Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/244f29-3b70-4155-b28c-1ecf1ed6487b/1/vdI1_DzDTEVIxqhONeSVMyhTm-E.mft
File:                     vdI1_DzDTEVIxqhONeSVMyhTm-E.mft (raw, json)
Hash identifier:          yvvxCNHwqIoMOKr1eXZ+7PbbIgIk3QcqIfokT+PkM0Q=
Subject key identifier:   6A:30:94:CA:B2:92:59:CE:BD:00:1F:B7:2F:33:02:3F:F3:13:2B:6E
Authority key identifier: BD:D2:35:FC:3C:C3:4C:45:48:C6:A8:4E:35:E4:95:33:28:53:9B:E1
Certificate issuer:       /CN=bdd235fc3cc34c4548c6a84e35e4953328539be1
Certificate serial:       0196C0818907F88044F46FB9CB6001D69E53
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vdI1_DzDTEVIxqhONeSVMyhTm-E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/244f29-3b70-4155-b28c-1ecf1ed6487b/1/vdI1_DzDTEVIxqhONeSVMyhTm-E.mft
Manifest number:          0F3F
Signing time:             Sun 11 May 2025 18:00:36 +0000
Manifest this update:     Sun 11 May 2025 18:00:36 +0000
Manifest next update:     Mon 12 May 2025 18:00:36 +0000
Files and hashes:         1: vdI1_DzDTEVIxqhONeSVMyhTm-E.crl (hash: PopCB9gKAgyDWpZpPm+piVygadr8Yvr1Zclb6/l0pck=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/244f29-3b70-4155-b28c-1ecf1ed6487b/1/vdI1_DzDTEVIxqhONeSVMyhTm-E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/244f29-3b70-4155-b28c-1ecf1ed6487b/1/vdI1_DzDTEVIxqhONeSVMyhTm-E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vdI1_DzDTEVIxqhONeSVMyhTm-E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c0:81:89:07:f8:80:44:f4:6f:b9:cb:60:01:d6:9e:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bdd235fc3cc34c4548c6a84e35e4953328539be1
        Validity
            Not Before: May 11 18:00:36 2025 GMT
            Not After : May 12 18:00:36 2025 GMT
        Subject: CN=6a3094cab29259cebd001fb72f33023ff3132b6e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:6f:fa:93:c8:b3:07:29:26:0b:bf:a6:a6:1a:
                    a3:74:a0:46:69:ee:28:c5:ac:e0:b8:0a:e8:6d:4a:
                    cd:50:29:7e:61:e1:5f:7c:ae:0d:00:21:95:09:82:
                    cc:30:fd:9a:73:b3:cf:25:bd:6e:a5:58:97:7e:b9:
                    da:d4:ae:91:21:16:9e:0e:b9:42:d0:39:41:49:fa:
                    d4:de:18:c9:a9:2d:b9:7f:11:d0:16:a7:ad:b8:90:
                    9e:8a:5e:20:4d:6d:32:e0:68:1e:1a:9e:25:d3:f7:
                    4b:e0:e2:c5:90:bd:07:97:44:a5:36:dc:75:cb:45:
                    fd:a2:9b:a1:2b:11:cd:de:bd:fb:bf:07:40:3c:1e:
                    37:12:b9:a3:4d:25:e0:6c:9d:96:25:fd:34:ab:29:
                    ae:77:b3:1f:af:cb:47:d9:4a:30:d5:8b:c1:9e:99:
                    45:35:0d:a6:4a:31:bb:01:6f:cf:e4:7c:7c:89:a3:
                    5d:6e:64:7d:55:0b:f4:4f:0b:de:43:e1:80:c9:e0:
                    8e:c3:e1:aa:7a:28:5e:5b:3d:8a:d5:e3:d5:0a:00:
                    0a:a3:3f:d7:61:ee:a3:ac:92:37:ba:84:71:e7:c3:
                    12:f9:05:ea:97:96:be:ed:f5:9b:c0:ee:07:0b:e3:
                    86:d6:9b:7e:aa:62:37:b2:db:30:03:b9:82:53:6e:
                    63:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:30:94:CA:B2:92:59:CE:BD:00:1F:B7:2F:33:02:3F:F3:13:2B:6E
            X509v3 Authority Key Identifier:
                keyid:BD:D2:35:FC:3C:C3:4C:45:48:C6:A8:4E:35:E4:95:33:28:53:9B:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vdI1_DzDTEVIxqhONeSVMyhTm-E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/244f29-3b70-4155-b28c-1ecf1ed6487b/1/vdI1_DzDTEVIxqhONeSVMyhTm-E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/244f29-3b70-4155-b28c-1ecf1ed6487b/1/vdI1_DzDTEVIxqhONeSVMyhTm-E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:ad:83:32:98:81:d3:db:61:81:c5:fe:ef:c5:47:0b:c5:4c:
         56:07:bd:0d:e6:14:ab:83:92:5d:0a:ab:44:58:21:84:f6:67:
         05:a2:da:4a:76:9e:71:af:ec:e2:53:fa:e7:c1:55:17:76:6f:
         2b:7e:7b:79:2c:f1:87:d6:04:1f:b3:29:e9:56:7e:c9:67:03:
         74:ff:94:7d:6a:f4:0f:72:b6:44:99:33:73:e5:fa:39:85:e3:
         6f:bc:1f:b8:5d:5f:9c:98:32:8d:b0:38:c2:af:1f:eb:8c:7c:
         cd:8c:c9:de:d3:a6:ec:85:43:f2:99:06:02:43:1b:ab:43:72:
         2f:ce:70:25:af:79:ac:13:d9:26:38:35:f6:9e:4a:70:f6:e3:
         1f:73:a5:62:cd:8b:cd:8f:74:c9:95:bf:96:17:4e:d7:91:ee:
         25:06:fd:63:c1:bb:80:6c:dd:18:a7:81:4b:ef:28:54:f2:48:
         5a:87:72:bd:13:fa:64:9e:f7:fd:ea:11:88:e8:20:15:e3:d8:
         95:48:a2:e0:97:c3:ee:44:4c:b2:0d:78:7c:77:28:cf:bd:b4:
         b2:8c:43:02:79:d1:86:53:14:59:ec:d4:84:89:14:98:34:a4:
         34:e4:d6:b4:66:de:90:13:cd:cf:1f:ca:35:ca:b5:ed:07:17:
         f9:fe:f1:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbAgYkH+IBE9G+5y2AB1p5TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZDIzNWZjM2NjMzRjNDU0OGM2YTg0ZTM1ZTQ5NTMzMjg1
MzliZTEwHhcNMjUwNTExMTgwMDM2WhcNMjUwNTEyMTgwMDM2WjAzMTEwLwYDVQQD
Eyg2YTMwOTRjYWIyOTI1OWNlYmQwMDFmYjcyZjMzMDIzZmYzMTMyYjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3G/6k8izBykmC7+mphqjdKBGae4o
xazguArobUrNUCl+YeFffK4NACGVCYLMMP2ac7PPJb1upViXfrna1K6RIRaeDrlC
0DlBSfrU3hjJqS25fxHQFqetuJCeil4gTW0y4GgeGp4l0/dL4OLFkL0Hl0SlNtx1
y0X9opuhKxHN3r37vwdAPB43ErmjTSXgbJ2WJf00qymud7Mfr8tH2Uow1YvBnplF
NQ2mSjG7AW/P5Hx8iaNdbmR9VQv0TwveQ+GAyeCOw+GqeiheWz2K1ePVCgAKoz/X
Ye6jrJI3uoRx58MS+QXql5a+7fWbwO4HC+OG1pt+qmI3stswA7mCU25jBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGowlMqyklnOvQAfty8zAj/zEytuMB8GA1UdIwQY
MBaAFL3SNfw8w0xFSMaoTjXklTMoU5vhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmRJMV9EekRURVZJeHFoT05lU1ZNeWhUbS1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8yNDRmMjktM2I3MC00MTU1LWIyOGMt
MWVjZjFlZDY0ODdiLzEvdmRJMV9EekRURVZJeHFoT05lU1ZNeWhUbS1FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8yNDRmMjktM2I3MC00MTU1LWIyOGMtMWVjZjFlZDY0ODdi
LzEvdmRJMV9EekRURVZJeHFoT05lU1ZNeWhUbS1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZa2DMpiB
09thgcX+78VHC8VMVge9DeYUq4OSXQqrRFghhPZnBaLaSnaeca/s4lP658FVF3Zv
K357eSzxh9YEH7Mp6VZ+yWcDdP+UfWr0D3K2RJkzc+X6OYXjb7wfuF1fnJgyjbA4
wq8f64x8zYzJ3tOm7IVD8pkGAkMbq0NyL85wJa95rBPZJjg19p5KcPbjH3OlYs2L
zY90yZW/lhdO15HuJQb9Y8G7gGzdGKeBS+8oVPJIWodyvRP6ZJ73/eoRiOggFePY
lUii4JfD7kRMsg14fHcoz720soxDAnnRhlMUWezUhIkUmDSkNOTWtGbekBPNzx/K
Ncq17QcX+f7xDw==
-----END CERTIFICATE-----