXlUKNYOMbR5eZtAjIVDWSbnXoCqL10EYuXy1c9fC
hO6gOGzk2tBeF4phZyfzJkFO2Kz7xHkV4RRE33KIo0mfr0TzDvp8sANaP40E51i8
E06+h475urQmcAJ7lzGR9wEBYoz2DRDvhRzJFJCzKrtmluast8jcSPZiGtsZNlA3
ZpQdtGdB1r2H/VUy7IOH92s/0arPZlmO/FQOZIY/FRY2YOWCpO/sBb7tNtAu0i/4
hzY08G9KwYONcWN6xdH4uGyQY4w8wPG8CewmlDKE859BKgDQuxgD1kGDSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB20BS+D3KSaHyzVeDoDeaMGsXFXMB8GA1UdIwQY
MBaAFN8kp823Dyzozd2lEbRFngNP9++bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3lTbnpiY1BMT2pOM2FVUnRFV2VBMF8zNzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi83NTcwZjgtYzJhOC00ZGQ0LTllZjIt
ZjY5ZDczOTc0NThlLzEvM3lTbnpiY1BMT2pOM2FVUnRFV2VBMF8zNzVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi83NTcwZjgtYzJhOC00ZGQ0LTllZjItZjY5ZDczOTc0NThl
LzEvM3lTbnpiY1BMT2pOM2FVUnRFV2VBMF8zNzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApvm/zDnQ
BeRbtIDTExR8DqWJIBohF+XXgSJ1GLFCdyg+DkTnKJ/SOiMugK7E3UTUVim3nwn+
X3tDVAbr6vr8I2nGdH+TpexEwe7+QYhqPQ1qZRbDHUPvgoXC3Nxb0WxBqgxCvylf
aaaP08hKkBHnAJVdQQQN35+gfj4S2nahKDCrmCDz3JoHyhWXbfJvsyaDW44wiJZY
OlQgd2YDSgE2vhPwNwQOJgmTvE3PiiAOwv63ePjoe4RTflEl32g79qupdhtS5kkL
PY37MVzqB3A5PgahMt0BIQ4T82XZt9ftfwLJ47x1zbpiKHt20tLZoYi0ox1n+woa
i+ZF7QACOU1KOg==
-----END CERTIFICATE-----