Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft
File:                     D8lnTtVfCnZcpdocb6-k3SXioXg.mft (raw, json)
Hash identifier:          Ivrd1uLOcV6SUw+qD+HFlGMsByD+tURJqUKDJ66aklc=
Subject key identifier:   96:A5:86:49:3D:BC:8A:5D:85:0A:DF:D9:7C:AE:18:B3:99:B0:63:E2
Authority key identifier: 0F:C9:67:4E:D5:5F:0A:76:5C:A5:DA:1C:6F:AF:A4:DD:25:E2:A1:78
Certificate issuer:       /CN=0fc9674ed55f0a765ca5da1c6fafa4dd25e2a178
Certificate serial:       0197B745B923303F5184D48CB80D2451E4C3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D8lnTtVfCnZcpdocb6-k3SXioXg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft
Manifest number:          069A
Signing time:             Sat 28 Jun 2025 16:01:28 +0000
Manifest this update:     Sat 28 Jun 2025 16:01:28 +0000
Manifest next update:     Sun 29 Jun 2025 16:01:28 +0000
Files and hashes:         1: D8lnTtVfCnZcpdocb6-k3SXioXg.crl (hash: eOKBvskPSdRmzGW+lvdB3aSuCtQ55KPFqvxdmfI2sN0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/D8lnTtVfCnZcpdocb6-k3SXioXg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:45:b9:23:30:3f:51:84:d4:8c:b8:0d:24:51:e4:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0fc9674ed55f0a765ca5da1c6fafa4dd25e2a178
        Validity
            Not Before: Jun 28 16:01:28 2025 GMT
            Not After : Jun 29 16:01:28 2025 GMT
        Subject: CN=96a586493dbc8a5d850adfd97cae18b399b063e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:da:66:0d:38:b2:9f:82:76:8e:3a:8d:1e:a7:
                    9d:4e:09:ab:45:92:8e:19:d8:41:70:6f:08:34:0d:
                    dd:51:c0:97:a7:7d:38:41:49:26:63:f2:d0:39:e4:
                    fb:7c:7a:d5:72:87:74:5a:9d:e6:ae:29:fc:88:ed:
                    4f:87:23:32:1d:f2:d1:56:f0:90:af:c7:3c:d0:96:
                    64:cf:b5:93:b3:8d:68:97:5e:18:3f:3d:ef:96:23:
                    cc:f4:85:bb:e3:3c:69:f1:19:4e:e8:50:70:de:1d:
                    25:c6:d7:97:29:35:5b:79:87:13:fe:8a:43:24:59:
                    7d:01:24:99:9c:7f:97:69:3b:da:8b:8d:09:ee:e8:
                    78:fb:ec:99:fd:c0:cf:69:75:b0:96:43:ee:81:6c:
                    24:43:78:c2:c1:96:d7:56:8f:c9:dd:c7:69:08:b3:
                    70:fd:d5:1e:05:0c:1f:d8:c2:4f:77:6b:d1:99:f3:
                    0d:03:18:d2:f5:b9:7a:4a:3e:ec:83:f7:71:60:3d:
                    46:b4:c2:e1:06:e9:a4:27:ce:2c:2b:0b:bb:23:41:
                    c9:74:60:99:cc:6e:6e:6b:bf:a9:61:66:c5:98:30:
                    79:01:78:d5:79:db:74:e6:91:f6:df:b1:df:9a:dd:
                    b0:b0:59:66:a4:5a:35:f3:f6:e7:0c:b7:89:c0:43:
                    c9:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:A5:86:49:3D:BC:8A:5D:85:0A:DF:D9:7C:AE:18:B3:99:B0:63:E2
            X509v3 Authority Key Identifier:
                keyid:0F:C9:67:4E:D5:5F:0A:76:5C:A5:DA:1C:6F:AF:A4:DD:25:E2:A1:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D8lnTtVfCnZcpdocb6-k3SXioXg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:ce:4d:20:75:bf:c4:e2:ff:1e:20:4e:82:6f:31:4a:47:26:
         a6:ef:5b:d7:bb:b2:71:02:3c:05:f9:19:4c:70:db:8a:a6:08:
         1d:d5:ff:c7:2c:d1:8e:63:d5:64:e7:f2:16:68:f8:11:2d:22:
         2f:0a:d0:0b:05:8c:08:18:bd:3f:64:35:7e:8a:95:5a:14:df:
         39:5b:79:e4:eb:03:fa:c0:31:fd:0e:04:9f:8e:6b:48:a0:fe:
         b7:cc:25:69:90:a5:eb:05:82:9e:87:de:12:d4:a2:66:1b:92:
         c0:7f:5f:66:a1:fd:a5:71:9a:50:bf:b3:bd:58:97:dd:33:25:
         c0:21:da:0b:6d:18:30:28:b0:33:46:de:b2:d5:80:3d:ce:10:
         2f:c2:99:3a:bd:ce:29:7b:95:9e:6c:52:43:da:af:c5:61:1d:
         9e:c2:76:38:79:b1:45:b0:be:3f:04:28:d9:8a:39:cb:4d:b0:
         14:fb:9c:1c:c0:bd:d4:f6:ff:a7:6d:62:54:94:fb:1f:ac:78:
         f3:9e:99:04:ea:c0:b8:c4:4c:9e:65:1f:9b:78:8a:4b:74:6d:
         f7:86:1a:9a:4b:29:62:94:ab:21:9f:85:1a:d8:98:88:8f:54:
         b6:ab:37:c0:9f:8f:66:89:4f:b9:ff:ba:f1:10:0d:3a:5e:f2:
         bf:f6:d6:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RbkjMD9RhNSMuA0kUeTDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmYzk2NzRlZDU1ZjBhNzY1Y2E1ZGExYzZmYWZhNGRkMjVl
MmExNzgwHhcNMjUwNjI4MTYwMTI4WhcNMjUwNjI5MTYwMTI4WjAzMTEwLwYDVQQD
Eyg5NmE1ODY0OTNkYmM4YTVkODUwYWRmZDk3Y2FlMThiMzk5YjA2M2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9pmDTiyn4J2jjqNHqedTgmrRZKO
GdhBcG8INA3dUcCXp304QUkmY/LQOeT7fHrVcod0Wp3mrin8iO1PhyMyHfLRVvCQ
r8c80JZkz7WTs41ol14YPz3vliPM9IW74zxp8RlO6FBw3h0lxteXKTVbeYcT/opD
JFl9ASSZnH+XaTvai40J7uh4++yZ/cDPaXWwlkPugWwkQ3jCwZbXVo/J3cdpCLNw
/dUeBQwf2MJPd2vRmfMNAxjS9bl6Sj7sg/dxYD1GtMLhBumkJ84sKwu7I0HJdGCZ
zG5ua7+pYWbFmDB5AXjVedt05pH237Hfmt2wsFlmpFo18/bnDLeJwEPJvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJalhkk9vIpdhQrf2XyuGLOZsGPiMB8GA1UdIwQY
MBaAFA/JZ07VXwp2XKXaHG+vpN0l4qF4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDhsblR0VmZDblpjcGRvY2I2LWszU1hpb1hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC84YWIyYTMtMDg4ZS00ZTBjLWJlOWEt
NGE5NDZjNTJmYmMyLzEvRDhsblR0VmZDblpjcGRvY2I2LWszU1hpb1hnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC84YWIyYTMtMDg4ZS00ZTBjLWJlOWEtNGE5NDZjNTJmYmMy
LzEvRDhsblR0VmZDblpjcGRvY2I2LWszU1hpb1hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeM5NIHW/
xOL/HiBOgm8xSkcmpu9b17uycQI8BfkZTHDbiqYIHdX/xyzRjmPVZOfyFmj4ES0i
LwrQCwWMCBi9P2Q1foqVWhTfOVt55OsD+sAx/Q4En45rSKD+t8wlaZCl6wWCnofe
EtSiZhuSwH9fZqH9pXGaUL+zvViX3TMlwCHaC20YMCiwM0bestWAPc4QL8KZOr3O
KXuVnmxSQ9qvxWEdnsJ2OHmxRbC+PwQo2Yo5y02wFPucHMC91Pb/p21iVJT7H6x4
856ZBOrAuMRMnmUfm3iKS3Rt94YamkspYpSrIZ+FGtiYiI9Utqs3wJ+PZolPuf+6
8RANOl7yv/bW6g==
-----END CERTIFICATE-----