Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft
File:                     Bv170s3aV23AzQiOvm7mAZceEjQ.mft (raw, json)
Hash identifier:          fz1Vq5tux9ANuPKFBbJ3rNyn3NsW2iAdxot8TeKpnic=
Subject key identifier:   B0:70:B6:AC:F7:94:01:A1:2E:F7:F3:6C:9F:A8:A7:CE:32:36:66:1D
Authority key identifier: 06:FD:7B:D2:CD:DA:57:6D:C0:CD:08:8E:BE:6E:E6:01:97:1E:12:34
Certificate issuer:       /CN=06fd7bd2cdda576dc0cd088ebe6ee601971e1234
Certificate serial:       0198861F4CE2A790EE42EEA80AA0803F4FDD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Bv170s3aV23AzQiOvm7mAZceEjQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft
Manifest number:          0DF7
Signing time:             Thu 07 Aug 2025 20:00:54 +0000
Manifest this update:     Thu 07 Aug 2025 20:00:54 +0000
Manifest next update:     Fri 08 Aug 2025 20:00:54 +0000
Files and hashes:         1: Bv170s3aV23AzQiOvm7mAZceEjQ.crl (hash: kzus31CgOLp89ji/ZqiOAfV+eJkhuq8usl5IXRWaGlg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Bv170s3aV23AzQiOvm7mAZceEjQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 08 Aug 2025 16:13:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:86:1f:4c:e2:a7:90:ee:42:ee:a8:0a:a0:80:3f:4f:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=06fd7bd2cdda576dc0cd088ebe6ee601971e1234
        Validity
            Not Before: Aug  7 20:00:54 2025 GMT
            Not After : Aug  8 20:00:54 2025 GMT
        Subject: CN=b070b6acf79401a12ef7f36c9fa8a7ce3236661d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:92:65:9c:fd:1d:00:2c:1d:7b:35:54:f1:fe:
                    32:9b:e8:7a:f6:53:f3:d0:2c:db:16:66:71:71:78:
                    7f:a4:3e:4c:01:b8:f3:d4:28:a8:27:9a:1d:32:e9:
                    e0:db:a1:68:ee:08:d3:15:bc:44:e3:34:14:88:32:
                    b5:3e:fe:06:ff:94:08:54:51:fa:b3:c5:38:d3:a7:
                    ba:b1:bd:9e:0b:f9:82:76:c7:c2:f6:9a:32:6e:87:
                    6b:83:f8:b1:3e:d3:aa:5c:7b:f3:59:61:b4:59:0b:
                    2c:1c:4b:13:c7:40:3d:5a:29:5e:e4:dc:05:cb:e4:
                    26:3b:33:a2:a8:1f:fc:dc:08:90:e5:f1:b2:50:9e:
                    5b:2a:c7:62:0f:53:6b:58:3b:30:ea:00:7d:46:64:
                    c9:56:68:75:c7:d4:84:6a:ba:71:be:9d:7d:02:ac:
                    81:e6:47:3b:83:99:17:1d:a4:10:8f:dc:a2:8b:cd:
                    70:57:45:2c:1b:62:45:82:52:9f:52:28:44:45:5a:
                    bf:48:ff:7c:90:24:a2:67:3f:07:f3:94:da:56:e7:
                    f2:cd:ea:09:ad:96:da:51:30:40:4d:fe:7a:a7:68:
                    d3:29:b6:36:9f:f4:5c:e3:61:23:f5:78:d4:70:4b:
                    05:f9:bf:91:b6:f4:4f:b4:7e:fe:19:7f:10:b3:a6:
                    f8:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:70:B6:AC:F7:94:01:A1:2E:F7:F3:6C:9F:A8:A7:CE:32:36:66:1D
            X509v3 Authority Key Identifier:
                keyid:06:FD:7B:D2:CD:DA:57:6D:C0:CD:08:8E:BE:6E:E6:01:97:1E:12:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bv170s3aV23AzQiOvm7mAZceEjQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:35:b3:c8:62:61:72:a3:28:3b:26:b8:71:39:c5:e6:25:c2:
         53:d2:ad:cd:a0:2a:2d:63:30:a7:32:e9:cd:6b:50:08:4b:10:
         da:1d:c2:67:de:c4:91:74:f6:ac:31:89:2c:86:0a:cb:45:f9:
         60:bf:34:c1:55:fb:96:c8:74:70:c1:aa:2e:b8:dd:cd:e5:07:
         ad:5d:e7:60:ed:69:f4:2c:4e:b2:f3:14:82:0e:62:da:e1:01:
         bf:4b:08:a6:85:7b:70:dd:f6:29:4f:84:5a:9a:6d:10:bf:52:
         26:7f:19:cb:d5:c7:d4:56:03:18:dd:c7:57:9a:88:38:f9:13:
         a1:90:71:8c:86:e0:fa:cb:f0:3b:b1:55:74:36:34:33:f1:36:
         01:b2:89:27:63:5c:9c:25:a3:64:a9:28:6d:2d:e3:87:f5:0d:
         95:42:2c:c5:27:a3:78:94:35:60:4f:8d:36:ee:71:73:4e:ae:
         02:9e:c6:ef:c4:a3:8c:98:4f:4a:4a:92:94:87:9b:4c:d4:19:
         1b:4a:95:de:a8:4c:37:94:7c:73:3f:4b:ff:ec:15:c6:fd:79:
         2d:d0:8a:09:65:cf:80:ee:83:e0:a1:e7:e4:c5:95:58:d2:a9:
         4b:3b:15:2a:11:e1:8c:80:bd:f5:58:a0:9d:a5:37:3a:34:97:
         4c:9c:37:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiGH0zip5DuQu6oCqCAP0/dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2ZmQ3YmQyY2RkYTU3NmRjMGNkMDg4ZWJlNmVlNjAxOTcx
ZTEyMzQwHhcNMjUwODA3MjAwMDU0WhcNMjUwODA4MjAwMDU0WjAzMTEwLwYDVQQD
EyhiMDcwYjZhY2Y3OTQwMWExMmVmN2YzNmM5ZmE4YTdjZTMyMzY2NjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJJlnP0dACwdezVU8f4ym+h69lPz
0CzbFmZxcXh/pD5MAbjz1CioJ5odMung26Fo7gjTFbxE4zQUiDK1Pv4G/5QIVFH6
s8U406e6sb2eC/mCdsfC9poybodrg/ixPtOqXHvzWWG0WQssHEsTx0A9Wile5NwF
y+QmOzOiqB/83AiQ5fGyUJ5bKsdiD1NrWDsw6gB9RmTJVmh1x9SEarpxvp19AqyB
5kc7g5kXHaQQj9yii81wV0UsG2JFglKfUihERVq/SP98kCSiZz8H85TaVufyzeoJ
rZbaUTBATf56p2jTKbY2n/Rc42Ej9XjUcEsF+b+RtvRPtH7+GX8Qs6b4TQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLBwtqz3lAGhLvfzbJ+op84yNmYdMB8GA1UdIwQY
MBaAFAb9e9LN2ldtwM0Ijr5u5gGXHhI0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnYxNzBzM2FWMjNBelFpT3ZtN21BWmNlRWpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC82MjBkZjEtMzRjYS00ZTU3LWIzZTEt
YjhkNGJiYTcwMjFlLzEvQnYxNzBzM2FWMjNBelFpT3ZtN21BWmNlRWpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC82MjBkZjEtMzRjYS00ZTU3LWIzZTEtYjhkNGJiYTcwMjFl
LzEvQnYxNzBzM2FWMjNBelFpT3ZtN21BWmNlRWpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAATWzyGJh
cqMoOya4cTnF5iXCU9KtzaAqLWMwpzLpzWtQCEsQ2h3CZ97EkXT2rDGJLIYKy0X5
YL80wVX7lsh0cMGqLrjdzeUHrV3nYO1p9CxOsvMUgg5i2uEBv0sIpoV7cN32KU+E
WpptEL9SJn8Zy9XH1FYDGN3HV5qIOPkToZBxjIbg+svwO7FVdDY0M/E2AbKJJ2Nc
nCWjZKkobS3jh/UNlUIsxSejeJQ1YE+NNu5xc06uAp7G78SjjJhPSkqSlIebTNQZ
G0qV3qhMN5R8cz9L/+wVxv15LdCKCWXPgO6D4KHn5MWVWNKpSzsVKhHhjIC99Vig
naU3OjSXTJw3qg==
-----END CERTIFICATE-----