Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/cec327-38e1-4af4-a08f-77cfd215b732/1/pHXmUfgaq2AzkvJVIbfJq1vSgcA.mft
File:                     pHXmUfgaq2AzkvJVIbfJq1vSgcA.mft (raw, json)
Hash identifier:          E77o3vV3rsOu9ea6Br9g7pQjWHix29gk17atpiZkIpY=
Subject key identifier:   87:84:FB:84:98:1D:A2:BA:BC:F6:67:08:72:8C:5F:9E:9A:FB:23:0E
Authority key identifier: A4:75:E6:51:F8:1A:AB:60:33:92:F2:55:21:B7:C9:AB:5B:D2:81:C0
Certificate issuer:       /CN=a475e651f81aab603392f25521b7c9ab5bd281c0
Certificate serial:       019768F2A410CDD7A45A9E1E07D680910945
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pHXmUfgaq2AzkvJVIbfJq1vSgcA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/cec327-38e1-4af4-a08f-77cfd215b732/1/pHXmUfgaq2AzkvJVIbfJq1vSgcA.mft
Manifest number:          03B9
Signing time:             Fri 13 Jun 2025 11:00:21 +0000
Manifest this update:     Fri 13 Jun 2025 11:00:21 +0000
Manifest next update:     Sat 14 Jun 2025 11:00:21 +0000
Files and hashes:         1: pHXmUfgaq2AzkvJVIbfJq1vSgcA.crl (hash: rktryh06i6dYr4rUEejOM02hHBmk6vl7LYLw0SIrAKA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/87/cec327-38e1-4af4-a08f-77cfd215b732/1/pHXmUfgaq2AzkvJVIbfJq1vSgcA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/87/cec327-38e1-4af4-a08f-77cfd215b732/1/pHXmUfgaq2AzkvJVIbfJq1vSgcA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pHXmUfgaq2AzkvJVIbfJq1vSgcA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 11:00:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:68:f2:a4:10:cd:d7:a4:5a:9e:1e:07:d6:80:91:09:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a475e651f81aab603392f25521b7c9ab5bd281c0
        Validity
            Not Before: Jun 13 11:00:21 2025 GMT
            Not After : Jun 14 11:00:21 2025 GMT
        Subject: CN=8784fb84981da2babcf66708728c5f9e9afb230e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:92:46:96:3a:83:69:31:8c:fc:ee:55:ef:35:
                    f4:ca:b9:9b:ac:77:fe:9a:6a:d7:50:6e:f0:09:c8:
                    09:79:66:ce:00:f9:31:46:5f:61:2b:35:e5:d8:86:
                    1f:98:c4:14:50:c2:c7:c3:a3:06:eb:c8:da:c9:2e:
                    60:92:0f:ce:bb:04:cb:8b:11:58:c4:51:db:14:df:
                    e5:ba:6b:36:81:e4:f7:e6:e2:6b:b2:7c:1e:cc:11:
                    f0:a7:9d:c2:04:a6:50:32:d7:ab:b5:25:fe:e4:35:
                    3b:74:e8:90:ea:55:bf:8a:75:3f:60:cf:4d:3e:5a:
                    60:cc:d4:99:af:70:7f:3f:46:e6:a6:0d:d6:c2:c5:
                    97:27:f9:1e:5a:33:bf:dc:d3:22:5c:bf:93:e6:8b:
                    f0:c6:09:6a:ca:15:ad:67:7c:11:c9:2f:a5:bb:56:
                    7a:d5:dc:95:c2:69:34:49:75:e2:da:e4:cf:68:a3:
                    b9:ee:a4:cc:46:45:0a:98:ca:48:a1:bd:9a:95:03:
                    be:35:46:36:7f:04:87:89:83:35:71:7b:4f:35:47:
                    72:4d:1d:86:b5:52:6a:1e:9a:79:30:4c:dc:b0:f6:
                    83:8f:1c:81:03:33:2e:d9:e0:24:2b:f7:6b:c0:b5:
                    f5:61:fd:a3:bf:97:05:b8:b8:04:41:be:99:42:9a:
                    b0:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:84:FB:84:98:1D:A2:BA:BC:F6:67:08:72:8C:5F:9E:9A:FB:23:0E
            X509v3 Authority Key Identifier:
                keyid:A4:75:E6:51:F8:1A:AB:60:33:92:F2:55:21:B7:C9:AB:5B:D2:81:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pHXmUfgaq2AzkvJVIbfJq1vSgcA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/cec327-38e1-4af4-a08f-77cfd215b732/1/pHXmUfgaq2AzkvJVIbfJq1vSgcA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/cec327-38e1-4af4-a08f-77cfd215b732/1/pHXmUfgaq2AzkvJVIbfJq1vSgcA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:3a:48:b9:ed:dd:a4:98:d6:f6:1b:36:7d:11:6d:58:e5:91:
         9d:8f:d0:6a:71:62:da:46:a0:32:02:85:a8:9c:e0:1c:ed:7a:
         5e:01:85:61:db:d3:36:f5:94:4e:ad:ac:71:3f:bf:53:76:57:
         76:b3:ac:9e:7b:c2:b1:42:7e:a8:cc:6f:ec:0e:4e:dc:d1:27:
         a1:94:ac:4c:72:7b:2e:71:77:11:e5:06:fe:12:5b:ba:57:fb:
         35:1c:58:93:3c:a8:13:09:3c:0e:26:e7:06:3a:94:3b:9a:7c:
         7f:d7:e1:ad:66:43:da:5f:00:53:87:32:94:c4:86:31:4d:55:
         d4:35:ed:84:8a:57:53:a7:3b:cc:ed:4c:a2:0b:98:22:e4:bd:
         7a:f3:a9:a0:47:58:fc:79:7d:99:38:1e:bf:4e:63:10:19:6f:
         22:54:48:ca:10:c4:4f:a1:22:77:66:ca:62:94:58:83:a2:0f:
         35:88:5e:83:e4:74:5f:9b:c1:52:42:3b:1c:b0:3d:8e:23:b1:
         db:20:46:42:39:3a:3f:95:cc:10:9d:eb:15:fd:ae:4e:3a:6e:
         43:f0:4b:3d:d8:36:4c:03:a0:6c:99:47:ac:b9:54:15:63:53:
         d3:1b:be:6c:7b:6c:6f:32:7c:3a:1b:66:ca:6d:25:99:27:db:
         4c:a5:a5:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdo8qQQzdekWp4eB9aAkQlFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0NzVlNjUxZjgxYWFiNjAzMzkyZjI1NTIxYjdjOWFiNWJk
MjgxYzAwHhcNMjUwNjEzMTEwMDIxWhcNMjUwNjE0MTEwMDIxWjAzMTEwLwYDVQQD
Eyg4Nzg0ZmI4NDk4MWRhMmJhYmNmNjY3MDg3MjhjNWY5ZTlhZmIyMzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5JGljqDaTGM/O5V7zX0yrmbrHf+
mmrXUG7wCcgJeWbOAPkxRl9hKzXl2IYfmMQUUMLHw6MG68jayS5gkg/OuwTLixFY
xFHbFN/lums2geT35uJrsnwezBHwp53CBKZQMtertSX+5DU7dOiQ6lW/inU/YM9N
PlpgzNSZr3B/P0bmpg3WwsWXJ/keWjO/3NMiXL+T5ovwxglqyhWtZ3wRyS+lu1Z6
1dyVwmk0SXXi2uTPaKO57qTMRkUKmMpIob2alQO+NUY2fwSHiYM1cXtPNUdyTR2G
tVJqHpp5MEzcsPaDjxyBAzMu2eAkK/drwLX1Yf2jv5cFuLgEQb6ZQpqwVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIeE+4SYHaK6vPZnCHKMX56a+yMOMB8GA1UdIwQY
MBaAFKR15lH4GqtgM5LyVSG3yatb0oHAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEhYbVVmZ2FxMkF6a3ZKVkliZkpxMXZTZ2NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9jZWMzMjctMzhlMS00YWY0LWEwOGYt
NzdjZmQyMTViNzMyLzEvcEhYbVVmZ2FxMkF6a3ZKVkliZkpxMXZTZ2NBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9jZWMzMjctMzhlMS00YWY0LWEwOGYtNzdjZmQyMTViNzMy
LzEvcEhYbVVmZ2FxMkF6a3ZKVkliZkpxMXZTZ2NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbDpIue3d
pJjW9hs2fRFtWOWRnY/QanFi2kagMgKFqJzgHO16XgGFYdvTNvWUTq2scT+/U3ZX
drOsnnvCsUJ+qMxv7A5O3NEnoZSsTHJ7LnF3EeUG/hJbulf7NRxYkzyoEwk8Dibn
BjqUO5p8f9fhrWZD2l8AU4cylMSGMU1V1DXthIpXU6c7zO1MoguYIuS9evOpoEdY
/Hl9mTgev05jEBlvIlRIyhDET6Eid2bKYpRYg6IPNYheg+R0X5vBUkI7HLA9jiOx
2yBGQjk6P5XMEJ3rFf2uTjpuQ/BLPdg2TAOgbJlHrLlUFWNT0xu+bHtsbzJ8Ohtm
ym0lmSfbTKWleg==
-----END CERTIFICATE-----