Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/0184bd-b5d2-4b9c-916b-d0456f729873/1/vdZBBaGdzVxnXAo_mO6MYE6Ajxs.mft
File:                     vdZBBaGdzVxnXAo_mO6MYE6Ajxs.mft (raw, json)
Hash identifier:          AR05TrcfShmsutOiuvJLz92H6TCMLa321EruC76xZXs=
Subject key identifier:   EB:C1:FD:A6:C9:A2:AC:0C:42:30:62:49:C1:0A:64:7E:32:4D:68:4A
Authority key identifier: BD:D6:41:05:A1:9D:CD:5C:67:5C:0A:3F:98:EE:8C:60:4E:80:8F:1B
Certificate issuer:       /CN=bdd64105a19dcd5c675c0a3f98ee8c604e808f1b
Certificate serial:       01976D3D62D01A3AF1B7DD062F24F545E2E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vdZBBaGdzVxnXAo_mO6MYE6Ajxs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/0184bd-b5d2-4b9c-916b-d0456f729873/1/vdZBBaGdzVxnXAo_mO6MYE6Ajxs.mft
Manifest number:          0A69
Signing time:             Sat 14 Jun 2025 07:00:28 +0000
Manifest this update:     Sat 14 Jun 2025 07:00:28 +0000
Manifest next update:     Sun 15 Jun 2025 07:00:28 +0000
Files and hashes:         1: vdZBBaGdzVxnXAo_mO6MYE6Ajxs.crl (hash: 9dyozXXdR4iQhACmntk5UDELBjBGMROY0wjLMmXTE1M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/0184bd-b5d2-4b9c-916b-d0456f729873/1/vdZBBaGdzVxnXAo_mO6MYE6Ajxs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/0184bd-b5d2-4b9c-916b-d0456f729873/1/vdZBBaGdzVxnXAo_mO6MYE6Ajxs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vdZBBaGdzVxnXAo_mO6MYE6Ajxs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3d:62:d0:1a:3a:f1:b7:dd:06:2f:24:f5:45:e2:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bdd64105a19dcd5c675c0a3f98ee8c604e808f1b
        Validity
            Not Before: Jun 14 07:00:28 2025 GMT
            Not After : Jun 15 07:00:28 2025 GMT
        Subject: CN=ebc1fda6c9a2ac0c42306249c10a647e324d684a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:da:a5:f2:f4:31:b8:88:e8:31:98:df:79:77:
                    42:f7:41:b0:e6:29:63:f7:9e:7c:54:5f:71:65:2e:
                    dd:ed:74:ae:2c:17:c7:5b:44:7f:e8:fa:e5:35:25:
                    0a:4f:a1:6e:81:99:93:85:c7:32:eb:b4:4a:4c:73:
                    1e:53:db:b8:00:d7:c7:83:3c:fc:af:42:ff:ae:0a:
                    a9:29:74:ba:36:8e:45:be:c5:11:d0:a4:bb:f8:e1:
                    72:c4:e8:5e:7f:33:45:65:cf:f1:1b:33:fe:1f:9a:
                    de:4d:0d:4a:27:d6:e2:4e:6a:e5:9f:b8:70:3d:af:
                    60:8b:15:10:23:e0:c7:34:29:6d:c7:86:89:8b:1b:
                    85:f7:0b:1b:8a:0f:f2:35:9d:83:80:07:f7:f8:80:
                    b7:5f:19:24:75:7c:ce:4f:ae:0e:18:46:2c:c6:64:
                    04:92:9a:9e:ab:f2:8b:c7:80:da:33:35:78:b8:e3:
                    44:0c:0b:7d:92:79:ef:dd:ab:c1:4f:5c:4f:75:18:
                    41:38:52:1f:67:7b:ac:a3:a4:c5:af:97:0b:35:23:
                    da:8d:72:b4:10:e3:c5:83:f2:52:83:6b:2c:9e:3c:
                    cd:2d:d5:95:f0:86:a1:7d:3d:6f:df:93:c8:02:42:
                    e3:9e:a5:08:1f:2d:69:a1:7a:42:6e:64:66:11:6d:
                    92:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:C1:FD:A6:C9:A2:AC:0C:42:30:62:49:C1:0A:64:7E:32:4D:68:4A
            X509v3 Authority Key Identifier:
                keyid:BD:D6:41:05:A1:9D:CD:5C:67:5C:0A:3F:98:EE:8C:60:4E:80:8F:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vdZBBaGdzVxnXAo_mO6MYE6Ajxs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/0184bd-b5d2-4b9c-916b-d0456f729873/1/vdZBBaGdzVxnXAo_mO6MYE6Ajxs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/0184bd-b5d2-4b9c-916b-d0456f729873/1/vdZBBaGdzVxnXAo_mO6MYE6Ajxs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:ba:60:70:bf:51:08:8c:d5:9f:8a:96:7d:b7:a8:fa:1e:fd:
         9c:ad:36:d9:1b:b4:81:ab:e1:d8:10:7d:34:3a:57:5d:47:d2:
         5d:4b:92:4a:19:30:62:43:83:f4:af:99:f9:34:38:05:fd:6c:
         48:4e:b7:1a:b0:62:ff:a8:48:9b:bc:d1:ff:63:29:33:33:2a:
         39:a3:c5:cc:ee:e6:4a:e5:43:fc:ea:55:4a:97:14:f2:90:eb:
         99:ec:80:a6:3d:33:86:d4:57:db:43:8d:be:b9:9b:09:6f:d2:
         92:28:6f:86:67:7c:a4:34:8c:ab:5c:a2:22:13:e2:cf:6a:ab:
         c8:e2:1d:0e:fd:b0:bf:33:78:ec:c0:41:f3:0f:f2:c4:14:6d:
         70:95:31:4e:9f:c9:cf:e9:2d:16:a6:d1:54:4f:ee:21:1b:13:
         96:73:b7:aa:a9:ae:8b:3b:8b:75:b4:f8:77:a1:26:3e:62:ba:
         52:21:13:5e:f8:4e:83:5d:23:3b:b4:fb:28:1e:91:6f:e4:d3:
         34:e9:38:22:7f:32:91:28:63:d3:de:54:65:ca:47:7d:80:a1:
         6d:f0:ef:42:00:94:82:83:e7:d8:d8:0c:99:07:41:ac:ef:95:
         52:aa:a2:b9:7e:38:54:8c:0b:ab:ba:4c:5f:6c:0d:61:2e:49:
         1b:dc:0c:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPWLQGjrxt90GLyT1ReLgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZDY0MTA1YTE5ZGNkNWM2NzVjMGEzZjk4ZWU4YzYwNGU4
MDhmMWIwHhcNMjUwNjE0MDcwMDI4WhcNMjUwNjE1MDcwMDI4WjAzMTEwLwYDVQQD
EyhlYmMxZmRhNmM5YTJhYzBjNDIzMDYyNDljMTBhNjQ3ZTMyNGQ2ODRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4dql8vQxuIjoMZjfeXdC90Gw5ilj
9558VF9xZS7d7XSuLBfHW0R/6PrlNSUKT6FugZmThccy67RKTHMeU9u4ANfHgzz8
r0L/rgqpKXS6No5FvsUR0KS7+OFyxOhefzNFZc/xGzP+H5reTQ1KJ9biTmrln7hw
Pa9gixUQI+DHNCltx4aJixuF9wsbig/yNZ2DgAf3+IC3XxkkdXzOT64OGEYsxmQE
kpqeq/KLx4DaMzV4uONEDAt9knnv3avBT1xPdRhBOFIfZ3uso6TFr5cLNSPajXK0
EOPFg/JSg2ssnjzNLdWV8IahfT1v35PIAkLjnqUIHy1poXpCbmRmEW2SWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOvB/abJoqwMQjBiScEKZH4yTWhKMB8GA1UdIwQY
MBaAFL3WQQWhnc1cZ1wKP5jujGBOgI8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmRaQkJhR2R6VnhuWEFvX21PNk1ZRTZBanhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8wMTg0YmQtYjVkMi00YjljLTkxNmIt
ZDA0NTZmNzI5ODczLzEvdmRaQkJhR2R6VnhuWEFvX21PNk1ZRTZBanhzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8wMTg0YmQtYjVkMi00YjljLTkxNmItZDA0NTZmNzI5ODcz
LzEvdmRaQkJhR2R6VnhuWEFvX21PNk1ZRTZBanhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVrpgcL9R
CIzVn4qWfbeo+h79nK022Ru0gavh2BB9NDpXXUfSXUuSShkwYkOD9K+Z+TQ4Bf1s
SE63GrBi/6hIm7zR/2MpMzMqOaPFzO7mSuVD/OpVSpcU8pDrmeyApj0zhtRX20ON
vrmbCW/Skihvhmd8pDSMq1yiIhPiz2qryOIdDv2wvzN47MBB8w/yxBRtcJUxTp/J
z+ktFqbRVE/uIRsTlnO3qqmuizuLdbT4d6EmPmK6UiETXvhOg10jO7T7KB6Rb+TT
NOk4In8ykShj095UZcpHfYChbfDvQgCUgoPn2NgMmQdBrO+VUqqiuX44VIwLq7pM
X2wNYS5JG9wM2g==
-----END CERTIFICATE-----