Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/860beb-2edb-4ce0-a55e-8481e6c33e3c/1/aKUCPY4CESaZfXkmpHcBYIqs48c.mft
File:                     aKUCPY4CESaZfXkmpHcBYIqs48c.mft (raw, json)
Hash identifier:          1zm6b3P7IJ6effKu1RZzrydFb5gsQS/iaBE3gdCYNwM=
Subject key identifier:   10:77:1C:66:22:6C:75:4E:30:B3:68:08:37:A1:83:62:82:00:93:9B
Authority key identifier: 68:A5:02:3D:8E:02:11:26:99:7D:79:26:A4:77:01:60:8A:AC:E3:C7
Certificate issuer:       /CN=68a5023d8e021126997d7926a47701608aace3c7
Certificate serial:       019849D3627F8B9B0901AE77C25F9994B01B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aKUCPY4CESaZfXkmpHcBYIqs48c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/860beb-2edb-4ce0-a55e-8481e6c33e3c/1/aKUCPY4CESaZfXkmpHcBYIqs48c.mft
Manifest number:          0772
Signing time:             Sun 27 Jul 2025 03:00:46 +0000
Manifest this update:     Sun 27 Jul 2025 03:00:46 +0000
Manifest next update:     Mon 28 Jul 2025 03:00:46 +0000
Files and hashes:         1: aKUCPY4CESaZfXkmpHcBYIqs48c.crl (hash: TTW9mpEIN2Bga07rZxZQdsjscGvdCChPuCiNKWCaulk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/860beb-2edb-4ce0-a55e-8481e6c33e3c/1/aKUCPY4CESaZfXkmpHcBYIqs48c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/860beb-2edb-4ce0-a55e-8481e6c33e3c/1/aKUCPY4CESaZfXkmpHcBYIqs48c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aKUCPY4CESaZfXkmpHcBYIqs48c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 00:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:49:d3:62:7f:8b:9b:09:01:ae:77:c2:5f:99:94:b0:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68a5023d8e021126997d7926a47701608aace3c7
        Validity
            Not Before: Jul 27 03:00:46 2025 GMT
            Not After : Jul 28 03:00:46 2025 GMT
        Subject: CN=10771c66226c754e30b3680837a183628200939b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:43:e7:5d:d9:23:9b:d5:0e:3b:27:84:33:d4:
                    7c:32:88:f6:da:9a:47:d2:93:86:63:2d:3f:aa:b4:
                    c1:07:b3:5e:b7:54:c4:ac:28:8f:79:98:93:56:bc:
                    31:0b:20:28:b0:e5:01:53:d0:a1:3c:f3:c0:06:cf:
                    77:ba:2b:a1:4e:ea:fd:c4:ca:04:63:0d:5b:17:91:
                    a3:16:5c:24:7d:70:3c:07:2a:80:2a:35:44:21:c1:
                    c7:13:e3:d4:5d:6b:12:d0:c0:02:f8:13:81:d9:5d:
                    50:69:5d:22:72:ad:9f:67:e3:9c:02:12:f2:14:c1:
                    b3:5c:00:df:2f:2f:4c:40:02:6c:95:87:24:57:cd:
                    11:f9:35:37:6a:0b:48:07:9d:44:44:da:fa:86:ed:
                    db:e3:d2:0f:87:97:72:23:0c:f3:02:8d:0f:88:3e:
                    86:c7:cb:ac:0c:38:b0:a8:fe:d2:ba:18:25:4d:db:
                    3b:23:b6:e0:32:c6:2a:76:a1:56:de:89:4f:7f:b2:
                    1a:0c:ef:ee:a8:d7:68:a0:01:88:57:9c:ca:ad:10:
                    c5:6e:bc:c9:bf:3a:3a:84:a7:ef:f3:3b:2f:10:79:
                    38:7e:ba:92:97:5d:13:15:b3:58:a0:71:92:de:22:
                    7a:61:97:52:68:55:30:f0:e6:41:b7:03:d3:a7:be:
                    74:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:77:1C:66:22:6C:75:4E:30:B3:68:08:37:A1:83:62:82:00:93:9B
            X509v3 Authority Key Identifier:
                keyid:68:A5:02:3D:8E:02:11:26:99:7D:79:26:A4:77:01:60:8A:AC:E3:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aKUCPY4CESaZfXkmpHcBYIqs48c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/860beb-2edb-4ce0-a55e-8481e6c33e3c/1/aKUCPY4CESaZfXkmpHcBYIqs48c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/860beb-2edb-4ce0-a55e-8481e6c33e3c/1/aKUCPY4CESaZfXkmpHcBYIqs48c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:b9:41:a6:7d:9a:75:c9:9e:b0:ab:df:f7:6e:21:c1:e7:66:
         b9:e9:17:92:3a:6e:e5:f8:d2:4d:9d:27:e7:c0:57:24:08:6c:
         8e:7a:21:ac:8f:82:0b:1d:44:eb:c9:a4:8a:f4:4e:2d:5c:98:
         05:4c:a5:84:bd:df:06:6e:c6:a6:cb:f2:6e:9a:19:50:d7:13:
         0b:77:bf:59:eb:bc:66:2e:7c:c3:56:d5:68:82:9f:9e:ad:8d:
         f1:02:5f:9f:77:d2:80:1b:94:6e:ef:eb:bf:37:46:77:72:03:
         9c:48:59:5f:08:fc:4c:b0:31:da:2c:8c:0d:99:49:88:fc:80:
         23:b3:4b:b2:56:79:94:9b:cd:63:44:b6:57:ca:33:e6:41:fc:
         0f:97:ac:f5:7f:97:5f:0e:6c:a2:3f:87:3e:5b:98:f6:d1:b6:
         1c:87:40:4e:de:7e:52:22:ef:f5:3f:63:e2:84:39:48:64:a5:
         bd:c2:9d:d2:17:ee:14:52:87:a2:40:95:5a:6a:c1:a7:5c:7c:
         c0:3a:8d:44:d1:22:3a:6d:98:af:2c:31:6d:0d:d9:b1:07:8a:
         dd:d5:f6:80:ce:4b:c2:01:fd:64:53:f0:71:1c:1c:d4:00:cc:
         40:cb:f8:a9:d1:68:ad:e0:d3:82:8c:e8:5c:84:d1:ab:21:51:
         7d:d7:8b:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhJ02J/i5sJAa53wl+ZlLAbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YTUwMjNkOGUwMjExMjY5OTdkNzkyNmE0NzcwMTYwOGFh
Y2UzYzcwHhcNMjUwNzI3MDMwMDQ2WhcNMjUwNzI4MDMwMDQ2WjAzMTEwLwYDVQQD
EygxMDc3MWM2NjIyNmM3NTRlMzBiMzY4MDgzN2ExODM2MjgyMDA5MzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUPnXdkjm9UOOyeEM9R8Moj22ppH
0pOGYy0/qrTBB7Net1TErCiPeZiTVrwxCyAosOUBU9ChPPPABs93uiuhTur9xMoE
Yw1bF5GjFlwkfXA8ByqAKjVEIcHHE+PUXWsS0MAC+BOB2V1QaV0icq2fZ+OcAhLy
FMGzXADfLy9MQAJslYckV80R+TU3agtIB51ERNr6hu3b49IPh5dyIwzzAo0PiD6G
x8usDDiwqP7SuhglTds7I7bgMsYqdqFW3olPf7IaDO/uqNdooAGIV5zKrRDFbrzJ
vzo6hKfv8zsvEHk4frqSl10TFbNYoHGS3iJ6YZdSaFUw8OZBtwPTp750CwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBB3HGYibHVOMLNoCDehg2KCAJObMB8GA1UdIwQY
MBaAFGilAj2OAhEmmX15JqR3AWCKrOPHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUtVQ1BZNENFU2FaZlhrbXBIY0JZSXFzNDhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC84NjBiZWItMmVkYi00Y2UwLWE1NWUt
ODQ4MWU2YzMzZTNjLzEvYUtVQ1BZNENFU2FaZlhrbXBIY0JZSXFzNDhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC84NjBiZWItMmVkYi00Y2UwLWE1NWUtODQ4MWU2YzMzZTNj
LzEvYUtVQ1BZNENFU2FaZlhrbXBIY0JZSXFzNDhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeLlBpn2a
dcmesKvf924hwedmuekXkjpu5fjSTZ0n58BXJAhsjnohrI+CCx1E68mkivROLVyY
BUylhL3fBm7GpsvybpoZUNcTC3e/Weu8Zi58w1bVaIKfnq2N8QJfn3fSgBuUbu/r
vzdGd3IDnEhZXwj8TLAx2iyMDZlJiPyAI7NLslZ5lJvNY0S2V8oz5kH8D5es9X+X
Xw5soj+HPluY9tG2HIdATt5+UiLv9T9j4oQ5SGSlvcKd0hfuFFKHokCVWmrBp1x8
wDqNRNEiOm2YrywxbQ3ZsQeK3dX2gM5LwgH9ZFPwcRwc1ADMQMv4qdForeDTgozo
XITRqyFRfdeLLA==
-----END CERTIFICATE-----