Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft
File:                     861SH4OIdIPIybDG895f1e1Whck.mft (raw, json)
Hash identifier:          eoOgeQnRVg2cVsGCqCXv2dcA9fNWaAJRvrGyfSpuOog=
Subject key identifier:   1A:DE:CE:EC:79:89:56:8F:A0:18:27:28:66:6E:F5:76:B2:70:1C:C2
Authority key identifier: F3:AD:52:1F:83:88:74:83:C8:C9:B0:C6:F3:DE:5F:D5:ED:56:85:C9
Certificate issuer:       /CN=f3ad521f83887483c8c9b0c6f3de5fd5ed5685c9
Certificate serial:       0197B6A1A6EEBC8C3D8BD69FB09FF06F65EF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/861SH4OIdIPIybDG895f1e1Whck.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft
Manifest number:          0B3F
Signing time:             Sat 28 Jun 2025 13:02:16 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:16 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:16 +0000
Files and hashes:         1: 861SH4OIdIPIybDG895f1e1Whck.crl (hash: GZXqO19pBbSZHtuAzlji30odRDMaCJQ3k7NGwXn96jc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/861SH4OIdIPIybDG895f1e1Whck.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:a6:ee:bc:8c:3d:8b:d6:9f:b0:9f:f0:6f:65:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f3ad521f83887483c8c9b0c6f3de5fd5ed5685c9
        Validity
            Not Before: Jun 28 13:02:16 2025 GMT
            Not After : Jun 29 13:02:16 2025 GMT
        Subject: CN=1adeceec7989568fa0182728666ef576b2701cc2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:27:5e:8a:9a:48:fb:31:e9:7a:32:61:d2:27:
                    21:0a:1a:89:ab:db:c7:61:9b:e9:9d:7e:de:38:b4:
                    21:cf:10:39:49:7b:cd:8b:38:22:bb:2c:22:bc:30:
                    4a:eb:6b:0a:48:6f:0f:bc:50:f0:fb:76:4c:62:bc:
                    ed:88:cb:17:3b:0f:04:64:d7:f4:60:a2:51:5f:93:
                    bb:c3:d5:78:e1:b8:17:6a:8b:09:4d:69:7f:a2:4f:
                    8d:8a:1a:3c:b3:b6:f7:70:e0:63:f6:de:36:e3:37:
                    ef:cd:7c:b1:04:e9:7c:9e:db:ed:c0:d8:92:fa:08:
                    18:ee:4e:86:01:e0:de:d2:5b:d7:de:ff:65:6f:cf:
                    6e:6d:f6:82:db:b3:4c:f6:f2:da:fb:d7:01:b1:4e:
                    f5:f3:8c:9c:58:f6:4f:75:c1:e7:b7:30:76:4b:07:
                    25:0f:84:d6:55:76:3f:55:00:af:84:30:6a:65:98:
                    48:01:c2:c6:53:b1:b8:44:3e:4c:a8:4e:35:06:1a:
                    44:f1:f1:fd:07:8e:e6:0c:c4:7d:09:1b:a5:83:c2:
                    c6:64:c9:40:2b:c1:c2:b9:f3:de:e9:28:06:ca:7b:
                    86:ca:42:11:bf:22:8f:75:d3:a1:f2:af:40:73:c1:
                    ca:b0:75:ee:99:67:95:e2:73:9e:2e:ec:59:14:ea:
                    ce:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:DE:CE:EC:79:89:56:8F:A0:18:27:28:66:6E:F5:76:B2:70:1C:C2
            X509v3 Authority Key Identifier:
                keyid:F3:AD:52:1F:83:88:74:83:C8:C9:B0:C6:F3:DE:5F:D5:ED:56:85:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/861SH4OIdIPIybDG895f1e1Whck.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:1a:18:51:b6:9b:56:0a:32:a1:53:23:35:27:e0:a5:aa:1a:
         2c:ab:9f:cc:f8:24:79:b1:72:4f:54:f1:bc:f2:c5:e5:be:8c:
         48:89:33:26:bf:75:68:a0:74:47:68:bd:22:58:56:e9:be:fd:
         82:f5:41:ef:34:4a:f5:e9:35:c8:6b:bc:d2:fb:32:5e:a5:fc:
         62:ca:81:0d:79:9e:cb:da:71:9e:f8:68:ab:2e:2b:60:c8:06:
         46:90:79:cb:9f:19:29:58:eb:98:df:e0:90:12:ae:73:08:20:
         1c:3c:9e:50:cd:39:55:8c:05:3b:7e:c5:45:3f:8b:d2:6c:c3:
         a7:9b:f5:9d:8b:36:d7:0f:cf:03:32:1f:5b:9e:4c:40:5b:c7:
         66:0f:b5:20:42:bc:39:4e:c3:dc:f8:c6:f6:d6:ab:6d:7f:b0:
         7d:0e:83:e1:cb:19:91:bc:16:4e:52:f0:27:cf:ee:c0:d4:4e:
         51:63:0f:1b:cd:03:68:6a:a5:6a:1e:a4:4c:8e:a7:6f:b3:7b:
         ed:a2:ae:50:87:a1:d9:8c:53:a0:e6:a4:03:0e:cb:e0:af:31:
         f7:27:64:dd:20:da:e3:aa:88:eb:0b:25:88:37:23:a7:93:89:
         e3:08:26:33:0f:b7:d8:f6:68:2f:0f:4b:7f:5a:da:aa:8b:6c:
         3e:90:31:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oabuvIw9i9afsJ/wb2XvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYWQ1MjFmODM4ODc0ODNjOGM5YjBjNmYzZGU1ZmQ1ZWQ1
Njg1YzkwHhcNMjUwNjI4MTMwMjE2WhcNMjUwNjI5MTMwMjE2WjAzMTEwLwYDVQQD
EygxYWRlY2VlYzc5ODk1NjhmYTAxODI3Mjg2NjZlZjU3NmIyNzAxY2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ydeippI+zHpejJh0ichChqJq9vH
YZvpnX7eOLQhzxA5SXvNizgiuywivDBK62sKSG8PvFDw+3ZMYrztiMsXOw8EZNf0
YKJRX5O7w9V44bgXaosJTWl/ok+Niho8s7b3cOBj9t424zfvzXyxBOl8ntvtwNiS
+ggY7k6GAeDe0lvX3v9lb89ubfaC27NM9vLa+9cBsU7184ycWPZPdcHntzB2Swcl
D4TWVXY/VQCvhDBqZZhIAcLGU7G4RD5MqE41BhpE8fH9B47mDMR9CRulg8LGZMlA
K8HCufPe6SgGynuGykIRvyKPddOh8q9Ac8HKsHXumWeV4nOeLuxZFOrOCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBrezux5iVaPoBgnKGZu9XaycBzCMB8GA1UdIwQY
MBaAFPOtUh+DiHSDyMmwxvPeX9XtVoXJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODYxU0g0T0lkSVBJeWJERzg5NWYxZTFXaGNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jZGQ5ODUtMzM0Yy00YTBkLWE3YTgt
NzVjMGNjZWRmOTc2LzEvODYxU0g0T0lkSVBJeWJERzg5NWYxZTFXaGNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jZGQ5ODUtMzM0Yy00YTBkLWE3YTgtNzVjMGNjZWRmOTc2
LzEvODYxU0g0T0lkSVBJeWJERzg5NWYxZTFXaGNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKRoYUbab
VgoyoVMjNSfgpaoaLKufzPgkebFyT1TxvPLF5b6MSIkzJr91aKB0R2i9IlhW6b79
gvVB7zRK9ek1yGu80vsyXqX8YsqBDXmey9pxnvhoqy4rYMgGRpB5y58ZKVjrmN/g
kBKucwggHDyeUM05VYwFO37FRT+L0mzDp5v1nYs21w/PAzIfW55MQFvHZg+1IEK8
OU7D3PjG9tarbX+wfQ6D4csZkbwWTlLwJ8/uwNROUWMPG80DaGqlah6kTI6nb7N7
7aKuUIeh2YxToOakAw7L4K8x9ydk3SDa46qI6wsliDcjp5OJ4wgmMw+32PZoLw9L
f1raqotsPpAxSg==
-----END CERTIFICATE-----