Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/6b168f-2d51-4882-a866-29b4f92ac8fd/1/dUI-b2St_Fh6CPgawqySYOsu1hU.mft
File:                     dUI-b2St_Fh6CPgawqySYOsu1hU.mft (raw, json)
Hash identifier:          ticaUSh+mhfIGLb0AvWHLrzBfMgFz3AXM3qAcuuvggM=
Subject key identifier:   37:44:BB:BB:48:43:8B:1F:12:7E:82:61:11:FF:B0:74:AD:37:36:E7
Authority key identifier: 75:42:3E:6F:64:AD:FC:58:7A:08:F8:1A:C2:AC:92:60:EB:2E:D6:15
Certificate issuer:       /CN=75423e6f64adfc587a08f81ac2ac9260eb2ed615
Certificate serial:       0197696195166F090EC978D433176EB4D921
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dUI-b2St_Fh6CPgawqySYOsu1hU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/6b168f-2d51-4882-a866-29b4f92ac8fd/1/dUI-b2St_Fh6CPgawqySYOsu1hU.mft
Manifest number:          0BFE
Signing time:             Fri 13 Jun 2025 13:01:32 +0000
Manifest this update:     Fri 13 Jun 2025 13:01:32 +0000
Manifest next update:     Sat 14 Jun 2025 13:01:32 +0000
Files and hashes:         1: dUI-b2St_Fh6CPgawqySYOsu1hU.crl (hash: pT/5nv5O7j9p6bpMwshcAocPUr8Rq5TvjJNAsPoulwM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/6b168f-2d51-4882-a866-29b4f92ac8fd/1/dUI-b2St_Fh6CPgawqySYOsu1hU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/6b168f-2d51-4882-a866-29b4f92ac8fd/1/dUI-b2St_Fh6CPgawqySYOsu1hU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dUI-b2St_Fh6CPgawqySYOsu1hU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:01:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:61:95:16:6f:09:0e:c9:78:d4:33:17:6e:b4:d9:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75423e6f64adfc587a08f81ac2ac9260eb2ed615
        Validity
            Not Before: Jun 13 13:01:32 2025 GMT
            Not After : Jun 14 13:01:32 2025 GMT
        Subject: CN=3744bbbb48438b1f127e826111ffb074ad3736e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:5b:ae:f0:49:8f:d6:51:88:ca:de:3f:b7:73:
                    00:1e:f2:9f:ba:6c:ca:04:89:22:c1:8d:2c:4f:5e:
                    da:66:24:e9:ae:15:3b:0f:21:a6:b0:e6:1d:54:a3:
                    5c:cb:56:2b:b6:01:81:f3:9e:5b:eb:95:40:cb:47:
                    1a:fb:1e:bc:6e:44:10:09:ff:0a:33:52:4a:f3:c5:
                    fa:86:95:d1:ab:fe:2a:b8:1a:1b:c9:f7:01:c4:34:
                    4a:42:30:82:92:06:f8:10:ae:8d:df:89:9a:e5:9e:
                    35:65:91:07:a1:a3:c1:8f:3e:e8:63:76:7d:60:75:
                    ae:97:ae:0a:0d:4f:25:f3:f2:f6:18:31:a5:2e:38:
                    e3:bc:ff:3f:98:60:fa:9f:8f:77:57:48:e7:26:b9:
                    20:2e:3f:09:39:cc:8e:c0:8c:3f:6d:01:0d:26:e5:
                    ef:08:ff:1d:68:b1:97:7d:d7:f3:88:25:17:74:b9:
                    44:0e:52:f6:23:df:ab:4d:47:0e:19:7d:ff:56:f9:
                    97:6c:65:62:1f:65:9f:cc:06:a4:a8:c5:75:4e:d1:
                    31:4c:ae:6c:3a:38:bc:e8:25:a7:23:65:65:2a:0a:
                    8d:29:79:c5:6c:a9:38:af:00:3d:fb:4b:3c:8c:6d:
                    a7:6c:6c:23:37:63:16:59:bf:68:62:19:31:12:dd:
                    6d:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:44:BB:BB:48:43:8B:1F:12:7E:82:61:11:FF:B0:74:AD:37:36:E7
            X509v3 Authority Key Identifier:
                keyid:75:42:3E:6F:64:AD:FC:58:7A:08:F8:1A:C2:AC:92:60:EB:2E:D6:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dUI-b2St_Fh6CPgawqySYOsu1hU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/6b168f-2d51-4882-a866-29b4f92ac8fd/1/dUI-b2St_Fh6CPgawqySYOsu1hU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/6b168f-2d51-4882-a866-29b4f92ac8fd/1/dUI-b2St_Fh6CPgawqySYOsu1hU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:bf:6b:16:b9:95:47:d4:1c:e8:d5:d9:42:01:a0:2d:46:0d:
         ae:9e:29:ab:7d:a9:96:49:a1:39:5b:19:f2:6d:9e:93:9d:d0:
         57:32:46:21:42:1d:cb:6e:21:bc:6f:3f:a2:07:2c:c7:1c:e8:
         30:cc:e5:15:db:cd:6f:eb:3c:d3:2a:6b:2b:4b:0f:40:21:20:
         e0:9c:43:17:5f:bc:17:7f:0e:c2:78:b2:17:7c:11:e8:94:a3:
         40:10:08:53:ea:9a:fa:c8:48:d4:e6:97:79:38:36:52:ca:42:
         fa:c8:d7:52:63:68:9c:73:1f:ac:b6:16:40:b3:0a:98:50:52:
         63:de:dd:e7:dd:5d:8f:8c:3a:45:e0:bc:98:2d:99:4d:32:8d:
         cc:d5:50:ca:70:70:27:ca:bb:e3:d7:5f:b8:e4:f9:31:be:12:
         c6:9c:b6:fe:15:da:be:ca:f0:b2:22:20:2f:c5:8c:73:b0:36:
         f9:12:42:99:25:8b:94:45:44:51:a4:2a:2e:45:29:76:7c:4c:
         0e:48:ab:2d:0d:c2:0c:8b:ee:42:93:fc:98:48:15:8f:66:d3:
         d6:e1:90:63:cc:a4:92:6c:9e:f1:de:16:11:af:b7:29:9b:f1:
         63:3a:83:ed:ba:36:12:0a:cd:c7:c3:f1:ba:19:8a:3a:95:76:
         b1:f4:d5:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpYZUWbwkOyXjUMxdutNkhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1NDIzZTZmNjRhZGZjNTg3YTA4ZjgxYWMyYWM5MjYwZWIy
ZWQ2MTUwHhcNMjUwNjEzMTMwMTMyWhcNMjUwNjE0MTMwMTMyWjAzMTEwLwYDVQQD
EygzNzQ0YmJiYjQ4NDM4YjFmMTI3ZTgyNjExMWZmYjA3NGFkMzczNmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1uu8EmP1lGIyt4/t3MAHvKfumzK
BIkiwY0sT17aZiTprhU7DyGmsOYdVKNcy1YrtgGB855b65VAy0ca+x68bkQQCf8K
M1JK88X6hpXRq/4quBobyfcBxDRKQjCCkgb4EK6N34ma5Z41ZZEHoaPBjz7oY3Z9
YHWul64KDU8l8/L2GDGlLjjjvP8/mGD6n493V0jnJrkgLj8JOcyOwIw/bQENJuXv
CP8daLGXfdfziCUXdLlEDlL2I9+rTUcOGX3/VvmXbGViH2WfzAakqMV1TtExTK5s
Oji86CWnI2VlKgqNKXnFbKk4rwA9+0s8jG2nbGwjN2MWWb9oYhkxEt1t+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDdEu7tIQ4sfEn6CYRH/sHStNzbnMB8GA1UdIwQY
MBaAFHVCPm9krfxYegj4GsKskmDrLtYVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFVJLWIyU3RfRmg2Q1BnYXdxeVNZT3N1MWhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC82YjE2OGYtMmQ1MS00ODgyLWE4NjYt
MjliNGY5MmFjOGZkLzEvZFVJLWIyU3RfRmg2Q1BnYXdxeVNZT3N1MWhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC82YjE2OGYtMmQ1MS00ODgyLWE4NjYtMjliNGY5MmFjOGZk
LzEvZFVJLWIyU3RfRmg2Q1BnYXdxeVNZT3N1MWhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg79rFrmV
R9Qc6NXZQgGgLUYNrp4pq32plkmhOVsZ8m2ek53QVzJGIUIdy24hvG8/ogcsxxzo
MMzlFdvNb+s80yprK0sPQCEg4JxDF1+8F38OwniyF3wR6JSjQBAIU+qa+shI1OaX
eTg2UspC+sjXUmNonHMfrLYWQLMKmFBSY97d591dj4w6ReC8mC2ZTTKNzNVQynBw
J8q749dfuOT5Mb4Sxpy2/hXavsrwsiIgL8WMc7A2+RJCmSWLlEVEUaQqLkUpdnxM
DkirLQ3CDIvuQpP8mEgVj2bT1uGQY8ykkmye8d4WEa+3KZvxYzqD7bo2EgrNx8Px
uhmKOpV2sfTV+g==
-----END CERTIFICATE-----