Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/549363-1229-4114-a996-259420d32472/1/jR3ulkqib4m9ECJ21GVjP7guqig.mft
File:                     jR3ulkqib4m9ECJ21GVjP7guqig.mft (raw, json)
Hash identifier:          U/im614fOY4W0RSqKrEpcavEdTgHiEFLeXRuwHti/kY=
Subject key identifier:   2A:ED:B7:1A:39:E1:8B:54:C6:EF:2F:E4:58:18:D1:6F:6C:DE:68:47
Authority key identifier: 8D:1D:EE:96:4A:A2:6F:89:BD:10:22:76:D4:65:63:3F:B8:2E:AA:28
Certificate issuer:       /CN=8d1dee964aa26f89bd102276d465633fb82eaa28
Certificate serial:       0197B74504BEA4ACCBDF7501F3F19C5F57E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jR3ulkqib4m9ECJ21GVjP7guqig.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/549363-1229-4114-a996-259420d32472/1/jR3ulkqib4m9ECJ21GVjP7guqig.mft
Manifest number:          0A15
Signing time:             Sat 28 Jun 2025 16:00:43 +0000
Manifest this update:     Sat 28 Jun 2025 16:00:43 +0000
Manifest next update:     Sun 29 Jun 2025 16:00:43 +0000
Files and hashes:         1: jR3ulkqib4m9ECJ21GVjP7guqig.crl (hash: lb8yygMzrMyGzCkDe+WMI43+ofEuP2V6cvI2yjOB/Qw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/549363-1229-4114-a996-259420d32472/1/jR3ulkqib4m9ECJ21GVjP7guqig.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/549363-1229-4114-a996-259420d32472/1/jR3ulkqib4m9ECJ21GVjP7guqig.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jR3ulkqib4m9ECJ21GVjP7guqig.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:45:04:be:a4:ac:cb:df:75:01:f3:f1:9c:5f:57:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d1dee964aa26f89bd102276d465633fb82eaa28
        Validity
            Not Before: Jun 28 16:00:43 2025 GMT
            Not After : Jun 29 16:00:43 2025 GMT
        Subject: CN=2aedb71a39e18b54c6ef2fe45818d16f6cde6847
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:3b:af:b1:f5:fc:66:f7:e9:09:1d:c0:a6:79:
                    b8:3d:dc:2d:3d:28:bf:c2:a6:e4:95:cb:9d:b1:53:
                    97:15:47:e0:a4:13:f8:8a:99:a1:9f:91:e6:a6:fd:
                    c9:cd:54:84:09:46:55:c6:1d:f2:b1:ff:90:63:8b:
                    c7:35:c6:d9:58:d1:6a:d5:c9:4f:30:1c:c3:f8:4c:
                    8b:4f:14:20:ab:d2:ca:68:07:26:9b:e3:e2:6d:db:
                    e6:ed:10:52:9c:08:41:44:8b:cb:24:0e:b3:81:cd:
                    f7:83:71:94:8b:71:68:11:1c:67:37:37:7e:71:46:
                    d0:d5:08:7b:50:57:0d:12:c4:7f:a2:02:69:6d:34:
                    f0:1e:e6:a9:c3:7d:b9:bf:8b:65:62:30:94:f2:7d:
                    f1:de:ad:ed:af:d6:da:e0:d9:de:3c:ae:77:19:5d:
                    c0:e6:7d:8e:9e:24:27:ba:6c:2a:15:f0:20:12:13:
                    f1:fe:17:23:10:43:43:67:c1:3f:e3:ee:05:23:08:
                    d3:3c:13:59:ae:72:00:57:9e:71:48:19:10:ee:c8:
                    f7:56:9c:81:34:2d:85:41:57:de:e3:70:51:cb:f6:
                    11:27:18:09:65:44:2c:e0:1d:48:1a:c0:4e:bd:51:
                    16:97:36:aa:42:26:fb:a9:cc:00:81:9a:16:2c:52:
                    3d:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:ED:B7:1A:39:E1:8B:54:C6:EF:2F:E4:58:18:D1:6F:6C:DE:68:47
            X509v3 Authority Key Identifier:
                keyid:8D:1D:EE:96:4A:A2:6F:89:BD:10:22:76:D4:65:63:3F:B8:2E:AA:28

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jR3ulkqib4m9ECJ21GVjP7guqig.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/549363-1229-4114-a996-259420d32472/1/jR3ulkqib4m9ECJ21GVjP7guqig.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/549363-1229-4114-a996-259420d32472/1/jR3ulkqib4m9ECJ21GVjP7guqig.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:38:aa:71:1a:07:c8:1e:cd:ba:a2:4c:86:51:1b:44:e7:e3:
         57:83:76:df:1c:68:5f:84:b0:95:c1:e7:9a:24:6d:6c:8b:c5:
         ba:09:62:62:16:ab:99:c8:67:a6:46:df:ce:2a:de:a0:50:d7:
         98:f5:47:7d:9c:af:5d:f6:8d:ba:46:19:9a:54:6e:63:ef:24:
         23:06:c7:d1:ef:44:44:0a:0c:21:82:59:cd:b7:32:39:c7:7a:
         cf:4f:cf:d0:8d:61:82:5d:21:83:bd:d0:0d:72:5d:4c:c9:e2:
         6a:04:99:c5:3c:ab:a1:f8:b1:04:fa:65:38:23:48:37:d4:09:
         52:cb:c8:c5:2f:05:a7:e3:b8:e6:3f:90:33:21:dd:f7:40:5d:
         a5:68:0f:86:b2:71:51:f7:f4:12:3d:89:aa:7c:f4:27:ba:73:
         63:38:c2:a7:3c:bf:e1:c0:4d:4b:43:34:3f:d3:4f:5f:c7:95:
         7b:fa:92:da:4d:6f:4f:9c:ca:2c:8b:6b:34:47:0f:33:0f:25:
         8c:ff:4c:da:be:f5:29:fa:32:8b:4a:b3:36:76:32:ca:23:75:
         b4:00:91:b9:37:e0:d0:75:5a:23:8b:0f:ee:21:a0:f2:f9:12:
         44:8e:09:f0:75:01:53:78:51:25:26:78:75:a7:53:6d:7c:00:
         da:1a:91:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RQS+pKzL33UB8/GcX1foMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWRlZTk2NGFhMjZmODliZDEwMjI3NmQ0NjU2MzNmYjgy
ZWFhMjgwHhcNMjUwNjI4MTYwMDQzWhcNMjUwNjI5MTYwMDQzWjAzMTEwLwYDVQQD
EygyYWVkYjcxYTM5ZTE4YjU0YzZlZjJmZTQ1ODE4ZDE2ZjZjZGU2ODQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqTuvsfX8ZvfpCR3Apnm4PdwtPSi/
wqbklcudsVOXFUfgpBP4ipmhn5Hmpv3JzVSECUZVxh3ysf+QY4vHNcbZWNFq1clP
MBzD+EyLTxQgq9LKaAcmm+Pibdvm7RBSnAhBRIvLJA6zgc33g3GUi3FoERxnNzd+
cUbQ1Qh7UFcNEsR/ogJpbTTwHuapw325v4tlYjCU8n3x3q3tr9ba4NnePK53GV3A
5n2OniQnumwqFfAgEhPx/hcjEENDZ8E/4+4FIwjTPBNZrnIAV55xSBkQ7sj3VpyB
NC2FQVfe43BRy/YRJxgJZUQs4B1IGsBOvVEWlzaqQib7qcwAgZoWLFI95wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCrttxo54YtUxu8v5FgY0W9s3mhHMB8GA1UdIwQY
MBaAFI0d7pZKom+JvRAidtRlYz+4LqooMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalIzdWxrcWliNG05RUNKMjFHVmpQN2d1cWlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy81NDkzNjMtMTIyOS00MTE0LWE5OTYt
MjU5NDIwZDMyNDcyLzEvalIzdWxrcWliNG05RUNKMjFHVmpQN2d1cWlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy81NDkzNjMtMTIyOS00MTE0LWE5OTYtMjU5NDIwZDMyNDcy
LzEvalIzdWxrcWliNG05RUNKMjFHVmpQN2d1cWlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIjiqcRoH
yB7NuqJMhlEbROfjV4N23xxoX4SwlcHnmiRtbIvFugliYharmchnpkbfzireoFDX
mPVHfZyvXfaNukYZmlRuY+8kIwbH0e9ERAoMIYJZzbcyOcd6z0/P0I1hgl0hg73Q
DXJdTMniagSZxTyrofixBPplOCNIN9QJUsvIxS8Fp+O45j+QMyHd90BdpWgPhrJx
Uff0Ej2Jqnz0J7pzYzjCpzy/4cBNS0M0P9NPX8eVe/qS2k1vT5zKLItrNEcPMw8l
jP9M2r71Kfoyi0qzNnYyyiN1tACRuTfg0HVaI4sP7iGg8vkSRI4J8HUBU3hRJSZ4
dadTbXwA2hqRLw==
-----END CERTIFICATE-----