Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.mft
File:                     orLY2dCvlBb6vW8gNfpyiO-XyME.mft (raw, json)
Hash identifier:          ns/ksn3EkcFV35zc4FYe5FhH8TaSL3IhvBFszel+jxI=
Subject key identifier:   5D:6F:68:2D:54:36:FF:26:23:F4:37:8C:2F:BB:15:D3:10:13:DF:E5
Authority key identifier: A2:B2:D8:D9:D0:AF:94:16:FA:BD:6F:20:35:FA:72:88:EF:97:C8:C1
Certificate issuer:       /CN=a2b2d8d9d0af9416fabd6f2035fa7288ef97c8c1
Certificate serial:       019847E538AC964CCA66A6FAA60F7A0E7D26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/orLY2dCvlBb6vW8gNfpyiO-XyME.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.mft
Manifest number:          0646
Signing time:             Sat 26 Jul 2025 18:01:01 +0000
Manifest this update:     Sat 26 Jul 2025 18:01:01 +0000
Manifest next update:     Sun 27 Jul 2025 18:01:01 +0000
Files and hashes:         1: orLY2dCvlBb6vW8gNfpyiO-XyME.crl (hash: o7a6J29PLmRDjF5bTgGFr/wCj3VQ0in1oxOE+nD2cZ4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/orLY2dCvlBb6vW8gNfpyiO-XyME.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Jul 2025 11:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:47:e5:38:ac:96:4c:ca:66:a6:fa:a6:0f:7a:0e:7d:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a2b2d8d9d0af9416fabd6f2035fa7288ef97c8c1
        Validity
            Not Before: Jul 26 18:01:01 2025 GMT
            Not After : Jul 27 18:01:01 2025 GMT
        Subject: CN=5d6f682d5436ff2623f4378c2fbb15d31013dfe5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:e1:8e:5e:a7:1d:37:6b:08:1d:91:86:e5:3f:
                    25:91:eb:4f:e1:38:3f:5d:05:b0:51:3e:3f:dc:ed:
                    a9:32:42:43:dc:ce:1a:3d:3a:3d:65:95:61:1e:ea:
                    fb:1e:e7:4e:90:09:42:53:dc:ea:45:97:c3:85:fa:
                    5e:3f:6b:70:98:ab:5c:d8:4c:e7:3c:ae:60:d9:8e:
                    f5:ae:a6:7d:24:5e:46:81:79:ac:74:b0:e5:36:88:
                    61:af:6e:d1:e4:99:e6:01:79:88:e4:a7:4d:a3:8a:
                    79:17:dc:70:29:50:73:2c:3f:5f:1c:51:40:43:4c:
                    34:6f:65:64:a6:21:45:fb:54:8d:b7:eb:85:a3:57:
                    f7:8a:30:7b:2c:03:ab:aa:7e:08:08:e8:db:a1:23:
                    a8:61:ee:ca:ef:04:b2:ee:97:ba:2e:02:ca:ca:b3:
                    83:18:6d:d8:e3:e0:cf:6a:50:cb:72:b9:69:06:23:
                    fe:69:d5:0b:7f:35:3e:5e:5c:6c:06:14:76:7e:13:
                    70:40:e4:0e:45:09:32:cd:d5:2c:c9:6d:b8:31:a2:
                    a5:8d:71:5c:fc:26:8a:98:fa:41:26:38:9e:bd:74:
                    12:2d:be:54:8f:27:0a:07:6f:0f:a5:6a:0b:ef:6e:
                    34:66:cb:a6:39:ac:c3:99:a7:b0:61:8e:99:03:75:
                    8f:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:6F:68:2D:54:36:FF:26:23:F4:37:8C:2F:BB:15:D3:10:13:DF:E5
            X509v3 Authority Key Identifier:
                keyid:A2:B2:D8:D9:D0:AF:94:16:FA:BD:6F:20:35:FA:72:88:EF:97:C8:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/orLY2dCvlBb6vW8gNfpyiO-XyME.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:a6:9b:49:42:1c:f7:8c:38:54:fd:5e:19:eb:6a:c6:f0:4f:
         8c:18:6c:b8:e9:88:81:bf:99:6b:85:37:47:84:4f:94:c0:dc:
         a0:7b:c8:99:3a:ff:5b:1a:3a:02:70:ee:9c:f4:51:12:d2:7f:
         11:20:e9:ca:35:ed:3e:71:53:92:e9:0f:cd:c9:23:df:01:f7:
         23:dc:97:25:08:b5:9c:23:da:67:a0:9a:b4:06:4e:51:f0:96:
         e1:8b:39:d1:e3:05:8b:48:da:db:ed:8a:99:69:94:94:17:66:
         4a:fc:f7:3f:17:50:80:87:78:ef:91:9d:b5:a6:91:dc:4b:27:
         7c:ab:4f:39:a7:c8:c8:af:4d:06:30:2b:be:84:a3:4b:39:32:
         b8:dd:c4:e1:70:3c:43:31:a5:23:f9:d1:e3:19:35:60:df:49:
         6c:b6:67:6b:1c:41:68:93:5d:b1:2c:2a:7e:58:f6:61:f7:59:
         75:c3:5b:00:71:13:29:8c:d6:2f:64:44:ea:16:0d:7e:9e:37:
         83:79:35:24:d5:83:91:68:30:b0:c3:44:a7:03:a5:3f:2a:18:
         c0:77:f9:51:a3:f7:12:68:59:a0:7f:37:95:76:45:7e:66:10:
         5e:96:6f:e2:7f:60:32:10:a6:4d:63:2d:43:5c:8f:a0:ba:c0:
         f0:90:e4:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhH5TislkzKZqb6pg96Dn0mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyYjJkOGQ5ZDBhZjk0MTZmYWJkNmYyMDM1ZmE3Mjg4ZWY5
N2M4YzEwHhcNMjUwNzI2MTgwMTAxWhcNMjUwNzI3MTgwMTAxWjAzMTEwLwYDVQQD
Eyg1ZDZmNjgyZDU0MzZmZjI2MjNmNDM3OGMyZmJiMTVkMzEwMTNkZmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAreGOXqcdN2sIHZGG5T8lketP4Tg/
XQWwUT4/3O2pMkJD3M4aPTo9ZZVhHur7HudOkAlCU9zqRZfDhfpeP2twmKtc2Ezn
PK5g2Y71rqZ9JF5GgXmsdLDlNohhr27R5JnmAXmI5KdNo4p5F9xwKVBzLD9fHFFA
Q0w0b2VkpiFF+1SNt+uFo1f3ijB7LAOrqn4ICOjboSOoYe7K7wSy7pe6LgLKyrOD
GG3Y4+DPalDLcrlpBiP+adULfzU+XlxsBhR2fhNwQOQORQkyzdUsyW24MaKljXFc
/CaKmPpBJjievXQSLb5UjycKB28PpWoL7240ZsumOazDmaewYY6ZA3WPPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF1vaC1UNv8mI/Q3jC+7FdMQE9/lMB8GA1UdIwQY
MBaAFKKy2NnQr5QW+r1vIDX6cojvl8jBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3JMWTJkQ3ZsQmI2dlc4Z05mcHlpTy1YeU1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8zYTI4ZTMtODU0NC00OGM2LThiOGUt
YmFmN2JhMGM0MTc3LzEvb3JMWTJkQ3ZsQmI2dlc4Z05mcHlpTy1YeU1FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8zYTI4ZTMtODU0NC00OGM2LThiOGUtYmFmN2JhMGM0MTc3
LzEvb3JMWTJkQ3ZsQmI2dlc4Z05mcHlpTy1YeU1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcqabSUIc
94w4VP1eGetqxvBPjBhsuOmIgb+Za4U3R4RPlMDcoHvImTr/Wxo6AnDunPRREtJ/
ESDpyjXtPnFTkukPzckj3wH3I9yXJQi1nCPaZ6CatAZOUfCW4Ys50eMFi0ja2+2K
mWmUlBdmSvz3PxdQgId475GdtaaR3EsnfKtPOafIyK9NBjArvoSjSzkyuN3E4XA8
QzGlI/nR4xk1YN9JbLZnaxxBaJNdsSwqflj2YfdZdcNbAHETKYzWL2RE6hYNfp43
g3k1JNWDkWgwsMNEpwOlPyoYwHf5UaP3EmhZoH83lXZFfmYQXpZv4n9gMhCmTWMt
Q1yPoLrA8JDkrQ==
-----END CERTIFICATE-----