Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
File:                     3kK6kvCUZ8GIi16eNEiVB0SweYE.mft (raw, json)
Hash identifier:          dW2E7mt9AQRWYbGzzsNE3ObUiuGKuxmtBL3QjONLa5k=
Subject key identifier:   84:54:97:16:76:B7:9B:17:79:E0:53:CF:0C:90:B6:F0:21:F3:6D:A0
Authority key identifier: DE:42:BA:92:F0:94:67:C1:88:8B:5E:9E:34:48:95:07:44:B0:79:81
Certificate issuer:       /CN=de42ba92f09467c1888b5e9e3448950744b07981
Certificate serial:       0197730966C2728EFE1981846A39F5B90F4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
Manifest number:          1001
Signing time:             Sun 15 Jun 2025 10:01:25 +0000
Manifest this update:     Sun 15 Jun 2025 10:01:25 +0000
Manifest next update:     Mon 16 Jun 2025 10:01:25 +0000
Files and hashes:         1: 3kK6kvCUZ8GIi16eNEiVB0SweYE.crl (hash: z/nvY7oTe3Q43DxkUivsIDQAgv854PC13W0B+k0XjTo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 16 Jun 2025 04:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:73:09:66:c2:72:8e:fe:19:81:84:6a:39:f5:b9:0f:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de42ba92f09467c1888b5e9e3448950744b07981
        Validity
            Not Before: Jun 15 10:01:25 2025 GMT
            Not After : Jun 16 10:01:25 2025 GMT
        Subject: CN=8454971676b79b1779e053cf0c90b6f021f36da0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:c4:d9:e2:3f:41:21:3f:39:51:83:e1:b1:18:
                    a2:fd:1e:be:2b:d7:a6:bc:3f:7a:6a:ad:6e:cb:5e:
                    c4:07:52:cf:e1:3d:7e:98:39:6f:ad:1a:56:34:fe:
                    28:4b:84:ac:45:e8:73:ac:4f:46:cb:4a:13:17:75:
                    73:41:17:73:5d:d9:11:d3:9d:f6:0e:5c:11:81:b6:
                    62:10:58:b4:31:6a:9f:19:b1:98:ff:60:5e:3d:b3:
                    80:31:48:b8:48:53:1a:3b:f3:22:96:62:c7:1b:21:
                    e7:67:b9:ca:08:80:13:53:fb:58:29:54:5c:51:c2:
                    3d:72:8d:f4:a7:32:d2:72:fe:de:fc:d1:cd:70:4d:
                    aa:46:d6:af:04:78:56:89:cd:84:14:13:b7:fd:5f:
                    1d:5b:29:24:c2:59:51:08:ac:d4:73:91:2d:ce:ee:
                    22:3a:4b:5d:f5:c5:2d:e0:52:2c:6f:fb:65:31:60:
                    00:67:9b:7e:f3:18:50:47:58:37:b7:b5:47:81:2e:
                    32:52:69:2e:93:d7:d7:9b:59:cc:73:20:4e:70:38:
                    6b:cc:e6:78:1f:1b:83:9a:ab:8b:c9:b1:8d:c3:cb:
                    09:6c:46:f7:9c:4c:3b:33:54:64:a9:8f:8d:75:44:
                    3d:11:b0:f7:88:64:58:3f:5c:e7:0a:6f:51:7a:fc:
                    30:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:54:97:16:76:B7:9B:17:79:E0:53:CF:0C:90:B6:F0:21:F3:6D:A0
            X509v3 Authority Key Identifier:
                keyid:DE:42:BA:92:F0:94:67:C1:88:8B:5E:9E:34:48:95:07:44:B0:79:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:e2:38:12:fa:96:51:89:a2:8a:c5:a6:13:40:d0:d2:83:52:
         bf:c1:1e:c4:ef:92:38:c6:eb:ea:f9:3d:e5:1f:10:0a:4f:1f:
         66:22:08:75:a2:14:9a:2a:e3:fb:5a:37:af:ea:d5:f3:5a:a3:
         fd:6a:32:b8:5d:73:e1:8b:16:25:09:13:ef:32:37:a2:38:ba:
         bb:2f:eb:99:a5:b4:d9:f3:fd:77:45:ad:c3:fd:08:1c:95:05:
         5a:10:ff:25:6d:b5:98:85:ab:44:12:4d:51:e7:3b:00:de:e1:
         ce:ef:40:ea:41:a1:f3:79:8e:96:47:9b:f9:e6:16:84:a0:d2:
         3b:3b:3d:b2:1e:8a:a6:1f:13:fe:67:d4:ab:82:48:8b:6b:44:
         55:7b:c7:67:98:bf:7d:e6:9b:89:85:8d:47:e1:45:4d:68:0b:
         f1:cf:ba:36:23:c4:cd:bc:a6:b7:fd:bb:6e:94:0a:65:06:f8:
         47:9e:94:15:0b:09:6b:ad:28:19:36:4f:d8:e5:06:fa:dd:a6:
         e4:fc:d1:ad:7f:81:b3:d1:5b:ce:3c:21:dd:d1:72:85:ea:7c:
         3e:bb:09:44:23:74:bf:19:84:2d:3e:2d:35:cc:32:d3:f7:38:
         0f:be:8c:08:4b:87:52:c8:6c:f7:8a:e0:dc:25:2c:55:34:78:
         de:ee:eb:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdzCWbCco7+GYGEajn1uQ9MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNDJiYTkyZjA5NDY3YzE4ODhiNWU5ZTM0NDg5NTA3NDRi
MDc5ODEwHhcNMjUwNjE1MTAwMTI1WhcNMjUwNjE2MTAwMTI1WjAzMTEwLwYDVQQD
Eyg4NDU0OTcxNjc2Yjc5YjE3NzllMDUzY2YwYzkwYjZmMDIxZjM2ZGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsTZ4j9BIT85UYPhsRii/R6+K9em
vD96aq1uy17EB1LP4T1+mDlvrRpWNP4oS4SsRehzrE9Gy0oTF3VzQRdzXdkR0532
DlwRgbZiEFi0MWqfGbGY/2BePbOAMUi4SFMaO/MilmLHGyHnZ7nKCIATU/tYKVRc
UcI9co30pzLScv7e/NHNcE2qRtavBHhWic2EFBO3/V8dWykkwllRCKzUc5Etzu4i
Oktd9cUt4FIsb/tlMWAAZ5t+8xhQR1g3t7VHgS4yUmkuk9fXm1nMcyBOcDhrzOZ4
HxuDmquLybGNw8sJbEb3nEw7M1RkqY+NdUQ9EbD3iGRYP1znCm9Revww4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIRUlxZ2t5sXeeBTzwyQtvAh822gMB8GA1UdIwQY
MBaAFN5CupLwlGfBiItenjRIlQdEsHmBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zZmY0NjMtMGUzZC00ZTc3LWJkMTMt
NWIzYjRiOTEzY2Y4LzEvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zZmY0NjMtMGUzZC00ZTc3LWJkMTMtNWIzYjRiOTEzY2Y4
LzEvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR+I4EvqW
UYmiisWmE0DQ0oNSv8EexO+SOMbr6vk95R8QCk8fZiIIdaIUmirj+1o3r+rV81qj
/WoyuF1z4YsWJQkT7zI3oji6uy/rmaW02fP9d0Wtw/0IHJUFWhD/JW21mIWrRBJN
Uec7AN7hzu9A6kGh83mOlkeb+eYWhKDSOzs9sh6Kph8T/mfUq4JIi2tEVXvHZ5i/
feabiYWNR+FFTWgL8c+6NiPEzbymt/27bpQKZQb4R56UFQsJa60oGTZP2OUG+t2m
5PzRrX+Bs9Fbzjwh3dFyhep8PrsJRCN0vxmELT4tNcwy0/c4D76MCEuHUshs94rg
3CUsVTR43u7rbg==
-----END CERTIFICATE-----