Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f10f41-5a15-484d-b95f-df6bda389905/1/PbbHfudmfXoeivbnKly0P5_DSA4.mft
File:                     PbbHfudmfXoeivbnKly0P5_DSA4.mft (raw, json)
Hash identifier:          1Rg8X++QlYAKC7la1N8dJBxceWX/8bK5ccqsfuuj9m4=
Subject key identifier:   D4:9C:27:9D:C3:20:B2:23:DE:8D:15:82:A4:B8:73:A4:83:7B:5C:4F
Authority key identifier: 3D:B6:C7:7E:E7:66:7D:7A:1E:8A:F6:E7:2A:5C:B4:3F:9F:C3:48:0E
Certificate issuer:       /CN=3db6c77ee7667d7a1e8af6e72a5cb43f9fc3480e
Certificate serial:       0197B6325BA98CDCCAE68874673C09782BCC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PbbHfudmfXoeivbnKly0P5_DSA4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/f10f41-5a15-484d-b95f-df6bda389905/1/PbbHfudmfXoeivbnKly0P5_DSA4.mft
Manifest number:          1F
Signing time:             Sat 28 Jun 2025 11:00:42 +0000
Manifest this update:     Sat 28 Jun 2025 11:00:42 +0000
Manifest next update:     Sun 29 Jun 2025 11:00:42 +0000
Files and hashes:         1: PbbHfudmfXoeivbnKly0P5_DSA4.crl (hash: /WNZZa+B73VsDaVUtylZG0xbljs57bYyiB7WPCG6xcw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/f10f41-5a15-484d-b95f-df6bda389905/1/PbbHfudmfXoeivbnKly0P5_DSA4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/f10f41-5a15-484d-b95f-df6bda389905/1/PbbHfudmfXoeivbnKly0P5_DSA4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PbbHfudmfXoeivbnKly0P5_DSA4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:32:5b:a9:8c:dc:ca:e6:88:74:67:3c:09:78:2b:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3db6c77ee7667d7a1e8af6e72a5cb43f9fc3480e
        Validity
            Not Before: Jun 28 11:00:42 2025 GMT
            Not After : Jun 29 11:00:42 2025 GMT
        Subject: CN=d49c279dc320b223de8d1582a4b873a4837b5c4f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:4f:ec:b7:7d:a0:b3:d6:ac:d9:25:38:51:bd:
                    78:c9:1b:1b:c6:40:ff:97:57:eb:5a:59:06:cf:02:
                    4f:eb:cc:48:8e:16:0b:e3:d9:9a:b0:25:5a:8f:dc:
                    49:66:f1:c7:e2:4f:00:ad:5f:ca:11:44:3b:1d:c9:
                    23:f2:58:bd:2f:3e:fa:4b:2e:d2:7e:16:fc:3f:70:
                    aa:60:ad:d5:4a:59:91:5a:d6:30:d1:ae:8d:df:f6:
                    d3:8a:c3:59:71:7d:a6:09:08:55:5f:68:09:55:75:
                    a8:2f:40:71:c4:fa:13:84:8f:8c:82:87:53:75:3d:
                    5c:36:11:63:2f:27:15:d7:66:61:bb:e6:25:b9:73:
                    21:e8:46:31:3c:47:d7:af:17:38:d4:e8:60:2f:49:
                    ed:c1:c0:6e:4e:93:23:72:98:14:a7:81:8e:06:24:
                    63:cd:15:e0:69:7b:3c:ae:83:3c:51:fe:0f:b3:da:
                    bb:dd:c8:20:4c:9d:09:b5:d9:3b:5b:77:42:d3:b8:
                    03:5c:02:71:b2:9d:d2:ee:67:72:30:0d:fa:64:3d:
                    24:1f:b2:36:2b:5c:c5:7b:3c:85:a7:01:a4:64:03:
                    1e:0c:7f:a9:88:45:51:41:b0:0e:22:a0:5e:e8:3e:
                    25:fb:08:a7:17:be:9e:8b:11:fb:69:07:5b:a5:36:
                    da:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:9C:27:9D:C3:20:B2:23:DE:8D:15:82:A4:B8:73:A4:83:7B:5C:4F
            X509v3 Authority Key Identifier:
                keyid:3D:B6:C7:7E:E7:66:7D:7A:1E:8A:F6:E7:2A:5C:B4:3F:9F:C3:48:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PbbHfudmfXoeivbnKly0P5_DSA4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f10f41-5a15-484d-b95f-df6bda389905/1/PbbHfudmfXoeivbnKly0P5_DSA4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f10f41-5a15-484d-b95f-df6bda389905/1/PbbHfudmfXoeivbnKly0P5_DSA4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:3d:1d:55:5d:9d:5f:0b:b7:24:e4:db:1d:1f:23:5d:93:83:
         18:a2:e2:05:68:be:bb:39:c4:d1:93:d5:d8:4f:3b:a6:4e:f6:
         d3:71:ad:30:50:1c:cc:3e:d7:e5:15:c7:e2:ea:b5:62:c0:2f:
         28:45:66:b9:41:6d:8c:f9:d5:15:69:a8:0f:03:fc:36:ae:43:
         97:63:53:75:5a:1f:94:cb:ff:d5:8b:fc:a7:78:7b:af:c8:56:
         75:aa:ed:53:7c:74:d8:ee:d1:1c:6d:ec:96:f5:fc:fa:96:a2:
         95:07:d5:f7:48:40:45:c3:15:06:03:64:e2:0e:b5:d6:3c:49:
         b2:ae:80:86:68:ad:01:48:ba:81:55:26:0d:c7:66:23:40:b6:
         02:a8:d3:2c:ba:ba:81:80:c2:34:71:fa:c4:e7:95:a8:b1:e0:
         21:b4:9d:14:22:5b:db:c4:a0:a0:5b:ce:7c:65:5d:a2:f9:93:
         37:7c:93:59:75:49:08:b4:9f:79:0e:b3:0c:98:b1:7f:87:14:
         01:51:54:d4:1c:02:eb:25:9a:4e:8e:45:f1:b1:e3:04:d2:ca:
         0d:90:62:0b:3f:0f:1c:26:d9:ac:db:56:94:82:08:3e:7c:c3:
         61:9b:7c:d9:69:f9:f1:ea:d0:07:16:25:7e:db:7f:53:fc:8e:
         7f:17:30:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2MlupjNzK5oh0ZzwJeCvMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkYjZjNzdlZTc2NjdkN2ExZThhZjZlNzJhNWNiNDNmOWZj
MzQ4MGUwHhcNMjUwNjI4MTEwMDQyWhcNMjUwNjI5MTEwMDQyWjAzMTEwLwYDVQQD
EyhkNDljMjc5ZGMzMjBiMjIzZGU4ZDE1ODJhNGI4NzNhNDgzN2I1YzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnk/st32gs9as2SU4Ub14yRsbxkD/
l1frWlkGzwJP68xIjhYL49masCVaj9xJZvHH4k8ArV/KEUQ7Hckj8li9Lz76Sy7S
fhb8P3CqYK3VSlmRWtYw0a6N3/bTisNZcX2mCQhVX2gJVXWoL0BxxPoThI+MgodT
dT1cNhFjLycV12Zhu+YluXMh6EYxPEfXrxc41OhgL0ntwcBuTpMjcpgUp4GOBiRj
zRXgaXs8roM8Uf4Ps9q73cggTJ0Jtdk7W3dC07gDXAJxsp3S7mdyMA36ZD0kH7I2
K1zFezyFpwGkZAMeDH+piEVRQbAOIqBe6D4l+winF76eixH7aQdbpTbaLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNScJ53DILIj3o0VgqS4c6SDe1xPMB8GA1UdIwQY
MBaAFD22x37nZn16Hor25ypctD+fw0gOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGJiSGZ1ZG1mWG9laXZibktseTBQNV9EU0E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mMTBmNDEtNWExNS00ODRkLWI5NWYt
ZGY2YmRhMzg5OTA1LzEvUGJiSGZ1ZG1mWG9laXZibktseTBQNV9EU0E0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mMTBmNDEtNWExNS00ODRkLWI5NWYtZGY2YmRhMzg5OTA1
LzEvUGJiSGZ1ZG1mWG9laXZibktseTBQNV9EU0E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFD0dVV2d
Xwu3JOTbHR8jXZODGKLiBWi+uznE0ZPV2E87pk7203GtMFAczD7X5RXH4uq1YsAv
KEVmuUFtjPnVFWmoDwP8Nq5Dl2NTdVoflMv/1Yv8p3h7r8hWdartU3x02O7RHG3s
lvX8+pailQfV90hARcMVBgNk4g611jxJsq6AhmitAUi6gVUmDcdmI0C2AqjTLLq6
gYDCNHH6xOeVqLHgIbSdFCJb28SgoFvOfGVdovmTN3yTWXVJCLSfeQ6zDJixf4cU
AVFU1BwC6yWaTo5F8bHjBNLKDZBiCz8PHCbZrNtWlIIIPnzDYZt82Wn58erQBxYl
ftt/U/yOfxcw9g==
-----END CERTIFICATE-----