Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft
File:                     3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft (raw, json)
Hash identifier:          iUqqcDsvaePmS+ubrmWnW2TrSab+uXlNyGa5+v7Kp+0=
Subject key identifier:   9D:0F:F0:D8:ED:35:DC:BB:B3:73:74:C7:90:F2:41:51:63:7C:F8:F3
Authority key identifier: DE:17:FD:66:57:7B:3E:D3:58:B3:86:2A:7D:D9:80:94:4A:85:D5:07
Certificate issuer:       /CN=de17fd66577b3ed358b3862a7dd980944a85d507
Certificate serial:       01976C62397779797EE7370DC76FFAB6493D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft
Manifest number:          014D
Signing time:             Sat 14 Jun 2025 03:01:05 +0000
Manifest this update:     Sat 14 Jun 2025 03:01:05 +0000
Manifest next update:     Sun 15 Jun 2025 03:01:05 +0000
Files and hashes:         1: 3hf9Zld7PtNYs4YqfdmAlEqF1Qc.crl (hash: s3HiIHqyMCdbFFfHkxnfhp9D/QPdYEporm2Zx3ULbeI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:62:39:77:79:79:7e:e7:37:0d:c7:6f:fa:b6:49:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de17fd66577b3ed358b3862a7dd980944a85d507
        Validity
            Not Before: Jun 14 03:01:05 2025 GMT
            Not After : Jun 15 03:01:05 2025 GMT
        Subject: CN=9d0ff0d8ed35dcbbb37374c790f24151637cf8f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:a2:21:b8:9c:0b:68:df:d2:76:af:db:8d:7a:
                    aa:22:99:39:59:34:d0:dc:cd:f8:7a:fe:26:5e:3d:
                    50:3c:52:d2:f1:51:8d:bd:ba:ab:c9:0f:47:2b:dc:
                    c4:53:75:08:aa:99:be:ab:56:8b:ce:fd:e9:05:af:
                    00:ff:e4:f1:43:1e:47:9f:d1:9e:8d:c2:f4:de:55:
                    a5:55:fc:05:47:bd:09:68:a7:5c:72:97:bf:fd:58:
                    dd:2f:c0:5a:63:94:5c:94:e0:61:cc:5e:a7:a2:12:
                    23:10:b0:7b:38:e3:aa:3f:e4:5c:43:99:f0:05:88:
                    7f:0d:e6:e4:a9:30:79:ad:6f:2b:15:4f:eb:05:4a:
                    94:8d:d1:f6:d1:cb:54:63:c6:17:ae:0b:af:73:02:
                    6c:79:bc:34:bc:9b:51:5e:7b:89:06:b2:0a:1e:99:
                    44:07:8e:04:44:7b:89:f7:b2:49:ac:83:f8:1c:ea:
                    ed:9f:89:07:f3:ec:c3:97:77:78:6e:35:6a:49:06:
                    ec:65:4c:b2:8d:28:f0:3a:a2:9c:17:ce:51:58:29:
                    30:a4:20:8e:75:e4:df:b3:d9:65:7d:4b:94:c1:60:
                    a6:ed:4d:14:38:63:f7:e0:a4:d7:b8:a7:28:9d:8c:
                    19:83:98:1d:c9:26:a9:a2:2d:02:37:5d:0c:4b:50:
                    42:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:0F:F0:D8:ED:35:DC:BB:B3:73:74:C7:90:F2:41:51:63:7C:F8:F3
            X509v3 Authority Key Identifier:
                keyid:DE:17:FD:66:57:7B:3E:D3:58:B3:86:2A:7D:D9:80:94:4A:85:D5:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:28:ee:d8:3e:32:94:f8:80:c0:4e:8d:b4:9f:69:3e:e8:8f:
         4d:b2:67:a5:12:1f:8a:2c:a5:1d:52:52:e2:f1:9d:59:97:3f:
         d6:ae:b1:d1:bd:c7:f9:bb:ad:0b:75:3c:74:4c:72:fb:de:ad:
         43:bf:db:b8:14:df:68:d1:21:c2:1a:80:0c:bc:ad:3e:f3:f8:
         eb:06:83:a8:97:c0:40:68:3e:e2:34:2a:bc:ec:39:9e:d4:d4:
         0a:84:4d:3c:7e:14:83:5c:8b:39:80:81:f9:6a:53:f5:cf:72:
         7d:a4:b9:47:de:e6:79:6c:3c:0d:08:7c:f2:fd:5b:2e:6a:c6:
         0f:59:82:c5:d6:4d:0d:f1:f2:69:78:37:63:cb:62:58:7a:88:
         ca:e8:5b:cd:87:71:4e:52:ad:d8:be:9d:d8:5f:bd:1f:75:ce:
         78:8d:b9:7b:52:7c:59:92:81:6c:73:38:3e:79:6c:61:67:5b:
         d3:15:12:d3:05:52:a9:bf:8f:d1:48:ed:01:96:d9:f6:87:83:
         57:7e:18:36:f4:38:8e:5f:f4:5b:b2:ec:63:39:60:68:bf:d3:
         ba:9b:b0:3d:88:69:28:f4:69:a0:ef:2c:cc:53:c1:b7:b1:15:
         2b:bd:cd:55:b4:39:55:55:4d:0a:a2:cd:05:7c:26:48:f6:25:
         0d:b8:dd:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsYjl3eXl+5zcNx2/6tkk9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMTdmZDY2NTc3YjNlZDM1OGIzODYyYTdkZDk4MDk0NGE4
NWQ1MDcwHhcNMjUwNjE0MDMwMTA1WhcNMjUwNjE1MDMwMTA1WjAzMTEwLwYDVQQD
Eyg5ZDBmZjBkOGVkMzVkY2JiYjM3Mzc0Yzc5MGYyNDE1MTYzN2NmOGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqIhuJwLaN/Sdq/bjXqqIpk5WTTQ
3M34ev4mXj1QPFLS8VGNvbqryQ9HK9zEU3UIqpm+q1aLzv3pBa8A/+TxQx5Hn9Ge
jcL03lWlVfwFR70JaKdccpe//VjdL8BaY5RclOBhzF6nohIjELB7OOOqP+RcQ5nw
BYh/DebkqTB5rW8rFU/rBUqUjdH20ctUY8YXrguvcwJsebw0vJtRXnuJBrIKHplE
B44ERHuJ97JJrIP4HOrtn4kH8+zDl3d4bjVqSQbsZUyyjSjwOqKcF85RWCkwpCCO
deTfs9llfUuUwWCm7U0UOGP34KTXuKconYwZg5gdySapoi0CN10MS1BCCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ0P8NjtNdy7s3N0x5DyQVFjfPjzMB8GA1UdIwQY
MBaAFN4X/WZXez7TWLOGKn3ZgJRKhdUHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2hmOVpsZDdQdE5ZczRZcWZkbUFsRXFGMVFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80ZTQ0YzQtMWExMS00Yjg5LWFkYTAt
MjQyYzI1YzcyMDEyLzEvM2hmOVpsZDdQdE5ZczRZcWZkbUFsRXFGMVFjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80ZTQ0YzQtMWExMS00Yjg5LWFkYTAtMjQyYzI1YzcyMDEy
LzEvM2hmOVpsZDdQdE5ZczRZcWZkbUFsRXFGMVFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXyju2D4y
lPiAwE6NtJ9pPuiPTbJnpRIfiiylHVJS4vGdWZc/1q6x0b3H+butC3U8dExy+96t
Q7/buBTfaNEhwhqADLytPvP46waDqJfAQGg+4jQqvOw5ntTUCoRNPH4Ug1yLOYCB
+WpT9c9yfaS5R97meWw8DQh88v1bLmrGD1mCxdZNDfHyaXg3Y8tiWHqIyuhbzYdx
TlKt2L6d2F+9H3XOeI25e1J8WZKBbHM4PnlsYWdb0xUS0wVSqb+P0UjtAZbZ9oeD
V34YNvQ4jl/0W7LsYzlgaL/TupuwPYhpKPRpoO8szFPBt7EVK73NVbQ5VVVNCqLN
BXwmSPYlDbjdqw==
-----END CERTIFICATE-----