Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.mft
File:                     ckWEKSHz0CDU2AReUrsQ_PV-r28.mft (raw, json)
Hash identifier:          6M1VL6UOHgb/nZBz6cvP1c9F/1oKQijVCLxqG+3GGN4=
Subject key identifier:   77:79:91:83:58:7B:30:7F:B9:0D:09:B4:69:12:63:88:4C:E4:9B:61
Authority key identifier: 72:45:84:29:21:F3:D0:20:D4:D8:04:5E:52:BB:10:FC:F5:7E:AF:6F
Certificate issuer:       /CN=7245842921f3d020d4d8045e52bb10fcf57eaf6f
Certificate serial:       019748FA157A8992F81FA90CAAA9C719A801
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ckWEKSHz0CDU2AReUrsQ_PV-r28.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.mft
Manifest number:          0EF8
Signing time:             Sat 07 Jun 2025 06:00:38 +0000
Manifest this update:     Sat 07 Jun 2025 06:00:38 +0000
Manifest next update:     Sun 08 Jun 2025 06:00:38 +0000
Files and hashes:         1: ckWEKSHz0CDU2AReUrsQ_PV-r28.crl (hash: TRpmoZo2ZbLEebVNXrswl123EljzPEaN+YcXuVWXX34=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ckWEKSHz0CDU2AReUrsQ_PV-r28.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 06:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:fa:15:7a:89:92:f8:1f:a9:0c:aa:a9:c7:19:a8:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7245842921f3d020d4d8045e52bb10fcf57eaf6f
        Validity
            Not Before: Jun  7 06:00:38 2025 GMT
            Not After : Jun  8 06:00:38 2025 GMT
        Subject: CN=77799183587b307fb90d09b4691263884ce49b61
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:c9:56:b9:6a:3d:e7:01:f1:85:d8:37:2d:95:
                    c9:6b:38:41:75:16:b4:87:52:c7:f1:64:7b:05:b5:
                    a2:d1:4e:63:23:a4:69:34:5e:9e:9c:7c:23:f7:09:
                    fd:cd:c4:48:95:4b:ce:53:fc:0a:67:c2:65:10:95:
                    24:ef:8f:cd:2b:de:8c:ed:7f:6d:33:ff:c2:46:76:
                    d9:d5:f8:97:96:ae:68:ea:e0:04:ad:19:31:a5:82:
                    2b:04:8c:8b:68:40:49:f5:76:60:90:ea:3c:57:bc:
                    12:28:d1:9f:21:9b:c0:42:19:19:07:55:a1:d7:a3:
                    3b:45:04:d1:69:32:50:94:18:32:c4:10:f7:2a:07:
                    0e:4d:02:9b:79:6b:3d:18:a2:9a:29:8f:aa:c1:9f:
                    1e:ad:d3:31:d2:7a:d5:26:b2:27:d5:09:fe:7b:ca:
                    02:92:24:9b:a1:6a:c8:44:25:5c:19:c7:8f:13:87:
                    0a:45:1f:48:50:77:80:47:0e:aa:b9:74:cc:2d:40:
                    9d:d4:2d:7c:45:13:eb:e2:a5:83:6f:2b:2a:ea:7e:
                    32:0a:85:1f:71:a4:12:b4:40:06:28:6d:85:86:09:
                    92:fc:db:58:70:b2:fa:e9:5c:75:d0:dd:fd:d4:6b:
                    d3:e6:4d:c3:e1:d5:b2:f2:80:a4:6f:97:92:67:06:
                    16:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:79:91:83:58:7B:30:7F:B9:0D:09:B4:69:12:63:88:4C:E4:9B:61
            X509v3 Authority Key Identifier:
                keyid:72:45:84:29:21:F3:D0:20:D4:D8:04:5E:52:BB:10:FC:F5:7E:AF:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ckWEKSHz0CDU2AReUrsQ_PV-r28.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:e8:ae:13:50:27:e1:3e:0e:a5:4d:65:51:6a:f5:36:74:c9:
         19:91:74:b6:ce:a3:cd:89:70:90:e9:64:3c:8f:c4:86:03:6f:
         79:b1:82:aa:b4:56:b1:fa:26:c5:21:22:b2:2a:ae:b2:b4:c3:
         18:19:58:8d:42:a1:5a:78:ea:e7:cc:60:de:c5:4f:a1:a2:5c:
         66:bc:4d:5f:33:74:49:cc:1a:61:2a:6b:fd:99:91:59:4d:be:
         84:77:bd:b5:08:a6:6e:61:51:cf:db:6f:a5:4b:76:57:fa:42:
         27:84:fd:ef:d3:4d:54:21:86:37:db:48:b5:9f:41:66:61:92:
         48:ab:e0:e4:43:60:2d:48:cb:d3:86:62:4a:b7:0f:ba:a7:a3:
         e9:bd:9d:46:c8:fa:ee:25:e6:e1:04:ff:f9:49:cf:6c:7c:25:
         3d:94:fc:5b:5d:d6:f4:04:16:96:23:c9:26:69:7b:33:09:83:
         57:c0:63:76:8d:dc:eb:fa:cd:30:5d:7a:2d:7e:7f:5c:61:28:
         5e:23:4c:a3:1c:48:ca:5f:90:52:4a:a1:4b:1c:c3:fd:f3:4b:
         2e:d6:2c:04:19:69:3c:01:bf:89:a3:47:cc:b6:75:5f:8f:f7:
         17:f7:7c:cc:bc:d1:86:5d:2c:b7:46:19:6f:25:7f:1f:4a:57:
         d8:ac:1e:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdI+hV6iZL4H6kMqqnHGagBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNDU4NDI5MjFmM2QwMjBkNGQ4MDQ1ZTUyYmIxMGZjZjU3
ZWFmNmYwHhcNMjUwNjA3MDYwMDM4WhcNMjUwNjA4MDYwMDM4WjAzMTEwLwYDVQQD
Eyg3Nzc5OTE4MzU4N2IzMDdmYjkwZDA5YjQ2OTEyNjM4ODRjZTQ5YjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA28lWuWo95wHxhdg3LZXJazhBdRa0
h1LH8WR7BbWi0U5jI6RpNF6enHwj9wn9zcRIlUvOU/wKZ8JlEJUk74/NK96M7X9t
M//CRnbZ1fiXlq5o6uAErRkxpYIrBIyLaEBJ9XZgkOo8V7wSKNGfIZvAQhkZB1Wh
16M7RQTRaTJQlBgyxBD3KgcOTQKbeWs9GKKaKY+qwZ8erdMx0nrVJrIn1Qn+e8oC
kiSboWrIRCVcGcePE4cKRR9IUHeARw6quXTMLUCd1C18RRPr4qWDbysq6n4yCoUf
caQStEAGKG2FhgmS/NtYcLL66Vx10N391GvT5k3D4dWy8oCkb5eSZwYWuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHd5kYNYezB/uQ0JtGkSY4hM5JthMB8GA1UdIwQY
MBaAFHJFhCkh89Ag1NgEXlK7EPz1fq9vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2tXRUtTSHowQ0RVMkFSZVVyc1FfUFYtcjI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS83MWY0MjItZTA5Mi00MTg5LThkM2Mt
OGUyNThlZmVkZmZhLzEvY2tXRUtTSHowQ0RVMkFSZVVyc1FfUFYtcjI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS83MWY0MjItZTA5Mi00MTg5LThkM2MtOGUyNThlZmVkZmZh
LzEvY2tXRUtTSHowQ0RVMkFSZVVyc1FfUFYtcjI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARuiuE1An
4T4OpU1lUWr1NnTJGZF0ts6jzYlwkOlkPI/EhgNvebGCqrRWsfomxSEisiqusrTD
GBlYjUKhWnjq58xg3sVPoaJcZrxNXzN0ScwaYSpr/ZmRWU2+hHe9tQimbmFRz9tv
pUt2V/pCJ4T979NNVCGGN9tItZ9BZmGSSKvg5ENgLUjL04ZiSrcPuqej6b2dRsj6
7iXm4QT/+UnPbHwlPZT8W13W9AQWliPJJml7MwmDV8Bjdo3c6/rNMF16LX5/XGEo
XiNMoxxIyl+QUkqhSxzD/fNLLtYsBBlpPAG/iaNHzLZ1X4/3F/d8zLzRhl0st0YZ
byV/H0pX2KweKQ==
-----END CERTIFICATE-----