Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft
File:                     lPO2Epw0Od376Q21BkyAZt6GSnI.mft (raw, json)
Hash identifier:          UD9NNjKW6SQH5KWTkyK3iTaB3LDeZ9qVHB8xUHNCKkk=
Subject key identifier:   3F:64:29:2D:20:87:97:FB:16:8C:92:55:38:02:10:C1:23:69:44:2E
Authority key identifier: 94:F3:B6:12:9C:34:39:DD:FB:E9:0D:B5:06:4C:80:66:DE:86:4A:72
Certificate issuer:       /CN=94f3b6129c3439ddfbe90db5064c8066de864a72
Certificate serial:       019771BF3CF39E1BC977AE02D00808BF9A92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lPO2Epw0Od376Q21BkyAZt6GSnI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft
Manifest number:          04A5
Signing time:             Sun 15 Jun 2025 04:00:47 +0000
Manifest this update:     Sun 15 Jun 2025 04:00:47 +0000
Manifest next update:     Mon 16 Jun 2025 04:00:47 +0000
Files and hashes:         1: lPO2Epw0Od376Q21BkyAZt6GSnI.crl (hash: xnA5nnXh7w2gtJdlzHEZ6bHGQanMADs/yHWk9469YL0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lPO2Epw0Od376Q21BkyAZt6GSnI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 16 Jun 2025 04:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:71:bf:3c:f3:9e:1b:c9:77:ae:02:d0:08:08:bf:9a:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94f3b6129c3439ddfbe90db5064c8066de864a72
        Validity
            Not Before: Jun 15 04:00:47 2025 GMT
            Not After : Jun 16 04:00:47 2025 GMT
        Subject: CN=3f64292d208797fb168c9255380210c12369442e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:e2:1e:0f:90:8c:76:1a:6a:a0:3f:12:8a:7f:
                    f4:b8:ac:1b:3f:f5:3d:bf:76:3b:3c:a3:91:a5:1d:
                    5e:6c:34:06:54:b7:1a:b2:0a:bc:fe:55:75:67:73:
                    16:7c:64:2d:a6:09:9d:a8:1c:d1:db:34:6c:54:38:
                    05:4b:63:21:ed:5f:63:a1:fa:78:a5:51:56:91:e9:
                    4e:e2:30:c6:54:8e:1e:3c:6e:77:85:28:92:63:27:
                    9c:c9:ac:ca:4a:59:3c:2c:10:61:d9:1c:01:b4:b9:
                    9e:97:82:d1:25:87:33:7b:47:f9:c2:a7:b3:03:de:
                    ca:1e:ef:44:02:74:80:4a:e5:c9:12:0f:5f:99:fe:
                    a5:c8:5e:24:a8:71:e7:bc:b2:4a:37:72:db:78:f5:
                    5c:65:7c:90:28:ea:95:9b:46:2c:3d:31:f1:c6:be:
                    ca:74:89:40:86:3a:8e:ca:1a:bc:d6:54:23:05:5c:
                    41:a7:05:6e:79:1e:e0:01:f0:9c:78:ec:91:2d:3f:
                    30:21:0b:b0:3c:97:45:8e:8b:d1:14:72:d4:9f:80:
                    58:96:51:da:e1:0e:ad:2d:b2:9c:14:c0:df:e3:84:
                    ae:fc:bd:a7:c7:55:b0:d9:07:be:73:ab:a0:14:02:
                    0c:fe:34:7c:ce:f5:26:ca:83:57:e8:e6:77:60:29:
                    ae:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:64:29:2D:20:87:97:FB:16:8C:92:55:38:02:10:C1:23:69:44:2E
            X509v3 Authority Key Identifier:
                keyid:94:F3:B6:12:9C:34:39:DD:FB:E9:0D:B5:06:4C:80:66:DE:86:4A:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lPO2Epw0Od376Q21BkyAZt6GSnI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b7:f0:b3:d2:dc:54:57:d6:fb:9b:34:c6:97:23:89:9b:1b:bd:
         b5:45:a4:be:f1:c5:3b:e7:6f:fd:bb:fc:d4:d8:ad:57:cd:90:
         7d:46:fa:2c:84:b5:da:29:79:e3:c0:bc:3f:6a:9d:ff:b2:4c:
         75:75:2f:a5:6c:f8:5e:97:82:f9:22:99:94:3d:0e:d4:aa:98:
         8a:8a:79:3a:3c:f0:3b:57:bf:2e:d1:a8:8e:63:11:e2:2b:7b:
         d2:fc:c4:3e:6e:52:0a:e8:26:9f:14:32:73:90:b1:a0:bf:3c:
         fe:cd:42:c2:3e:2e:80:be:f8:9e:cd:58:75:e0:dc:fe:7d:30:
         98:80:31:c1:c3:5d:d8:70:85:fb:bd:4e:64:1e:c1:b6:7d:83:
         03:48:3a:6e:3b:e5:4a:86:28:76:14:ae:aa:38:40:e5:c6:c8:
         8e:f2:7b:86:81:b8:05:d2:5d:57:38:ef:13:09:ad:ea:fd:76:
         05:0a:51:1b:e3:fa:57:e3:b0:30:77:37:04:ac:74:5a:e4:a7:
         d9:06:27:ff:6a:49:2d:fe:4e:ff:ff:f9:78:ee:86:37:86:49:
         4e:01:b0:57:4b:67:b0:c6:ca:1c:91:c1:85:e2:76:76:90:74:
         09:11:27:e9:ad:a2:dc:6f:24:51:ac:fd:f4:41:2d:22:71:bd:
         26:ac:ee:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdxvzzznhvJd64C0AgIv5qSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZjNiNjEyOWMzNDM5ZGRmYmU5MGRiNTA2NGM4MDY2ZGU4
NjRhNzIwHhcNMjUwNjE1MDQwMDQ3WhcNMjUwNjE2MDQwMDQ3WjAzMTEwLwYDVQQD
EygzZjY0MjkyZDIwODc5N2ZiMTY4YzkyNTUzODAyMTBjMTIzNjk0NDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAneIeD5CMdhpqoD8Sin/0uKwbP/U9
v3Y7PKORpR1ebDQGVLcasgq8/lV1Z3MWfGQtpgmdqBzR2zRsVDgFS2Mh7V9jofp4
pVFWkelO4jDGVI4ePG53hSiSYyecyazKSlk8LBBh2RwBtLmel4LRJYcze0f5wqez
A97KHu9EAnSASuXJEg9fmf6lyF4kqHHnvLJKN3LbePVcZXyQKOqVm0YsPTHxxr7K
dIlAhjqOyhq81lQjBVxBpwVueR7gAfCceOyRLT8wIQuwPJdFjovRFHLUn4BYllHa
4Q6tLbKcFMDf44Su/L2nx1Ww2Qe+c6ugFAIM/jR8zvUmyoNX6OZ3YCmufwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD9kKS0gh5f7FoySVTgCEMEjaUQuMB8GA1UdIwQY
MBaAFJTzthKcNDnd++kNtQZMgGbehkpyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFBPMkVwdzBPZDM3NlEyMUJreUFadDZHU25JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9kNDM1NzItYWQ5MS00NGFkLWFmYTEt
YjMzODJlNGFhN2MzLzEvbFBPMkVwdzBPZDM3NlEyMUJreUFadDZHU25JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9kNDM1NzItYWQ5MS00NGFkLWFmYTEtYjMzODJlNGFhN2Mz
LzEvbFBPMkVwdzBPZDM3NlEyMUJreUFadDZHU25JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAt/Cz0txU
V9b7mzTGlyOJmxu9tUWkvvHFO+dv/bv81NitV82QfUb6LIS12il548C8P2qd/7JM
dXUvpWz4XpeC+SKZlD0O1KqYiop5OjzwO1e/LtGojmMR4it70vzEPm5SCugmnxQy
c5CxoL88/s1Cwj4ugL74ns1YdeDc/n0wmIAxwcNd2HCF+71OZB7Btn2DA0g6bjvl
SoYodhSuqjhA5cbIjvJ7hoG4BdJdVzjvEwmt6v12BQpRG+P6V+OwMHc3BKx0WuSn
2QYn/2pJLf5O///5eO6GN4ZJTgGwV0tnsMbKHJHBheJ2dpB0CREn6a2i3G8kUaz9
9EEtInG9JqzuRw==
-----END CERTIFICATE-----