Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/7a011b-31a4-499f-a391-0329c78a4cfa/1/TvJo4UPX5E0UNk0dKOhtw-VQqrc.mft
File:                     TvJo4UPX5E0UNk0dKOhtw-VQqrc.mft (raw, json)
Hash identifier:          r5eSHHAVXsPTapC4v3m99ycG87PcHsNcD2rSbVVtamg=
Subject key identifier:   5F:73:E2:DC:D3:62:4C:3E:03:D7:F7:AC:BD:52:DC:7C:D5:43:0E:96
Authority key identifier: 4E:F2:68:E1:43:D7:E4:4D:14:36:4D:1D:28:E8:6D:C3:E5:50:AA:B7
Certificate issuer:       /CN=4ef268e143d7e44d14364d1d28e86dc3e550aab7
Certificate serial:       01984B5477C3E69A8FDB29954A4326BA8799
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TvJo4UPX5E0UNk0dKOhtw-VQqrc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/88/7a011b-31a4-499f-a391-0329c78a4cfa/1/TvJo4UPX5E0UNk0dKOhtw-VQqrc.mft
Manifest number:          15FE
Signing time:             Sun 27 Jul 2025 10:01:23 +0000
Manifest this update:     Sun 27 Jul 2025 10:01:23 +0000
Manifest next update:     Mon 28 Jul 2025 10:01:23 +0000
Files and hashes:         1: TvJo4UPX5E0UNk0dKOhtw-VQqrc.crl (hash: FZNRUmuRACvC8yMosz+1/u3pI/qMb4OqYYO0xZ8Ev+E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/88/7a011b-31a4-499f-a391-0329c78a4cfa/1/TvJo4UPX5E0UNk0dKOhtw-VQqrc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/88/7a011b-31a4-499f-a391-0329c78a4cfa/1/TvJo4UPX5E0UNk0dKOhtw-VQqrc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TvJo4UPX5E0UNk0dKOhtw-VQqrc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 05:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:4b:54:77:c3:e6:9a:8f:db:29:95:4a:43:26:ba:87:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ef268e143d7e44d14364d1d28e86dc3e550aab7
        Validity
            Not Before: Jul 27 10:01:23 2025 GMT
            Not After : Jul 28 10:01:23 2025 GMT
        Subject: CN=5f73e2dcd3624c3e03d7f7acbd52dc7cd5430e96
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:59:63:aa:78:85:b3:6d:d3:66:ce:eb:69:bf:
                    d7:db:de:bf:4d:c2:0c:5a:42:c2:e6:f1:65:ba:95:
                    99:d3:d8:ae:61:79:0c:40:cb:09:73:34:6b:e1:95:
                    b6:42:39:4d:ed:76:c7:a6:6a:ac:8b:d2:18:07:07:
                    2a:8c:a0:5f:31:a5:c1:09:8b:3b:8e:d1:45:be:7c:
                    4b:66:43:36:fa:15:16:ae:a3:77:2d:27:d5:0d:c4:
                    1e:f6:ac:19:a4:1c:b2:cf:d6:27:01:ab:65:e1:69:
                    48:3a:f0:f6:0a:4e:4c:64:f7:a9:0e:03:91:c8:5b:
                    fa:4a:57:dc:f5:15:e4:db:dd:a9:2a:78:bb:19:2d:
                    21:62:55:2b:fc:8d:77:3e:e6:0d:30:fb:9c:94:20:
                    24:ad:40:71:48:25:39:a3:c6:c6:f6:83:25:c3:e0:
                    09:16:e8:b0:de:a0:0d:bd:b7:35:0c:07:c5:11:b7:
                    10:d0:94:2f:58:49:24:93:23:20:45:be:c7:bd:80:
                    b3:b9:c5:d4:41:f0:c3:25:d7:06:e4:66:b1:fd:fb:
                    44:1e:06:84:a3:d5:2d:ef:70:aa:dd:48:1e:a2:f8:
                    1c:2f:2d:25:17:5e:bc:85:aa:e2:22:29:83:35:61:
                    81:3f:a5:47:05:9c:e8:cb:26:ed:b2:13:ba:94:e6:
                    64:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:73:E2:DC:D3:62:4C:3E:03:D7:F7:AC:BD:52:DC:7C:D5:43:0E:96
            X509v3 Authority Key Identifier:
                keyid:4E:F2:68:E1:43:D7:E4:4D:14:36:4D:1D:28:E8:6D:C3:E5:50:AA:B7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TvJo4UPX5E0UNk0dKOhtw-VQqrc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/7a011b-31a4-499f-a391-0329c78a4cfa/1/TvJo4UPX5E0UNk0dKOhtw-VQqrc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/88/7a011b-31a4-499f-a391-0329c78a4cfa/1/TvJo4UPX5E0UNk0dKOhtw-VQqrc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:64:a6:d5:12:72:e7:cb:2c:ee:c8:56:88:7a:19:a2:c8:9f:
         4f:a4:bd:13:b2:5d:e1:f5:f3:93:95:fd:b8:5e:1b:67:80:79:
         ed:be:54:a2:d4:d8:35:f0:1b:44:e6:ad:d8:0e:92:da:47:ec:
         47:de:1f:2f:74:5c:7c:b2:58:5f:72:19:1c:35:8f:b8:1c:cd:
         9d:b8:19:8d:77:5d:1f:cb:87:3d:ef:76:4d:05:19:74:30:5f:
         8c:5d:22:f4:d4:f6:44:dd:c2:5d:9f:8a:19:21:84:41:f8:a2:
         fa:4d:40:f6:08:bb:e4:82:5d:5c:0b:9a:24:8e:ef:5b:13:bf:
         84:39:6f:3a:5a:4a:9d:75:8f:3c:56:e0:56:a6:84:69:8d:2e:
         6b:dc:48:29:17:67:5e:42:b7:7e:a1:bc:8a:d0:64:02:60:e0:
         32:9b:6f:d2:5c:fb:a7:4b:fd:b6:b9:5a:05:24:aa:c2:75:52:
         e5:5d:04:17:ca:c4:27:92:64:ce:03:74:70:03:58:67:de:d0:
         24:76:ce:cd:db:e8:e5:a7:e7:4c:43:15:ad:57:e0:08:9c:76:
         3d:06:37:4d:39:10:85:be:23:a7:75:95:95:7b:41:9a:29:60:
         da:a1:e2:40:66:8e:b4:aa:41:11:ab:0e:e1:97:7d:72:78:fb:
         65:9a:55:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhLVHfD5pqP2ymVSkMmuoeZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZjI2OGUxNDNkN2U0NGQxNDM2NGQxZDI4ZTg2ZGMzZTU1
MGFhYjcwHhcNMjUwNzI3MTAwMTIzWhcNMjUwNzI4MTAwMTIzWjAzMTEwLwYDVQQD
Eyg1ZjczZTJkY2QzNjI0YzNlMDNkN2Y3YWNiZDUyZGM3Y2Q1NDMwZTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3lljqniFs23TZs7rab/X296/TcIM
WkLC5vFlupWZ09iuYXkMQMsJczRr4ZW2QjlN7XbHpmqsi9IYBwcqjKBfMaXBCYs7
jtFFvnxLZkM2+hUWrqN3LSfVDcQe9qwZpByyz9YnAatl4WlIOvD2Ck5MZPepDgOR
yFv6Slfc9RXk292pKni7GS0hYlUr/I13PuYNMPuclCAkrUBxSCU5o8bG9oMlw+AJ
Fuiw3qANvbc1DAfFEbcQ0JQvWEkkkyMgRb7HvYCzucXUQfDDJdcG5Gax/ftEHgaE
o9Ut73Cq3UgeovgcLy0lF168hariIimDNWGBP6VHBZzoyybtshO6lOZkawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF9z4tzTYkw+A9f3rL1S3HzVQw6WMB8GA1UdIwQY
MBaAFE7yaOFD1+RNFDZNHSjobcPlUKq3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHZKbzRVUFg1RTBVTmswZEtPaHR3LVZRcXJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC83YTAxMWItMzFhNC00OTlmLWEzOTEt
MDMyOWM3OGE0Y2ZhLzEvVHZKbzRVUFg1RTBVTmswZEtPaHR3LVZRcXJjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC83YTAxMWItMzFhNC00OTlmLWEzOTEtMDMyOWM3OGE0Y2Zh
LzEvVHZKbzRVUFg1RTBVTmswZEtPaHR3LVZRcXJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALWSm1RJy
58ss7shWiHoZosifT6S9E7Jd4fXzk5X9uF4bZ4B57b5UotTYNfAbROat2A6S2kfs
R94fL3RcfLJYX3IZHDWPuBzNnbgZjXddH8uHPe92TQUZdDBfjF0i9NT2RN3CXZ+K
GSGEQfii+k1A9gi75IJdXAuaJI7vWxO/hDlvOlpKnXWPPFbgVqaEaY0ua9xIKRdn
XkK3fqG8itBkAmDgMptv0lz7p0v9trlaBSSqwnVS5V0EF8rEJ5JkzgN0cANYZ97Q
JHbOzdvo5afnTEMVrVfgCJx2PQY3TTkQhb4jp3WVlXtBmilg2qHiQGaOtKpBEasO
4Zd9cnj7ZZpV6A==
-----END CERTIFICATE-----