Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/8e16cc-821f-4bd5-9fed-ab810d534bdd/1/0nHk7YQlOD9sgcIaSJSkN2NnXvw.mft
File:                     0nHk7YQlOD9sgcIaSJSkN2NnXvw.mft (raw, json)
Hash identifier:          7itxYvl50PiwVUAX0PP4qqXqfhiVWIzrwOhW8mw4n58=
Subject key identifier:   BB:17:62:61:92:B5:FA:AA:A1:13:50:B6:61:D7:B1:F8:AE:25:C6:E0
Authority key identifier: D2:71:E4:ED:84:25:38:3F:6C:81:C2:1A:48:94:A4:37:63:67:5E:FC
Certificate issuer:       /CN=d271e4ed8425383f6c81c21a4894a43763675efc
Certificate serial:       0197B7EA1EC6A49B591C2968649D0352E7FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0nHk7YQlOD9sgcIaSJSkN2NnXvw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/8e16cc-821f-4bd5-9fed-ab810d534bdd/1/0nHk7YQlOD9sgcIaSJSkN2NnXvw.mft
Manifest number:          BD
Signing time:             Sat 28 Jun 2025 19:01:03 +0000
Manifest this update:     Sat 28 Jun 2025 19:01:03 +0000
Manifest next update:     Sun 29 Jun 2025 19:01:03 +0000
Files and hashes:         1: 0nHk7YQlOD9sgcIaSJSkN2NnXvw.crl (hash: hHBzIDTzRYxA98rhoHkrqcFmNI3lep3b6ijlOG2bJeg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/8e16cc-821f-4bd5-9fed-ab810d534bdd/1/0nHk7YQlOD9sgcIaSJSkN2NnXvw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/8e16cc-821f-4bd5-9fed-ab810d534bdd/1/0nHk7YQlOD9sgcIaSJSkN2NnXvw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0nHk7YQlOD9sgcIaSJSkN2NnXvw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:ea:1e:c6:a4:9b:59:1c:29:68:64:9d:03:52:e7:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d271e4ed8425383f6c81c21a4894a43763675efc
        Validity
            Not Before: Jun 28 19:01:03 2025 GMT
            Not After : Jun 29 19:01:03 2025 GMT
        Subject: CN=bb17626192b5faaaa11350b661d7b1f8ae25c6e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:d7:b3:99:fb:2f:9c:4c:3e:41:17:7d:75:00:
                    3b:df:61:76:41:8c:64:ab:a3:41:8b:0d:66:d2:26:
                    9a:1d:e2:43:aa:83:e7:ed:c4:b8:f3:ba:6b:0b:13:
                    ef:b0:61:6b:67:2d:f1:62:46:98:fe:eb:c1:90:d9:
                    ff:0e:69:a6:7a:c6:91:48:a8:63:36:15:80:78:af:
                    44:ec:f6:85:5c:ac:16:0a:ff:a2:6f:d7:8b:57:1a:
                    f3:fd:6b:fa:73:a0:76:5b:ce:4c:c9:bb:c4:bf:a7:
                    78:c5:5e:92:31:ef:60:d3:97:f0:18:2a:a5:e6:2e:
                    e3:9e:2f:93:33:40:d9:4a:1a:a3:47:17:ae:39:c7:
                    f1:55:0a:c4:de:34:5b:cf:53:5f:43:fe:e4:4d:1f:
                    31:b0:8d:78:74:dc:12:1b:16:e4:ea:b3:bf:de:a5:
                    35:09:0b:4d:63:e7:69:9f:cc:7c:c9:3f:0e:e8:61:
                    f1:24:32:cf:01:12:d4:b0:81:c3:fe:22:8f:c4:a9:
                    95:88:0e:f8:d2:d9:58:00:e0:24:56:fa:1d:e0:8d:
                    f2:00:d4:44:b0:83:64:53:c2:1f:06:14:ec:31:8a:
                    d8:00:5d:a2:28:72:d6:7f:66:96:42:26:ad:cd:88:
                    33:47:92:df:4b:cc:56:de:5e:ca:fc:07:b7:4c:23:
                    9f:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:17:62:61:92:B5:FA:AA:A1:13:50:B6:61:D7:B1:F8:AE:25:C6:E0
            X509v3 Authority Key Identifier:
                keyid:D2:71:E4:ED:84:25:38:3F:6C:81:C2:1A:48:94:A4:37:63:67:5E:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0nHk7YQlOD9sgcIaSJSkN2NnXvw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/8e16cc-821f-4bd5-9fed-ab810d534bdd/1/0nHk7YQlOD9sgcIaSJSkN2NnXvw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/8e16cc-821f-4bd5-9fed-ab810d534bdd/1/0nHk7YQlOD9sgcIaSJSkN2NnXvw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:c2:fa:dd:ef:5c:75:a0:b3:ef:71:cf:32:e4:07:76:c9:8b:
         2b:01:3f:8e:b1:eb:c1:06:d0:c8:c5:7b:2d:29:dd:ed:02:30:
         7a:b2:12:5a:ea:6c:fb:95:75:6f:84:8d:9d:74:e6:d2:ae:14:
         df:c7:c4:0a:94:f1:f8:3d:2b:0f:cc:7e:6a:07:e4:93:ee:32:
         a0:f3:b2:9a:9f:44:d4:49:eb:9d:ec:90:21:3e:fd:f6:7b:cc:
         fc:8f:65:1d:eb:1c:d4:08:dd:37:85:22:52:8f:95:be:7c:54:
         64:30:f0:70:94:db:7a:93:27:01:b6:aa:29:95:52:b7:2d:ae:
         1a:55:5a:7d:46:b0:51:70:a6:f5:c7:fb:a4:65:3b:6a:c9:34:
         74:70:c3:58:5c:09:88:96:4d:e5:23:dd:72:88:02:31:bd:59:
         c9:11:57:c1:c6:fb:dd:5e:ae:68:02:f8:16:a0:15:32:be:2d:
         fd:dd:ce:0b:58:75:77:78:13:27:ac:7b:3c:8e:fe:9b:04:84:
         a6:12:6f:c4:57:d2:7b:11:fb:f9:2a:3c:17:ef:f4:de:0a:33:
         66:c8:75:aa:56:d0:94:76:f1:91:98:57:03:1d:96:d2:41:a1:
         b4:0f:ae:72:b6:d7:0f:e9:fa:e6:e6:98:c4:57:c3:e1:93:31:
         2b:2d:39:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36h7GpJtZHCloZJ0DUuf7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNzFlNGVkODQyNTM4M2Y2YzgxYzIxYTQ4OTRhNDM3NjM2
NzVlZmMwHhcNMjUwNjI4MTkwMTAzWhcNMjUwNjI5MTkwMTAzWjAzMTEwLwYDVQQD
EyhiYjE3NjI2MTkyYjVmYWFhYTExMzUwYjY2MWQ3YjFmOGFlMjVjNmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9ezmfsvnEw+QRd9dQA732F2QYxk
q6NBiw1m0iaaHeJDqoPn7cS487prCxPvsGFrZy3xYkaY/uvBkNn/DmmmesaRSKhj
NhWAeK9E7PaFXKwWCv+ib9eLVxrz/Wv6c6B2W85MybvEv6d4xV6SMe9g05fwGCql
5i7jni+TM0DZShqjRxeuOcfxVQrE3jRbz1NfQ/7kTR8xsI14dNwSGxbk6rO/3qU1
CQtNY+dpn8x8yT8O6GHxJDLPARLUsIHD/iKPxKmViA740tlYAOAkVvod4I3yANRE
sINkU8IfBhTsMYrYAF2iKHLWf2aWQiatzYgzR5LfS8xW3l7K/Ae3TCOfwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLsXYmGStfqqoRNQtmHXsfiuJcbgMB8GA1UdIwQY
MBaAFNJx5O2EJTg/bIHCGkiUpDdjZ178MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG5IazdZUWxPRDlzZ2NJYVNKU2tOMk5uWHZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS84ZTE2Y2MtODIxZi00YmQ1LTlmZWQt
YWI4MTBkNTM0YmRkLzEvMG5IazdZUWxPRDlzZ2NJYVNKU2tOMk5uWHZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS84ZTE2Y2MtODIxZi00YmQ1LTlmZWQtYWI4MTBkNTM0YmRk
LzEvMG5IazdZUWxPRDlzZ2NJYVNKU2tOMk5uWHZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEsL63e9c
daCz73HPMuQHdsmLKwE/jrHrwQbQyMV7LSnd7QIwerISWups+5V1b4SNnXTm0q4U
38fECpTx+D0rD8x+agfkk+4yoPOymp9E1EnrneyQIT799nvM/I9lHesc1AjdN4Ui
Uo+VvnxUZDDwcJTbepMnAbaqKZVSty2uGlVafUawUXCm9cf7pGU7ask0dHDDWFwJ
iJZN5SPdcogCMb1ZyRFXwcb73V6uaAL4FqAVMr4t/d3OC1h1d3gTJ6x7PI7+mwSE
phJvxFfSexH7+So8F+/03gozZsh1qlbQlHbxkZhXAx2W0kGhtA+ucrbXD+n65uaY
xFfD4ZMxKy050w==
-----END CERTIFICATE-----