Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/9a6bc2-8e5f-4a6d-b206-27cb9dcd60fc/1/Dh-3D5C6LPBYwSBt6w73lzcCbpA.mft
File:                     Dh-3D5C6LPBYwSBt6w73lzcCbpA.mft (raw, json)
Hash identifier:          RCuTpe35qv5FbUOcVdrmMlbQYKPdyxkvDV+1ay64f7o=
Subject key identifier:   03:FD:DA:24:EB:04:89:09:8A:BF:BF:FE:EB:0A:EE:90:C6:FF:E6:8D
Authority key identifier: 0E:1F:B7:0F:90:BA:2C:F0:58:C1:20:6D:EB:0E:F7:97:37:02:6E:90
Certificate issuer:       /CN=0e1fb70f90ba2cf058c1206deb0ef79737026e90
Certificate serial:       01967EA19501BDBB181813CD1A03F948E5E6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Dh-3D5C6LPBYwSBt6w73lzcCbpA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/9a6bc2-8e5f-4a6d-b206-27cb9dcd60fc/1/Dh-3D5C6LPBYwSBt6w73lzcCbpA.mft
Manifest number:          05F8
Signing time:             Mon 28 Apr 2025 23:00:40 +0000
Manifest this update:     Mon 28 Apr 2025 23:00:40 +0000
Manifest next update:     Tue 29 Apr 2025 23:00:40 +0000
Files and hashes:         1: Dh-3D5C6LPBYwSBt6w73lzcCbpA.crl (hash: PXmUFvCEaVsWe3jDYwJoL1ZwwakwOjs5scVJORLAy8U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/9a6bc2-8e5f-4a6d-b206-27cb9dcd60fc/1/Dh-3D5C6LPBYwSBt6w73lzcCbpA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/9a6bc2-8e5f-4a6d-b206-27cb9dcd60fc/1/Dh-3D5C6LPBYwSBt6w73lzcCbpA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Dh-3D5C6LPBYwSBt6w73lzcCbpA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 23:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7e:a1:95:01:bd:bb:18:18:13:cd:1a:03:f9:48:e5:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e1fb70f90ba2cf058c1206deb0ef79737026e90
        Validity
            Not Before: Apr 28 23:00:40 2025 GMT
            Not After : Apr 29 23:00:40 2025 GMT
        Subject: CN=03fdda24eb0489098abfbffeeb0aee90c6ffe68d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:44:e1:96:11:c7:00:18:be:72:5a:cf:91:44:
                    0c:40:d9:ed:e8:74:a9:d1:d1:cf:51:28:91:5e:39:
                    08:19:e8:0d:26:b3:95:50:74:5e:0b:f0:2c:e7:09:
                    c2:9a:40:5a:52:95:c4:84:20:49:a5:bb:fe:80:c5:
                    4a:38:54:02:10:e9:eb:d7:52:f5:99:f1:0d:28:ba:
                    e7:75:a4:6a:39:9d:8b:d2:7f:0a:29:5a:c8:be:b6:
                    b6:82:22:5f:f6:b8:f5:21:2b:4e:7c:8f:91:f6:3f:
                    0b:24:95:78:03:cd:0a:d7:80:98:9c:0c:5f:b8:8e:
                    e3:b4:fe:ce:94:e4:ec:f6:42:63:6a:b4:83:f7:fe:
                    9d:4a:93:80:04:f5:8f:65:c6:80:9a:14:14:66:f6:
                    50:bc:27:1d:d1:aa:b7:f0:89:d6:26:fb:7c:97:75:
                    b5:23:fb:c4:f5:51:ad:5d:a9:44:e3:88:98:e2:16:
                    ef:55:9c:5f:c6:f1:db:b7:0c:d0:53:54:16:0b:4c:
                    f1:80:0f:5f:d9:3d:af:a8:ce:21:bb:a6:7d:8e:8e:
                    2f:a2:f5:06:c1:a7:17:1a:35:8f:d2:e8:33:63:e3:
                    6c:28:8c:8a:1a:83:b8:4d:9e:19:f1:98:15:93:17:
                    68:76:d8:88:69:6e:1e:3c:4a:c5:bb:73:8a:79:76:
                    82:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:FD:DA:24:EB:04:89:09:8A:BF:BF:FE:EB:0A:EE:90:C6:FF:E6:8D
            X509v3 Authority Key Identifier:
                keyid:0E:1F:B7:0F:90:BA:2C:F0:58:C1:20:6D:EB:0E:F7:97:37:02:6E:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dh-3D5C6LPBYwSBt6w73lzcCbpA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/9a6bc2-8e5f-4a6d-b206-27cb9dcd60fc/1/Dh-3D5C6LPBYwSBt6w73lzcCbpA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/9a6bc2-8e5f-4a6d-b206-27cb9dcd60fc/1/Dh-3D5C6LPBYwSBt6w73lzcCbpA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:a4:b7:36:4b:fc:95:cd:05:6d:47:a3:fe:f9:63:8e:5d:16:
         f9:c7:fc:e6:cc:a2:a3:60:b2:66:9b:6b:85:09:0e:c9:e9:20:
         b0:30:b3:34:85:4e:97:f5:af:13:69:3b:6b:45:b8:44:52:27:
         b4:4f:7d:ee:2d:4e:2f:fc:63:d5:f6:1c:6d:19:d4:17:97:51:
         25:78:ec:25:35:b7:2c:bb:67:bf:14:aa:3d:33:9d:71:c3:95:
         4a:f6:01:c5:d3:e3:4d:0b:17:30:64:26:98:04:5a:00:d5:77:
         8e:3e:47:81:ad:32:0b:8f:00:47:fd:64:13:4e:31:c5:92:6a:
         47:1d:f9:05:4e:09:02:71:cb:ba:de:0e:f7:56:d1:b9:3f:46:
         e3:23:3b:d7:01:86:bf:08:55:c8:ae:2e:b5:07:54:de:34:84:
         8a:59:5b:fa:3c:e5:89:11:9d:01:b2:3e:25:d8:3c:86:8f:1b:
         f0:65:3a:8a:bd:70:ad:4c:0c:c7:c0:52:a9:6b:c2:41:3d:e1:
         7b:1d:2f:df:97:21:f6:56:4c:0a:24:e1:85:1a:67:6b:1e:ea:
         6b:ab:4c:22:c0:76:f9:dd:7e:14:21:5a:1a:04:56:d4:18:7d:
         74:6a:69:fd:4d:12:48:6c:cf:89:92:a7:98:27:e4:5f:1d:b6:
         8e:db:60:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ+oZUBvbsYGBPNGgP5SOXmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlMWZiNzBmOTBiYTJjZjA1OGMxMjA2ZGViMGVmNzk3Mzcw
MjZlOTAwHhcNMjUwNDI4MjMwMDQwWhcNMjUwNDI5MjMwMDQwWjAzMTEwLwYDVQQD
EygwM2ZkZGEyNGViMDQ4OTA5OGFiZmJmZmVlYjBhZWU5MGM2ZmZlNjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukThlhHHABi+clrPkUQMQNnt6HSp
0dHPUSiRXjkIGegNJrOVUHReC/As5wnCmkBaUpXEhCBJpbv+gMVKOFQCEOnr11L1
mfENKLrndaRqOZ2L0n8KKVrIvra2giJf9rj1IStOfI+R9j8LJJV4A80K14CYnAxf
uI7jtP7OlOTs9kJjarSD9/6dSpOABPWPZcaAmhQUZvZQvCcd0aq38InWJvt8l3W1
I/vE9VGtXalE44iY4hbvVZxfxvHbtwzQU1QWC0zxgA9f2T2vqM4hu6Z9jo4vovUG
wacXGjWP0ugzY+NsKIyKGoO4TZ4Z8ZgVkxdodtiIaW4ePErFu3OKeXaCUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAP92iTrBIkJir+//usK7pDG/+aNMB8GA1UdIwQY
MBaAFA4ftw+QuizwWMEgbesO95c3Am6QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGgtM0Q1QzZMUEJZd1NCdDZ3NzNsemNDYnBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny85YTZiYzItOGU1Zi00YTZkLWIyMDYt
MjdjYjlkY2Q2MGZjLzEvRGgtM0Q1QzZMUEJZd1NCdDZ3NzNsemNDYnBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny85YTZiYzItOGU1Zi00YTZkLWIyMDYtMjdjYjlkY2Q2MGZj
LzEvRGgtM0Q1QzZMUEJZd1NCdDZ3NzNsemNDYnBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACqS3Nkv8
lc0FbUej/vljjl0W+cf85syio2CyZptrhQkOyekgsDCzNIVOl/WvE2k7a0W4RFIn
tE997i1OL/xj1fYcbRnUF5dRJXjsJTW3LLtnvxSqPTOdccOVSvYBxdPjTQsXMGQm
mARaANV3jj5Hga0yC48AR/1kE04xxZJqRx35BU4JAnHLut4O91bRuT9G4yM71wGG
vwhVyK4utQdU3jSEillb+jzliRGdAbI+Jdg8ho8b8GU6ir1wrUwMx8BSqWvCQT3h
ex0v35ch9lZMCiThhRpnax7qa6tMIsB2+d1+FCFaGgRW1Bh9dGpp/U0SSGzPiZKn
mCfkXx22jttgxA==
-----END CERTIFICATE-----