Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.mft
File:                     gU3w5sDcpazuCDqMcwTUXz0z1W0.mft (raw, json)
Hash identifier:          4wD7kEuef8J5W9ZemWI5azp6HRsqBCx7fYGQ/90B8ow=
Subject key identifier:   84:26:AF:85:36:FC:E0:38:20:1E:C5:B6:2D:83:17:A6:C6:C7:55:98
Authority key identifier: 81:4D:F0:E6:C0:DC:A5:AC:EE:08:3A:8C:73:04:D4:5F:3D:33:D5:6D
Certificate issuer:       /CN=814df0e6c0dca5acee083a8c7304d45f3d33d56d
Certificate serial:       01976D06CFEA33A7FCBA22E4300030FB2639
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gU3w5sDcpazuCDqMcwTUXz0z1W0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.mft
Manifest number:          0C6F
Signing time:             Sat 14 Jun 2025 06:00:52 +0000
Manifest this update:     Sat 14 Jun 2025 06:00:52 +0000
Manifest next update:     Sun 15 Jun 2025 06:00:52 +0000
Files and hashes:         1: gU3w5sDcpazuCDqMcwTUXz0z1W0.crl (hash: KZlWjDAFW2Gx09/0O82jRwnu20+lvV6X+Hp+BLgzQj4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gU3w5sDcpazuCDqMcwTUXz0z1W0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:06:cf:ea:33:a7:fc:ba:22:e4:30:00:30:fb:26:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=814df0e6c0dca5acee083a8c7304d45f3d33d56d
        Validity
            Not Before: Jun 14 06:00:52 2025 GMT
            Not After : Jun 15 06:00:52 2025 GMT
        Subject: CN=8426af8536fce038201ec5b62d8317a6c6c75598
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:73:fe:08:2f:71:d2:11:1a:fc:c0:66:ec:fc:
                    ed:a5:8f:21:9a:ab:b8:2c:66:90:cb:9e:32:e4:f1:
                    06:44:0c:ad:23:7f:bd:24:5e:c6:84:9a:54:c1:2b:
                    39:54:e5:e5:c0:e7:c4:82:54:4a:7d:7c:4c:a5:47:
                    d3:24:47:27:3c:86:35:2e:56:4d:12:58:d0:f2:ac:
                    49:56:4f:d4:16:cf:1c:78:6b:2d:be:78:44:7a:93:
                    c5:03:02:2f:45:af:ac:6d:fc:d9:44:ae:f2:91:5a:
                    7e:7d:4b:94:34:8c:b6:70:35:87:8e:8e:f7:61:82:
                    32:68:38:68:42:a9:ab:51:cf:34:7d:50:7b:30:e9:
                    5e:77:8a:c2:8b:41:88:26:0f:ef:0f:90:56:bb:b3:
                    04:23:81:0c:fc:2e:9a:68:92:49:50:b2:87:7e:34:
                    27:2f:6e:88:5c:dd:c2:f1:aa:b3:cf:6a:83:09:ca:
                    c5:9b:54:55:3b:c9:a7:00:4a:27:8e:30:62:fb:f6:
                    eb:76:ef:77:e9:9a:0b:ee:75:3c:ae:6b:6f:2d:a2:
                    4c:3f:1e:82:03:b8:50:e3:98:c6:b1:b3:22:d5:e2:
                    f4:4a:f5:1c:37:53:e4:dd:09:49:af:42:65:cf:05:
                    f7:b7:e2:e0:d4:17:40:a5:d3:23:50:93:77:4d:f1:
                    59:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:26:AF:85:36:FC:E0:38:20:1E:C5:B6:2D:83:17:A6:C6:C7:55:98
            X509v3 Authority Key Identifier:
                keyid:81:4D:F0:E6:C0:DC:A5:AC:EE:08:3A:8C:73:04:D4:5F:3D:33:D5:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gU3w5sDcpazuCDqMcwTUXz0z1W0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b5:95:2c:bd:6f:89:6b:9e:b2:21:f7:07:6f:9e:22:cd:a8:7d:
         30:e6:99:97:14:7f:30:8f:9f:6e:83:d0:67:50:02:fb:d9:af:
         5a:a4:33:67:43:ac:d5:ee:f4:17:b5:11:91:59:72:ba:41:33:
         46:9e:d6:cb:d0:88:f1:a0:61:0f:21:75:1e:b2:47:94:87:c3:
         2d:67:d2:21:3e:91:fc:56:65:5d:66:28:39:37:6c:b9:19:cb:
         0f:b2:d1:18:21:8e:f5:ba:b5:9b:25:e1:1a:a7:f3:e7:f3:9b:
         5b:ed:fb:12:5f:1f:56:2b:de:88:da:53:c2:41:04:6e:0a:a7:
         30:24:87:06:ee:d3:27:1a:79:64:5e:67:86:fa:00:a3:0e:cb:
         da:ce:fc:17:bb:49:3f:f6:3f:af:e0:42:38:5c:55:28:2b:f9:
         1a:9d:68:30:7e:34:5a:62:c5:3d:3f:2d:89:e7:98:8d:df:88:
         60:62:42:a6:15:3c:06:93:54:76:a2:78:00:ec:91:d6:9a:73:
         bb:33:63:29:ed:83:35:31:2d:38:b9:d8:e5:65:8d:84:25:98:
         77:1d:b8:88:88:2a:9a:1b:5b:77:d6:eb:64:7e:58:6b:99:30:
         64:08:e3:50:71:4b:12:7a:3f:d6:6c:f4:9f:3b:4c:20:00:1d:
         82:d1:1a:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtBs/qM6f8uiLkMAAw+yY5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxNGRmMGU2YzBkY2E1YWNlZTA4M2E4YzczMDRkNDVmM2Qz
M2Q1NmQwHhcNMjUwNjE0MDYwMDUyWhcNMjUwNjE1MDYwMDUyWjAzMTEwLwYDVQQD
Eyg4NDI2YWY4NTM2ZmNlMDM4MjAxZWM1YjYyZDgzMTdhNmM2Yzc1NTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6nP+CC9x0hEa/MBm7PztpY8hmqu4
LGaQy54y5PEGRAytI3+9JF7GhJpUwSs5VOXlwOfEglRKfXxMpUfTJEcnPIY1LlZN
EljQ8qxJVk/UFs8ceGstvnhEepPFAwIvRa+sbfzZRK7ykVp+fUuUNIy2cDWHjo73
YYIyaDhoQqmrUc80fVB7MOled4rCi0GIJg/vD5BWu7MEI4EM/C6aaJJJULKHfjQn
L26IXN3C8aqzz2qDCcrFm1RVO8mnAEonjjBi+/brdu936ZoL7nU8rmtvLaJMPx6C
A7hQ45jGsbMi1eL0SvUcN1Pk3QlJr0JlzwX3t+Lg1BdApdMjUJN3TfFZbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIQmr4U2/OA4IB7Fti2DF6bGx1WYMB8GA1UdIwQY
MBaAFIFN8ObA3KWs7gg6jHME1F89M9VtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1UzdzVzRGNwYXp1Q0RxTWN3VFVYejB6MVcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi81MTQwZWUtNmZlZi00NmFjLWJlMzIt
ZDBkMmYyY2E4Y2JjLzEvZ1UzdzVzRGNwYXp1Q0RxTWN3VFVYejB6MVcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi81MTQwZWUtNmZlZi00NmFjLWJlMzItZDBkMmYyY2E4Y2Jj
LzEvZ1UzdzVzRGNwYXp1Q0RxTWN3VFVYejB6MVcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtZUsvW+J
a56yIfcHb54izah9MOaZlxR/MI+fboPQZ1AC+9mvWqQzZ0Os1e70F7URkVlyukEz
Rp7Wy9CI8aBhDyF1HrJHlIfDLWfSIT6R/FZlXWYoOTdsuRnLD7LRGCGO9bq1myXh
Gqfz5/ObW+37El8fViveiNpTwkEEbgqnMCSHBu7TJxp5ZF5nhvoAow7L2s78F7tJ
P/Y/r+BCOFxVKCv5Gp1oMH40WmLFPT8tieeYjd+IYGJCphU8BpNUdqJ4AOyR1ppz
uzNjKe2DNTEtOLnY5WWNhCWYdx24iIgqmhtbd9brZH5Ya5kwZAjjUHFLEno/1mz0
nztMIAAdgtEa2g==
-----END CERTIFICATE-----