Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.mft
File:                     I3Q_4xfDJL95Q-pzp9S3hs_cHp8.mft (raw, json)
Hash identifier:          QtSE6Uvh8wACYoFOf8of8bvbrUPQFOJ5cIhRF1cdzfs=
Subject key identifier:   8C:F0:E5:3D:82:BD:30:03:9D:8D:DF:0C:8D:0D:7A:11:D0:19:73:DA
Authority key identifier: 23:74:3F:E3:17:C3:24:BF:79:43:EA:73:A7:D4:B7:86:CF:DC:1E:9F
Certificate issuer:       /CN=23743fe317c324bf7943ea73a7d4b786cfdc1e9f
Certificate serial:       0197B6A123EBB167CCD463C4FEE1DD2BA18D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.mft
Manifest number:          15B1
Signing time:             Sat 28 Jun 2025 13:01:43 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:43 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:43 +0000
Files and hashes:         1: I3Q_4xfDJL95Q-pzp9S3hs_cHp8.crl (hash: +5H0uEJJv3F8gR7STQzV+21oYVr3g937jVn9/1vUWOM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:01:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:23:eb:b1:67:cc:d4:63:c4:fe:e1:dd:2b:a1:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23743fe317c324bf7943ea73a7d4b786cfdc1e9f
        Validity
            Not Before: Jun 28 13:01:43 2025 GMT
            Not After : Jun 29 13:01:43 2025 GMT
        Subject: CN=8cf0e53d82bd30039d8ddf0c8d0d7a11d01973da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:12:b8:67:8b:bc:1e:63:2e:e6:59:92:57:50:
                    b5:b9:3e:f1:b4:93:1b:79:23:4d:a8:3b:cb:6f:5f:
                    53:67:4f:2d:c7:fa:3b:cb:a0:88:b7:77:04:1a:c8:
                    d5:48:52:1d:df:eb:2a:e6:05:3d:e5:79:39:fa:6b:
                    61:2b:4d:57:3a:aa:4a:4b:b7:00:e4:a4:13:3e:ec:
                    11:9f:c9:85:3f:ff:ad:83:a3:5c:49:c7:c2:48:8f:
                    37:c1:18:de:39:a5:2a:44:3d:24:c3:e9:d1:42:80:
                    4e:ef:b1:a6:35:ef:b3:89:14:1b:00:01:43:fa:3c:
                    72:45:b1:24:6e:fc:6c:66:18:7e:b0:ef:18:99:21:
                    f8:b2:ca:d3:ac:1d:4d:ab:a6:6c:29:76:74:73:cd:
                    05:e4:aa:49:42:ec:6b:d5:fe:b6:d3:ca:d4:60:b4:
                    24:9c:43:cd:ac:d5:66:8d:73:e6:86:4f:a9:b9:78:
                    a3:3d:e3:d0:b8:f2:a8:62:64:30:88:d3:26:0f:a0:
                    8c:1d:65:f1:43:72:ca:dd:93:3a:50:1f:b9:1e:06:
                    d6:75:0a:23:36:fc:83:be:76:4d:30:96:59:ae:a6:
                    7c:6b:7a:e5:73:e9:4f:95:36:38:cf:06:dc:5e:4d:
                    73:75:23:e4:4b:ba:11:7a:62:e4:04:fc:42:ef:ea:
                    68:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:F0:E5:3D:82:BD:30:03:9D:8D:DF:0C:8D:0D:7A:11:D0:19:73:DA
            X509v3 Authority Key Identifier:
                keyid:23:74:3F:E3:17:C3:24:BF:79:43:EA:73:A7:D4:B7:86:CF:DC:1E:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:b3:60:ae:7d:fc:8d:24:69:43:c8:34:5c:f9:65:18:22:f3:
         7f:c7:58:eb:7e:f0:dd:be:10:db:64:2f:7e:f6:5d:04:39:d7:
         30:26:f2:29:8f:fb:d0:e3:aa:c5:7c:70:24:e8:c1:f8:70:0d:
         63:25:8b:b6:2f:e8:5e:d9:ff:ce:3d:a9:b5:12:52:b9:ef:d3:
         fa:bf:2e:2e:05:ea:73:b4:18:6f:ba:5e:cc:b9:20:45:fa:1f:
         94:12:55:16:36:e0:cc:1b:d9:c1:8c:25:a6:23:a4:b0:01:e9:
         91:7d:24:99:6a:db:96:09:b5:f0:c5:0d:94:a9:48:53:b1:a8:
         71:ff:f9:1b:c8:f5:1f:26:80:0e:65:8d:b9:30:31:2a:d8:4f:
         55:2b:64:86:2c:8b:55:2f:c7:be:92:86:2e:40:fb:67:47:ad:
         04:42:dd:59:0b:ee:ec:44:19:94:74:10:14:0d:67:30:67:48:
         fd:29:47:f7:38:a7:b5:9e:a2:21:39:da:23:ae:f5:7d:f3:b4:
         8d:1d:6b:cc:17:47:85:29:e5:17:fc:31:35:d4:a9:32:5a:34:
         f1:a3:36:e6:35:4a:ea:1d:1b:51:ec:b5:23:36:91:d3:97:cb:
         bb:64:70:d7:11:4e:ed:82:6f:5a:a3:33:0f:64:9c:4a:d3:aa:
         1a:ee:c3:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oSPrsWfM1GPE/uHdK6GNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNzQzZmUzMTdjMzI0YmY3OTQzZWE3M2E3ZDRiNzg2Y2Zk
YzFlOWYwHhcNMjUwNjI4MTMwMTQzWhcNMjUwNjI5MTMwMTQzWjAzMTEwLwYDVQQD
Eyg4Y2YwZTUzZDgyYmQzMDAzOWQ4ZGRmMGM4ZDBkN2ExMWQwMTk3M2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBK4Z4u8HmMu5lmSV1C1uT7xtJMb
eSNNqDvLb19TZ08tx/o7y6CIt3cEGsjVSFId3+sq5gU95Xk5+mthK01XOqpKS7cA
5KQTPuwRn8mFP/+tg6NcScfCSI83wRjeOaUqRD0kw+nRQoBO77GmNe+ziRQbAAFD
+jxyRbEkbvxsZhh+sO8YmSH4ssrTrB1Nq6ZsKXZ0c80F5KpJQuxr1f6208rUYLQk
nEPNrNVmjXPmhk+puXijPePQuPKoYmQwiNMmD6CMHWXxQ3LK3ZM6UB+5HgbWdQoj
NvyDvnZNMJZZrqZ8a3rlc+lPlTY4zwbcXk1zdSPkS7oRemLkBPxC7+poTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIzw5T2CvTADnY3fDI0NehHQGXPaMB8GA1UdIwQY
MBaAFCN0P+MXwyS/eUPqc6fUt4bP3B6fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTNRXzR4ZkRKTDk1US1wenA5UzNoc19jSHA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8zZWY4NDYtZjg0ZC00NTVmLThlZTgt
Zjk2MTNkYTA5ZWViLzEvSTNRXzR4ZkRKTDk1US1wenA5UzNoc19jSHA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8zZWY4NDYtZjg0ZC00NTVmLThlZTgtZjk2MTNkYTA5ZWVi
LzEvSTNRXzR4ZkRKTDk1US1wenA5UzNoc19jSHA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbLNgrn38
jSRpQ8g0XPllGCLzf8dY637w3b4Q22QvfvZdBDnXMCbyKY/70OOqxXxwJOjB+HAN
YyWLti/oXtn/zj2ptRJSue/T+r8uLgXqc7QYb7pezLkgRfoflBJVFjbgzBvZwYwl
piOksAHpkX0kmWrblgm18MUNlKlIU7Gocf/5G8j1HyaADmWNuTAxKthPVStkhiyL
VS/HvpKGLkD7Z0etBELdWQvu7EQZlHQQFA1nMGdI/SlH9zintZ6iITnaI671ffO0
jR1rzBdHhSnlF/wxNdSpMlo08aM25jVK6h0bUey1IzaR05fLu2Rw1xFO7YJvWqMz
D2ScStOqGu7Dyg==
-----END CERTIFICATE-----