Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft
File:                     L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft (raw, json)
Hash identifier:          HpWeZbUKpgmF2B/ZKnfm0JM3PKaD0f8bca6XmJ3Gekk=
Subject key identifier:   CA:EC:1C:7F:0B:78:1E:9E:24:F2:5D:EC:19:24:4A:59:2E:74:61:DF
Authority key identifier: 2F:70:53:26:64:34:3C:B3:D2:89:70:23:A1:27:F6:0B:A9:17:A5:DD
Certificate issuer:       /CN=2f70532664343cb3d2897023a127f60ba917a5dd
Certificate serial:       0196C796456DDBCA9973562386A0CB8A2776
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft
Manifest number:          0B2B
Signing time:             Tue 13 May 2025 03:00:35 +0000
Manifest this update:     Tue 13 May 2025 03:00:35 +0000
Manifest next update:     Wed 14 May 2025 03:00:35 +0000
Files and hashes:         1: L3BTJmQ0PLPSiXAjoSf2C6kXpd0.crl (hash: anc6GhbIi3hRhtQTiOkOnIORcRte1wIgupyK12aZD8w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c7:96:45:6d:db:ca:99:73:56:23:86:a0:cb:8a:27:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f70532664343cb3d2897023a127f60ba917a5dd
        Validity
            Not Before: May 13 03:00:35 2025 GMT
            Not After : May 14 03:00:35 2025 GMT
        Subject: CN=caec1c7f0b781e9e24f25dec19244a592e7461df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:12:ae:cd:5b:f9:ba:9b:02:1c:01:31:0b:4c:
                    14:bb:7c:69:d1:67:39:c5:4e:a5:42:1d:52:c3:5a:
                    87:bb:da:39:c8:eb:79:6e:34:5e:08:6c:25:ba:a0:
                    40:b5:25:35:d7:20:2d:72:01:f3:cf:2c:c6:16:ad:
                    04:90:54:36:c1:d5:8d:01:6a:91:22:d2:51:43:5b:
                    0e:7a:73:58:36:ac:c6:76:7d:82:86:d1:d4:aa:02:
                    51:71:ad:8d:80:d1:f3:ea:d3:fc:b5:0f:5a:59:94:
                    34:44:2f:75:88:ea:7d:a9:7b:15:bf:f7:bd:44:f7:
                    3d:d5:00:02:66:e3:e0:a3:92:e1:61:ac:60:98:ad:
                    09:ad:8f:1b:cc:d2:08:41:c3:56:c7:87:24:82:1c:
                    45:4f:76:ee:48:ae:a1:71:c9:3c:7b:97:9f:fd:10:
                    8a:32:48:1a:90:05:8b:da:62:51:a9:0b:e3:5b:f6:
                    fd:26:6d:97:08:ff:22:15:c4:a8:39:cd:2c:26:6d:
                    06:cb:0c:fd:f8:12:3d:68:2b:c8:02:df:9b:2a:e2:
                    72:c8:3c:4d:9b:79:96:3d:95:72:c2:58:03:c7:6b:
                    38:91:5d:eb:26:da:03:a9:e3:7a:e6:ae:86:23:54:
                    ac:ad:c9:e8:cd:3b:7a:48:3e:a5:95:55:2a:a4:8c:
                    78:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:EC:1C:7F:0B:78:1E:9E:24:F2:5D:EC:19:24:4A:59:2E:74:61:DF
            X509v3 Authority Key Identifier:
                keyid:2F:70:53:26:64:34:3C:B3:D2:89:70:23:A1:27:F6:0B:A9:17:A5:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:b4:12:38:56:e8:45:01:b9:3e:8f:2a:fa:80:f2:15:25:ad:
         e3:94:3f:7e:69:41:fe:fa:3e:a7:ad:52:bd:b5:55:de:0c:16:
         24:f6:07:70:cf:bb:61:48:4f:93:69:38:64:8e:24:9b:b6:9b:
         23:1f:06:86:98:f3:16:e3:b0:ff:65:f4:36:29:6e:48:c6:9e:
         df:94:97:69:75:66:78:ce:05:03:53:54:ff:45:6e:06:9f:ae:
         14:d6:da:40:ce:40:d0:4f:c5:17:bd:f9:c1:25:76:c2:41:76:
         4e:d1:a5:72:37:d5:90:e4:98:d7:5d:84:5b:72:ec:69:fb:9b:
         6c:6d:71:c9:cf:f3:2c:1d:04:c0:28:2b:58:f4:ef:e1:1e:f3:
         d3:2c:52:04:f9:eb:98:d6:40:a1:af:7d:b0:ff:9d:e0:c5:f0:
         9c:79:1f:02:fc:5b:00:8d:c8:b5:a9:3e:41:74:c1:8d:99:b5:
         c5:d0:82:1c:1d:61:dc:88:af:ca:77:f4:d7:5e:d6:e0:a7:ac:
         fa:25:16:17:8a:5e:7a:57:f6:b2:e2:29:66:74:af:dc:a3:bd:
         02:2e:5e:e5:c7:46:ef:11:82:f1:3f:b0:04:6d:7e:66:a6:fa:
         34:34:60:f9:03:6a:40:8f:6e:09:19:79:7c:9a:17:24:0f:15:
         54:d6:01:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbHlkVt28qZc1YjhqDLiid2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNzA1MzI2NjQzNDNjYjNkMjg5NzAyM2ExMjdmNjBiYTkx
N2E1ZGQwHhcNMjUwNTEzMDMwMDM1WhcNMjUwNTE0MDMwMDM1WjAzMTEwLwYDVQQD
EyhjYWVjMWM3ZjBiNzgxZTllMjRmMjVkZWMxOTI0NGE1OTJlNzQ2MWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxKuzVv5upsCHAExC0wUu3xp0Wc5
xU6lQh1Sw1qHu9o5yOt5bjReCGwluqBAtSU11yAtcgHzzyzGFq0EkFQ2wdWNAWqR
ItJRQ1sOenNYNqzGdn2ChtHUqgJRca2NgNHz6tP8tQ9aWZQ0RC91iOp9qXsVv/e9
RPc91QACZuPgo5LhYaxgmK0JrY8bzNIIQcNWx4ckghxFT3buSK6hcck8e5ef/RCK
MkgakAWL2mJRqQvjW/b9Jm2XCP8iFcSoOc0sJm0Gywz9+BI9aCvIAt+bKuJyyDxN
m3mWPZVywlgDx2s4kV3rJtoDqeN65q6GI1SsrcnozTt6SD6llVUqpIx4/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMrsHH8LeB6eJPJd7BkkSlkudGHfMB8GA1UdIwQY
MBaAFC9wUyZkNDyz0olwI6En9gupF6XdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDNCVEptUTBQTFBTaVhBam9TZjJDNmtYcGQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC82YzU5YzAtZWNkOC00NzI3LWIxZGUt
MzE1YTc5ZjU5ZTE4LzEvTDNCVEptUTBQTFBTaVhBam9TZjJDNmtYcGQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC82YzU5YzAtZWNkOC00NzI3LWIxZGUtMzE1YTc5ZjU5ZTE4
LzEvTDNCVEptUTBQTFBTaVhBam9TZjJDNmtYcGQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkbQSOFbo
RQG5Po8q+oDyFSWt45Q/fmlB/vo+p61SvbVV3gwWJPYHcM+7YUhPk2k4ZI4km7ab
Ix8GhpjzFuOw/2X0NiluSMae35SXaXVmeM4FA1NU/0VuBp+uFNbaQM5A0E/FF735
wSV2wkF2TtGlcjfVkOSY112EW3LsafubbG1xyc/zLB0EwCgrWPTv4R7z0yxSBPnr
mNZAoa99sP+d4MXwnHkfAvxbAI3Itak+QXTBjZm1xdCCHB1h3Iivynf0117W4Kes
+iUWF4peelf2suIpZnSv3KO9Ai5e5cdG7xGC8T+wBG1+Zqb6NDRg+QNqQI9uCRl5
fJoXJA8VVNYBOQ==
-----END CERTIFICATE-----