Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
File:                     DUlCfYpEd823aAhhqexQ3HMhaYI.mft (raw, json)
Hash identifier:          LYfX/6DDrr14hIUWrVa9G2omqscYr/JBK34RVIaiYzw=
Subject key identifier:   78:E5:68:32:06:94:71:8C:E6:A7:6A:DE:01:61:E3:E6:96:4E:92:B8
Authority key identifier: 0D:49:42:7D:8A:44:77:CD:B7:68:08:61:A9:EC:50:DC:73:21:69:82
Certificate issuer:       /CN=0d49427d8a4477cdb7680861a9ec50dc73216982
Certificate serial:       01976F2CC937E06A953F8E9C412A7CC5B36C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
Manifest number:          061C
Signing time:             Sat 14 Jun 2025 16:01:35 +0000
Manifest this update:     Sat 14 Jun 2025 16:01:35 +0000
Manifest next update:     Sun 15 Jun 2025 16:01:35 +0000
Files and hashes:         1: DUlCfYpEd823aAhhqexQ3HMhaYI.crl (hash: Xp976ne4WGa+RAb+NA7Yo533dmSoKZs1+SO6GiHX2c8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 10:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:2c:c9:37:e0:6a:95:3f:8e:9c:41:2a:7c:c5:b3:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d49427d8a4477cdb7680861a9ec50dc73216982
        Validity
            Not Before: Jun 14 16:01:35 2025 GMT
            Not After : Jun 15 16:01:35 2025 GMT
        Subject: CN=78e568320694718ce6a76ade0161e3e6964e92b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:0f:ea:e3:ac:a3:44:f4:eb:0a:15:48:65:88:
                    62:1d:14:8d:65:1f:c3:c5:01:ab:dd:42:f1:09:87:
                    c5:cd:04:d4:3a:da:f8:d6:08:79:8c:42:ef:7b:6b:
                    77:32:93:eb:d6:34:68:87:de:63:87:66:ac:e2:95:
                    e1:99:31:f6:b3:61:14:a9:ae:e5:06:75:fb:08:bb:
                    34:43:26:7c:5b:3f:d8:39:24:1b:b6:cc:03:3f:52:
                    f6:01:f1:99:0a:8f:76:2e:a9:ed:55:a3:99:4d:25:
                    21:79:e6:75:20:aa:32:e3:b1:51:57:6f:59:2f:a3:
                    8a:2a:ee:a4:9d:6a:6d:b9:ad:c8:cb:36:9d:df:0d:
                    37:2b:8d:2c:38:11:b2:03:cb:5f:4d:28:48:f5:67:
                    4f:b6:76:0b:dd:43:e1:c8:dd:14:24:f2:1a:ea:1a:
                    af:e4:da:e8:9f:af:80:cd:34:16:81:46:e4:63:1e:
                    12:bc:a6:26:6f:5b:01:82:68:f6:63:53:a1:d2:3a:
                    5a:83:93:c0:c5:59:86:bd:ba:24:a9:10:33:17:ed:
                    f7:6f:28:70:c3:a7:ef:bb:37:ec:0a:2c:3e:1f:e9:
                    d6:a1:00:4b:52:d8:a2:bc:b2:a2:7d:bb:92:2d:b5:
                    1a:97:72:d7:1a:89:a1:04:49:3e:5d:51:67:ca:3e:
                    23:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:E5:68:32:06:94:71:8C:E6:A7:6A:DE:01:61:E3:E6:96:4E:92:B8
            X509v3 Authority Key Identifier:
                keyid:0D:49:42:7D:8A:44:77:CD:B7:68:08:61:A9:EC:50:DC:73:21:69:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:03:da:73:a3:39:e0:51:3d:df:5a:4f:00:b6:0f:d1:6d:10:
         27:b2:71:42:68:a6:2d:8c:43:4b:ea:21:c7:f6:4b:54:fd:22:
         c7:c5:e4:45:74:9c:3a:a9:90:61:42:86:9b:69:56:3d:a0:28:
         f4:50:a4:c8:39:73:dd:b2:07:14:ad:cc:0d:14:fc:2a:19:24:
         e0:8c:ab:38:bb:a0:d1:56:50:f9:ae:a1:c0:4b:41:45:df:89:
         c6:87:1e:7c:bd:2b:03:ee:a6:35:4c:6e:98:35:35:5f:e6:78:
         43:62:f1:53:17:45:b1:20:d0:d7:d6:79:a1:d0:1d:d8:cd:89:
         83:e6:59:98:87:f9:2d:a4:24:1d:f7:d3:2f:2b:95:78:2c:38:
         81:f1:79:22:e7:f6:43:60:d0:4d:86:8e:ac:8a:5f:3b:be:03:
         26:04:e0:92:26:82:d6:43:42:bc:c8:d8:8c:3b:d1:13:b1:98:
         c0:cb:7a:b3:35:23:73:b5:06:44:3e:36:ba:bf:d3:4d:85:e5:
         ac:5d:34:a1:70:04:a7:3a:91:29:e1:8a:60:9b:6f:46:9c:6e:
         e5:c9:fd:d1:71:1c:07:ba:49:ef:1a:9e:c9:b5:4a:29:32:7c:
         39:78:93:49:b0:68:6d:5a:1e:fb:80:5f:6d:2b:8e:31:e2:ec:
         f0:f0:11:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdvLMk34GqVP46cQSp8xbNsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNDk0MjdkOGE0NDc3Y2RiNzY4MDg2MWE5ZWM1MGRjNzMy
MTY5ODIwHhcNMjUwNjE0MTYwMTM1WhcNMjUwNjE1MTYwMTM1WjAzMTEwLwYDVQQD
Eyg3OGU1NjgzMjA2OTQ3MThjZTZhNzZhZGUwMTYxZTNlNjk2NGU5MmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQ/q46yjRPTrChVIZYhiHRSNZR/D
xQGr3ULxCYfFzQTUOtr41gh5jELve2t3MpPr1jRoh95jh2as4pXhmTH2s2EUqa7l
BnX7CLs0QyZ8Wz/YOSQbtswDP1L2AfGZCo92LqntVaOZTSUheeZ1IKoy47FRV29Z
L6OKKu6knWptua3Iyzad3w03K40sOBGyA8tfTShI9WdPtnYL3UPhyN0UJPIa6hqv
5Nron6+AzTQWgUbkYx4SvKYmb1sBgmj2Y1Oh0jpag5PAxVmGvbokqRAzF+33byhw
w6fvuzfsCiw+H+nWoQBLUtiivLKifbuSLbUal3LXGomhBEk+XVFnyj4jjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHjlaDIGlHGM5qdq3gFh4+aWTpK4MB8GA1UdIwQY
MBaAFA1JQn2KRHfNt2gIYansUNxzIWmCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS84OWRkMjUtNTQ2Yy00ZjE4LWFjYzQt
N2E0MDU3MzE0MTY3LzEvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS84OWRkMjUtNTQ2Yy00ZjE4LWFjYzQtN2E0MDU3MzE0MTY3
LzEvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWQPac6M5
4FE931pPALYP0W0QJ7JxQmimLYxDS+ohx/ZLVP0ix8XkRXScOqmQYUKGm2lWPaAo
9FCkyDlz3bIHFK3MDRT8Khkk4IyrOLug0VZQ+a6hwEtBRd+JxocefL0rA+6mNUxu
mDU1X+Z4Q2LxUxdFsSDQ19Z5odAd2M2Jg+ZZmIf5LaQkHffTLyuVeCw4gfF5Iuf2
Q2DQTYaOrIpfO74DJgTgkiaC1kNCvMjYjDvRE7GYwMt6szUjc7UGRD42ur/TTYXl
rF00oXAEpzqRKeGKYJtvRpxu5cn90XEcB7pJ7xqeybVKKTJ8OXiTSbBobVoe+4Bf
bSuOMeLs8PAR8Q==
-----END CERTIFICATE-----