Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft
File:                     Bv170s3aV23AzQiOvm7mAZceEjQ.mft (raw, json)
Hash identifier:          yOlFQ3HRwxKJaca2H0rdB6tFzBsA9jWCtgeoc9cFQuY=
Subject key identifier:   22:68:84:0A:41:18:7C:BB:B0:40:C1:67:C6:55:FE:BA:F5:54:5B:00
Authority key identifier: 06:FD:7B:D2:CD:DA:57:6D:C0:CD:08:8E:BE:6E:E6:01:97:1E:12:34
Certificate issuer:       /CN=06fd7bd2cdda576dc0cd088ebe6ee601971e1234
Certificate serial:       019779AF44C7CDE165BCB4811081B6FE1DF7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Bv170s3aV23AzQiOvm7mAZceEjQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft
Manifest number:          0D6C
Signing time:             Mon 16 Jun 2025 17:00:18 +0000
Manifest this update:     Mon 16 Jun 2025 17:00:18 +0000
Manifest next update:     Tue 17 Jun 2025 17:00:18 +0000
Files and hashes:         1: Bv170s3aV23AzQiOvm7mAZceEjQ.crl (hash: 74p5qDsqca6TgBEZhBJ6DvedW2ICoI9mL7YRIMuv4W4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Bv170s3aV23AzQiOvm7mAZceEjQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Jun 2025 17:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:79:af:44:c7:cd:e1:65:bc:b4:81:10:81:b6:fe:1d:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=06fd7bd2cdda576dc0cd088ebe6ee601971e1234
        Validity
            Not Before: Jun 16 17:00:18 2025 GMT
            Not After : Jun 17 17:00:18 2025 GMT
        Subject: CN=2268840a41187cbbb040c167c655febaf5545b00
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:17:4c:16:dd:60:39:a2:5c:b8:0f:40:15:4d:
                    a8:7e:5f:c7:e7:38:85:8e:22:34:b0:4f:a8:3c:17:
                    90:da:1f:c9:0b:c9:31:35:c6:8b:ff:94:15:6f:48:
                    d9:f8:c3:70:76:d2:b5:1a:f7:30:1a:59:3b:7f:29:
                    ab:fe:f0:e1:5c:6a:3c:b7:d3:82:bc:6b:78:71:cf:
                    1c:65:dd:47:96:80:4a:10:c7:00:b0:cb:9a:c6:36:
                    4d:cb:a9:fe:cc:3d:90:aa:8d:47:79:62:92:42:43:
                    9e:a5:77:8a:2d:09:3f:a2:71:3c:dd:ca:db:8e:35:
                    96:4d:71:db:16:72:61:7b:d0:01:bf:76:c6:55:08:
                    7a:14:88:c7:c5:3b:2f:50:09:f9:ad:06:fe:79:4d:
                    7d:2b:bb:5a:08:e5:c6:ea:a1:4a:eb:52:e9:f0:93:
                    5c:a2:76:07:ff:df:6f:9a:d4:dc:0d:b2:82:f4:f4:
                    24:12:d5:e0:cb:0e:84:e5:18:1b:ab:14:1b:91:44:
                    cf:77:f1:c4:da:8f:73:61:61:8a:af:66:d5:ce:ea:
                    d2:d5:d2:4b:8e:d3:74:d8:39:3d:3a:97:12:ff:af:
                    e9:2a:f9:57:19:71:68:42:06:19:2d:ac:c0:58:63:
                    fc:be:36:ba:3d:ec:17:49:f1:5e:6a:0f:26:9f:cc:
                    1c:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:68:84:0A:41:18:7C:BB:B0:40:C1:67:C6:55:FE:BA:F5:54:5B:00
            X509v3 Authority Key Identifier:
                keyid:06:FD:7B:D2:CD:DA:57:6D:C0:CD:08:8E:BE:6E:E6:01:97:1E:12:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bv170s3aV23AzQiOvm7mAZceEjQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:97:a7:d8:b5:c3:15:d9:0d:d1:38:80:b0:a9:c8:0b:0d:92:
         88:7e:64:67:06:8b:93:31:2a:5e:38:50:51:69:72:64:94:1a:
         dd:9f:80:46:0e:a7:5c:f6:d8:a8:2a:f1:fb:95:28:66:30:64:
         b0:d7:c1:a5:0a:58:fa:5e:5d:00:1c:35:1c:c9:a6:6f:dc:d4:
         32:9d:5d:68:b4:8f:91:49:3f:59:34:9a:67:dc:de:f8:68:28:
         29:89:42:64:bf:bb:c3:27:48:a2:1f:67:ea:f3:e4:b7:d0:93:
         6d:cc:b1:72:39:12:14:38:dc:be:35:47:19:9e:9e:4a:88:eb:
         04:b5:11:90:84:61:21:91:fe:50:8b:ac:b6:d3:36:06:25:d5:
         12:28:1d:9d:6c:1c:6f:1d:46:8a:61:e0:32:d1:fb:e2:18:8c:
         1c:45:8a:b5:fd:20:fa:11:86:ba:89:12:f0:f1:95:83:af:87:
         f3:2c:bd:40:61:88:e6:27:93:ff:ae:21:0c:bb:8b:a4:7d:57:
         6c:e7:44:04:35:0e:4d:7c:86:02:b3:3a:a7:e6:9b:e1:bc:39:
         42:76:1f:9b:80:bd:2a:7c:53:42:e3:d5:00:bb:a9:87:f2:b0:
         5e:d8:1e:c4:93:2e:07:81:f7:76:31:e5:c2:7d:a9:cf:da:9d:
         12:67:30:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd5r0THzeFlvLSBEIG2/h33MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2ZmQ3YmQyY2RkYTU3NmRjMGNkMDg4ZWJlNmVlNjAxOTcx
ZTEyMzQwHhcNMjUwNjE2MTcwMDE4WhcNMjUwNjE3MTcwMDE4WjAzMTEwLwYDVQQD
EygyMjY4ODQwYTQxMTg3Y2JiYjA0MGMxNjdjNjU1ZmViYWY1NTQ1YjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthdMFt1gOaJcuA9AFU2ofl/H5ziF
jiI0sE+oPBeQ2h/JC8kxNcaL/5QVb0jZ+MNwdtK1GvcwGlk7fymr/vDhXGo8t9OC
vGt4cc8cZd1HloBKEMcAsMuaxjZNy6n+zD2Qqo1HeWKSQkOepXeKLQk/onE83crb
jjWWTXHbFnJhe9ABv3bGVQh6FIjHxTsvUAn5rQb+eU19K7taCOXG6qFK61Lp8JNc
onYH/99vmtTcDbKC9PQkEtXgyw6E5RgbqxQbkUTPd/HE2o9zYWGKr2bVzurS1dJL
jtN02Dk9OpcS/6/pKvlXGXFoQgYZLazAWGP8vja6PewXSfFeag8mn8wcaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCJohApBGHy7sEDBZ8ZV/rr1VFsAMB8GA1UdIwQY
MBaAFAb9e9LN2ldtwM0Ijr5u5gGXHhI0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnYxNzBzM2FWMjNBelFpT3ZtN21BWmNlRWpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC82MjBkZjEtMzRjYS00ZTU3LWIzZTEt
YjhkNGJiYTcwMjFlLzEvQnYxNzBzM2FWMjNBelFpT3ZtN21BWmNlRWpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC82MjBkZjEtMzRjYS00ZTU3LWIzZTEtYjhkNGJiYTcwMjFl
LzEvQnYxNzBzM2FWMjNBelFpT3ZtN21BWmNlRWpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACpen2LXD
FdkN0TiAsKnICw2SiH5kZwaLkzEqXjhQUWlyZJQa3Z+ARg6nXPbYqCrx+5UoZjBk
sNfBpQpY+l5dABw1HMmmb9zUMp1daLSPkUk/WTSaZ9ze+GgoKYlCZL+7wydIoh9n
6vPkt9CTbcyxcjkSFDjcvjVHGZ6eSojrBLURkIRhIZH+UIusttM2BiXVEigdnWwc
bx1GimHgMtH74hiMHEWKtf0g+hGGuokS8PGVg6+H8yy9QGGI5ieT/64hDLuLpH1X
bOdEBDUOTXyGArM6p+ab4bw5QnYfm4C9KnxTQuPVALuph/KwXtgexJMuB4H3djHl
wn2pz9qdEmcw6w==
-----END CERTIFICATE-----