Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/4c8208-ba30-4716-a6c8-84f3524626bd/1/DlbJ5Y2Wrx5BMNciQiEZKywTKlw.mft
File:                     DlbJ5Y2Wrx5BMNciQiEZKywTKlw.mft (raw, json)
Hash identifier:          56lgygb+ZE8knvCSw5OeXayc5k+43EyMo4zf42MQLes=
Subject key identifier:   33:C4:9B:F8:AB:F2:5B:EF:04:3B:14:5A:D7:B2:56:66:E5:21:63:09
Authority key identifier: 0E:56:C9:E5:8D:96:AF:1E:41:30:D7:22:42:21:19:2B:2C:13:2A:5C
Certificate issuer:       /CN=0e56c9e58d96af1e4130d7224221192b2c132a5c
Certificate serial:       0197B88FF98108A1EEBF28490CE86347CCD0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DlbJ5Y2Wrx5BMNciQiEZKywTKlw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/4c8208-ba30-4716-a6c8-84f3524626bd/1/DlbJ5Y2Wrx5BMNciQiEZKywTKlw.mft
Manifest number:          1547
Signing time:             Sat 28 Jun 2025 22:02:12 +0000
Manifest this update:     Sat 28 Jun 2025 22:02:12 +0000
Manifest next update:     Sun 29 Jun 2025 22:02:12 +0000
Files and hashes:         1: DlbJ5Y2Wrx5BMNciQiEZKywTKlw.crl (hash: At2oWySsqkYQFNdtxlAhL+0Z6wt2YBoBOEvVXaa1lio=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/4c8208-ba30-4716-a6c8-84f3524626bd/1/DlbJ5Y2Wrx5BMNciQiEZKywTKlw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/4c8208-ba30-4716-a6c8-84f3524626bd/1/DlbJ5Y2Wrx5BMNciQiEZKywTKlw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DlbJ5Y2Wrx5BMNciQiEZKywTKlw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8f:f9:81:08:a1:ee:bf:28:49:0c:e8:63:47:cc:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e56c9e58d96af1e4130d7224221192b2c132a5c
        Validity
            Not Before: Jun 28 22:02:12 2025 GMT
            Not After : Jun 29 22:02:12 2025 GMT
        Subject: CN=33c49bf8abf25bef043b145ad7b25666e5216309
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:5c:ba:07:31:6d:ed:e3:92:4d:3f:ea:67:b3:
                    a0:17:9a:f1:97:7b:23:39:66:5d:7f:45:6f:7a:73:
                    42:1b:1a:fe:a4:94:c3:80:19:0a:ce:e3:67:6b:2f:
                    75:90:ca:93:0a:f3:83:1b:15:2a:14:82:f7:96:3a:
                    66:e8:e9:f4:3e:5e:0e:e8:eb:e6:52:fd:31:bb:ea:
                    ac:f4:f1:71:75:94:6d:c9:50:52:1a:4e:a0:cc:80:
                    b6:1d:9b:41:b2:ac:93:0f:bd:d7:60:f0:15:39:81:
                    35:94:da:7c:8d:9d:24:0a:8a:87:63:c7:e1:c4:98:
                    5c:48:e6:22:07:3e:4f:4a:20:a7:d0:1c:27:62:7e:
                    c5:61:4c:54:9d:a4:b4:09:f0:8f:38:12:6d:ac:8b:
                    85:3d:ca:c9:0b:94:1f:07:99:aa:39:f7:9f:2a:0d:
                    60:1b:8f:32:34:d8:aa:a8:aa:7b:e9:51:e1:86:6c:
                    43:fe:3d:03:8c:26:21:24:fa:52:88:57:dc:ba:df:
                    42:fc:6b:51:eb:e4:24:20:1b:b1:4a:ae:0b:a6:19:
                    e9:ce:4d:9e:cb:92:3a:cd:10:2a:e2:0e:8e:42:55:
                    9f:2d:fb:82:17:37:5e:5b:0b:92:91:61:51:07:65:
                    f1:76:ee:62:06:60:1f:d5:05:37:a7:3b:bc:e0:09:
                    a2:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:C4:9B:F8:AB:F2:5B:EF:04:3B:14:5A:D7:B2:56:66:E5:21:63:09
            X509v3 Authority Key Identifier:
                keyid:0E:56:C9:E5:8D:96:AF:1E:41:30:D7:22:42:21:19:2B:2C:13:2A:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DlbJ5Y2Wrx5BMNciQiEZKywTKlw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/4c8208-ba30-4716-a6c8-84f3524626bd/1/DlbJ5Y2Wrx5BMNciQiEZKywTKlw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/4c8208-ba30-4716-a6c8-84f3524626bd/1/DlbJ5Y2Wrx5BMNciQiEZKywTKlw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:12:a0:1f:8c:24:6b:03:2a:e0:4e:59:8a:e5:d2:21:90:d2:
         93:24:b8:68:96:00:18:a7:be:a1:e9:eb:2d:fb:45:dd:ad:d2:
         fa:bf:1c:a2:c6:91:21:44:06:b3:5b:90:2d:74:40:1c:b8:74:
         1b:08:68:7c:2b:7b:d1:83:4c:a7:97:62:ec:8c:26:bf:f2:d5:
         0a:ea:90:63:e4:b8:ff:2c:cd:cf:97:e3:a4:44:42:0c:34:76:
         41:1f:20:ac:fe:a1:3d:01:5b:75:87:c6:25:ce:c3:3f:8f:79:
         c9:24:25:05:c0:b9:bc:1f:02:6b:c9:c2:ce:20:4c:8b:50:e2:
         f6:5d:b2:79:9f:a1:85:3f:99:b5:20:f5:d9:bc:3e:f9:3c:a0:
         ce:44:f9:04:ea:69:c2:f0:8f:8b:82:05:93:f1:30:01:ed:73:
         69:cb:27:a8:2f:57:46:f5:7f:a2:0f:d3:33:fd:a5:89:06:cd:
         ca:d7:61:96:e9:08:9b:4c:0a:59:ca:d8:de:5a:5c:13:29:b6:
         fb:2e:6b:f0:86:51:2f:7d:4e:7d:52:c5:20:46:84:44:d3:04:
         99:3a:15:0b:ac:bd:dc:c3:29:a2:13:5f:cc:c0:1c:fd:93:0a:
         be:d8:68:8e:51:1b:9c:36:b4:e9:af:c2:ca:16:fd:64:a0:0c:
         eb:ac:77:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4j/mBCKHuvyhJDOhjR8zQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNTZjOWU1OGQ5NmFmMWU0MTMwZDcyMjQyMjExOTJiMmMx
MzJhNWMwHhcNMjUwNjI4MjIwMjEyWhcNMjUwNjI5MjIwMjEyWjAzMTEwLwYDVQQD
EygzM2M0OWJmOGFiZjI1YmVmMDQzYjE0NWFkN2IyNTY2NmU1MjE2MzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1y6BzFt7eOSTT/qZ7OgF5rxl3sj
OWZdf0VvenNCGxr+pJTDgBkKzuNnay91kMqTCvODGxUqFIL3ljpm6On0Pl4O6Ovm
Uv0xu+qs9PFxdZRtyVBSGk6gzIC2HZtBsqyTD73XYPAVOYE1lNp8jZ0kCoqHY8fh
xJhcSOYiBz5PSiCn0BwnYn7FYUxUnaS0CfCPOBJtrIuFPcrJC5QfB5mqOfefKg1g
G48yNNiqqKp76VHhhmxD/j0DjCYhJPpSiFfcut9C/GtR6+QkIBuxSq4Lphnpzk2e
y5I6zRAq4g6OQlWfLfuCFzdeWwuSkWFRB2Xxdu5iBmAf1QU3pzu84AmibQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDPEm/ir8lvvBDsUWteyVmblIWMJMB8GA1UdIwQY
MBaAFA5WyeWNlq8eQTDXIkIhGSssEypcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGxiSjVZMldyeDVCTU5jaVFpRVpLeXdUS2x3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC80YzgyMDgtYmEzMC00NzE2LWE2Yzgt
ODRmMzUyNDYyNmJkLzEvRGxiSjVZMldyeDVCTU5jaVFpRVpLeXdUS2x3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC80YzgyMDgtYmEzMC00NzE2LWE2YzgtODRmMzUyNDYyNmJk
LzEvRGxiSjVZMldyeDVCTU5jaVFpRVpLeXdUS2x3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKRKgH4wk
awMq4E5ZiuXSIZDSkyS4aJYAGKe+oenrLftF3a3S+r8cosaRIUQGs1uQLXRAHLh0
GwhofCt70YNMp5di7Iwmv/LVCuqQY+S4/yzNz5fjpERCDDR2QR8grP6hPQFbdYfG
Jc7DP495ySQlBcC5vB8Ca8nCziBMi1Di9l2yeZ+hhT+ZtSD12bw++TygzkT5BOpp
wvCPi4IFk/EwAe1zacsnqC9XRvV/og/TM/2liQbNytdhlukIm0wKWcrY3lpcEym2
+y5r8IZRL31OfVLFIEaERNMEmToVC6y93MMpohNfzMAc/ZMKvthojlEbnDa06a/C
yhb9ZKAM66x3kw==
-----END CERTIFICATE-----