Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft
File:                     PflufaVJi3Djuxe24YoxE3EtMrY.mft (raw, json)
Hash identifier:          BeH36R6XLqxTl0eskxXHUG1aL+WyQ2MtzItG/83P9jg=
Subject key identifier:   81:EE:1D:E8:06:11:D6:6C:C0:C7:F8:F1:36:90:BB:D3:BF:F5:E7:5F
Authority key identifier: 3D:F9:6E:7D:A5:49:8B:70:E3:BB:17:B6:E1:8A:31:13:71:2D:32:B6
Certificate issuer:       /CN=3df96e7da5498b70e3bb17b6e18a3113712d32b6
Certificate serial:       0197B6A1A734C5439774C156F3663F0B2B64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PflufaVJi3Djuxe24YoxE3EtMrY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft
Manifest number:          0F9B
Signing time:             Sat 28 Jun 2025 13:02:16 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:16 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:16 +0000
Files and hashes:         1: PflufaVJi3Djuxe24YoxE3EtMrY.crl (hash: ieDX9qKQrYrwEKzK0pSrrIZiNqY6o5eJdwG3CMxW9kQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PflufaVJi3Djuxe24YoxE3EtMrY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:a7:34:c5:43:97:74:c1:56:f3:66:3f:0b:2b:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3df96e7da5498b70e3bb17b6e18a3113712d32b6
        Validity
            Not Before: Jun 28 13:02:16 2025 GMT
            Not After : Jun 29 13:02:16 2025 GMT
        Subject: CN=81ee1de80611d66cc0c7f8f13690bbd3bff5e75f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:63:3f:86:b8:2c:c4:f0:7c:81:96:68:58:1d:
                    13:ae:22:41:6b:50:eb:4e:98:15:19:08:be:05:43:
                    6c:e1:98:51:a7:e2:ce:7e:c0:f3:51:d9:32:2a:6e:
                    0c:40:54:7e:df:ed:7e:b8:e6:44:af:1f:a0:54:05:
                    31:97:5e:f5:4d:41:42:b7:e7:0d:9e:71:91:59:52:
                    28:3a:ba:23:d6:d3:5a:6b:34:df:c3:63:b7:c3:19:
                    11:be:56:fe:64:52:23:d7:bb:ac:eb:86:97:c1:68:
                    49:50:15:ab:db:86:55:a6:66:e4:e0:43:e8:6d:42:
                    04:06:9e:82:25:35:2d:1d:4d:6e:41:a6:9e:be:a1:
                    ab:bb:b3:f4:8f:62:cb:ee:d8:22:89:9c:4b:7f:f6:
                    9e:44:e4:04:81:74:bc:b8:a7:80:9f:7a:39:2c:a1:
                    3e:eb:f2:1f:29:09:60:ad:4c:fa:67:cf:71:f9:67:
                    6d:6c:2c:95:b1:ef:74:1d:9d:7d:fb:d0:e0:03:0f:
                    8c:0a:01:2f:c1:83:9b:c5:2e:3a:38:8e:40:cd:7e:
                    39:02:67:54:5a:32:20:d8:42:10:4f:7c:d6:f7:5d:
                    e9:17:75:a3:da:c1:6f:8f:f1:3d:ae:20:b9:91:1a:
                    28:19:b5:9d:1e:bd:24:ff:d4:d8:84:ff:0a:ef:ac:
                    a1:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:EE:1D:E8:06:11:D6:6C:C0:C7:F8:F1:36:90:BB:D3:BF:F5:E7:5F
            X509v3 Authority Key Identifier:
                keyid:3D:F9:6E:7D:A5:49:8B:70:E3:BB:17:B6:E1:8A:31:13:71:2D:32:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PflufaVJi3Djuxe24YoxE3EtMrY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:48:7a:bf:c0:8e:d7:c8:78:07:fe:86:5e:44:1c:ed:16:8d:
         31:18:6e:92:b6:5d:ee:86:81:df:a0:4b:3b:9f:20:ab:ce:30:
         f9:25:04:be:8b:0d:1e:89:dc:c8:4c:d2:21:63:b3:cd:c6:20:
         1c:3a:10:ca:99:26:a2:d6:31:1b:9e:c0:6c:2c:f5:b5:79:8b:
         90:2d:6c:e2:aa:71:4e:8c:c7:08:37:4b:3d:72:65:ae:3c:06:
         e4:c2:0c:bf:80:f9:6b:2a:b1:14:55:cf:6f:08:4f:eb:13:73:
         65:93:f8:93:c2:6f:ca:b4:ef:6a:3f:7d:72:6b:ce:2b:8c:7f:
         68:ca:fa:43:05:c1:84:77:50:f6:17:ca:96:52:c9:cb:43:4a:
         b6:c5:30:ab:58:94:1b:cf:7c:32:d3:e5:84:ef:61:aa:ab:59:
         73:a6:d8:c2:b2:aa:db:69:23:36:3c:f1:55:9f:ab:38:bc:bd:
         3f:5c:2f:8b:7b:3f:d5:ba:a7:c7:4a:e1:71:eb:e4:10:a4:a2:
         62:63:41:0d:65:e0:d7:39:10:91:3e:8e:b6:5f:67:3a:89:ad:
         95:12:8c:20:2d:84:c3:4e:d9:10:3e:c3:d0:76:af:43:f5:a0:
         03:64:4f:b8:0c:08:77:a7:79:c6:ee:eb:1d:8a:ef:34:08:05:
         f7:97:fe:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oac0xUOXdMFW82Y/CytkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkZjk2ZTdkYTU0OThiNzBlM2JiMTdiNmUxOGEzMTEzNzEy
ZDMyYjYwHhcNMjUwNjI4MTMwMjE2WhcNMjUwNjI5MTMwMjE2WjAzMTEwLwYDVQQD
Eyg4MWVlMWRlODA2MTFkNjZjYzBjN2Y4ZjEzNjkwYmJkM2JmZjVlNzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0mM/hrgsxPB8gZZoWB0TriJBa1Dr
TpgVGQi+BUNs4ZhRp+LOfsDzUdkyKm4MQFR+3+1+uOZErx+gVAUxl171TUFCt+cN
nnGRWVIoOroj1tNaazTfw2O3wxkRvlb+ZFIj17us64aXwWhJUBWr24ZVpmbk4EPo
bUIEBp6CJTUtHU1uQaaevqGru7P0j2LL7tgiiZxLf/aeROQEgXS8uKeAn3o5LKE+
6/IfKQlgrUz6Z89x+WdtbCyVse90HZ19+9DgAw+MCgEvwYObxS46OI5AzX45AmdU
WjIg2EIQT3zW913pF3Wj2sFvj/E9riC5kRooGbWdHr0k/9TYhP8K76yhbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIHuHegGEdZswMf48TaQu9O/9edfMB8GA1UdIwQY
MBaAFD35bn2lSYtw47sXtuGKMRNxLTK2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGZsdWZhVkppM0RqdXhlMjRZb3hFM0V0TXJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC84ODMxZDktMzkzMy00ODNhLWI5YWYt
MzZlODg1MDY2ODBlLzEvUGZsdWZhVkppM0RqdXhlMjRZb3hFM0V0TXJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC84ODMxZDktMzkzMy00ODNhLWI5YWYtMzZlODg1MDY2ODBl
LzEvUGZsdWZhVkppM0RqdXhlMjRZb3hFM0V0TXJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVUh6v8CO
18h4B/6GXkQc7RaNMRhukrZd7oaB36BLO58gq84w+SUEvosNHoncyEzSIWOzzcYg
HDoQypkmotYxG57AbCz1tXmLkC1s4qpxTozHCDdLPXJlrjwG5MIMv4D5ayqxFFXP
bwhP6xNzZZP4k8JvyrTvaj99cmvOK4x/aMr6QwXBhHdQ9hfKllLJy0NKtsUwq1iU
G898MtPlhO9hqqtZc6bYwrKq22kjNjzxVZ+rOLy9P1wvi3s/1bqnx0rhcevkEKSi
YmNBDWXg1zkQkT6Otl9nOomtlRKMIC2Ew07ZED7D0HavQ/WgA2RPuAwId6d5xu7r
HYrvNAgF95f+jQ==
-----END CERTIFICATE-----