Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/c4fb00-39c5-48a5-903b-252fd967bfcc/1/U3XfISulmO4KW_aAsh9QxPx9aOE.mft
File:                     U3XfISulmO4KW_aAsh9QxPx9aOE.mft (raw, json)
Hash identifier:          sHFehDRTWXtOntle4w7yfe9rMa0c6iRANEup8uaprzY=
Subject key identifier:   1D:03:B9:8C:EA:AD:73:10:D6:7B:34:BC:E9:17:80:13:A8:8F:35:3E
Authority key identifier: 53:75:DF:21:2B:A5:98:EE:0A:5B:F6:80:B2:1F:50:C4:FC:7D:68:E1
Certificate issuer:       /CN=5375df212ba598ee0a5bf680b21f50c4fc7d68e1
Certificate serial:       01976F9A4F2A3B5385D70B3C48ED4E91F968
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U3XfISulmO4KW_aAsh9QxPx9aOE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/c4fb00-39c5-48a5-903b-252fd967bfcc/1/U3XfISulmO4KW_aAsh9QxPx9aOE.mft
Manifest number:          0D2A
Signing time:             Sat 14 Jun 2025 18:01:13 +0000
Manifest this update:     Sat 14 Jun 2025 18:01:13 +0000
Manifest next update:     Sun 15 Jun 2025 18:01:13 +0000
Files and hashes:         1: U3XfISulmO4KW_aAsh9QxPx9aOE.crl (hash: yFcgeJsIwXAsOamEjImzAehUBQ4zy7Q+qz/M8Yv98us=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/00/c4fb00-39c5-48a5-903b-252fd967bfcc/1/U3XfISulmO4KW_aAsh9QxPx9aOE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/00/c4fb00-39c5-48a5-903b-252fd967bfcc/1/U3XfISulmO4KW_aAsh9QxPx9aOE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U3XfISulmO4KW_aAsh9QxPx9aOE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 18:01:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:9a:4f:2a:3b:53:85:d7:0b:3c:48:ed:4e:91:f9:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5375df212ba598ee0a5bf680b21f50c4fc7d68e1
        Validity
            Not Before: Jun 14 18:01:13 2025 GMT
            Not After : Jun 15 18:01:13 2025 GMT
        Subject: CN=1d03b98ceaad7310d67b34bce9178013a88f353e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:57:85:4d:44:2c:8f:8a:46:68:44:0a:ec:5b:
                    b1:c0:e5:fb:38:a1:54:fc:8a:80:b1:31:bd:dc:57:
                    a5:e3:99:41:3c:61:e6:60:b1:a3:f6:a2:72:96:d0:
                    5f:aa:f7:a3:d7:09:2e:bd:75:16:8f:4a:73:f7:80:
                    74:0c:f9:4d:00:b4:27:07:3f:da:bf:c9:a1:ce:35:
                    e6:7b:4c:30:3a:9e:ad:9c:30:63:3c:24:76:23:4f:
                    d0:96:3f:55:f1:f7:43:17:f0:47:46:77:52:7e:b4:
                    a7:82:95:94:47:95:e4:f7:e7:73:b9:5d:e4:a4:97:
                    a0:90:1d:a8:6b:da:a1:3c:21:28:75:1a:f7:60:64:
                    18:1d:0d:3b:5b:a5:ff:35:98:e2:22:c1:a0:c0:5d:
                    75:1e:76:e3:71:bc:22:90:f2:87:dc:29:1b:f8:b6:
                    d6:e3:26:37:e6:ff:82:a7:d7:3c:ac:71:61:6f:34:
                    39:0c:11:92:40:4a:09:8a:9f:5e:79:38:39:43:6f:
                    00:71:24:af:8f:71:5b:03:80:d0:b5:37:dc:2b:20:
                    46:8f:fc:f4:e1:24:b9:81:77:c1:14:e1:5f:5d:83:
                    f6:0a:1c:c1:bd:41:92:6d:5f:ee:bc:3a:9d:21:2d:
                    37:47:29:82:62:cc:8e:05:9c:2d:16:14:a8:02:d8:
                    eb:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:03:B9:8C:EA:AD:73:10:D6:7B:34:BC:E9:17:80:13:A8:8F:35:3E
            X509v3 Authority Key Identifier:
                keyid:53:75:DF:21:2B:A5:98:EE:0A:5B:F6:80:B2:1F:50:C4:FC:7D:68:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U3XfISulmO4KW_aAsh9QxPx9aOE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c4fb00-39c5-48a5-903b-252fd967bfcc/1/U3XfISulmO4KW_aAsh9QxPx9aOE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c4fb00-39c5-48a5-903b-252fd967bfcc/1/U3XfISulmO4KW_aAsh9QxPx9aOE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:da:d7:56:7b:b1:bc:22:75:b0:a4:e6:62:2c:c9:c9:72:ef:
         94:d9:04:ac:1f:d3:0f:01:38:a8:50:d0:0d:da:97:ab:70:e9:
         48:d7:29:5b:82:2d:d2:37:d3:de:3e:a3:eb:bd:f1:e3:27:ee:
         67:3f:0c:63:ee:95:ff:b5:b2:b6:48:73:41:8c:d9:31:da:cb:
         15:ec:59:f0:88:87:3d:bc:84:e7:d3:79:f9:2c:22:15:24:e5:
         5c:fd:86:c1:ac:84:2d:34:b7:e5:2e:7e:ba:b2:4f:15:a6:9e:
         43:6a:14:60:71:86:8c:ff:00:0f:2d:73:3e:2b:f4:8d:a3:13:
         1a:19:62:b6:ae:88:71:4b:c8:5e:fe:1c:06:00:78:77:3a:f9:
         95:93:9e:0a:82:80:fc:79:77:f8:35:19:dd:92:fe:11:d5:8c:
         ac:e5:0c:c3:c9:83:62:15:9b:85:39:c0:46:c2:14:fd:4c:9a:
         df:72:f7:28:db:13:b7:92:cf:42:fd:69:34:b3:92:03:f0:e2:
         55:27:86:39:5f:ec:34:f7:33:c9:b2:f7:1f:29:fa:d4:45:7e:
         c4:31:40:50:a4:28:ba:29:4a:9b:82:34:e5:cd:0b:e6:20:a9:
         18:c9:f2:a0:5e:89:6c:c9:b5:31:9d:3b:bb:ca:1e:81:d7:35:
         0f:17:41:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdvmk8qO1OF1ws8SO1OkfloMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNzVkZjIxMmJhNTk4ZWUwYTViZjY4MGIyMWY1MGM0ZmM3
ZDY4ZTEwHhcNMjUwNjE0MTgwMTEzWhcNMjUwNjE1MTgwMTEzWjAzMTEwLwYDVQQD
EygxZDAzYjk4Y2VhYWQ3MzEwZDY3YjM0YmNlOTE3ODAxM2E4OGYzNTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnleFTUQsj4pGaEQK7FuxwOX7OKFU
/IqAsTG93Fel45lBPGHmYLGj9qJyltBfqvej1wkuvXUWj0pz94B0DPlNALQnBz/a
v8mhzjXme0wwOp6tnDBjPCR2I0/Qlj9V8fdDF/BHRndSfrSngpWUR5Xk9+dzuV3k
pJegkB2oa9qhPCEodRr3YGQYHQ07W6X/NZjiIsGgwF11HnbjcbwikPKH3Ckb+LbW
4yY35v+Cp9c8rHFhbzQ5DBGSQEoJip9eeTg5Q28AcSSvj3FbA4DQtTfcKyBGj/z0
4SS5gXfBFOFfXYP2ChzBvUGSbV/uvDqdIS03RymCYsyOBZwtFhSoAtjraQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB0DuYzqrXMQ1ns0vOkXgBOojzU+MB8GA1UdIwQY
MBaAFFN13yErpZjuClv2gLIfUMT8fWjhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTNYZklTdWxtTzRLV19hQXNoOVF4UHg5YU9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9jNGZiMDAtMzljNS00OGE1LTkwM2It
MjUyZmQ5NjdiZmNjLzEvVTNYZklTdWxtTzRLV19hQXNoOVF4UHg5YU9FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9jNGZiMDAtMzljNS00OGE1LTkwM2ItMjUyZmQ5NjdiZmNj
LzEvVTNYZklTdWxtTzRLV19hQXNoOVF4UHg5YU9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfNrXVnux
vCJ1sKTmYizJyXLvlNkErB/TDwE4qFDQDdqXq3DpSNcpW4It0jfT3j6j673x4yfu
Zz8MY+6V/7WytkhzQYzZMdrLFexZ8IiHPbyE59N5+SwiFSTlXP2GwayELTS35S5+
urJPFaaeQ2oUYHGGjP8ADy1zPiv0jaMTGhlitq6IcUvIXv4cBgB4dzr5lZOeCoKA
/Hl3+DUZ3ZL+EdWMrOUMw8mDYhWbhTnARsIU/Uya33L3KNsTt5LPQv1pNLOSA/Di
VSeGOV/sNPczybL3Hyn61EV+xDFAUKQouilKm4I05c0L5iCpGMnyoF6JbMm1MZ07
u8oegdc1DxdBTw==
-----END CERTIFICATE-----