Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/c2719d-8d77-4686-a2fb-7b4f09785f79/1/dnECLoKiznV3Drwajw1F9E8scxY.mft
File:                     dnECLoKiznV3Drwajw1F9E8scxY.mft (raw, json)
Hash identifier:          oRT+kIlRX8LcsFY3KVb6nvy7tjIvyGApBqOc2U8IfOY=
Subject key identifier:   D0:F5:62:78:8C:7A:BF:56:FF:68:F1:0C:05:59:17:B9:8E:59:EE:24
Authority key identifier: 76:71:02:2E:82:A2:CE:75:77:0E:BC:1A:8F:0D:45:F4:4F:2C:73:16
Certificate issuer:       /CN=7671022e82a2ce75770ebc1a8f0d45f44f2c7316
Certificate serial:       0197B88EEC3E67107ED661DC5B060ABADFB8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dnECLoKiznV3Drwajw1F9E8scxY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/c2719d-8d77-4686-a2fb-7b4f09785f79/1/dnECLoKiznV3Drwajw1F9E8scxY.mft
Manifest number:          15B3
Signing time:             Sat 28 Jun 2025 22:01:03 +0000
Manifest this update:     Sat 28 Jun 2025 22:01:03 +0000
Manifest next update:     Sun 29 Jun 2025 22:01:03 +0000
Files and hashes:         1: dnECLoKiznV3Drwajw1F9E8scxY.crl (hash: QtI9jcAIyLWxbzoQUJfSZ8phD5TE8cT1iHTU3Yh4UGs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/c2719d-8d77-4686-a2fb-7b4f09785f79/1/dnECLoKiznV3Drwajw1F9E8scxY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/c2719d-8d77-4686-a2fb-7b4f09785f79/1/dnECLoKiznV3Drwajw1F9E8scxY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dnECLoKiznV3Drwajw1F9E8scxY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8e:ec:3e:67:10:7e:d6:61:dc:5b:06:0a:ba:df:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7671022e82a2ce75770ebc1a8f0d45f44f2c7316
        Validity
            Not Before: Jun 28 22:01:03 2025 GMT
            Not After : Jun 29 22:01:03 2025 GMT
        Subject: CN=d0f562788c7abf56ff68f10c055917b98e59ee24
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:3b:21:41:47:70:cf:5f:bb:18:c7:ab:7d:68:
                    e9:6e:49:39:ec:2c:a0:66:e7:d6:27:92:81:79:e6:
                    c7:97:6b:0c:0b:72:02:66:19:a9:51:25:70:cf:f6:
                    fb:59:68:38:8d:a8:e1:f6:12:7d:2b:81:0a:6e:d7:
                    da:30:03:83:1e:15:2a:32:4f:ea:75:f9:0d:4b:6c:
                    db:d0:17:34:b2:65:42:53:fa:79:2c:d4:23:bb:d3:
                    5f:0f:3f:4c:73:fa:74:c9:f1:2d:9d:b9:cd:7c:04:
                    42:f4:be:ba:aa:52:e0:4c:1c:02:e7:b3:14:85:7c:
                    78:d1:d8:39:ed:72:ce:64:29:1c:f8:90:01:d1:d5:
                    c6:27:3c:72:de:b1:57:90:9e:28:d2:99:86:05:21:
                    d0:23:24:6e:e8:83:c0:06:c0:d5:b0:18:97:94:04:
                    eb:78:4e:91:db:3f:cd:f0:4d:39:86:53:5c:7d:66:
                    a3:fb:07:5c:3d:fb:3b:52:f8:ad:0a:9d:a5:6b:2f:
                    78:58:e5:7d:49:4d:f3:f1:db:4b:2e:fc:2b:31:d5:
                    6d:9c:f7:42:e2:dd:16:80:d9:9f:72:d6:f3:95:b2:
                    f0:c8:f7:ef:16:61:f9:d4:e4:99:23:71:b5:2a:76:
                    3b:5c:a5:a2:9b:ed:fa:cc:8b:43:14:99:4e:cc:c9:
                    f7:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:F5:62:78:8C:7A:BF:56:FF:68:F1:0C:05:59:17:B9:8E:59:EE:24
            X509v3 Authority Key Identifier:
                keyid:76:71:02:2E:82:A2:CE:75:77:0E:BC:1A:8F:0D:45:F4:4F:2C:73:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dnECLoKiznV3Drwajw1F9E8scxY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c2719d-8d77-4686-a2fb-7b4f09785f79/1/dnECLoKiznV3Drwajw1F9E8scxY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c2719d-8d77-4686-a2fb-7b4f09785f79/1/dnECLoKiznV3Drwajw1F9E8scxY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:12:fe:6f:d0:12:ad:cd:60:b1:5a:af:bd:75:68:23:64:3b:
         8d:41:26:2a:ee:75:e1:24:dd:9b:6c:27:7e:5e:55:96:bf:20:
         94:f9:21:ee:db:51:55:e6:0d:a8:f7:35:48:ca:d6:8d:e5:24:
         37:7f:47:7d:9e:3a:c0:66:6c:b8:b6:f8:d1:2c:a3:f7:f4:33:
         82:8d:4f:b7:6d:51:6a:bf:9a:4e:57:3f:cb:cf:1a:a0:d2:dc:
         b9:4b:70:b8:df:64:43:b4:61:97:41:83:1b:bb:d9:4a:10:3b:
         12:9c:7c:90:f1:90:e0:3c:c9:ae:e2:72:41:0d:75:06:87:4b:
         73:be:25:1e:1e:23:6d:2a:2d:89:20:4c:eb:c6:68:58:5e:c4:
         48:2b:5f:dc:dc:c3:b6:ee:fb:b7:f5:d9:3e:c7:c0:06:59:7a:
         33:10:09:00:d6:28:18:69:cb:05:5a:40:38:e6:a5:a3:fb:47:
         7d:04:e8:4b:28:61:24:39:46:f4:d8:98:64:6b:2b:ca:92:3b:
         13:9e:e2:cd:11:46:00:10:10:5a:0c:14:6b:66:53:63:66:ce:
         60:0c:fd:3d:fb:13:f4:bf:dc:c3:94:b6:0e:50:cf:52:5b:14:
         8c:cf:e4:67:63:a0:11:0c:71:de:a7:16:d4:c3:41:71:60:18:
         72:bc:db:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4juw+ZxB+1mHcWwYKut+4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NzEwMjJlODJhMmNlNzU3NzBlYmMxYThmMGQ0NWY0NGYy
YzczMTYwHhcNMjUwNjI4MjIwMTAzWhcNMjUwNjI5MjIwMTAzWjAzMTEwLwYDVQQD
EyhkMGY1NjI3ODhjN2FiZjU2ZmY2OGYxMGMwNTU5MTdiOThlNTllZTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjshQUdwz1+7GMerfWjpbkk57Cyg
ZufWJ5KBeebHl2sMC3ICZhmpUSVwz/b7WWg4jajh9hJ9K4EKbtfaMAODHhUqMk/q
dfkNS2zb0Bc0smVCU/p5LNQju9NfDz9Mc/p0yfEtnbnNfARC9L66qlLgTBwC57MU
hXx40dg57XLOZCkc+JAB0dXGJzxy3rFXkJ4o0pmGBSHQIyRu6IPABsDVsBiXlATr
eE6R2z/N8E05hlNcfWaj+wdcPfs7UvitCp2lay94WOV9SU3z8dtLLvwrMdVtnPdC
4t0WgNmfctbzlbLwyPfvFmH51OSZI3G1KnY7XKWim+36zItDFJlOzMn3nQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFND1YniMer9W/2jxDAVZF7mOWe4kMB8GA1UdIwQY
MBaAFHZxAi6Cos51dw68Go8NRfRPLHMWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG5FQ0xvS2l6blYzRHJ3YWp3MUY5RThzY3hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9jMjcxOWQtOGQ3Ny00Njg2LWEyZmIt
N2I0ZjA5Nzg1Zjc5LzEvZG5FQ0xvS2l6blYzRHJ3YWp3MUY5RThzY3hZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9jMjcxOWQtOGQ3Ny00Njg2LWEyZmItN2I0ZjA5Nzg1Zjc5
LzEvZG5FQ0xvS2l6blYzRHJ3YWp3MUY5RThzY3hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFBL+b9AS
rc1gsVqvvXVoI2Q7jUEmKu514STdm2wnfl5Vlr8glPkh7ttRVeYNqPc1SMrWjeUk
N39HfZ46wGZsuLb40Syj9/Qzgo1Pt21Rar+aTlc/y88aoNLcuUtwuN9kQ7Rhl0GD
G7vZShA7Epx8kPGQ4DzJruJyQQ11BodLc74lHh4jbSotiSBM68ZoWF7ESCtf3NzD
tu77t/XZPsfABll6MxAJANYoGGnLBVpAOOalo/tHfQToSyhhJDlG9NiYZGsrypI7
E57izRFGABAQWgwUa2ZTY2bOYAz9PfsT9L/cw5S2DlDPUlsUjM/kZ2OgEQxx3qcW
1MNBcWAYcrzbjQ==
-----END CERTIFICATE-----