Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft
File:                     bLdrU2M4PWjlVeUnClkx2DQOGA0.mft (raw, json)
Hash identifier:          5aTa+BVoR8Zre8a83hSEI3mSWA2dhw8s5mrNWupOzwQ=
Subject key identifier:   A4:31:85:2B:19:77:83:8D:64:A8:3C:5E:81:E5:A9:2D:4C:1F:8F:7F
Authority key identifier: 6C:B7:6B:53:63:38:3D:68:E5:55:E5:27:0A:59:31:D8:34:0E:18:0D
Certificate issuer:       /CN=6cb76b5363383d68e555e5270a5931d8340e180d
Certificate serial:       0197B6A05627C69EEA8155B3BEBD0660E495
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bLdrU2M4PWjlVeUnClkx2DQOGA0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft
Manifest number:          0D42
Signing time:             Sat 28 Jun 2025 13:00:50 +0000
Manifest this update:     Sat 28 Jun 2025 13:00:50 +0000
Manifest next update:     Sun 29 Jun 2025 13:00:50 +0000
Files and hashes:         1: bLdrU2M4PWjlVeUnClkx2DQOGA0.crl (hash: xFfOqJ+0FLqrtSYuzMhS1dWYMw2EDtLAo17dprwm3YE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bLdrU2M4PWjlVeUnClkx2DQOGA0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:56:27:c6:9e:ea:81:55:b3:be:bd:06:60:e4:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6cb76b5363383d68e555e5270a5931d8340e180d
        Validity
            Not Before: Jun 28 13:00:50 2025 GMT
            Not After : Jun 29 13:00:50 2025 GMT
        Subject: CN=a431852b1977838d64a83c5e81e5a92d4c1f8f7f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:c1:b7:de:5e:be:da:1d:d1:36:f5:d0:58:4d:
                    f5:a5:8d:9f:bb:46:da:0e:2a:b1:b2:e6:e3:92:3a:
                    37:0f:33:98:ce:3b:89:e9:cc:66:76:7d:1b:55:a5:
                    b1:15:4b:5a:e1:33:70:86:2b:6a:39:98:0a:65:4b:
                    f4:ef:74:0e:30:10:f0:19:42:06:e4:58:cf:5c:f4:
                    9e:2e:74:84:a4:a3:9f:57:0c:1f:8f:32:c6:18:c6:
                    17:39:a4:f2:41:5f:81:26:84:2f:f7:6d:60:02:71:
                    be:69:eb:4f:c2:f5:e7:a8:6d:ae:fb:80:c4:43:bb:
                    58:dc:f3:7a:94:af:87:c4:2c:0d:ad:86:61:6d:bf:
                    01:83:b8:c0:d6:1a:e8:4d:f9:b6:01:d2:d8:a3:0f:
                    19:04:02:82:3e:dd:c9:61:5e:b0:4e:51:5e:f3:ec:
                    3c:1e:40:55:67:81:49:8a:d9:b6:a5:c2:c0:3b:8f:
                    cd:97:5f:d3:b2:f8:9e:eb:b2:e4:68:01:c5:92:16:
                    fc:17:c2:07:e8:83:75:a0:19:a3:55:9d:cb:5d:ec:
                    a1:a9:0e:e5:e7:d1:87:0f:c1:90:d8:06:93:b9:00:
                    dd:ff:94:77:51:13:54:49:2d:ac:47:eb:fc:6b:19:
                    cd:2a:96:db:ac:e3:cf:38:d0:34:f8:1c:d7:10:4c:
                    81:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:31:85:2B:19:77:83:8D:64:A8:3C:5E:81:E5:A9:2D:4C:1F:8F:7F
            X509v3 Authority Key Identifier:
                keyid:6C:B7:6B:53:63:38:3D:68:E5:55:E5:27:0A:59:31:D8:34:0E:18:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bLdrU2M4PWjlVeUnClkx2DQOGA0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:9f:bc:39:23:0d:2f:df:37:50:ac:20:f2:de:90:00:86:c6:
         a1:55:b5:cc:83:40:60:43:b7:4a:a2:34:87:69:64:90:4d:ba:
         6b:5f:cb:a2:3e:92:fb:96:eb:d3:0b:4d:90:43:51:14:dc:0e:
         0c:b6:8d:00:cf:cd:3f:42:a3:ba:78:30:d3:5d:b2:72:92:cd:
         24:14:3a:05:41:31:f4:76:12:5b:ad:64:2b:f7:08:a3:8d:97:
         53:a9:97:63:38:dc:09:b5:3b:13:34:bb:97:4f:5d:43:b1:40:
         63:1a:03:41:d4:09:9a:49:25:1a:f5:10:f9:ee:7e:99:44:0e:
         5c:e9:c8:33:67:0f:8f:3c:0d:ea:c1:19:d1:ea:44:6f:5e:3b:
         79:b6:06:66:24:18:1a:15:64:6a:ee:97:47:11:ff:fb:a6:98:
         23:a1:85:b8:a7:28:92:f6:56:1d:cb:f6:ff:56:42:34:6a:e0:
         22:71:bd:ab:f1:c7:fb:98:a5:7e:37:56:8c:96:00:f9:44:27:
         ef:65:df:f0:fd:c3:97:29:10:70:0f:23:1a:ad:16:c7:06:ce:
         85:b0:94:9c:b6:d5:b0:b0:6b:c8:4b:72:6e:e7:8c:b0:7c:25:
         5c:1f:b8:cc:50:fb:8e:05:f5:65:9a:86:c0:30:3c:3d:f6:5a:
         4a:c2:a0:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oFYnxp7qgVWzvr0GYOSVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYjc2YjUzNjMzODNkNjhlNTU1ZTUyNzBhNTkzMWQ4MzQw
ZTE4MGQwHhcNMjUwNjI4MTMwMDUwWhcNMjUwNjI5MTMwMDUwWjAzMTEwLwYDVQQD
EyhhNDMxODUyYjE5Nzc4MzhkNjRhODNjNWU4MWU1YTkyZDRjMWY4ZjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7cG33l6+2h3RNvXQWE31pY2fu0ba
Diqxsubjkjo3DzOYzjuJ6cxmdn0bVaWxFUta4TNwhitqOZgKZUv073QOMBDwGUIG
5FjPXPSeLnSEpKOfVwwfjzLGGMYXOaTyQV+BJoQv921gAnG+aetPwvXnqG2u+4DE
Q7tY3PN6lK+HxCwNrYZhbb8Bg7jA1hroTfm2AdLYow8ZBAKCPt3JYV6wTlFe8+w8
HkBVZ4FJitm2pcLAO4/Nl1/Tsvie67LkaAHFkhb8F8IH6IN1oBmjVZ3LXeyhqQ7l
59GHD8GQ2AaTuQDd/5R3URNUSS2sR+v8axnNKpbbrOPPONA0+BzXEEyBVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKQxhSsZd4ONZKg8XoHlqS1MH49/MB8GA1UdIwQY
MBaAFGy3a1NjOD1o5VXlJwpZMdg0DhgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkxkclUyTTRQV2psVmVVbkNsa3gyRFFPR0EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My82ZGU3MjktOGMyZC00ZTEyLTg3YWEt
Y2I0NTI2ZmIxN2QwLzEvYkxkclUyTTRQV2psVmVVbkNsa3gyRFFPR0EwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My82ZGU3MjktOGMyZC00ZTEyLTg3YWEtY2I0NTI2ZmIxN2Qw
LzEvYkxkclUyTTRQV2psVmVVbkNsa3gyRFFPR0EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADp+8OSMN
L983UKwg8t6QAIbGoVW1zINAYEO3SqI0h2lkkE26a1/Loj6S+5br0wtNkENRFNwO
DLaNAM/NP0Kjungw012ycpLNJBQ6BUEx9HYSW61kK/cIo42XU6mXYzjcCbU7EzS7
l09dQ7FAYxoDQdQJmkklGvUQ+e5+mUQOXOnIM2cPjzwN6sEZ0epEb147ebYGZiQY
GhVkau6XRxH/+6aYI6GFuKcokvZWHcv2/1ZCNGrgInG9q/HH+5ilfjdWjJYA+UQn
72Xf8P3DlykQcA8jGq0WxwbOhbCUnLbVsLBryEtybueMsHwlXB+4zFD7jgX1ZZqG
wDA8PfZaSsKg2g==
-----END CERTIFICATE-----