Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/5cc4d6-42fd-4406-84ae-480fd84a841f/1/3W2WGgYrcca_r9m6jqaf3R-mOAI.mft
File:                     3W2WGgYrcca_r9m6jqaf3R-mOAI.mft (raw, json)
Hash identifier:          sUUtjeOyBpJ+pL/UFBH04+9EIm1iVJJRCNj02CeeeJs=
Subject key identifier:   88:1F:2B:02:1C:CC:85:43:A1:AF:F7:F2:E8:F6:95:3F:30:61:3B:D9
Authority key identifier: DD:6D:96:1A:06:2B:71:C6:BF:AF:D9:BA:8E:A6:9F:DD:1F:A6:38:02
Certificate issuer:       /CN=dd6d961a062b71c6bfafd9ba8ea69fdd1fa63802
Certificate serial:       0197B632E9AA19D9A25D417663234526035E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3W2WGgYrcca_r9m6jqaf3R-mOAI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/85/5cc4d6-42fd-4406-84ae-480fd84a841f/1/3W2WGgYrcca_r9m6jqaf3R-mOAI.mft
Manifest number:          018E
Signing time:             Sat 28 Jun 2025 11:01:19 +0000
Manifest this update:     Sat 28 Jun 2025 11:01:19 +0000
Manifest next update:     Sun 29 Jun 2025 11:01:19 +0000
Files and hashes:         1: 3W2WGgYrcca_r9m6jqaf3R-mOAI.crl (hash: KZTGxmlNpKteehhKYi2ypgVKtayjA1/JCA8u2dQnD6w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/85/5cc4d6-42fd-4406-84ae-480fd84a841f/1/3W2WGgYrcca_r9m6jqaf3R-mOAI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/85/5cc4d6-42fd-4406-84ae-480fd84a841f/1/3W2WGgYrcca_r9m6jqaf3R-mOAI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3W2WGgYrcca_r9m6jqaf3R-mOAI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 11:01:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:32:e9:aa:19:d9:a2:5d:41:76:63:23:45:26:03:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd6d961a062b71c6bfafd9ba8ea69fdd1fa63802
        Validity
            Not Before: Jun 28 11:01:19 2025 GMT
            Not After : Jun 29 11:01:19 2025 GMT
        Subject: CN=881f2b021ccc8543a1aff7f2e8f6953f30613bd9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:ef:33:4b:27:df:58:26:85:6f:f9:2e:c6:72:
                    5a:9f:64:fe:d6:de:75:03:a4:49:7e:0f:b6:74:cf:
                    d5:f3:67:b8:3d:89:d5:92:6c:3e:5f:56:c0:ef:6d:
                    98:9c:c8:ce:17:16:9a:9c:1c:03:d3:03:f3:39:79:
                    66:c3:4b:0e:ab:75:40:28:66:2f:82:3e:fc:aa:f3:
                    00:d2:bb:df:b4:e4:ef:bf:c8:9e:30:07:d2:3d:03:
                    6d:65:d7:68:c0:78:3c:c2:36:fa:d6:5b:42:17:89:
                    08:f9:98:c6:c0:23:43:8b:96:4f:67:97:22:d7:2c:
                    21:d3:6d:d0:a5:c0:73:55:7e:3c:da:bd:0b:9a:b4:
                    34:70:2a:0a:8d:ba:5c:28:c3:b5:16:11:f3:73:87:
                    67:d8:45:b1:82:fb:42:68:ef:47:3f:87:66:32:f4:
                    20:10:6e:b6:a4:b5:4e:87:a2:0d:91:a8:78:ac:30:
                    90:6e:44:10:11:19:36:67:5b:cf:a6:d2:13:e6:a2:
                    25:f8:9c:0d:c2:ab:6b:3c:12:86:00:51:8e:7b:11:
                    c5:16:4a:69:cf:88:d9:8e:d0:0b:ed:25:45:de:2b:
                    c1:03:eb:fc:cd:7f:96:89:d1:1c:89:6c:a5:53:62:
                    ae:a3:34:7e:cf:59:72:cf:34:0f:c7:a6:2e:b1:30:
                    cb:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:1F:2B:02:1C:CC:85:43:A1:AF:F7:F2:E8:F6:95:3F:30:61:3B:D9
            X509v3 Authority Key Identifier:
                keyid:DD:6D:96:1A:06:2B:71:C6:BF:AF:D9:BA:8E:A6:9F:DD:1F:A6:38:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3W2WGgYrcca_r9m6jqaf3R-mOAI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5cc4d6-42fd-4406-84ae-480fd84a841f/1/3W2WGgYrcca_r9m6jqaf3R-mOAI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5cc4d6-42fd-4406-84ae-480fd84a841f/1/3W2WGgYrcca_r9m6jqaf3R-mOAI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:28:45:89:d3:59:bb:fb:00:ed:38:f0:14:ab:bd:06:93:61:
         38:9c:cb:93:8d:9b:a0:9b:a7:65:d6:99:9d:6d:d1:26:f1:39:
         a3:f9:d1:8d:cc:b0:be:6f:e2:13:f0:dd:1e:a1:bb:78:02:80:
         b8:c0:bf:89:6d:b7:9f:7c:9b:4c:9d:44:5c:b4:bb:ff:bf:97:
         12:ce:b5:e2:85:b0:f7:df:1b:7d:33:53:18:17:ef:89:0f:3e:
         f3:72:37:9f:56:f6:3b:66:59:23:e4:5e:ee:de:b6:eb:9e:57:
         25:a9:90:f1:e8:f9:36:b1:b8:50:46:13:36:d7:1a:0b:c2:4b:
         4d:25:cd:90:8b:c6:cc:ef:70:f5:38:5b:8e:bb:97:a9:24:78:
         32:75:1c:40:af:93:1b:63:45:3f:b0:ae:c8:c0:7b:b7:1e:54:
         e4:7f:40:62:53:eb:7a:45:81:e6:12:b6:06:0d:db:e2:43:ba:
         96:18:d2:a1:c5:3a:c3:a7:13:96:8d:3b:d0:f7:9c:68:cd:f9:
         bb:b0:6a:2c:4e:4d:93:41:c8:c7:9a:8b:68:60:d0:66:ac:5b:
         be:f8:c2:0b:10:0a:26:10:18:fe:27:89:c2:68:46:94:5e:17:
         07:67:76:88:8b:8f:b8:66:e2:46:b4:3c:55:0e:94:f2:ce:eb:
         57:8d:f4:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2MumqGdmiXUF2YyNFJgNeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNmQ5NjFhMDYyYjcxYzZiZmFmZDliYThlYTY5ZmRkMWZh
NjM4MDIwHhcNMjUwNjI4MTEwMTE5WhcNMjUwNjI5MTEwMTE5WjAzMTEwLwYDVQQD
Eyg4ODFmMmIwMjFjY2M4NTQzYTFhZmY3ZjJlOGY2OTUzZjMwNjEzYmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwu8zSyffWCaFb/kuxnJan2T+1t51
A6RJfg+2dM/V82e4PYnVkmw+X1bA722YnMjOFxaanBwD0wPzOXlmw0sOq3VAKGYv
gj78qvMA0rvftOTvv8ieMAfSPQNtZddowHg8wjb61ltCF4kI+ZjGwCNDi5ZPZ5ci
1ywh023QpcBzVX482r0LmrQ0cCoKjbpcKMO1FhHzc4dn2EWxgvtCaO9HP4dmMvQg
EG62pLVOh6INkah4rDCQbkQQERk2Z1vPptIT5qIl+JwNwqtrPBKGAFGOexHFFkpp
z4jZjtAL7SVF3ivBA+v8zX+WidEciWylU2KuozR+z1lyzzQPx6YusTDLiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIgfKwIczIVDoa/38uj2lT8wYTvZMB8GA1UdIwQY
MBaAFN1tlhoGK3HGv6/Zuo6mn90fpjgCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1cyV0dnWXJjY2FfcjltNmpxYWYzUi1tT0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS81Y2M0ZDYtNDJmZC00NDA2LTg0YWUt
NDgwZmQ4NGE4NDFmLzEvM1cyV0dnWXJjY2FfcjltNmpxYWYzUi1tT0FJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS81Y2M0ZDYtNDJmZC00NDA2LTg0YWUtNDgwZmQ4NGE4NDFm
LzEvM1cyV0dnWXJjY2FfcjltNmpxYWYzUi1tT0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFihFidNZ
u/sA7TjwFKu9BpNhOJzLk42boJunZdaZnW3RJvE5o/nRjcywvm/iE/DdHqG7eAKA
uMC/iW23n3ybTJ1EXLS7/7+XEs614oWw998bfTNTGBfviQ8+83I3n1b2O2ZZI+Re
7t62655XJamQ8ej5NrG4UEYTNtcaC8JLTSXNkIvGzO9w9ThbjruXqSR4MnUcQK+T
G2NFP7CuyMB7tx5U5H9AYlPrekWB5hK2Bg3b4kO6lhjSocU6w6cTlo070PecaM35
u7BqLE5Nk0HIx5qLaGDQZqxbvvjCCxAKJhAY/ieJwmhGlF4XB2d2iIuPuGbiRrQ8
VQ6U8s7rV4301w==
-----END CERTIFICATE-----