Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/3ff7a7-27cb-4072-b33b-0248d6afd63f/1/lKTi_J7qzc9bD1CrkyhM07CUIXE.mft
File:                     lKTi_J7qzc9bD1CrkyhM07CUIXE.mft (raw, json)
Hash identifier:          kG0WYXeHQ0Y49K5XAQzoqbTkHn4b7oD390F4ySm54E4=
Subject key identifier:   93:5E:78:5B:65:75:81:D8:0F:5A:B8:19:80:FE:7F:49:38:31:D6:52
Authority key identifier: 94:A4:E2:FC:9E:EA:CD:CF:5B:0F:50:AB:93:28:4C:D3:B0:94:21:71
Certificate issuer:       /CN=94a4e2fc9eeacdcf5b0f50ab93284cd3b0942171
Certificate serial:       0198530CD05437B80D8541BB6911F409AEBE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lKTi_J7qzc9bD1CrkyhM07CUIXE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/3ff7a7-27cb-4072-b33b-0248d6afd63f/1/lKTi_J7qzc9bD1CrkyhM07CUIXE.mft
Manifest number:          0DC5
Signing time:             Mon 28 Jul 2025 22:00:05 +0000
Manifest this update:     Mon 28 Jul 2025 22:00:05 +0000
Manifest next update:     Tue 29 Jul 2025 22:00:05 +0000
Files and hashes:         1: lKTi_J7qzc9bD1CrkyhM07CUIXE.crl (hash: gETIkvz/idBPjuPxuixQkvGAqK6PgKgy35olpIc+SpQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/3ff7a7-27cb-4072-b33b-0248d6afd63f/1/lKTi_J7qzc9bD1CrkyhM07CUIXE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/3ff7a7-27cb-4072-b33b-0248d6afd63f/1/lKTi_J7qzc9bD1CrkyhM07CUIXE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lKTi_J7qzc9bD1CrkyhM07CUIXE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Jul 2025 22:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:53:0c:d0:54:37:b8:0d:85:41:bb:69:11:f4:09:ae:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94a4e2fc9eeacdcf5b0f50ab93284cd3b0942171
        Validity
            Not Before: Jul 28 22:00:05 2025 GMT
            Not After : Jul 29 22:00:05 2025 GMT
        Subject: CN=935e785b657581d80f5ab81980fe7f493831d652
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:a3:95:75:10:5d:d1:3c:a9:ba:cd:bc:45:67:
                    6e:d6:e5:91:45:16:db:d7:b2:35:5e:04:8c:85:46:
                    d9:1e:03:74:62:83:64:44:d2:59:68:ac:6d:9a:dd:
                    4a:83:60:b0:14:4b:38:40:dc:c5:5b:5a:2f:37:9f:
                    ea:e6:b7:bc:cd:52:83:d9:f7:fe:df:64:53:9f:15:
                    50:c5:f7:3d:f6:19:9d:6c:f9:96:39:8e:b3:2f:f2:
                    14:74:b6:3e:26:3e:d2:da:86:42:9e:2b:2b:ef:8b:
                    27:d7:4c:ca:3b:9e:ed:2e:e2:d5:7b:f6:48:b3:c5:
                    92:f1:7d:63:29:f3:a1:30:f4:2a:6a:52:1d:32:d4:
                    8c:63:f9:d9:78:14:7d:42:13:5e:26:cb:f2:f3:5f:
                    3f:2a:09:42:99:c5:18:8f:60:53:ff:3c:ab:eb:e5:
                    fb:e7:38:bc:7f:84:11:b7:83:74:01:8c:f3:23:7c:
                    2e:8b:8a:a0:39:64:3b:16:e9:15:8d:1d:ca:70:6c:
                    6f:1f:27:e3:5a:fc:99:b3:3a:bf:4d:2a:12:04:b5:
                    0c:05:f7:ea:c2:21:9a:1b:57:e0:cc:b1:71:bb:76:
                    2c:b4:5f:86:35:77:31:8b:df:a3:eb:32:31:4f:28:
                    bd:fe:aa:5f:d7:89:82:76:07:8a:7c:28:b1:58:f8:
                    f5:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:5E:78:5B:65:75:81:D8:0F:5A:B8:19:80:FE:7F:49:38:31:D6:52
            X509v3 Authority Key Identifier:
                keyid:94:A4:E2:FC:9E:EA:CD:CF:5B:0F:50:AB:93:28:4C:D3:B0:94:21:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lKTi_J7qzc9bD1CrkyhM07CUIXE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3ff7a7-27cb-4072-b33b-0248d6afd63f/1/lKTi_J7qzc9bD1CrkyhM07CUIXE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3ff7a7-27cb-4072-b33b-0248d6afd63f/1/lKTi_J7qzc9bD1CrkyhM07CUIXE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:b6:ea:c7:96:c1:0e:d2:af:74:ca:63:e3:42:db:54:32:60:
         46:d2:5a:ef:0b:af:e2:c4:de:55:68:5e:a5:dd:57:db:bf:2c:
         23:bd:28:88:77:bd:93:93:3b:d7:73:79:d2:2e:7a:ce:90:61:
         d0:40:ad:b7:9b:9e:65:80:02:70:6a:54:a1:c6:b6:4e:6e:fe:
         ab:4d:b2:c7:70:7b:7e:7f:14:d5:c6:30:02:55:e4:2f:26:70:
         55:8b:71:4f:4f:8d:be:9c:18:fa:43:7e:6d:a5:bf:70:5a:33:
         8c:ef:df:1d:d3:ef:61:c0:4c:c2:9b:8a:a8:ee:c7:7c:88:e5:
         f6:9e:ea:b5:dd:e9:20:09:ae:e6:5b:5e:f0:3c:57:f0:fb:14:
         47:ce:3b:eb:07:d5:df:7a:ff:72:02:3e:de:1b:a8:76:48:16:
         3b:3a:6c:af:00:0f:41:3e:cf:d3:68:9b:77:5d:2d:15:74:46:
         54:0f:43:e2:b0:9f:fc:83:84:dc:10:09:68:8e:bf:7e:fd:02:
         74:e0:78:24:3b:d7:6d:95:d5:1c:7a:63:55:74:5a:06:bd:8d:
         3e:66:c1:80:24:e5:3d:20:d7:05:95:ff:4c:c0:ab:3a:55:68:
         10:b9:d9:41:95:83:e8:49:88:72:8d:6b:ee:8a:f0:91:5c:a6:
         db:35:c4:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhTDNBUN7gNhUG7aRH0Ca6+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0YTRlMmZjOWVlYWNkY2Y1YjBmNTBhYjkzMjg0Y2QzYjA5
NDIxNzEwHhcNMjUwNzI4MjIwMDA1WhcNMjUwNzI5MjIwMDA1WjAzMTEwLwYDVQQD
Eyg5MzVlNzg1YjY1NzU4MWQ4MGY1YWI4MTk4MGZlN2Y0OTM4MzFkNjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6OVdRBd0Typus28RWdu1uWRRRbb
17I1XgSMhUbZHgN0YoNkRNJZaKxtmt1Kg2CwFEs4QNzFW1ovN5/q5re8zVKD2ff+
32RTnxVQxfc99hmdbPmWOY6zL/IUdLY+Jj7S2oZCnisr74sn10zKO57tLuLVe/ZI
s8WS8X1jKfOhMPQqalIdMtSMY/nZeBR9QhNeJsvy818/KglCmcUYj2BT/zyr6+X7
5zi8f4QRt4N0AYzzI3wui4qgOWQ7FukVjR3KcGxvHyfjWvyZszq/TSoSBLUMBffq
wiGaG1fgzLFxu3YstF+GNXcxi9+j6zIxTyi9/qpf14mCdgeKfCixWPj1fwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJNeeFtldYHYD1q4GYD+f0k4MdZSMB8GA1UdIwQY
MBaAFJSk4vye6s3PWw9Qq5MoTNOwlCFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEtUaV9KN3F6YzliRDFDcmt5aE0wN0NVSVhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zZmY3YTctMjdjYi00MDcyLWIzM2It
MDI0OGQ2YWZkNjNmLzEvbEtUaV9KN3F6YzliRDFDcmt5aE0wN0NVSVhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zZmY3YTctMjdjYi00MDcyLWIzM2ItMDI0OGQ2YWZkNjNm
LzEvbEtUaV9KN3F6YzliRDFDcmt5aE0wN0NVSVhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR7bqx5bB
DtKvdMpj40LbVDJgRtJa7wuv4sTeVWhepd1X278sI70oiHe9k5M713N50i56zpBh
0ECtt5ueZYACcGpUoca2Tm7+q02yx3B7fn8U1cYwAlXkLyZwVYtxT0+NvpwY+kN+
baW/cFozjO/fHdPvYcBMwpuKqO7HfIjl9p7qtd3pIAmu5lte8DxX8PsUR8476wfV
33r/cgI+3huodkgWOzpsrwAPQT7P02ibd10tFXRGVA9D4rCf/IOE3BAJaI6/fv0C
dOB4JDvXbZXVHHpjVXRaBr2NPmbBgCTlPSDXBZX/TMCrOlVoELnZQZWD6EmIco1r
7orwkVym2zXEUQ==
-----END CERTIFICATE-----