Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft
File:                     a3tNxJzDUDQveq4ssyBbn3dfZh0.mft (raw, json)
Hash identifier:          jyTVOXT++30ub5ZlACi5rku9HRlSeNCpKtmIQcBD+qM=
Subject key identifier:   79:2C:2C:F4:5D:E6:EA:E4:3E:84:17:DF:2F:A1:8E:94:77:48:51:63
Authority key identifier: 6B:7B:4D:C4:9C:C3:50:34:2F:7A:AE:2C:B3:20:5B:9F:77:5F:66:1D
Certificate issuer:       /CN=6b7b4dc49cc350342f7aae2cb3205b9f775f661d
Certificate serial:       0197B6A1E0DF9C1A774646949A6C083E3CB4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a3tNxJzDUDQveq4ssyBbn3dfZh0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft
Manifest number:          15B0
Signing time:             Sat 28 Jun 2025 13:02:31 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:31 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:31 +0000
Files and hashes:         1: a3tNxJzDUDQveq4ssyBbn3dfZh0.crl (hash: jlDfERfIOF2/ylzsqW60rXwCq7ucqwUE0LQtT6nHVnQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a3tNxJzDUDQveq4ssyBbn3dfZh0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:e0:df:9c:1a:77:46:46:94:9a:6c:08:3e:3c:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b7b4dc49cc350342f7aae2cb3205b9f775f661d
        Validity
            Not Before: Jun 28 13:02:31 2025 GMT
            Not After : Jun 29 13:02:31 2025 GMT
        Subject: CN=792c2cf45de6eae43e8417df2fa18e9477485163
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:5a:64:0a:0a:01:95:9d:00:42:4a:b2:e8:a7:
                    72:8c:7c:0b:fb:0e:f7:5b:09:55:3f:a4:7c:44:dc:
                    7c:23:d4:32:43:b9:be:5b:66:b0:b4:a6:f4:27:5f:
                    61:2e:28:94:a6:c5:f2:46:55:ad:e7:a8:7f:45:32:
                    df:99:f1:91:ba:a1:79:06:23:b5:2e:e4:d1:84:7e:
                    9f:8b:ee:4f:b3:81:a0:33:80:44:78:46:92:6f:ce:
                    4e:23:eb:ea:0f:97:1f:4d:95:37:4f:81:d6:08:5a:
                    d6:dd:26:3b:8a:31:c7:99:64:79:48:64:ff:6e:d0:
                    6f:29:3e:9f:d1:61:46:53:f7:ee:17:7f:e6:f8:1e:
                    b7:a9:fa:1a:11:bd:c9:af:15:f7:2a:9a:f4:59:35:
                    02:3a:8e:3b:38:b4:eb:c8:b3:e2:d5:14:31:e6:25:
                    b5:13:6e:4c:79:78:33:a6:60:86:ad:07:91:06:d3:
                    74:59:91:7c:42:3c:a2:68:d5:18:65:60:41:8e:88:
                    f6:b4:e7:08:f1:cf:cd:cb:27:9d:f2:31:81:7e:29:
                    d7:50:74:af:8f:57:a1:ea:97:79:bb:30:81:e6:e4:
                    f2:91:0c:92:a0:b1:7c:e0:b9:3b:3c:1b:64:8c:4e:
                    3f:8a:24:25:9c:eb:5d:8b:e2:6a:c4:4c:6f:7a:84:
                    b8:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:2C:2C:F4:5D:E6:EA:E4:3E:84:17:DF:2F:A1:8E:94:77:48:51:63
            X509v3 Authority Key Identifier:
                keyid:6B:7B:4D:C4:9C:C3:50:34:2F:7A:AE:2C:B3:20:5B:9F:77:5F:66:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3tNxJzDUDQveq4ssyBbn3dfZh0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c4:48:17:78:6a:cf:bd:79:e9:c8:d3:53:f7:b4:07:ba:bb:0c:
         40:5c:6d:ac:4c:22:ef:e3:33:6b:12:fe:d4:4a:b8:86:aa:5a:
         1a:18:44:1e:2c:d6:7b:8e:6d:40:94:f8:be:c2:91:fb:d4:f1:
         b3:b7:88:8d:21:66:42:b4:40:b2:34:9f:c9:11:ba:a6:cf:95:
         de:ca:14:a3:08:72:8d:df:6c:5e:14:1a:5c:74:cf:5a:ca:fd:
         5d:d0:d4:66:2c:c6:66:16:db:37:34:39:81:2d:2a:61:9a:91:
         71:e0:a1:96:ba:7a:fa:86:9f:dc:8b:f1:47:41:97:1d:08:8e:
         e7:8b:01:19:ec:cc:09:cc:b9:aa:b4:02:33:e9:aa:4e:f9:8f:
         af:cf:12:8b:3e:99:1e:28:a2:15:73:fd:17:f1:bd:86:16:fe:
         54:57:54:73:0c:ad:25:3d:d0:c3:be:6e:79:1c:73:9d:7e:5d:
         3d:0e:f4:b2:8a:b2:85:fe:1a:56:0e:61:81:72:45:c2:0b:89:
         95:13:3d:57:75:7e:94:d6:9e:af:56:f9:b3:43:cc:21:bf:3b:
         67:63:e2:6d:08:57:fa:6b:62:c3:7b:ba:20:7c:61:89:9f:2b:
         1f:00:de:31:db:7d:4e:4d:4b:c9:a0:85:45:22:f0:11:01:e8:
         48:30:7c:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oeDfnBp3RkaUmmwIPjy0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiN2I0ZGM0OWNjMzUwMzQyZjdhYWUyY2IzMjA1YjlmNzc1
ZjY2MWQwHhcNMjUwNjI4MTMwMjMxWhcNMjUwNjI5MTMwMjMxWjAzMTEwLwYDVQQD
Eyg3OTJjMmNmNDVkZTZlYWU0M2U4NDE3ZGYyZmExOGU5NDc3NDg1MTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFpkCgoBlZ0AQkqy6KdyjHwL+w73
WwlVP6R8RNx8I9QyQ7m+W2awtKb0J19hLiiUpsXyRlWt56h/RTLfmfGRuqF5BiO1
LuTRhH6fi+5Ps4GgM4BEeEaSb85OI+vqD5cfTZU3T4HWCFrW3SY7ijHHmWR5SGT/
btBvKT6f0WFGU/fuF3/m+B63qfoaEb3JrxX3Kpr0WTUCOo47OLTryLPi1RQx5iW1
E25MeXgzpmCGrQeRBtN0WZF8QjyiaNUYZWBBjoj2tOcI8c/Nyyed8jGBfinXUHSv
j1eh6pd5uzCB5uTykQySoLF84Lk7PBtkjE4/iiQlnOtdi+JqxExveoS4uQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHksLPRd5urkPoQX3y+hjpR3SFFjMB8GA1UdIwQY
MBaAFGt7TcScw1A0L3quLLMgW593X2YdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTN0TnhKekRVRFF2ZXE0c3N5QmJuM2RmWmgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iNTI3MDktMzhhZi00NTQ1LWE4ZGIt
YzZkNGMxYTU0YTRiLzEvYTN0TnhKekRVRFF2ZXE0c3N5QmJuM2RmWmgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iNTI3MDktMzhhZi00NTQ1LWE4ZGItYzZkNGMxYTU0YTRi
LzEvYTN0TnhKekRVRFF2ZXE0c3N5QmJuM2RmWmgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxEgXeGrP
vXnpyNNT97QHursMQFxtrEwi7+MzaxL+1Eq4hqpaGhhEHizWe45tQJT4vsKR+9Tx
s7eIjSFmQrRAsjSfyRG6ps+V3soUowhyjd9sXhQaXHTPWsr9XdDUZizGZhbbNzQ5
gS0qYZqRceChlrp6+oaf3IvxR0GXHQiO54sBGezMCcy5qrQCM+mqTvmPr88Siz6Z
HiiiFXP9F/G9hhb+VFdUcwytJT3Qw75ueRxznX5dPQ70soqyhf4aVg5hgXJFwguJ
lRM9V3V+lNaer1b5s0PMIb87Z2PibQhX+mtiw3u6IHxhiZ8rHwDeMdt9Tk1LyaCF
RSLwEQHoSDB8sw==
-----END CERTIFICATE-----