Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft
File:                     a3tNxJzDUDQveq4ssyBbn3dfZh0.mft (raw, json)
Hash identifier:          3BKQCbrghM3WQVD08VdEUCvSr0S3b1C9fEGaFxEXK+s=
Subject key identifier:   7F:35:D2:D2:95:3A:E7:08:BA:3E:CD:47:95:52:19:89:A9:FA:33:DF
Authority key identifier: 6B:7B:4D:C4:9C:C3:50:34:2F:7A:AE:2C:B3:20:5B:9F:77:5F:66:1D
Certificate issuer:       /CN=6b7b4dc49cc350342f7aae2cb3205b9f775f661d
Certificate serial:       01976F2C8750B207A011B035DB61DC064DE9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a3tNxJzDUDQveq4ssyBbn3dfZh0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft
Manifest number:          158B
Signing time:             Sat 14 Jun 2025 16:01:18 +0000
Manifest this update:     Sat 14 Jun 2025 16:01:18 +0000
Manifest next update:     Sun 15 Jun 2025 16:01:18 +0000
Files and hashes:         1: a3tNxJzDUDQveq4ssyBbn3dfZh0.crl (hash: 1xJ7o/TtZZSeXFfntmqJjOlZkjdoaUNfGkn4ZV26vGY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a3tNxJzDUDQveq4ssyBbn3dfZh0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 16:01:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:2c:87:50:b2:07:a0:11:b0:35:db:61:dc:06:4d:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b7b4dc49cc350342f7aae2cb3205b9f775f661d
        Validity
            Not Before: Jun 14 16:01:18 2025 GMT
            Not After : Jun 15 16:01:18 2025 GMT
        Subject: CN=7f35d2d2953ae708ba3ecd4795521989a9fa33df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:b6:06:f4:2e:4e:99:41:05:a9:66:5a:b7:12:
                    ec:68:7d:99:29:cf:a6:6a:e8:97:e4:eb:d5:87:0a:
                    c2:40:24:51:5b:41:46:81:81:0e:9e:53:7f:9d:9b:
                    6f:95:d7:88:6a:f6:23:75:70:50:66:24:59:df:9a:
                    63:d3:11:1e:7c:6a:f6:5c:ec:70:ee:37:b9:8a:7b:
                    09:15:b9:c1:ea:ae:00:69:a3:a7:37:8b:01:71:c9:
                    21:44:d4:68:6c:30:db:67:b4:b2:76:8f:56:98:6b:
                    52:d6:75:90:32:0a:d8:75:1d:aa:b4:a7:08:14:ea:
                    db:78:8c:37:19:68:ec:79:b9:23:72:03:eb:6e:dd:
                    6b:f2:1d:b0:3a:1b:46:fc:50:89:ba:65:76:5b:48:
                    77:76:53:33:80:dd:10:ad:e9:80:d6:0b:b4:80:78:
                    eb:bd:97:8a:b3:9e:23:da:2c:d0:9c:1f:4e:e8:0d:
                    57:a4:0f:31:48:6f:de:02:92:19:15:78:53:da:da:
                    a8:a9:3a:b5:20:07:f7:1b:a6:4c:7a:7c:35:20:f6:
                    f4:42:13:c3:df:eb:6a:25:f4:aa:9b:c5:f5:37:bd:
                    52:ab:70:8e:0d:5e:be:51:54:3a:b1:16:f5:87:da:
                    cb:f3:f8:e5:e0:71:be:1e:4d:70:a6:66:df:e3:15:
                    46:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:35:D2:D2:95:3A:E7:08:BA:3E:CD:47:95:52:19:89:A9:FA:33:DF
            X509v3 Authority Key Identifier:
                keyid:6B:7B:4D:C4:9C:C3:50:34:2F:7A:AE:2C:B3:20:5B:9F:77:5F:66:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3tNxJzDUDQveq4ssyBbn3dfZh0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         f0:b5:b2:97:7d:15:d5:9c:ca:d1:15:9f:9e:63:92:d4:8c:f0:
         2f:ea:dd:64:ce:17:1a:df:e2:65:d9:02:7d:99:01:08:61:04:
         31:92:68:4e:82:22:23:70:8f:d2:bc:f8:96:3e:79:89:79:eb:
         e8:99:8d:aa:e2:2e:c9:41:af:d6:b7:d0:4d:b5:9d:4b:2e:18:
         7e:06:a9:b3:cf:a7:31:85:d5:21:e3:59:f2:3b:fa:bc:2a:66:
         b2:1b:19:b3:cf:b5:7b:bb:04:bc:60:a3:ac:5d:f5:f7:78:ab:
         16:8d:3e:53:36:90:68:c8:a5:39:0e:5f:0b:f8:68:b8:b4:55:
         59:1d:14:b9:71:48:ac:aa:04:bd:39:2a:3d:f1:54:7c:88:ea:
         d6:34:0a:df:29:bc:cd:1c:db:90:ce:17:bf:31:a4:70:a5:26:
         23:dd:23:5a:83:8f:f4:69:72:c2:fc:1d:57:94:ff:f9:ec:9e:
         5e:54:97:94:d2:10:92:b4:5b:b5:05:d5:bf:e7:5b:95:79:9f:
         22:5f:e5:69:b0:fb:57:52:ed:0d:41:c0:25:e7:f2:c5:85:02:
         cd:24:95:a5:0a:f0:b0:d8:57:09:ff:fb:e4:02:72:2f:25:cb:
         1d:9b:61:d6:56:1f:56:92:c8:18:8b:7c:4a:72:2b:56:1b:8a:
         f2:20:50:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdvLIdQsgegEbA122HcBk3pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiN2I0ZGM0OWNjMzUwMzQyZjdhYWUyY2IzMjA1YjlmNzc1
ZjY2MWQwHhcNMjUwNjE0MTYwMTE4WhcNMjUwNjE1MTYwMTE4WjAzMTEwLwYDVQQD
Eyg3ZjM1ZDJkMjk1M2FlNzA4YmEzZWNkNDc5NTUyMTk4OWE5ZmEzM2RmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2bYG9C5OmUEFqWZatxLsaH2ZKc+m
auiX5OvVhwrCQCRRW0FGgYEOnlN/nZtvldeIavYjdXBQZiRZ35pj0xEefGr2XOxw
7je5insJFbnB6q4AaaOnN4sBcckhRNRobDDbZ7Sydo9WmGtS1nWQMgrYdR2qtKcI
FOrbeIw3GWjsebkjcgPrbt1r8h2wOhtG/FCJumV2W0h3dlMzgN0QremA1gu0gHjr
vZeKs54j2izQnB9O6A1XpA8xSG/eApIZFXhT2tqoqTq1IAf3G6ZMenw1IPb0QhPD
3+tqJfSqm8X1N71Sq3CODV6+UVQ6sRb1h9rL8/jl4HG+Hk1wpmbf4xVGKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH810tKVOucIuj7NR5VSGYmp+jPfMB8GA1UdIwQY
MBaAFGt7TcScw1A0L3quLLMgW593X2YdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTN0TnhKekRVRFF2ZXE0c3N5QmJuM2RmWmgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iNTI3MDktMzhhZi00NTQ1LWE4ZGIt
YzZkNGMxYTU0YTRiLzEvYTN0TnhKekRVRFF2ZXE0c3N5QmJuM2RmWmgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iNTI3MDktMzhhZi00NTQ1LWE4ZGItYzZkNGMxYTU0YTRi
LzEvYTN0TnhKekRVRFF2ZXE0c3N5QmJuM2RmWmgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA8LWyl30V
1ZzK0RWfnmOS1IzwL+rdZM4XGt/iZdkCfZkBCGEEMZJoToIiI3CP0rz4lj55iXnr
6JmNquIuyUGv1rfQTbWdSy4Yfgaps8+nMYXVIeNZ8jv6vCpmshsZs8+1e7sEvGCj
rF3193irFo0+UzaQaMilOQ5fC/houLRVWR0UuXFIrKoEvTkqPfFUfIjq1jQK3ym8
zRzbkM4XvzGkcKUmI90jWoOP9GlywvwdV5T/+eyeXlSXlNIQkrRbtQXVv+dblXmf
Il/labD7V1LtDUHAJefyxYUCzSSVpQrwsNhXCf/75AJyLyXLHZth1lYfVpLIGIt8
SnIrVhuK8iBQSg==
-----END CERTIFICATE-----