Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
File:                     0phnd6RO0JQPKaeVx19Fpi9EuzM.mft (raw, json)
Hash identifier:          048aBFPqCeslqBhvf/K2b8xTWHJlnfu1bG5Vo1FFmy8=
Subject key identifier:   DB:9B:E5:60:1F:47:79:E4:11:32:69:C7:9A:F8:C9:9C:A9:53:C0:13
Authority key identifier: D2:98:67:77:A4:4E:D0:94:0F:29:A7:95:C7:5F:45:A6:2F:44:BB:33
Certificate issuer:       /CN=d2986777a44ed0940f29a795c75f45a62f44bb33
Certificate serial:       0197B88FD79F3345CA6532D2143651F52F31
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
Manifest number:          05A0
Signing time:             Sat 28 Jun 2025 22:02:03 +0000
Manifest this update:     Sat 28 Jun 2025 22:02:03 +0000
Manifest next update:     Sun 29 Jun 2025 22:02:03 +0000
Files and hashes:         1: 0phnd6RO0JQPKaeVx19Fpi9EuzM.crl (hash: y1RO9YOeGfhSLeKKKyNe22p6g+XAbI2XVZpz/l2h0/Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8f:d7:9f:33:45:ca:65:32:d2:14:36:51:f5:2f:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2986777a44ed0940f29a795c75f45a62f44bb33
        Validity
            Not Before: Jun 28 22:02:03 2025 GMT
            Not After : Jun 29 22:02:03 2025 GMT
        Subject: CN=db9be5601f4779e4113269c79af8c99ca953c013
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:f5:2e:cf:ee:ef:49:f3:c7:18:d2:3f:f9:49:
                    4f:27:88:3b:ed:7b:2b:fc:40:c1:5a:71:3b:6d:f9:
                    f1:c4:dd:6a:ce:19:b3:68:0a:f3:f3:54:54:e6:f9:
                    51:f2:51:e0:cf:e3:82:4e:9a:bd:7a:b0:0b:5f:8c:
                    3e:fd:b1:b3:eb:f2:a7:a0:ef:8d:24:8f:8d:83:31:
                    09:36:2e:0f:c3:3a:64:1e:a5:d3:ee:ec:e0:b9:b3:
                    c9:43:41:ab:91:46:c0:48:65:bd:be:85:15:ec:3d:
                    78:57:32:ca:b3:88:cb:6e:46:f3:9e:00:cb:9f:d8:
                    a6:1f:98:6b:43:e2:8b:c1:97:71:ce:e5:ac:11:28:
                    1e:82:57:e7:fc:11:4f:a3:b1:f4:ca:65:28:14:20:
                    7e:df:3a:80:d1:20:a0:d8:87:6d:9d:3a:b6:49:95:
                    cd:5e:bd:fc:c7:c0:dc:a5:e6:52:8c:b6:31:23:64:
                    d6:40:bf:ca:4a:3f:0b:18:a9:3e:12:b8:0f:f4:41:
                    98:52:c6:f4:08:8d:08:54:2e:fa:12:89:a0:7c:8a:
                    0e:f2:60:1b:40:98:cc:43:38:0e:1f:ee:d5:b6:e2:
                    3a:a2:9f:0e:3c:3b:05:85:d6:4b:24:86:20:39:26:
                    c9:79:bb:2c:da:70:92:18:b1:08:29:d2:0a:f8:67:
                    70:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:9B:E5:60:1F:47:79:E4:11:32:69:C7:9A:F8:C9:9C:A9:53:C0:13
            X509v3 Authority Key Identifier:
                keyid:D2:98:67:77:A4:4E:D0:94:0F:29:A7:95:C7:5F:45:A6:2F:44:BB:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b6:93:29:93:88:50:9f:36:af:96:f2:fc:ce:e6:1a:11:68:20:
         2a:f4:eb:b9:6f:64:4f:d4:26:d4:d4:31:03:14:77:cd:33:77:
         d8:1a:7e:22:a0:df:53:26:c3:0b:e3:43:1e:ad:a4:e4:cb:30:
         dc:c0:08:ef:b3:92:0b:44:6b:dd:14:21:55:37:8f:9f:27:d9:
         08:42:60:4f:0b:a6:86:cc:0b:1b:cf:60:78:2c:04:07:36:d5:
         fa:d9:6f:4e:74:9b:3c:9d:de:70:ad:c3:66:9f:28:4c:04:17:
         bd:63:6e:36:e9:2a:fb:e3:0c:a4:8c:d8:5b:a7:c0:bc:dd:d6:
         5f:5b:9f:25:28:3f:61:61:96:87:3e:31:73:30:14:76:c0:ba:
         80:6f:46:28:bb:8c:4d:bb:96:11:7e:09:bf:eb:16:64:97:90:
         70:4d:85:1e:82:51:dd:81:55:ed:3b:a0:f1:67:8a:d4:c3:12:
         d9:4a:ba:47:5c:c8:17:6a:4a:92:6a:55:47:6d:10:46:ed:d2:
         e5:6b:70:96:e7:e0:a6:a4:4e:a9:a6:40:9a:4a:6b:59:28:87:
         a4:e4:1f:1c:75:16:f8:b7:b1:0c:42:6b:8f:76:a6:da:6c:94:
         ff:6d:bb:47:71:e4:ed:58:9c:4c:79:33:a3:30:8e:4d:f7:ad:
         e9:e3:23:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4j9efM0XKZTLSFDZR9S8xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyOTg2Nzc3YTQ0ZWQwOTQwZjI5YTc5NWM3NWY0NWE2MmY0
NGJiMzMwHhcNMjUwNjI4MjIwMjAzWhcNMjUwNjI5MjIwMjAzWjAzMTEwLwYDVQQD
EyhkYjliZTU2MDFmNDc3OWU0MTEzMjY5Yzc5YWY4Yzk5Y2E5NTNjMDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPUuz+7vSfPHGNI/+UlPJ4g77Xsr
/EDBWnE7bfnxxN1qzhmzaArz81RU5vlR8lHgz+OCTpq9erALX4w+/bGz6/KnoO+N
JI+NgzEJNi4PwzpkHqXT7uzgubPJQ0GrkUbASGW9voUV7D14VzLKs4jLbkbzngDL
n9imH5hrQ+KLwZdxzuWsESgeglfn/BFPo7H0ymUoFCB+3zqA0SCg2IdtnTq2SZXN
Xr38x8DcpeZSjLYxI2TWQL/KSj8LGKk+ErgP9EGYUsb0CI0IVC76EomgfIoO8mAb
QJjMQzgOH+7VtuI6op8OPDsFhdZLJIYgOSbJebss2nCSGLEIKdIK+Gdw4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNub5WAfR3nkETJpx5r4yZypU8ATMB8GA1UdIwQY
MBaAFNKYZ3ekTtCUDymnlcdfRaYvRLszMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS85NzczZGMtZDhlOC00ODBkLTk4ZjIt
YzAwY2JjMTQ5MmJmLzEvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS85NzczZGMtZDhlOC00ODBkLTk4ZjItYzAwY2JjMTQ5MmJm
LzEvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtpMpk4hQ
nzavlvL8zuYaEWggKvTruW9kT9Qm1NQxAxR3zTN32Bp+IqDfUybDC+NDHq2k5Msw
3MAI77OSC0Rr3RQhVTePnyfZCEJgTwumhswLG89geCwEBzbV+tlvTnSbPJ3ecK3D
Zp8oTAQXvWNuNukq++MMpIzYW6fAvN3WX1ufJSg/YWGWhz4xczAUdsC6gG9GKLuM
TbuWEX4Jv+sWZJeQcE2FHoJR3YFV7Tug8WeK1MMS2Uq6R1zIF2pKkmpVR20QRu3S
5WtwlufgpqROqaZAmkprWSiHpOQfHHUW+LexDEJrj3am2myU/227R3Hk7VicTHkz
ozCOTfet6eMjeQ==
-----END CERTIFICATE-----