Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft
File:                     lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft (raw, json)
Hash identifier:          Cd0jPORgyTbbRv11bCHJRDKkCF2i5Kj9rusUsVDxcg4=
Subject key identifier:   BA:73:3B:B2:FE:04:85:0A:B9:F8:83:FF:FB:55:1B:D0:BA:2A:D6:71
Authority key identifier: 94:75:ED:DC:A9:5B:73:66:53:A4:C9:F9:D9:15:40:D2:D3:EF:B5:3D
Certificate issuer:       /CN=9475eddca95b736653a4c9f9d91540d2d3efb53d
Certificate serial:       01984966245E1854AED3E6B99861B73626FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lHXt3Klbc2ZTpMn52RVA0tPvtT0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft
Manifest number:          023E
Signing time:             Sun 27 Jul 2025 01:01:27 +0000
Manifest this update:     Sun 27 Jul 2025 01:01:27 +0000
Manifest next update:     Mon 28 Jul 2025 01:01:27 +0000
Files and hashes:         1: lHXt3Klbc2ZTpMn52RVA0tPvtT0.crl (hash: BJQGmQ6fBG753Y4TMozl0gWxOEyXbGTcZj8um1l6ZRc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lHXt3Klbc2ZTpMn52RVA0tPvtT0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Jul 2025 20:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:49:66:24:5e:18:54:ae:d3:e6:b9:98:61:b7:36:26:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9475eddca95b736653a4c9f9d91540d2d3efb53d
        Validity
            Not Before: Jul 27 01:01:27 2025 GMT
            Not After : Jul 28 01:01:27 2025 GMT
        Subject: CN=ba733bb2fe04850ab9f883fffb551bd0ba2ad671
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:5c:3e:2b:8c:33:1e:3a:70:51:68:b2:e7:bc:
                    90:4b:c3:9e:2c:41:eb:e5:a4:81:b3:75:4a:b0:ee:
                    94:9c:2d:f2:57:c1:ab:89:69:9b:5f:05:08:a2:76:
                    0e:83:07:3d:fa:61:4a:33:38:9c:d1:b3:c8:7e:9f:
                    57:2e:c3:ad:3b:6a:42:0d:26:cc:8b:ea:f6:78:5e:
                    a8:1a:f6:ef:45:91:72:bd:50:df:b0:c5:2d:12:5e:
                    c4:7c:02:fa:6f:b0:dc:d7:9d:c3:83:48:f0:28:33:
                    6f:b0:a3:ce:f1:84:d1:d5:c6:0f:d4:10:5a:35:c7:
                    2a:54:e0:e8:32:85:dc:93:28:1c:7b:38:dc:0b:36:
                    30:e2:b1:05:9b:b5:8b:3f:18:c9:80:14:93:38:f9:
                    a8:e4:90:4b:74:66:a6:ca:0f:3b:0e:24:b4:1d:07:
                    5c:51:97:a5:3f:7f:a0:4c:f7:4d:50:48:d7:73:9b:
                    9c:55:bf:91:bd:33:6c:05:c4:d2:fe:78:4b:d1:b4:
                    ef:24:55:56:6d:51:41:f1:d4:cd:78:c7:ed:76:d6:
                    ec:c6:e7:b4:cf:fe:c5:65:73:58:4a:af:99:14:a6:
                    61:4c:3b:a4:95:9b:43:59:e5:5b:fb:6c:cc:b3:61:
                    ea:5a:b9:54:1d:db:2c:cd:16:2a:80:17:90:de:ce:
                    37:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:73:3B:B2:FE:04:85:0A:B9:F8:83:FF:FB:55:1B:D0:BA:2A:D6:71
            X509v3 Authority Key Identifier:
                keyid:94:75:ED:DC:A9:5B:73:66:53:A4:C9:F9:D9:15:40:D2:D3:EF:B5:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lHXt3Klbc2ZTpMn52RVA0tPvtT0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:40:29:63:01:8c:8f:2d:e0:1c:af:2a:d5:6d:3e:73:59:76:
         ce:99:6b:26:89:44:3e:60:5d:b2:85:49:b5:65:f3:df:3f:9a:
         cd:78:a8:65:cc:13:91:60:0b:42:3b:da:62:c7:3c:ab:1f:ca:
         55:e6:34:f9:a7:e9:ba:6f:75:62:53:cd:24:e5:27:7d:6e:43:
         69:01:13:56:96:39:17:35:bb:ce:8d:eb:c6:27:e3:59:30:ed:
         d7:93:b8:7b:1c:45:6a:08:4a:97:c2:95:6f:f0:c3:0d:0d:66:
         f6:b4:66:bc:4f:f6:ed:45:9b:cc:3f:e1:49:a5:eb:80:c6:9b:
         b4:96:fc:90:a7:51:44:61:e0:13:ea:a5:a1:ba:24:48:90:08:
         92:b6:9b:d8:b3:a6:03:a9:39:be:7e:a9:b0:39:b9:42:ae:06:
         7f:63:61:28:e7:17:77:26:34:35:7f:49:8a:eb:b8:ef:e0:7d:
         db:e3:63:95:3f:ef:03:33:54:f2:52:b6:59:87:f0:7f:de:57:
         65:dd:f4:09:0a:18:a8:32:d7:d6:1d:45:7e:b1:e1:08:34:45:
         db:2d:88:e5:9d:91:65:8a:c7:8c:ec:0d:79:8e:78:45:5b:ea:
         a0:df:e0:50:61:1c:ef:a4:2f:11:7b:60:e2:fb:29:49:61:67:
         8c:76:1c:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhJZiReGFSu0+a5mGG3Nib8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NzVlZGRjYTk1YjczNjY1M2E0YzlmOWQ5MTU0MGQyZDNl
ZmI1M2QwHhcNMjUwNzI3MDEwMTI3WhcNMjUwNzI4MDEwMTI3WjAzMTEwLwYDVQQD
EyhiYTczM2JiMmZlMDQ4NTBhYjlmODgzZmZmYjU1MWJkMGJhMmFkNjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1w+K4wzHjpwUWiy57yQS8OeLEHr
5aSBs3VKsO6UnC3yV8GriWmbXwUIonYOgwc9+mFKMzic0bPIfp9XLsOtO2pCDSbM
i+r2eF6oGvbvRZFyvVDfsMUtEl7EfAL6b7Dc153Dg0jwKDNvsKPO8YTR1cYP1BBa
NccqVODoMoXckygcezjcCzYw4rEFm7WLPxjJgBSTOPmo5JBLdGamyg87DiS0HQdc
UZelP3+gTPdNUEjXc5ucVb+RvTNsBcTS/nhL0bTvJFVWbVFB8dTNeMftdtbsxue0
z/7FZXNYSq+ZFKZhTDuklZtDWeVb+2zMs2HqWrlUHdsszRYqgBeQ3s43ywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLpzO7L+BIUKufiD//tVG9C6KtZxMB8GA1UdIwQY
MBaAFJR17dypW3NmU6TJ+dkVQNLT77U9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEhYdDNLbGJjMlpUcE1uNTJSVkEwdFB2dFQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yM2NhMjEtYmNlYi00MzNlLWI3ZDkt
N2IwMDM5ODRiODYzLzEvbEhYdDNLbGJjMlpUcE1uNTJSVkEwdFB2dFQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8yM2NhMjEtYmNlYi00MzNlLWI3ZDktN2IwMDM5ODRiODYz
LzEvbEhYdDNLbGJjMlpUcE1uNTJSVkEwdFB2dFQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWUApYwGM
jy3gHK8q1W0+c1l2zplrJolEPmBdsoVJtWXz3z+azXioZcwTkWALQjvaYsc8qx/K
VeY0+afpum91YlPNJOUnfW5DaQETVpY5FzW7zo3rxifjWTDt15O4exxFaghKl8KV
b/DDDQ1m9rRmvE/27UWbzD/hSaXrgMabtJb8kKdRRGHgE+qlobokSJAIkrab2LOm
A6k5vn6psDm5Qq4Gf2NhKOcXdyY0NX9Jiuu47+B92+NjlT/vAzNU8lK2WYfwf95X
Zd30CQoYqDLX1h1FfrHhCDRF2y2I5Z2RZYrHjOwNeY54RVvqoN/gUGEc76QvEXtg
4vspSWFnjHYc9Q==
-----END CERTIFICATE-----