Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/fcbfd7-d785-4b06-88c5-486cae041e0e/1/PS0a2mFMaOF0xN7fVZlqlUMW6uY.mft
File:                     PS0a2mFMaOF0xN7fVZlqlUMW6uY.mft (raw, json)
Hash identifier:          /H6lEXMhjVXNsRPmmj8a7sjzJYmJ+p9KCvv+hh1eXP4=
Subject key identifier:   F6:6C:F5:86:D2:CA:E9:E2:CD:6F:DE:EB:A8:0C:B7:05:5F:21:02:52
Authority key identifier: 3D:2D:1A:DA:61:4C:68:E1:74:C4:DE:DF:55:99:6A:95:43:16:EA:E6
Certificate issuer:       /CN=3d2d1ada614c68e174c4dedf55996a954316eae6
Certificate serial:       0197696192B9B647907B784018C1E9A8EF0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PS0a2mFMaOF0xN7fVZlqlUMW6uY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/fcbfd7-d785-4b06-88c5-486cae041e0e/1/PS0a2mFMaOF0xN7fVZlqlUMW6uY.mft
Manifest number:          158A
Signing time:             Fri 13 Jun 2025 13:01:31 +0000
Manifest this update:     Fri 13 Jun 2025 13:01:31 +0000
Manifest next update:     Sat 14 Jun 2025 13:01:31 +0000
Files and hashes:         1: PS0a2mFMaOF0xN7fVZlqlUMW6uY.crl (hash: aoPqIo4YXBD9leJWXHc0n5vywELPfg67b1HzQoKSDY0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9d/fcbfd7-d785-4b06-88c5-486cae041e0e/1/PS0a2mFMaOF0xN7fVZlqlUMW6uY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9d/fcbfd7-d785-4b06-88c5-486cae041e0e/1/PS0a2mFMaOF0xN7fVZlqlUMW6uY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PS0a2mFMaOF0xN7fVZlqlUMW6uY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:01:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:61:92:b9:b6:47:90:7b:78:40:18:c1:e9:a8:ef:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d2d1ada614c68e174c4dedf55996a954316eae6
        Validity
            Not Before: Jun 13 13:01:31 2025 GMT
            Not After : Jun 14 13:01:31 2025 GMT
        Subject: CN=f66cf586d2cae9e2cd6fdeeba80cb7055f210252
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:55:13:d7:18:72:e9:94:5c:41:68:d6:09:78:
                    81:90:20:c8:e6:f4:ce:ab:ac:bd:52:0b:ce:0c:99:
                    4c:f2:b1:31:17:e7:68:c8:bd:9d:b3:12:38:7b:1b:
                    46:72:34:3a:0c:c0:02:37:81:bd:43:80:b6:df:b4:
                    25:6e:f1:3d:78:56:5a:f4:d4:91:c8:50:05:1e:b9:
                    e7:cc:47:8c:99:ad:ba:2b:58:2f:ae:c9:78:f6:11:
                    94:32:9f:79:7d:78:1e:07:ad:c2:d1:56:80:8f:dd:
                    ba:38:85:4a:17:6c:d1:43:a5:30:31:ad:e2:d2:fa:
                    c8:40:bb:92:56:7c:96:5a:6d:8a:f4:81:9f:f9:b0:
                    e3:8a:62:d4:d2:db:a6:f4:ed:53:1c:e2:7b:54:9f:
                    03:cf:72:0f:a0:0a:70:48:02:8a:8d:67:32:60:81:
                    ed:b4:de:be:af:0c:5d:e5:4f:de:7b:17:43:3d:f4:
                    a0:29:b9:c4:3e:05:ce:7b:1c:ad:b8:0d:d7:f0:6c:
                    1a:b9:8f:0f:e5:4c:3a:a4:f5:02:36:83:22:f6:9d:
                    eb:41:52:de:52:03:1c:ea:67:f7:f8:c1:fa:03:7d:
                    ce:81:2d:78:de:d9:fe:8c:4a:e7:f0:c6:2a:3b:23:
                    39:c5:82:e3:04:a2:88:d8:54:07:18:5a:12:78:b6:
                    64:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:6C:F5:86:D2:CA:E9:E2:CD:6F:DE:EB:A8:0C:B7:05:5F:21:02:52
            X509v3 Authority Key Identifier:
                keyid:3D:2D:1A:DA:61:4C:68:E1:74:C4:DE:DF:55:99:6A:95:43:16:EA:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PS0a2mFMaOF0xN7fVZlqlUMW6uY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/fcbfd7-d785-4b06-88c5-486cae041e0e/1/PS0a2mFMaOF0xN7fVZlqlUMW6uY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/fcbfd7-d785-4b06-88c5-486cae041e0e/1/PS0a2mFMaOF0xN7fVZlqlUMW6uY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:0a:56:5b:02:39:d9:dd:e8:be:97:3b:39:72:7a:73:26:e5:
         ac:6a:be:d1:f1:f4:29:5b:3e:b2:ca:3c:03:68:20:f4:45:2e:
         54:ff:8f:44:9d:d2:8d:df:33:c9:3e:19:19:2c:6f:5f:e1:78:
         0c:84:a5:9c:63:36:26:40:9d:d5:60:62:d9:99:fb:66:20:c0:
         41:3b:ed:1f:80:c4:f7:ce:f0:ff:1f:aa:fc:e3:15:90:a6:8d:
         95:e3:47:69:10:49:7f:18:1d:be:cf:95:6f:9c:43:1e:62:f0:
         c2:a0:95:1a:77:45:42:ac:24:f1:99:91:ee:9d:cd:9f:3b:e8:
         1a:00:c7:17:ab:99:cb:2e:48:e1:ae:12:b5:16:1c:d1:e4:5b:
         97:c9:23:21:a3:87:ab:29:ce:59:ea:9b:38:7d:cd:a7:45:f9:
         8c:54:de:57:40:25:90:ef:93:85:10:c5:5a:8f:bf:b3:fc:68:
         d2:3c:ab:e4:1c:bd:6d:89:06:0f:83:00:75:82:52:84:49:a3:
         7e:f7:e2:36:de:86:8c:de:83:f1:52:e1:e5:d2:77:26:12:21:
         26:50:95:63:92:b0:58:2f:50:1e:b3:78:93:e1:95:00:ef:e9:
         27:8a:7e:67:33:03:5d:bf:ca:5c:78:b5:a6:31:74:32:fb:9f:
         3c:8c:a6:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpYZK5tkeQe3hAGMHpqO8KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMmQxYWRhNjE0YzY4ZTE3NGM0ZGVkZjU1OTk2YTk1NDMx
NmVhZTYwHhcNMjUwNjEzMTMwMTMxWhcNMjUwNjE0MTMwMTMxWjAzMTEwLwYDVQQD
EyhmNjZjZjU4NmQyY2FlOWUyY2Q2ZmRlZWJhODBjYjcwNTVmMjEwMjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1UT1xhy6ZRcQWjWCXiBkCDI5vTO
q6y9UgvODJlM8rExF+doyL2dsxI4extGcjQ6DMACN4G9Q4C237QlbvE9eFZa9NSR
yFAFHrnnzEeMma26K1gvrsl49hGUMp95fXgeB63C0VaAj926OIVKF2zRQ6UwMa3i
0vrIQLuSVnyWWm2K9IGf+bDjimLU0tum9O1THOJ7VJ8Dz3IPoApwSAKKjWcyYIHt
tN6+rwxd5U/eexdDPfSgKbnEPgXOexytuA3X8GwauY8P5Uw6pPUCNoMi9p3rQVLe
UgMc6mf3+MH6A33OgS143tn+jErn8MYqOyM5xYLjBKKI2FQHGFoSeLZkMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPZs9YbSyunizW/e66gMtwVfIQJSMB8GA1UdIwQY
MBaAFD0tGtphTGjhdMTe31WZapVDFurmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFMwYTJtRk1hT0YweE43ZlZabHFsVU1XNnVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9mY2JmZDctZDc4NS00YjA2LTg4YzUt
NDg2Y2FlMDQxZTBlLzEvUFMwYTJtRk1hT0YweE43ZlZabHFsVU1XNnVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC9mY2JmZDctZDc4NS00YjA2LTg4YzUtNDg2Y2FlMDQxZTBl
LzEvUFMwYTJtRk1hT0YweE43ZlZabHFsVU1XNnVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAegpWWwI5
2d3ovpc7OXJ6cyblrGq+0fH0KVs+sso8A2gg9EUuVP+PRJ3Sjd8zyT4ZGSxvX+F4
DISlnGM2JkCd1WBi2Zn7ZiDAQTvtH4DE987w/x+q/OMVkKaNleNHaRBJfxgdvs+V
b5xDHmLwwqCVGndFQqwk8ZmR7p3NnzvoGgDHF6uZyy5I4a4StRYc0eRbl8kjIaOH
qynOWeqbOH3Np0X5jFTeV0AlkO+ThRDFWo+/s/xo0jyr5By9bYkGD4MAdYJShEmj
fvfiNt6GjN6D8VLh5dJ3JhIhJlCVY5KwWC9QHrN4k+GVAO/pJ4p+ZzMDXb/KXHi1
pjF0MvufPIym9w==
-----END CERTIFICATE-----