Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/98a556-6b6f-4d5e-972e-0fc8da0503c9/1/JTncEcLyIukQROG-eygeV23u5Fs.mft
File:                     JTncEcLyIukQROG-eygeV23u5Fs.mft (raw, json)
Hash identifier:          dFHSjMgi2a0vsdBashrDmY42c0DaZvde6K9QVkf0gZU=
Subject key identifier:   77:DF:F9:7A:CA:CE:98:3B:B6:53:F6:99:05:5B:68:8E:20:0F:FD:A5
Authority key identifier: 25:39:DC:11:C2:F2:22:E9:10:44:E1:BE:7B:28:1E:57:6D:EE:E4:5B
Certificate issuer:       /CN=2539dc11c2f222e91044e1be7b281e576deee45b
Certificate serial:       01974AB1B58A0A841106070556391A49DC54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JTncEcLyIukQROG-eygeV23u5Fs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/98a556-6b6f-4d5e-972e-0fc8da0503c9/1/JTncEcLyIukQROG-eygeV23u5Fs.mft
Manifest number:          53
Signing time:             Sat 07 Jun 2025 14:00:49 +0000
Manifest this update:     Sat 07 Jun 2025 14:00:49 +0000
Manifest next update:     Sun 08 Jun 2025 14:00:49 +0000
Files and hashes:         1: JTncEcLyIukQROG-eygeV23u5Fs.crl (hash: 2UdSpoPIuqjofz+0bLKgMOI7/YnmtF80+dNNIam/U8Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/98a556-6b6f-4d5e-972e-0fc8da0503c9/1/JTncEcLyIukQROG-eygeV23u5Fs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/98a556-6b6f-4d5e-972e-0fc8da0503c9/1/JTncEcLyIukQROG-eygeV23u5Fs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JTncEcLyIukQROG-eygeV23u5Fs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 11:24:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:b1:b5:8a:0a:84:11:06:07:05:56:39:1a:49:dc:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2539dc11c2f222e91044e1be7b281e576deee45b
        Validity
            Not Before: Jun  7 14:00:49 2025 GMT
            Not After : Jun  8 14:00:49 2025 GMT
        Subject: CN=77dff97acace983bb653f699055b688e200ffda5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:c2:a3:dd:6f:55:60:87:22:07:e9:b0:99:8f:
                    ec:9a:54:81:ce:f2:d9:40:48:70:57:c5:da:de:10:
                    dd:52:52:be:f5:f5:d6:41:f4:d4:92:60:14:1e:be:
                    e9:47:e3:b1:62:79:d9:52:53:51:5a:a4:c1:dd:fe:
                    68:fe:26:18:13:09:48:6d:5c:f6:5a:4e:8e:94:d8:
                    43:aa:c8:6a:32:97:0d:fa:ec:f6:08:d4:6c:6b:a3:
                    36:1f:ae:26:96:4d:4d:c2:89:a6:f0:3f:19:d5:35:
                    33:74:bb:56:06:62:2c:ed:f6:ac:34:40:2d:42:1b:
                    d7:be:90:02:dd:18:e1:00:56:4c:77:85:36:8b:8c:
                    aa:cb:4c:2e:90:c5:92:0e:97:34:08:59:c5:58:9e:
                    b9:3b:9d:67:a2:5f:0b:f1:96:52:5f:21:b3:c6:d6:
                    01:4a:5e:af:31:fb:2d:40:24:bc:1d:e1:86:79:48:
                    90:66:ca:fa:5b:91:9d:78:82:dd:b1:b1:70:ce:42:
                    16:6a:83:9d:aa:2b:42:ac:47:c3:a3:b8:50:0e:cb:
                    15:48:14:8f:fe:c4:8d:9a:4d:8b:86:de:9e:c2:73:
                    fc:f3:ca:f8:e4:1f:1a:77:45:5c:62:61:83:bb:c3:
                    ea:7f:23:68:d0:cd:42:3c:62:dd:90:80:30:27:95:
                    e2:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:DF:F9:7A:CA:CE:98:3B:B6:53:F6:99:05:5B:68:8E:20:0F:FD:A5
            X509v3 Authority Key Identifier:
                keyid:25:39:DC:11:C2:F2:22:E9:10:44:E1:BE:7B:28:1E:57:6D:EE:E4:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTncEcLyIukQROG-eygeV23u5Fs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/98a556-6b6f-4d5e-972e-0fc8da0503c9/1/JTncEcLyIukQROG-eygeV23u5Fs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/98a556-6b6f-4d5e-972e-0fc8da0503c9/1/JTncEcLyIukQROG-eygeV23u5Fs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         da:3b:85:66:5f:fd:53:94:ce:08:02:d3:6e:a0:da:65:70:06:
         8e:55:99:d9:83:55:98:21:41:a4:44:ff:0b:f1:9e:54:00:59:
         7d:b7:8d:65:49:3e:55:a0:2d:47:e3:57:86:a0:e5:6e:81:8c:
         46:d7:04:ba:48:6d:a3:7f:63:3e:df:1a:75:84:59:29:c2:b2:
         0b:1f:b3:e6:e4:7b:be:08:9b:bd:28:aa:f3:c5:ea:6a:63:26:
         0d:7e:95:fa:db:aa:3c:fb:fa:bc:b6:9c:c8:ab:27:2b:f6:7d:
         32:5e:a7:c0:bf:01:9a:17:b1:8a:d5:bd:0e:28:0f:17:82:8f:
         19:71:30:b2:42:39:ad:9e:a0:ad:9e:ed:0c:44:eb:4e:dc:cf:
         e6:64:e7:93:6b:91:6b:69:86:95:8e:de:2e:c0:9a:71:89:66:
         1a:81:70:8c:24:7a:16:91:92:07:8d:b6:51:ab:3c:c1:be:e9:
         7c:22:94:65:60:ce:b6:55:cf:aa:09:a7:13:80:05:e5:fa:1b:
         10:83:fc:37:b9:fd:0f:fb:2b:2d:17:3c:58:7b:bb:f9:a4:40:
         84:69:2b:a3:a8:7f:c6:dc:ff:b8:60:c9:f4:b5:e5:e2:8d:fe:
         6d:dd:05:ff:74:ba:69:57:f5:6b:5d:38:c8:c2:a3:81:f8:e3:
         60:bf:37:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKsbWKCoQRBgcFVjkaSdxUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1MzlkYzExYzJmMjIyZTkxMDQ0ZTFiZTdiMjgxZTU3NmRl
ZWU0NWIwHhcNMjUwNjA3MTQwMDQ5WhcNMjUwNjA4MTQwMDQ5WjAzMTEwLwYDVQQD
Eyg3N2RmZjk3YWNhY2U5ODNiYjY1M2Y2OTkwNTViNjg4ZTIwMGZmZGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMKj3W9VYIciB+mwmY/smlSBzvLZ
QEhwV8Xa3hDdUlK+9fXWQfTUkmAUHr7pR+OxYnnZUlNRWqTB3f5o/iYYEwlIbVz2
Wk6OlNhDqshqMpcN+uz2CNRsa6M2H64mlk1Nwomm8D8Z1TUzdLtWBmIs7fasNEAt
QhvXvpAC3RjhAFZMd4U2i4yqy0wukMWSDpc0CFnFWJ65O51nol8L8ZZSXyGzxtYB
Sl6vMfstQCS8HeGGeUiQZsr6W5GdeILdsbFwzkIWaoOdqitCrEfDo7hQDssVSBSP
/sSNmk2Lht6ewnP888r45B8ad0VcYmGDu8PqfyNo0M1CPGLdkIAwJ5XiGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHff+XrKzpg7tlP2mQVbaI4gD/2lMB8GA1UdIwQY
MBaAFCU53BHC8iLpEEThvnsoHldt7uRbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRuY0VjTHlJdWtRUk9HLWV5Z2VWMjN1NUZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy85OGE1NTYtNmI2Zi00ZDVlLTk3MmUt
MGZjOGRhMDUwM2M5LzEvSlRuY0VjTHlJdWtRUk9HLWV5Z2VWMjN1NUZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy85OGE1NTYtNmI2Zi00ZDVlLTk3MmUtMGZjOGRhMDUwM2M5
LzEvSlRuY0VjTHlJdWtRUk9HLWV5Z2VWMjN1NUZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA2juFZl/9
U5TOCALTbqDaZXAGjlWZ2YNVmCFBpET/C/GeVABZfbeNZUk+VaAtR+NXhqDlboGM
RtcEukhto39jPt8adYRZKcKyCx+z5uR7vgibvSiq88XqamMmDX6V+tuqPPv6vLac
yKsnK/Z9Ml6nwL8BmhexitW9DigPF4KPGXEwskI5rZ6grZ7tDETrTtzP5mTnk2uR
a2mGlY7eLsCacYlmGoFwjCR6FpGSB422Uas8wb7pfCKUZWDOtlXPqgmnE4AF5fob
EIP8N7n9D/srLRc8WHu7+aRAhGkro6h/xtz/uGDJ9LXl4o3+bd0F/3S6aVf1a104
yMKjgfjjYL83HQ==
-----END CERTIFICATE-----