Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/373874-34fd-4e64-b6a9-18006b6643af/1/MU0IhXjsDimwS0PpAUk1hnJjZP0.mft
File:                     MU0IhXjsDimwS0PpAUk1hnJjZP0.mft (raw, json)
Hash identifier:          qO8kbI/rGEiGI80mJ1zvTFBCX4AsDMqvi6vhjbr5cnE=
Subject key identifier:   69:49:C0:7B:61:B6:F9:40:95:BE:EB:99:AB:87:1A:55:0A:C7:89:22
Authority key identifier: 31:4D:08:85:78:EC:0E:29:B0:4B:43:E9:01:49:35:86:72:63:64:FD
Certificate issuer:       /CN=314d088578ec0e29b04b43e901493586726364fd
Certificate serial:       01976D3E8C940A35EB464B2D2DCB293F1DB2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MU0IhXjsDimwS0PpAUk1hnJjZP0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/373874-34fd-4e64-b6a9-18006b6643af/1/MU0IhXjsDimwS0PpAUk1hnJjZP0.mft
Manifest number:          12C7
Signing time:             Sat 14 Jun 2025 07:01:44 +0000
Manifest this update:     Sat 14 Jun 2025 07:01:44 +0000
Manifest next update:     Sun 15 Jun 2025 07:01:44 +0000
Files and hashes:         1: MU0IhXjsDimwS0PpAUk1hnJjZP0.crl (hash: 7wjMl75LU+xECY4qiOcw3WlQBXdaPhwe5pT7muHjFME=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1f/373874-34fd-4e64-b6a9-18006b6643af/1/MU0IhXjsDimwS0PpAUk1hnJjZP0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1f/373874-34fd-4e64-b6a9-18006b6643af/1/MU0IhXjsDimwS0PpAUk1hnJjZP0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MU0IhXjsDimwS0PpAUk1hnJjZP0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3e:8c:94:0a:35:eb:46:4b:2d:2d:cb:29:3f:1d:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=314d088578ec0e29b04b43e901493586726364fd
        Validity
            Not Before: Jun 14 07:01:44 2025 GMT
            Not After : Jun 15 07:01:44 2025 GMT
        Subject: CN=6949c07b61b6f94095beeb99ab871a550ac78922
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:ae:f2:35:ba:45:c7:40:63:30:26:d7:21:b8:
                    c7:b0:bc:f9:a7:bb:7e:d8:e2:7f:65:e7:fc:5c:99:
                    f5:f4:10:50:01:fc:68:7a:07:dd:cf:51:2c:92:80:
                    4f:e4:b0:b2:01:de:5b:df:fb:7e:2f:d4:ee:3b:8f:
                    cb:22:d4:f0:15:93:f9:7d:eb:9a:68:75:34:19:66:
                    af:f0:76:f3:bc:df:03:08:18:e4:32:5a:a5:42:1c:
                    42:33:d4:d4:fa:3e:21:25:09:1d:50:8e:d4:aa:b6:
                    b3:f5:3a:f8:71:bf:e4:2d:5b:11:27:7f:18:11:b2:
                    0d:95:a6:84:5b:98:bf:85:85:8a:3d:cd:ef:a7:c9:
                    7c:7d:1f:93:d8:9c:1c:0c:ee:35:9d:ad:58:97:a3:
                    e3:cd:9d:67:72:f1:a7:3d:32:04:fe:90:5b:9a:21:
                    6b:27:b4:24:a3:28:6c:ce:9f:38:a6:11:5d:15:a8:
                    c9:9d:a7:a5:45:d6:63:d8:3f:dc:a6:1e:4a:c7:3e:
                    0d:51:4d:67:bb:66:6e:3b:32:42:85:8c:4a:59:7f:
                    38:ec:e0:28:e3:cf:99:fb:c6:f5:fa:4d:66:fb:88:
                    8c:63:84:f3:6f:2c:33:1e:30:db:de:1f:61:f4:46:
                    8d:56:d0:eb:e0:51:3a:3e:97:dd:50:c6:8a:17:ce:
                    92:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:49:C0:7B:61:B6:F9:40:95:BE:EB:99:AB:87:1A:55:0A:C7:89:22
            X509v3 Authority Key Identifier:
                keyid:31:4D:08:85:78:EC:0E:29:B0:4B:43:E9:01:49:35:86:72:63:64:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MU0IhXjsDimwS0PpAUk1hnJjZP0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/373874-34fd-4e64-b6a9-18006b6643af/1/MU0IhXjsDimwS0PpAUk1hnJjZP0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/373874-34fd-4e64-b6a9-18006b6643af/1/MU0IhXjsDimwS0PpAUk1hnJjZP0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:0e:0c:7c:f1:76:62:25:38:8d:d6:c3:64:03:d8:82:77:be:
         76:03:b2:02:02:86:53:2b:53:63:20:bf:41:ab:70:0b:97:e8:
         c5:25:29:67:ee:c5:ab:38:8d:dd:1c:a9:83:e8:7d:0b:75:26:
         14:3a:66:7f:08:0e:4f:b3:a9:76:23:84:4d:db:11:17:ca:a1:
         43:12:c4:31:90:27:94:92:61:ea:43:1f:ff:ef:da:75:7b:dc:
         e7:39:35:49:4d:f8:f1:da:b8:4d:d1:2a:57:19:83:70:6b:2d:
         2f:61:9f:d1:b9:db:5b:55:97:b3:d9:bd:9a:79:d2:80:42:88:
         89:94:27:80:aa:71:aa:dc:54:9c:f7:61:ab:06:f1:ef:ca:28:
         73:2d:e7:6c:c5:76:33:b3:12:92:ea:a7:63:2c:7f:90:56:1e:
         4a:bb:a5:84:61:a4:9d:9a:07:e3:49:54:c4:65:aa:5c:1b:f8:
         c1:7d:bf:07:f4:5d:7b:13:b9:91:7e:6b:47:dc:77:6f:71:20:
         42:1e:31:36:24:d3:53:d3:ae:c2:64:76:fb:92:45:6d:79:67:
         61:96:f5:33:8c:c5:ef:1f:75:28:62:be:6e:13:30:a0:e4:25:
         d9:20:cc:a0:65:87:fe:a7:b8:03:87:d2:65:58:48:d9:86:c5:
         16:cd:be:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPoyUCjXrRkstLcspPx2yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxNGQwODg1NzhlYzBlMjliMDRiNDNlOTAxNDkzNTg2NzI2
MzY0ZmQwHhcNMjUwNjE0MDcwMTQ0WhcNMjUwNjE1MDcwMTQ0WjAzMTEwLwYDVQQD
Eyg2OTQ5YzA3YjYxYjZmOTQwOTViZWViOTlhYjg3MWE1NTBhYzc4OTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqK7yNbpFx0BjMCbXIbjHsLz5p7t+
2OJ/Zef8XJn19BBQAfxoegfdz1EskoBP5LCyAd5b3/t+L9TuO4/LItTwFZP5feua
aHU0GWav8HbzvN8DCBjkMlqlQhxCM9TU+j4hJQkdUI7Uqraz9Tr4cb/kLVsRJ38Y
EbINlaaEW5i/hYWKPc3vp8l8fR+T2JwcDO41na1Yl6PjzZ1ncvGnPTIE/pBbmiFr
J7Qkoyhszp84phFdFajJnaelRdZj2D/cph5Kxz4NUU1nu2ZuOzJChYxKWX847OAo
48+Z+8b1+k1m+4iMY4TzbywzHjDb3h9h9EaNVtDr4FE6PpfdUMaKF86SPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGlJwHthtvlAlb7rmauHGlUKx4kiMB8GA1UdIwQY
MBaAFDFNCIV47A4psEtD6QFJNYZyY2T9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVUwSWhYanNEaW13UzBQcEFVazFobkpqWlAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8zNzM4NzQtMzRmZC00ZTY0LWI2YTkt
MTgwMDZiNjY0M2FmLzEvTVUwSWhYanNEaW13UzBQcEFVazFobkpqWlAwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi8zNzM4NzQtMzRmZC00ZTY0LWI2YTktMTgwMDZiNjY0M2Fm
LzEvTVUwSWhYanNEaW13UzBQcEFVazFobkpqWlAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJw4MfPF2
YiU4jdbDZAPYgne+dgOyAgKGUytTYyC/QatwC5foxSUpZ+7FqziN3Rypg+h9C3Um
FDpmfwgOT7OpdiOETdsRF8qhQxLEMZAnlJJh6kMf/+/adXvc5zk1SU348dq4TdEq
VxmDcGstL2Gf0bnbW1WXs9m9mnnSgEKIiZQngKpxqtxUnPdhqwbx78oocy3nbMV2
M7MSkuqnYyx/kFYeSrulhGGknZoH40lUxGWqXBv4wX2/B/RdexO5kX5rR9x3b3Eg
Qh4xNiTTU9OuwmR2+5JFbXlnYZb1M4zF7x91KGK+bhMwoOQl2SDMoGWH/qe4A4fS
ZVhI2YbFFs2+lw==
-----END CERTIFICATE-----