Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft
File:                     5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft (raw, json)
Hash identifier:          h5cDg97z4cOEqlu0NpfhVJFpAkbh94ZnrRhMy4mGxR4=
Subject key identifier:   60:F5:4F:33:34:72:99:91:1B:45:C9:44:FA:2B:75:DC:4F:AF:C2:98
Authority key identifier: E5:2C:B8:5C:A7:93:FA:D5:65:B4:60:8E:26:D8:2A:6A:E2:7D:C2:32
Certificate issuer:       /CN=e52cb85ca793fad565b4608e26d82a6ae27dc232
Certificate serial:       01974C9FEFD4F052277D25256D73B0F2B09A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5Sy4XKeT-tVltGCOJtgqauJ9wjI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft
Manifest number:          0C03
Signing time:             Sat 07 Jun 2025 23:00:39 +0000
Manifest this update:     Sat 07 Jun 2025 23:00:39 +0000
Manifest next update:     Sun 08 Jun 2025 23:00:39 +0000
Files and hashes:         1: 5Sy4XKeT-tVltGCOJtgqauJ9wjI.crl (hash: VxV+z5V2ZuXWbJUJsDj914jQQaddFxmUyRqZYajozts=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5Sy4XKeT-tVltGCOJtgqauJ9wjI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 23:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:9f:ef:d4:f0:52:27:7d:25:25:6d:73:b0:f2:b0:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e52cb85ca793fad565b4608e26d82a6ae27dc232
        Validity
            Not Before: Jun  7 23:00:39 2025 GMT
            Not After : Jun  8 23:00:39 2025 GMT
        Subject: CN=60f54f33347299911b45c944fa2b75dc4fafc298
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:8a:f2:85:2f:af:46:d6:27:c9:90:a3:0f:12:
                    95:ad:a5:2e:5b:14:9b:4e:b2:96:bb:b1:89:f2:42:
                    30:88:ee:ea:c1:e0:55:b7:c2:fc:dc:0f:a9:c1:b9:
                    f2:83:c0:64:01:a7:b4:23:f2:f4:e8:50:18:8e:0f:
                    4d:5b:49:3b:57:9c:6a:cd:e4:26:48:07:14:72:22:
                    41:5b:eb:69:d1:1d:a0:23:97:eb:0b:37:02:f5:93:
                    9b:a3:80:20:23:22:c6:a6:e8:69:a0:a9:73:66:ff:
                    ca:e3:da:14:b4:c5:c3:81:c3:70:4d:1b:fc:c2:58:
                    69:32:6c:30:27:42:57:34:65:27:85:cb:86:ec:2b:
                    b0:d9:3a:5a:20:92:10:7b:94:d8:f9:82:c1:3a:88:
                    3d:64:6b:31:a6:76:75:23:65:76:9f:3c:56:8b:a5:
                    96:be:38:64:2d:f1:b3:c1:54:23:53:cb:4d:fb:75:
                    df:c9:c5:f3:9a:d6:8b:aa:ec:da:d4:e9:6e:b4:d7:
                    1c:2d:9f:39:c9:f6:56:bc:19:fb:ec:23:40:97:24:
                    ce:2f:a3:ae:57:ca:1f:86:7f:fe:bb:49:d7:a4:ee:
                    67:65:70:0e:b1:df:80:d6:a1:49:22:32:8d:3b:55:
                    1a:1b:f0:fb:31:b9:3d:40:25:fb:b0:0c:d2:e6:31:
                    5b:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:F5:4F:33:34:72:99:91:1B:45:C9:44:FA:2B:75:DC:4F:AF:C2:98
            X509v3 Authority Key Identifier:
                keyid:E5:2C:B8:5C:A7:93:FA:D5:65:B4:60:8E:26:D8:2A:6A:E2:7D:C2:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Sy4XKeT-tVltGCOJtgqauJ9wjI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:78:d5:ee:33:7a:2c:9e:9f:80:89:78:c4:9c:8c:9f:ce:65:
         a2:1a:f2:b4:8e:51:12:21:e3:1d:86:34:1b:80:2a:79:2c:39:
         57:bf:94:1d:d1:78:62:5f:3a:de:32:b4:0b:cf:7a:9c:dc:f1:
         e3:9e:4d:5a:55:4b:7e:2f:d9:79:5c:d4:dd:39:8a:11:e9:d2:
         93:e0:f3:4d:be:3f:51:6c:32:77:cf:0c:2b:5d:55:dd:d3:c3:
         14:01:bf:12:07:1a:81:61:0f:0d:09:f2:ae:21:c0:0c:d6:d8:
         6f:ba:15:8e:52:a3:9f:67:16:81:b5:03:85:9f:da:e3:6b:fb:
         79:3f:b2:11:64:66:7a:99:91:53:20:cb:e9:7c:25:69:16:16:
         b5:b6:16:4d:ad:77:99:79:b4:82:8f:4a:79:8c:02:9b:24:e8:
         e5:89:fa:3a:f3:a6:3b:27:82:e2:6c:38:64:c9:55:d1:f2:29:
         d3:d2:88:b7:ed:27:88:62:9e:bf:77:09:f4:b6:a8:da:39:0d:
         e8:1c:ab:98:5f:32:10:64:39:b6:3d:82:ec:69:dd:6f:00:0b:
         01:5e:7b:b9:e3:23:e4:38:51:93:98:8a:94:ca:aa:da:b6:d1:
         43:03:26:4c:be:26:f2:c5:fd:db:f9:41:c5:26:af:6f:d7:b8:
         ac:07:05:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdMn+/U8FInfSUlbXOw8rCaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MmNiODVjYTc5M2ZhZDU2NWI0NjA4ZTI2ZDgyYTZhZTI3
ZGMyMzIwHhcNMjUwNjA3MjMwMDM5WhcNMjUwNjA4MjMwMDM5WjAzMTEwLwYDVQQD
Eyg2MGY1NGYzMzM0NzI5OTkxMWI0NWM5NDRmYTJiNzVkYzRmYWZjMjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4ryhS+vRtYnyZCjDxKVraUuWxSb
TrKWu7GJ8kIwiO7qweBVt8L83A+pwbnyg8BkAae0I/L06FAYjg9NW0k7V5xqzeQm
SAcUciJBW+tp0R2gI5frCzcC9ZObo4AgIyLGpuhpoKlzZv/K49oUtMXDgcNwTRv8
wlhpMmwwJ0JXNGUnhcuG7Cuw2TpaIJIQe5TY+YLBOog9ZGsxpnZ1I2V2nzxWi6WW
vjhkLfGzwVQjU8tN+3XfycXzmtaLquza1OlutNccLZ85yfZWvBn77CNAlyTOL6Ou
V8ofhn/+u0nXpO5nZXAOsd+A1qFJIjKNO1UaG/D7Mbk9QCX7sAzS5jFbNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGD1TzM0cpmRG0XJRPorddxPr8KYMB8GA1UdIwQY
MBaAFOUsuFynk/rVZbRgjibYKmrifcIyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVN5NFhLZVQtdFZsdEdDT0p0Z3FhdUo5d2pJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi85NWJhZDktMjBmZS00YjhkLThmMDMt
OWMyOTk5ZDA5YjhmLzEvNVN5NFhLZVQtdFZsdEdDT0p0Z3FhdUo5d2pJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi85NWJhZDktMjBmZS00YjhkLThmMDMtOWMyOTk5ZDA5Yjhm
LzEvNVN5NFhLZVQtdFZsdEdDT0p0Z3FhdUo5d2pJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW3jV7jN6
LJ6fgIl4xJyMn85lohrytI5REiHjHYY0G4AqeSw5V7+UHdF4Yl863jK0C896nNzx
455NWlVLfi/ZeVzU3TmKEenSk+DzTb4/UWwyd88MK11V3dPDFAG/EgcagWEPDQny
riHADNbYb7oVjlKjn2cWgbUDhZ/a42v7eT+yEWRmepmRUyDL6XwlaRYWtbYWTa13
mXm0go9KeYwCmyTo5Yn6OvOmOyeC4mw4ZMlV0fIp09KIt+0niGKev3cJ9Lao2jkN
6ByrmF8yEGQ5tj2C7GndbwALAV57ueMj5DhRk5iKlMqq2rbRQwMmTL4m8sX92/lB
xSavb9e4rAcF/A==
-----END CERTIFICATE-----