Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7e7154-c3aa-45b6-8fb0-191d534c97b9/1/uI_4bEcX4ONm8pDNDWKK_Eajjw0.mft
File:                     uI_4bEcX4ONm8pDNDWKK_Eajjw0.mft (raw, json)
Hash identifier:          9RLhDjnKMeX6/Mk7ArpqsTN7F31i5fRUPzYRcDFcCtQ=
Subject key identifier:   31:3D:BB:AA:7A:B4:76:1A:82:23:8D:81:B6:12:1C:78:B7:BA:8D:EB
Authority key identifier: B8:8F:F8:6C:47:17:E0:E3:66:F2:90:CD:0D:62:8A:FC:46:A3:8F:0D
Certificate issuer:       /CN=b88ff86c4717e0e366f290cd0d628afc46a38f0d
Certificate serial:       01983DCF70C29F568FE2E767B83F7AE1B3D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uI_4bEcX4ONm8pDNDWKK_Eajjw0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f7/7e7154-c3aa-45b6-8fb0-191d534c97b9/1/uI_4bEcX4ONm8pDNDWKK_Eajjw0.mft
Manifest number:          0F61
Signing time:             Thu 24 Jul 2025 19:01:01 +0000
Manifest this update:     Thu 24 Jul 2025 19:01:01 +0000
Manifest next update:     Fri 25 Jul 2025 19:01:01 +0000
Files and hashes:         1: uI_4bEcX4ONm8pDNDWKK_Eajjw0.crl (hash: kShIKRmSlrs9GIXcxMELXeTnxXJ76xhrLEnvUvfkqco=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f7/7e7154-c3aa-45b6-8fb0-191d534c97b9/1/uI_4bEcX4ONm8pDNDWKK_Eajjw0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f7/7e7154-c3aa-45b6-8fb0-191d534c97b9/1/uI_4bEcX4ONm8pDNDWKK_Eajjw0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uI_4bEcX4ONm8pDNDWKK_Eajjw0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 25 Jul 2025 14:07:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:3d:cf:70:c2:9f:56:8f:e2:e7:67:b8:3f:7a:e1:b3:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b88ff86c4717e0e366f290cd0d628afc46a38f0d
        Validity
            Not Before: Jul 24 19:01:01 2025 GMT
            Not After : Jul 25 19:01:01 2025 GMT
        Subject: CN=313dbbaa7ab4761a82238d81b6121c78b7ba8deb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:21:49:f1:53:b5:48:72:86:79:20:e8:53:c4:
                    94:a8:d5:44:18:30:ea:03:34:86:7d:fd:8c:65:4b:
                    bb:22:b0:c1:80:6d:92:b8:1d:dd:15:1d:75:e7:d9:
                    b6:d8:43:54:c6:1f:8b:71:47:ef:ed:1a:51:58:89:
                    e1:c4:2f:7d:18:8a:a3:ad:ba:8f:06:2b:48:45:6b:
                    b7:db:bd:62:85:f7:6c:a3:74:db:f9:9e:29:2e:f3:
                    89:3d:32:99:74:5b:4d:3f:4e:a5:4a:1b:1b:23:22:
                    9c:d6:3d:56:53:21:84:83:e8:f4:c3:06:9d:dd:44:
                    25:e2:39:e7:ee:16:a0:89:ca:97:b2:63:a7:61:c0:
                    8e:40:a2:db:be:e0:b2:4f:4d:d5:77:82:11:42:be:
                    12:ec:0b:37:73:40:44:01:83:6b:5e:9d:f7:f5:39:
                    5b:02:a2:5d:20:61:ed:b7:82:e3:ca:9f:9f:ba:d8:
                    65:1c:2c:39:d3:8e:00:ac:0b:4b:d0:e2:65:ca:69:
                    c7:3b:3b:17:fe:61:49:72:1b:48:64:38:ae:65:89:
                    b9:b8:0a:7c:19:4f:96:23:b2:cb:2d:fc:e2:3d:ff:
                    2a:c0:aa:16:ed:40:cb:e3:b2:70:c5:76:e3:10:fe:
                    17:98:6f:e0:8b:ab:2c:a1:ea:6a:fe:e1:78:9d:ae:
                    2f:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:3D:BB:AA:7A:B4:76:1A:82:23:8D:81:B6:12:1C:78:B7:BA:8D:EB
            X509v3 Authority Key Identifier:
                keyid:B8:8F:F8:6C:47:17:E0:E3:66:F2:90:CD:0D:62:8A:FC:46:A3:8F:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uI_4bEcX4ONm8pDNDWKK_Eajjw0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7e7154-c3aa-45b6-8fb0-191d534c97b9/1/uI_4bEcX4ONm8pDNDWKK_Eajjw0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7e7154-c3aa-45b6-8fb0-191d534c97b9/1/uI_4bEcX4ONm8pDNDWKK_Eajjw0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:3b:ab:ae:fb:a3:90:28:52:e9:1c:d5:56:a2:cb:99:c6:9b:
         6a:c4:02:98:64:3b:fe:9f:52:19:a1:34:ca:fe:28:41:fd:63:
         8d:b7:f6:7b:2c:8f:4e:b1:69:03:0a:43:82:90:a5:33:0c:c5:
         39:cd:cf:30:79:c0:45:8c:a6:ee:18:98:66:14:b0:65:9c:66:
         af:5b:ea:71:41:c3:2b:5b:a7:ca:14:5a:fa:32:b8:85:c3:33:
         68:15:bc:15:f1:de:18:81:25:3e:3c:7a:1b:b9:0b:5a:12:c2:
         d1:25:5c:bd:22:32:81:10:4a:2f:4c:21:16:18:37:e0:e5:9a:
         eb:85:95:d4:f6:75:d1:41:cb:34:6f:6b:f8:54:c1:ef:59:6c:
         af:a0:8a:18:6d:04:2a:c9:68:1d:37:58:5a:de:e1:3a:81:78:
         78:ce:43:02:5d:e7:40:33:8d:ec:b3:cc:b0:99:96:ed:70:1b:
         3c:d8:0f:f7:a2:38:60:8c:6b:0d:61:f9:2a:85:e0:31:17:f6:
         8e:c7:d3:31:ee:a7:2c:0d:6b:74:77:ae:6d:0c:d7:96:d2:71:
         f4:8e:62:ce:98:93:e3:ea:da:33:20:51:60:f9:3f:7a:69:6d:
         af:9b:65:54:eb:20:60:b3:2b:f5:5c:22:d0:b8:99:12:a6:ea:
         01:4c:74:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZg9z3DCn1aP4udnuD964bPZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4OGZmODZjNDcxN2UwZTM2NmYyOTBjZDBkNjI4YWZjNDZh
MzhmMGQwHhcNMjUwNzI0MTkwMTAxWhcNMjUwNzI1MTkwMTAxWjAzMTEwLwYDVQQD
EygzMTNkYmJhYTdhYjQ3NjFhODIyMzhkODFiNjEyMWM3OGI3YmE4ZGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwiFJ8VO1SHKGeSDoU8SUqNVEGDDq
AzSGff2MZUu7IrDBgG2SuB3dFR1159m22ENUxh+LcUfv7RpRWInhxC99GIqjrbqP
BitIRWu3271ihfdso3Tb+Z4pLvOJPTKZdFtNP06lShsbIyKc1j1WUyGEg+j0wwad
3UQl4jnn7hagicqXsmOnYcCOQKLbvuCyT03Vd4IRQr4S7As3c0BEAYNrXp339Tlb
AqJdIGHtt4Ljyp+futhlHCw5044ArAtL0OJlymnHOzsX/mFJchtIZDiuZYm5uAp8
GU+WI7LLLfziPf8qwKoW7UDL47JwxXbjEP4XmG/gi6ssoepq/uF4na4v0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDE9u6p6tHYagiONgbYSHHi3uo3rMB8GA1UdIwQY
MBaAFLiP+GxHF+DjZvKQzQ1iivxGo48NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUlfNGJFY1g0T05tOHBETkRXS0tfRWFqancwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZTcxNTQtYzNhYS00NWI2LThmYjAt
MTkxZDUzNGM5N2I5LzEvdUlfNGJFY1g0T05tOHBETkRXS0tfRWFqancwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZTcxNTQtYzNhYS00NWI2LThmYjAtMTkxZDUzNGM5N2I5
LzEvdUlfNGJFY1g0T05tOHBETkRXS0tfRWFqancwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYDurrvuj
kChS6RzVVqLLmcabasQCmGQ7/p9SGaE0yv4oQf1jjbf2eyyPTrFpAwpDgpClMwzF
Oc3PMHnARYym7hiYZhSwZZxmr1vqcUHDK1unyhRa+jK4hcMzaBW8FfHeGIElPjx6
G7kLWhLC0SVcvSIygRBKL0whFhg34OWa64WV1PZ10UHLNG9r+FTB71lsr6CKGG0E
KsloHTdYWt7hOoF4eM5DAl3nQDON7LPMsJmW7XAbPNgP96I4YIxrDWH5KoXgMRf2
jsfTMe6nLA1rdHeubQzXltJx9I5izpiT4+raMyBRYPk/emltr5tlVOsgYLMr9Vwi
0LiZEqbqAUx0wA==
-----END CERTIFICATE-----