Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
File:                     3kK6kvCUZ8GIi16eNEiVB0SweYE.mft (raw, json)
Hash identifier:          Ayv+I/9kn8AQY8pi7XJsn/+PAjrTDOdeGo9eRaMABas=
Subject key identifier:   7D:59:82:90:B7:2B:ED:53:8F:26:DE:F7:52:AB:F0:6D:2D:52:0C:71
Authority key identifier: DE:42:BA:92:F0:94:67:C1:88:8B:5E:9E:34:48:95:07:44:B0:79:81
Certificate issuer:       /CN=de42ba92f09467c1888b5e9e3448950744b07981
Certificate serial:       0196760C34B541FD8B730DEB85B44E0C5589
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
Manifest number:          0F7E
Signing time:             Sun 27 Apr 2025 07:00:33 +0000
Manifest this update:     Sun 27 Apr 2025 07:00:33 +0000
Manifest next update:     Mon 28 Apr 2025 07:00:33 +0000
Files and hashes:         1: 3kK6kvCUZ8GIi16eNEiVB0SweYE.crl (hash: X/cQsuNRAY9/2ppX4OzLqZc/B3so+d5+2nsw5Gr0kuo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 05:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:0c:34:b5:41:fd:8b:73:0d:eb:85:b4:4e:0c:55:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de42ba92f09467c1888b5e9e3448950744b07981
        Validity
            Not Before: Apr 27 07:00:33 2025 GMT
            Not After : Apr 28 07:00:33 2025 GMT
        Subject: CN=7d598290b72bed538f26def752abf06d2d520c71
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:46:db:d2:5a:fc:09:73:2c:9f:5f:b9:cd:8e:
                    91:b5:4c:7b:35:ec:7e:cd:3c:d5:77:83:c2:7c:16:
                    9c:62:c5:ec:e3:f1:89:1a:e2:6f:7a:b8:9c:68:7d:
                    ee:f0:73:34:11:4a:4f:1b:aa:42:2a:61:93:ea:95:
                    3d:79:cc:67:20:71:d2:a8:8f:d3:33:db:da:9a:29:
                    42:e6:45:49:f3:df:35:35:c0:2e:88:23:51:0d:2f:
                    9b:89:01:1d:aa:a0:0b:76:41:31:e2:92:b3:15:93:
                    0c:a5:ff:c7:ca:32:50:89:44:9d:8a:ad:0d:55:9d:
                    24:85:47:45:d1:54:85:d9:8a:08:7e:ad:09:ca:e5:
                    7b:bf:8b:6c:eb:88:ab:d5:63:5d:a0:da:0e:1c:7d:
                    d4:08:c5:cc:78:c3:05:c4:3a:82:9d:a2:32:37:c7:
                    cb:83:65:80:7a:5d:e7:1b:8b:d9:44:a2:fe:06:a4:
                    cc:ac:7d:3a:4c:67:84:60:bb:03:63:66:75:30:44:
                    51:1e:1c:5c:69:7e:4f:2b:03:23:e8:26:ed:1e:ac:
                    fe:ff:bb:d5:09:95:fe:36:4d:2b:e3:49:9e:06:8d:
                    f3:36:de:61:87:02:02:71:19:f2:52:7a:7b:02:6a:
                    fb:c6:eb:46:e1:de:8a:f8:c4:52:32:80:99:60:f6:
                    27:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:59:82:90:B7:2B:ED:53:8F:26:DE:F7:52:AB:F0:6D:2D:52:0C:71
            X509v3 Authority Key Identifier:
                keyid:DE:42:BA:92:F0:94:67:C1:88:8B:5E:9E:34:48:95:07:44:B0:79:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:2c:47:39:80:c5:b9:52:a7:82:e2:2c:4c:48:b9:21:3f:d5:
         de:67:8b:de:75:26:c4:a5:eb:c2:ba:71:1f:fc:a6:45:0d:98:
         10:80:75:37:70:7e:87:dc:03:4b:95:04:92:1a:df:2a:39:ea:
         55:9b:a5:cf:89:75:e2:32:86:2b:9b:b6:63:0f:63:1e:39:90:
         b7:99:4f:89:b9:27:37:75:3e:e6:9b:3b:7d:5f:d1:b9:eb:8c:
         57:a8:3a:36:fa:a4:78:fc:96:48:dc:35:a7:3b:f4:ed:77:57:
         7a:d9:21:53:4a:c9:aa:2e:d8:e4:1b:ca:d3:3b:84:c2:3d:e4:
         ed:36:98:1f:16:1b:5d:fd:42:c5:14:d4:37:0f:ab:76:66:7f:
         50:c3:7d:24:e9:75:bd:89:ab:b0:77:8c:6c:be:21:2f:ad:06:
         ef:72:1f:0f:22:5e:79:d4:c7:71:42:9d:8a:4c:f0:2c:bc:2a:
         52:40:7d:1f:16:3f:d3:b9:d5:6a:58:39:02:55:c4:88:2a:b2:
         6b:77:d3:3b:e0:d9:f6:4b:9f:ea:bf:73:69:d2:43:13:f8:57:
         2a:e5:08:77:21:97:32:7a:b4:2c:6c:ab:0c:a6:17:24:ce:69:
         05:ea:46:8a:b7:f8:a3:8d:b1:1a:89:c8:5d:d3:90:b6:74:36:
         02:e1:a8:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2DDS1Qf2Lcw3rhbRODFWJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNDJiYTkyZjA5NDY3YzE4ODhiNWU5ZTM0NDg5NTA3NDRi
MDc5ODEwHhcNMjUwNDI3MDcwMDMzWhcNMjUwNDI4MDcwMDMzWjAzMTEwLwYDVQQD
Eyg3ZDU5ODI5MGI3MmJlZDUzOGYyNmRlZjc1MmFiZjA2ZDJkNTIwYzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxkbb0lr8CXMsn1+5zY6RtUx7Nex+
zTzVd4PCfBacYsXs4/GJGuJvericaH3u8HM0EUpPG6pCKmGT6pU9ecxnIHHSqI/T
M9vamilC5kVJ8981NcAuiCNRDS+biQEdqqALdkEx4pKzFZMMpf/HyjJQiUSdiq0N
VZ0khUdF0VSF2YoIfq0JyuV7v4ts64ir1WNdoNoOHH3UCMXMeMMFxDqCnaIyN8fL
g2WAel3nG4vZRKL+BqTMrH06TGeEYLsDY2Z1MERRHhxcaX5PKwMj6CbtHqz+/7vV
CZX+Nk0r40meBo3zNt5hhwICcRnyUnp7Amr7xutG4d6K+MRSMoCZYPYn2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH1ZgpC3K+1Tjybe91Kr8G0tUgxxMB8GA1UdIwQY
MBaAFN5CupLwlGfBiItenjRIlQdEsHmBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zZmY0NjMtMGUzZC00ZTc3LWJkMTMt
NWIzYjRiOTEzY2Y4LzEvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zZmY0NjMtMGUzZC00ZTc3LWJkMTMtNWIzYjRiOTEzY2Y4
LzEvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASyxHOYDF
uVKnguIsTEi5IT/V3meL3nUmxKXrwrpxH/ymRQ2YEIB1N3B+h9wDS5UEkhrfKjnq
VZulz4l14jKGK5u2Yw9jHjmQt5lPibknN3U+5ps7fV/RueuMV6g6NvqkePyWSNw1
pzv07XdXetkhU0rJqi7Y5BvK0zuEwj3k7TaYHxYbXf1CxRTUNw+rdmZ/UMN9JOl1
vYmrsHeMbL4hL60G73IfDyJeedTHcUKdikzwLLwqUkB9HxY/07nValg5AlXEiCqy
a3fTO+DZ9kuf6r9zadJDE/hXKuUIdyGXMnq0LGyrDKYXJM5pBepGirf4o42xGonI
XdOQtnQ2AuGoOA==
-----END CERTIFICATE-----