Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/0b3cc1-318e-497f-a2b5-1316ad805e64/1/pol1o9gy4UUny7or4QujwebGOFY.mft
File:                     pol1o9gy4UUny7or4QujwebGOFY.mft (raw, json)
Hash identifier:          UzJodBu6SnmDOtEN0blgBndvCrVJCif0IPm6gnf1678=
Subject key identifier:   64:40:0A:2A:22:70:12:48:7C:1C:A6:99:9C:3A:C4:9C:36:83:FF:01
Authority key identifier: A6:89:75:A3:D8:32:E1:45:27:CB:BA:2B:E1:0B:A3:C1:E6:C6:38:56
Certificate issuer:       /CN=a68975a3d832e14527cbba2be10ba3c1e6c63856
Certificate serial:       0197B88FA6D662E3012459B0022C446D62E6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pol1o9gy4UUny7or4QujwebGOFY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/0b3cc1-318e-497f-a2b5-1316ad805e64/1/pol1o9gy4UUny7or4QujwebGOFY.mft
Manifest number:          058A
Signing time:             Sat 28 Jun 2025 22:01:51 +0000
Manifest this update:     Sat 28 Jun 2025 22:01:51 +0000
Manifest next update:     Sun 29 Jun 2025 22:01:51 +0000
Files and hashes:         1: pol1o9gy4UUny7or4QujwebGOFY.crl (hash: t+gZ4TUZ33/Gap2VMIs3TJwpZ4KeAGYDl7Lh8Rdcs/o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f2/0b3cc1-318e-497f-a2b5-1316ad805e64/1/pol1o9gy4UUny7or4QujwebGOFY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f2/0b3cc1-318e-497f-a2b5-1316ad805e64/1/pol1o9gy4UUny7or4QujwebGOFY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pol1o9gy4UUny7or4QujwebGOFY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 22:01:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8f:a6:d6:62:e3:01:24:59:b0:02:2c:44:6d:62:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a68975a3d832e14527cbba2be10ba3c1e6c63856
        Validity
            Not Before: Jun 28 22:01:51 2025 GMT
            Not After : Jun 29 22:01:51 2025 GMT
        Subject: CN=64400a2a227012487c1ca6999c3ac49c3683ff01
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:e0:61:c6:1f:9b:44:6b:b8:0d:64:01:f0:6e:
                    d8:3f:c1:0f:a8:b5:65:2e:40:db:ca:26:b8:22:48:
                    df:70:1e:3b:56:0d:bf:48:f5:4e:a0:d4:0d:fa:59:
                    11:8a:84:5b:3c:6e:99:50:5f:f8:2b:ab:ed:28:c8:
                    a4:03:39:8b:b7:ce:4a:55:fd:83:93:55:e9:3c:67:
                    59:b3:b5:fb:ac:0b:c0:52:48:90:8e:48:c8:2a:6a:
                    41:17:4a:4f:ab:bd:86:d7:ca:3e:c5:91:4a:f1:45:
                    4a:cf:9f:e9:be:29:28:a5:a5:89:9a:88:9b:7d:f1:
                    70:5e:8a:a9:5e:ff:3d:1f:eb:05:37:53:1f:ce:aa:
                    e3:c7:dd:64:c2:95:4e:32:d6:fd:af:1a:c9:74:87:
                    cd:d5:d9:8c:e0:1d:ad:52:5c:37:46:8b:6e:7f:73:
                    bc:f9:ee:b8:ce:c1:df:19:e7:e1:fe:e3:67:89:6c:
                    d1:20:bc:4a:47:78:10:15:47:b0:24:66:08:b2:aa:
                    0e:b5:a6:bd:42:d0:22:2e:77:c9:58:ab:e4:07:87:
                    e5:44:5f:8d:18:30:35:ed:09:ca:1a:01:ee:a3:8c:
                    33:ae:17:40:68:f2:4d:f2:9b:a5:09:98:ee:f0:92:
                    4f:dd:47:0f:81:eb:47:3a:ac:a1:3f:8c:50:c6:69:
                    26:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:40:0A:2A:22:70:12:48:7C:1C:A6:99:9C:3A:C4:9C:36:83:FF:01
            X509v3 Authority Key Identifier:
                keyid:A6:89:75:A3:D8:32:E1:45:27:CB:BA:2B:E1:0B:A3:C1:E6:C6:38:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pol1o9gy4UUny7or4QujwebGOFY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0b3cc1-318e-497f-a2b5-1316ad805e64/1/pol1o9gy4UUny7or4QujwebGOFY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0b3cc1-318e-497f-a2b5-1316ad805e64/1/pol1o9gy4UUny7or4QujwebGOFY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bb:bd:a9:9b:c6:a8:da:a3:75:47:2e:21:d3:58:73:84:fa:d7:
         81:3e:cb:a0:a9:cf:42:0c:d3:9d:57:74:b2:84:31:9a:c1:32:
         d0:57:3c:1c:bc:aa:f8:4f:02:3e:0b:24:af:89:30:3c:1a:90:
         86:23:dc:b5:da:b6:6a:42:88:95:bd:b2:86:3f:b6:f9:37:d5:
         18:cb:a4:3f:66:74:b4:d3:50:b6:07:9b:78:b9:26:81:8a:9c:
         4b:a0:49:1a:2e:12:b4:18:10:fc:c9:33:08:8c:e7:c5:be:be:
         90:a8:c9:2d:a5:10:db:31:a8:c5:e7:a4:0b:ca:3e:6c:b2:73:
         ac:bf:7d:54:a9:97:6c:8f:12:3b:13:ee:aa:1c:62:11:7a:d6:
         86:fa:2c:d2:64:1b:e1:1e:d4:21:cd:36:37:47:0f:a0:5b:9a:
         e6:d3:54:19:6f:28:66:f2:dd:e5:a9:11:3f:b7:b3:02:0c:5d:
         ef:9d:98:66:dd:fe:87:2f:7a:a6:cc:13:7a:39:b3:d5:17:e3:
         05:cf:5c:8e:a1:09:32:a9:11:d5:be:b4:da:67:1e:cc:44:4e:
         b3:d7:ac:42:d3:24:76:ef:08:b8:0f:21:6d:d4:7c:dd:73:fc:
         2f:20:fa:50:bc:1d:c2:e4:bf:89:87:3f:8d:e4:f4:7d:76:1b:
         78:6a:18:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4j6bWYuMBJFmwAixEbWLmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2ODk3NWEzZDgzMmUxNDUyN2NiYmEyYmUxMGJhM2MxZTZj
NjM4NTYwHhcNMjUwNjI4MjIwMTUxWhcNMjUwNjI5MjIwMTUxWjAzMTEwLwYDVQQD
Eyg2NDQwMGEyYTIyNzAxMjQ4N2MxY2E2OTk5YzNhYzQ5YzM2ODNmZjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+Bhxh+bRGu4DWQB8G7YP8EPqLVl
LkDbyia4IkjfcB47Vg2/SPVOoNQN+lkRioRbPG6ZUF/4K6vtKMikAzmLt85KVf2D
k1XpPGdZs7X7rAvAUkiQjkjIKmpBF0pPq72G18o+xZFK8UVKz5/pvikopaWJmoib
ffFwXoqpXv89H+sFN1Mfzqrjx91kwpVOMtb9rxrJdIfN1dmM4B2tUlw3Rotuf3O8
+e64zsHfGefh/uNniWzRILxKR3gQFUewJGYIsqoOtaa9QtAiLnfJWKvkB4flRF+N
GDA17QnKGgHuo4wzrhdAaPJN8pulCZju8JJP3UcPgetHOqyhP4xQxmkmtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGRACioicBJIfBymmZw6xJw2g/8BMB8GA1UdIwQY
MBaAFKaJdaPYMuFFJ8u6K+ELo8HmxjhWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcG9sMW85Z3k0VVVueTdvcjRRdWp3ZWJHT0ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wYjNjYzEtMzE4ZS00OTdmLWEyYjUt
MTMxNmFkODA1ZTY0LzEvcG9sMW85Z3k0VVVueTdvcjRRdWp3ZWJHT0ZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wYjNjYzEtMzE4ZS00OTdmLWEyYjUtMTMxNmFkODA1ZTY0
LzEvcG9sMW85Z3k0VVVueTdvcjRRdWp3ZWJHT0ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAu72pm8ao
2qN1Ry4h01hzhPrXgT7LoKnPQgzTnVd0soQxmsEy0Fc8HLyq+E8CPgskr4kwPBqQ
hiPctdq2akKIlb2yhj+2+TfVGMukP2Z0tNNQtgebeLkmgYqcS6BJGi4StBgQ/Mkz
CIznxb6+kKjJLaUQ2zGoxeekC8o+bLJzrL99VKmXbI8SOxPuqhxiEXrWhvos0mQb
4R7UIc02N0cPoFua5tNUGW8oZvLd5akRP7ezAgxd752YZt3+hy96pswTejmz1Rfj
Bc9cjqEJMqkR1b602mcezEROs9esQtMkdu8IuA8hbdR83XP8LyD6ULwdwuS/iYc/
jeT0fXYbeGoYyA==
-----END CERTIFICATE-----