Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/8ebec2-449f-43d7-888f-0ad8306dc355/1/3o4Hg5SzQMHO5Hn55hOh69KzaG0.mft
File:                     3o4Hg5SzQMHO5Hn55hOh69KzaG0.mft (raw, json)
Hash identifier:          ycijkNod26Rii+H0CW8ZhxXPHibSVJTmPeblvtLIemk=
Subject key identifier:   79:D0:99:B8:7A:39:3F:6F:4E:24:C7:EC:22:CC:2D:32:E2:60:EB:A4
Authority key identifier: DE:8E:07:83:94:B3:40:C1:CE:E4:79:F9:E6:13:A1:EB:D2:B3:68:6D
Certificate issuer:       /CN=de8e078394b340c1cee479f9e613a1ebd2b3686d
Certificate serial:       0197B7EAC888E2038A287AF283DD9F47F8F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3o4Hg5SzQMHO5Hn55hOh69KzaG0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/8ebec2-449f-43d7-888f-0ad8306dc355/1/3o4Hg5SzQMHO5Hn55hOh69KzaG0.mft
Manifest number:          0A
Signing time:             Sat 28 Jun 2025 19:01:46 +0000
Manifest this update:     Sat 28 Jun 2025 19:01:46 +0000
Manifest next update:     Sun 29 Jun 2025 19:01:46 +0000
Files and hashes:         1: 3o4Hg5SzQMHO5Hn55hOh69KzaG0.crl (hash: E2K6Jeb8Z4kpOySBnn4+n9zISY6OORgpAq+JhIfZfjY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/8ebec2-449f-43d7-888f-0ad8306dc355/1/3o4Hg5SzQMHO5Hn55hOh69KzaG0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/8ebec2-449f-43d7-888f-0ad8306dc355/1/3o4Hg5SzQMHO5Hn55hOh69KzaG0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3o4Hg5SzQMHO5Hn55hOh69KzaG0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:ea:c8:88:e2:03:8a:28:7a:f2:83:dd:9f:47:f8:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de8e078394b340c1cee479f9e613a1ebd2b3686d
        Validity
            Not Before: Jun 28 19:01:46 2025 GMT
            Not After : Jun 29 19:01:46 2025 GMT
        Subject: CN=79d099b87a393f6f4e24c7ec22cc2d32e260eba4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:c9:09:10:ea:bf:d6:03:ca:04:bd:a9:dd:30:
                    45:6a:1b:43:1c:9e:bc:7e:72:bd:e6:57:85:6e:1b:
                    85:a6:fd:46:02:4a:dc:fa:8e:8c:1e:86:c8:89:a0:
                    f2:42:95:6b:7f:12:30:62:19:d4:8c:68:c1:39:fc:
                    b5:dc:79:8a:b4:81:df:fe:7d:f9:02:c5:30:74:4a:
                    e4:07:7c:83:d4:82:db:fa:85:2d:f1:c4:d6:96:d7:
                    1f:06:45:8d:d5:4a:59:dd:c7:5d:48:c8:4d:f9:06:
                    ee:04:84:04:3d:ef:1b:42:90:c5:d7:24:a7:ce:a5:
                    f3:3d:3f:c5:6c:8e:4e:89:de:e3:df:61:c3:ea:17:
                    fc:4e:16:b8:b0:16:e9:26:cb:6c:8d:48:47:cf:b9:
                    b1:f5:70:aa:2d:3e:52:a6:1b:a5:a1:98:68:89:81:
                    dc:36:61:af:6d:44:ee:79:f2:f2:27:de:80:be:ae:
                    52:c8:12:8d:00:66:d4:90:c5:4c:76:2d:fb:d8:ee:
                    64:d7:55:87:9e:a1:8f:87:7a:ea:ef:28:d1:97:db:
                    87:d2:bc:fa:30:04:2e:a4:93:e1:50:7c:04:0d:97:
                    f6:18:9a:a3:f6:89:d4:3a:99:2a:6b:b0:aa:4c:05:
                    15:ad:d3:8e:4c:24:c5:7b:07:26:d1:8c:93:0c:ba:
                    b3:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:D0:99:B8:7A:39:3F:6F:4E:24:C7:EC:22:CC:2D:32:E2:60:EB:A4
            X509v3 Authority Key Identifier:
                keyid:DE:8E:07:83:94:B3:40:C1:CE:E4:79:F9:E6:13:A1:EB:D2:B3:68:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3o4Hg5SzQMHO5Hn55hOh69KzaG0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/8ebec2-449f-43d7-888f-0ad8306dc355/1/3o4Hg5SzQMHO5Hn55hOh69KzaG0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/8ebec2-449f-43d7-888f-0ad8306dc355/1/3o4Hg5SzQMHO5Hn55hOh69KzaG0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:53:87:b6:57:d4:37:1e:f9:48:34:42:36:42:8f:fe:1a:10:
         2d:f6:68:95:fb:98:96:9d:08:64:49:b6:e4:10:e2:30:f3:81:
         e4:ae:01:a2:2f:0c:aa:83:48:12:a9:86:6e:2e:3d:ff:ea:be:
         75:92:0b:a8:4d:92:02:5e:2d:65:24:c3:98:da:e2:84:de:15:
         8b:dc:79:de:fa:d4:dc:d5:f3:6a:d8:e6:45:74:a7:cb:2b:73:
         1e:47:4d:7e:b3:ef:bc:5c:a0:27:db:a4:d7:fc:41:30:76:6c:
         d3:31:96:be:6a:08:c6:8b:84:b0:27:34:6c:b1:ef:3e:27:dc:
         c1:bd:c5:19:fd:60:e2:43:5c:81:30:4e:d6:49:c6:bc:cb:74:
         af:b2:3e:f3:02:ac:f6:0d:aa:f9:03:e2:20:a0:b7:b8:2e:ab:
         37:a4:07:50:6a:fc:b2:c5:37:8a:bd:90:18:21:c0:6a:96:05:
         86:b9:5d:84:3f:19:d8:af:a1:94:2f:1e:77:31:cf:7c:f7:62:
         73:ad:09:97:fd:3d:6a:46:b8:33:11:fb:e1:70:07:e3:cb:9a:
         25:f6:41:dd:f8:fd:68:85:eb:75:71:d7:2e:0a:de:de:1c:17:
         99:b0:2a:ea:ee:22:a2:a7:0c:4a:1f:e9:0f:fa:68:16:6b:8b:
         2a:14:9e:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36siI4gOKKHryg92fR/j0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlOGUwNzgzOTRiMzQwYzFjZWU0NzlmOWU2MTNhMWViZDJi
MzY4NmQwHhcNMjUwNjI4MTkwMTQ2WhcNMjUwNjI5MTkwMTQ2WjAzMTEwLwYDVQQD
Eyg3OWQwOTliODdhMzkzZjZmNGUyNGM3ZWMyMmNjMmQzMmUyNjBlYmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ckJEOq/1gPKBL2p3TBFahtDHJ68
fnK95leFbhuFpv1GAkrc+o6MHobIiaDyQpVrfxIwYhnUjGjBOfy13HmKtIHf/n35
AsUwdErkB3yD1ILb+oUt8cTWltcfBkWN1UpZ3cddSMhN+QbuBIQEPe8bQpDF1ySn
zqXzPT/FbI5Oid7j32HD6hf8Tha4sBbpJstsjUhHz7mx9XCqLT5SphuloZhoiYHc
NmGvbUTuefLyJ96Avq5SyBKNAGbUkMVMdi372O5k11WHnqGPh3rq7yjRl9uH0rz6
MAQupJPhUHwEDZf2GJqj9onUOpkqa7CqTAUVrdOOTCTFewcm0YyTDLqzfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHnQmbh6OT9vTiTH7CLMLTLiYOukMB8GA1UdIwQY
MBaAFN6OB4OUs0DBzuR5+eYToevSs2htMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM280SGc1U3pRTUhPNUhuNTVoT2g2OUt6YUcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS84ZWJlYzItNDQ5Zi00M2Q3LTg4OGYt
MGFkODMwNmRjMzU1LzEvM280SGc1U3pRTUhPNUhuNTVoT2g2OUt6YUcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS84ZWJlYzItNDQ5Zi00M2Q3LTg4OGYtMGFkODMwNmRjMzU1
LzEvM280SGc1U3pRTUhPNUhuNTVoT2g2OUt6YUcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaFOHtlfU
Nx75SDRCNkKP/hoQLfZolfuYlp0IZEm25BDiMPOB5K4Boi8MqoNIEqmGbi49/+q+
dZILqE2SAl4tZSTDmNrihN4Vi9x53vrU3NXzatjmRXSnyytzHkdNfrPvvFygJ9uk
1/xBMHZs0zGWvmoIxouEsCc0bLHvPifcwb3FGf1g4kNcgTBO1knGvMt0r7I+8wKs
9g2q+QPiIKC3uC6rN6QHUGr8ssU3ir2QGCHAapYFhrldhD8Z2K+hlC8edzHPfPdi
c60Jl/09aka4MxH74XAH48uaJfZB3fj9aIXrdXHXLgre3hwXmbAq6u4ioqcMSh/p
D/poFmuLKhSe4Q==
-----END CERTIFICATE-----