Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft
File:                     kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft (raw, json)
Hash identifier:          qW/3SRjGnmd2wXJx6X00Zm8+bMT7R4VXTHN2oreiKdk=
Subject key identifier:   A4:1E:79:74:90:55:3A:87:5C:FF:65:99:7E:3F:6C:EA:3C:23:D1:F8
Authority key identifier: 90:36:10:CF:2A:54:64:3A:0A:1B:6B:15:1F:A6:6E:32:50:04:CB:4A
Certificate issuer:       /CN=903610cf2a54643a0a1b6b151fa66e325004cb4a
Certificate serial:       019849D399B963F68CD2A5E80DE205BC4D34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kDYQzypUZDoKG2sVH6ZuMlAEy0o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft
Manifest number:          052B
Signing time:             Sun 27 Jul 2025 03:01:00 +0000
Manifest this update:     Sun 27 Jul 2025 03:01:00 +0000
Manifest next update:     Mon 28 Jul 2025 03:01:00 +0000
Files and hashes:         1: kDYQzypUZDoKG2sVH6ZuMlAEy0o.crl (hash: 8nePo8n9wMGSOGt/icKc0PlMe1ty1pqUU0VzRo9oXH0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kDYQzypUZDoKG2sVH6ZuMlAEy0o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 03:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:49:d3:99:b9:63:f6:8c:d2:a5:e8:0d:e2:05:bc:4d:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=903610cf2a54643a0a1b6b151fa66e325004cb4a
        Validity
            Not Before: Jul 27 03:01:00 2025 GMT
            Not After : Jul 28 03:01:00 2025 GMT
        Subject: CN=a41e797490553a875cff65997e3f6cea3c23d1f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:b8:a1:34:20:0d:08:9d:ef:eb:e8:17:70:27:
                    75:2e:75:b5:2d:48:72:ee:19:3e:2d:73:a5:c5:74:
                    3a:72:7e:d7:fe:1d:75:60:24:69:7f:a7:7e:89:a7:
                    0c:82:4e:86:d0:f1:e8:ef:02:7f:45:e1:52:f1:19:
                    87:ba:f4:10:34:8c:fb:b5:d7:f0:72:1a:fb:1b:f6:
                    fc:c9:8c:c5:20:38:49:a9:54:ad:7c:18:f7:14:b2:
                    bf:12:0f:17:e3:f8:57:97:95:8f:47:32:cc:93:d7:
                    15:6f:00:66:d1:3a:fc:b4:97:b5:18:c1:d4:dd:a5:
                    b1:79:3a:2b:e3:87:79:f0:1c:ea:8a:df:41:e1:40:
                    09:6e:b3:b6:1b:5c:a7:df:f9:2e:a1:07:a7:56:2e:
                    5e:13:48:70:96:b4:7a:69:6c:3b:52:38:ff:cb:8d:
                    2f:7d:40:be:35:5c:49:44:71:25:17:55:00:d9:c1:
                    e5:aa:e6:5a:b3:df:38:60:32:34:c7:37:c1:21:26:
                    fc:f1:e0:71:8a:d1:13:97:b6:2a:2e:4a:58:53:18:
                    9a:1d:20:22:09:8b:05:36:5c:67:f7:6d:98:b9:ee:
                    fd:88:63:68:4d:67:23:23:95:e0:ba:4a:6c:52:4b:
                    a2:92:dd:59:41:ca:fb:f9:3f:68:a8:ea:54:da:e5:
                    cc:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:1E:79:74:90:55:3A:87:5C:FF:65:99:7E:3F:6C:EA:3C:23:D1:F8
            X509v3 Authority Key Identifier:
                keyid:90:36:10:CF:2A:54:64:3A:0A:1B:6B:15:1F:A6:6E:32:50:04:CB:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kDYQzypUZDoKG2sVH6ZuMlAEy0o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:26:2b:3c:a0:1d:23:00:83:eb:4c:37:50:78:48:c1:b5:79:
         bf:de:1a:7c:35:2c:07:12:09:fe:f6:04:fc:24:2d:cd:69:7b:
         c6:80:31:69:df:af:00:a8:2c:5c:a3:16:97:8b:51:13:50:43:
         98:df:bc:30:38:67:c3:30:d0:e9:ac:86:d4:90:7d:41:24:72:
         b0:6c:89:d2:8f:02:8d:11:1d:05:c0:f0:9e:1c:8d:d1:84:a9:
         73:0b:24:f7:d3:c1:46:ba:22:8b:32:55:2a:20:5f:cf:3a:ec:
         58:9b:90:40:4d:d8:79:ee:c7:71:25:73:aa:d5:cd:5b:f9:19:
         ab:48:67:43:bf:de:1d:30:c4:38:f1:cf:6a:81:47:81:f6:6e:
         00:ca:c9:88:ac:eb:0a:e7:6e:b2:3a:db:54:6b:80:1f:d8:54:
         45:b0:da:42:17:b1:84:11:77:ce:e6:f0:31:55:5b:41:60:4b:
         1b:f2:bf:40:5c:a2:a2:79:70:02:db:01:fb:ea:36:15:17:cc:
         0e:b1:a7:4b:e3:46:d8:db:eb:4c:83:9d:76:72:a3:cd:35:73:
         78:9f:a7:0e:07:0a:c1:c2:bd:eb:68:fc:42:5b:a2:ce:d5:0c:
         cc:45:56:f5:ca:20:6e:7f:b9:43:79:f8:86:0f:fe:da:9a:4e:
         e7:55:2c:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhJ05m5Y/aM0qXoDeIFvE00MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwMzYxMGNmMmE1NDY0M2EwYTFiNmIxNTFmYTY2ZTMyNTAw
NGNiNGEwHhcNMjUwNzI3MDMwMTAwWhcNMjUwNzI4MDMwMTAwWjAzMTEwLwYDVQQD
EyhhNDFlNzk3NDkwNTUzYTg3NWNmZjY1OTk3ZTNmNmNlYTNjMjNkMWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrihNCANCJ3v6+gXcCd1LnW1LUhy
7hk+LXOlxXQ6cn7X/h11YCRpf6d+iacMgk6G0PHo7wJ/ReFS8RmHuvQQNIz7tdfw
chr7G/b8yYzFIDhJqVStfBj3FLK/Eg8X4/hXl5WPRzLMk9cVbwBm0Tr8tJe1GMHU
3aWxeTor44d58Bzqit9B4UAJbrO2G1yn3/kuoQenVi5eE0hwlrR6aWw7Ujj/y40v
fUC+NVxJRHElF1UA2cHlquZas984YDI0xzfBISb88eBxitETl7YqLkpYUxiaHSAi
CYsFNlxn922Yue79iGNoTWcjI5XgukpsUkuikt1ZQcr7+T9oqOpU2uXMPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKQeeXSQVTqHXP9lmX4/bOo8I9H4MB8GA1UdIwQY
MBaAFJA2EM8qVGQ6ChtrFR+mbjJQBMtKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0RZUXp5cFVaRG9LRzJzVkg2WnVNbEFFeTBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9iNGUxYmItMzQ2YS00NGIzLWEwYWYt
YmM1M2YzODhmYWZhLzEva0RZUXp5cFVaRG9LRzJzVkg2WnVNbEFFeTBvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9iNGUxYmItMzQ2YS00NGIzLWEwYWYtYmM1M2YzODhmYWZh
LzEva0RZUXp5cFVaRG9LRzJzVkg2WnVNbEFFeTBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAViYrPKAd
IwCD60w3UHhIwbV5v94afDUsBxIJ/vYE/CQtzWl7xoAxad+vAKgsXKMWl4tRE1BD
mN+8MDhnwzDQ6ayG1JB9QSRysGyJ0o8CjREdBcDwnhyN0YSpcwsk99PBRroiizJV
KiBfzzrsWJuQQE3Yee7HcSVzqtXNW/kZq0hnQ7/eHTDEOPHPaoFHgfZuAMrJiKzr
CudusjrbVGuAH9hURbDaQhexhBF3zubwMVVbQWBLG/K/QFyionlwAtsB++o2FRfM
DrGnS+NG2NvrTIOddnKjzTVzeJ+nDgcKwcK962j8QluiztUMzEVW9cogbn+5Q3n4
hg/+2ppO51Us1g==
-----END CERTIFICATE-----