Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/4bdfcb-4385-47cc-b081-95b1d71bcc89/1/6Md5F2XIhNCFX-0_-MPycJmpoBo.mft
File:                     6Md5F2XIhNCFX-0_-MPycJmpoBo.mft (raw, json)
Hash identifier:          OF7KuPCPBC/WZRwEYrlz+XP8iEMBI9m21Rc3efpXR38=
Subject key identifier:   23:7E:AB:C4:A5:10:4E:0F:9F:98:3C:7A:98:01:E6:6E:18:D3:C6:32
Authority key identifier: E8:C7:79:17:65:C8:84:D0:85:5F:ED:3F:F8:C3:F2:70:99:A9:A0:1A
Certificate issuer:       /CN=e8c7791765c884d0855fed3ff8c3f27099a9a01a
Certificate serial:       019767E0B941B4BC8D2A153F3F29D940526C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6Md5F2XIhNCFX-0_-MPycJmpoBo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/4bdfcb-4385-47cc-b081-95b1d71bcc89/1/6Md5F2XIhNCFX-0_-MPycJmpoBo.mft
Manifest number:          1589
Signing time:             Fri 13 Jun 2025 06:01:10 +0000
Manifest this update:     Fri 13 Jun 2025 06:01:10 +0000
Manifest next update:     Sat 14 Jun 2025 06:01:10 +0000
Files and hashes:         1: 6Md5F2XIhNCFX-0_-MPycJmpoBo.crl (hash: ijU17wJZWpSrnLn+OEcFye9LQR1vcS161BSo9Gnjtpw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/4bdfcb-4385-47cc-b081-95b1d71bcc89/1/6Md5F2XIhNCFX-0_-MPycJmpoBo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/4bdfcb-4385-47cc-b081-95b1d71bcc89/1/6Md5F2XIhNCFX-0_-MPycJmpoBo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6Md5F2XIhNCFX-0_-MPycJmpoBo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 06:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:67:e0:b9:41:b4:bc:8d:2a:15:3f:3f:29:d9:40:52:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e8c7791765c884d0855fed3ff8c3f27099a9a01a
        Validity
            Not Before: Jun 13 06:01:10 2025 GMT
            Not After : Jun 14 06:01:10 2025 GMT
        Subject: CN=237eabc4a5104e0f9f983c7a9801e66e18d3c632
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:4f:98:99:ff:be:43:8c:67:c0:6b:c1:55:db:
                    79:0c:9a:84:8a:7c:c7:f7:66:75:76:dc:59:c5:81:
                    4f:14:06:36:84:2a:a4:06:a3:36:ff:5c:75:96:cb:
                    ec:d1:64:ef:f1:a6:e0:0c:a5:78:65:08:eb:c4:46:
                    0a:ee:de:ab:4c:3d:ce:be:10:4b:8d:5e:91:b8:61:
                    23:bf:cc:9a:19:cc:26:08:2d:af:c8:07:c7:65:4e:
                    03:a6:41:76:00:21:55:74:d3:56:3e:2e:44:ed:e9:
                    e2:1e:e8:93:22:1a:77:b8:87:0f:6c:25:06:a0:82:
                    5f:6f:91:d5:fe:67:de:e0:66:38:06:99:40:51:a3:
                    95:d1:1d:6d:10:6a:4c:b3:c2:9a:d6:61:a7:60:d5:
                    eb:97:3c:01:c9:d5:28:d2:83:e3:97:ef:8e:d7:be:
                    f4:a6:b0:53:9d:83:fc:73:4a:9c:72:b6:68:4a:81:
                    76:8a:b2:ab:8f:e2:20:40:5d:04:e3:7c:ad:78:29:
                    29:94:83:08:f5:0a:65:9f:4c:cb:12:6d:2b:73:f2:
                    11:dc:99:15:d8:be:04:d6:05:fc:68:27:82:cc:0f:
                    e8:df:48:1c:54:0c:32:89:cb:e9:d8:38:e6:e9:ca:
                    ee:7c:36:3f:d9:4e:05:69:a4:54:f2:83:9a:22:2d:
                    df:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:7E:AB:C4:A5:10:4E:0F:9F:98:3C:7A:98:01:E6:6E:18:D3:C6:32
            X509v3 Authority Key Identifier:
                keyid:E8:C7:79:17:65:C8:84:D0:85:5F:ED:3F:F8:C3:F2:70:99:A9:A0:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6Md5F2XIhNCFX-0_-MPycJmpoBo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/4bdfcb-4385-47cc-b081-95b1d71bcc89/1/6Md5F2XIhNCFX-0_-MPycJmpoBo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/4bdfcb-4385-47cc-b081-95b1d71bcc89/1/6Md5F2XIhNCFX-0_-MPycJmpoBo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:60:a8:f0:1a:9d:98:8d:c6:f9:65:d4:81:a4:3e:90:fb:a0:
         ba:c0:2c:71:dc:3b:11:4e:17:f4:05:f5:64:9f:ec:e4:1c:0c:
         26:47:56:da:50:9c:b5:ea:21:51:ee:03:bc:02:e1:02:b5:23:
         f7:92:6d:ab:92:ea:c3:3b:f1:5d:e5:82:3d:b6:d3:20:af:11:
         bd:a6:9a:33:d7:8e:4f:96:03:79:b0:1a:ce:99:fe:99:79:4e:
         cd:78:1d:d3:b6:15:a5:a1:09:c2:93:bd:18:61:c9:00:fd:ae:
         ac:25:e2:66:4e:05:fd:ba:50:70:0d:4c:c4:ed:ab:c1:40:e9:
         0f:c0:82:b5:0d:57:85:62:a1:e6:fb:53:45:a9:6f:ad:56:21:
         f8:f8:b4:8d:cd:84:fb:56:48:e6:e7:30:1c:14:6b:16:a2:98:
         b8:6e:d5:dc:37:5e:b7:bd:61:ca:db:25:0e:2d:48:4b:6b:63:
         51:e0:b9:f9:75:98:0a:ba:fd:41:28:bf:8f:9c:e2:73:26:50:
         b9:f0:8d:04:b9:1c:83:39:11:18:4b:5c:ce:4f:17:85:c4:b9:
         e4:e0:bf:93:6d:f4:b5:25:37:15:cd:dd:8f:4f:ca:4a:5e:be:
         ec:7a:b7:ce:b8:e9:d9:a5:67:60:b2:0e:03:50:f9:c0:71:f7:
         da:15:dd:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdn4LlBtLyNKhU/PynZQFJsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4Yzc3OTE3NjVjODg0ZDA4NTVmZWQzZmY4YzNmMjcwOTlh
OWEwMWEwHhcNMjUwNjEzMDYwMTEwWhcNMjUwNjE0MDYwMTEwWjAzMTEwLwYDVQQD
EygyMzdlYWJjNGE1MTA0ZTBmOWY5ODNjN2E5ODAxZTY2ZTE4ZDNjNjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxU+Ymf++Q4xnwGvBVdt5DJqEinzH
92Z1dtxZxYFPFAY2hCqkBqM2/1x1lsvs0WTv8abgDKV4ZQjrxEYK7t6rTD3OvhBL
jV6RuGEjv8yaGcwmCC2vyAfHZU4DpkF2ACFVdNNWPi5E7eniHuiTIhp3uIcPbCUG
oIJfb5HV/mfe4GY4BplAUaOV0R1tEGpMs8Ka1mGnYNXrlzwBydUo0oPjl++O1770
prBTnYP8c0qccrZoSoF2irKrj+IgQF0E43yteCkplIMI9Qpln0zLEm0rc/IR3JkV
2L4E1gX8aCeCzA/o30gcVAwyicvp2Djm6crufDY/2U4FaaRU8oOaIi3fbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCN+q8SlEE4Pn5g8epgB5m4Y08YyMB8GA1UdIwQY
MBaAFOjHeRdlyITQhV/tP/jD8nCZqaAaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNk1kNUYyWEloTkNGWC0wXy1NUHljSm1wb0JvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi80YmRmY2ItNDM4NS00N2NjLWIwODEt
OTViMWQ3MWJjYzg5LzEvNk1kNUYyWEloTkNGWC0wXy1NUHljSm1wb0JvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi80YmRmY2ItNDM4NS00N2NjLWIwODEtOTViMWQ3MWJjYzg5
LzEvNk1kNUYyWEloTkNGWC0wXy1NUHljSm1wb0JvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfmCo8Bqd
mI3G+WXUgaQ+kPugusAscdw7EU4X9AX1ZJ/s5BwMJkdW2lCcteohUe4DvALhArUj
95Jtq5LqwzvxXeWCPbbTIK8RvaaaM9eOT5YDebAazpn+mXlOzXgd07YVpaEJwpO9
GGHJAP2urCXiZk4F/bpQcA1MxO2rwUDpD8CCtQ1XhWKh5vtTRalvrVYh+Pi0jc2E
+1ZI5ucwHBRrFqKYuG7V3Ddet71hytslDi1IS2tjUeC5+XWYCrr9QSi/j5zicyZQ
ufCNBLkcgzkRGEtczk8XhcS55OC/k230tSU3Fc3dj0/KSl6+7Hq3zrjp2aVnYLIO
A1D5wHH32hXdwQ==
-----END CERTIFICATE-----