Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.mft
File:                     JaKQVZ9ypwEjHAKOcKJQaQNVpjk.mft (raw, json)
Hash identifier:          0VDeYGGWbyFWE0o+YnKJWddQEzp+lTmpmaIYXDZN/M0=
Subject key identifier:   88:22:07:75:35:BE:2C:B7:EB:9D:A9:C7:31:28:E6:AD:E0:3D:D4:F4
Authority key identifier: 25:A2:90:55:9F:72:A7:01:23:1C:02:8E:70:A2:50:69:03:55:A6:39
Certificate issuer:       /CN=25a290559f72a701231c028e70a250690355a639
Certificate serial:       01975422BEB9EBFA67E97EC9F5C1EA3115A3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.mft
Manifest number:          12C1
Signing time:             Mon 09 Jun 2025 10:00:52 +0000
Manifest this update:     Mon 09 Jun 2025 10:00:52 +0000
Manifest next update:     Tue 10 Jun 2025 10:00:52 +0000
Files and hashes:         1: JaKQVZ9ypwEjHAKOcKJQaQNVpjk.crl (hash: H2qSbQb/PXOufkMBFU3n3zh+5uGZK/7GlxApgThr6r8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 02:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:54:22:be:b9:eb:fa:67:e9:7e:c9:f5:c1:ea:31:15:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25a290559f72a701231c028e70a250690355a639
        Validity
            Not Before: Jun  9 10:00:52 2025 GMT
            Not After : Jun 10 10:00:52 2025 GMT
        Subject: CN=8822077535be2cb7eb9da9c73128e6ade03dd4f4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f9:75:38:6a:06:c1:d4:74:5d:01:f9:29:13:d4:
                    18:9c:ac:b1:46:d6:50:7d:47:a7:53:51:47:90:df:
                    1f:98:f0:f5:2f:6a:05:a2:60:bf:c1:ff:48:92:09:
                    7b:b3:79:c1:45:05:12:88:3e:b6:a1:bf:33:91:83:
                    ba:25:da:0e:96:68:8d:a2:52:5a:26:8b:2f:6c:09:
                    8f:79:2c:4c:fe:84:06:18:4a:93:cc:97:d9:63:c1:
                    74:96:91:fb:64:5e:45:90:3c:0c:50:4a:cb:ed:70:
                    53:7a:67:d2:ee:7b:8b:38:3d:80:77:a9:85:c4:31:
                    b4:9f:81:f6:d9:50:d0:89:09:58:cf:ff:b7:8f:9c:
                    9d:8b:47:d2:65:3a:a3:6d:6a:dc:00:8d:f1:03:7c:
                    6d:a3:8d:de:fd:e0:0e:08:91:84:21:78:5f:d5:c8:
                    49:a2:a8:f4:ab:fc:b6:b4:da:27:8e:8d:12:aa:c6:
                    fb:39:9c:e5:df:82:93:0b:07:15:6e:db:b5:af:9b:
                    9a:90:15:ef:40:ec:3b:a8:ea:a3:e9:db:ba:57:6e:
                    6a:72:e7:33:20:6d:ba:1b:8f:17:a6:f2:8c:a9:c0:
                    16:8f:bd:e7:9a:51:03:70:ba:05:6d:27:8a:38:81:
                    21:7f:31:29:97:b7:b5:42:e5:e5:a9:33:7a:26:29:
                    b3:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:22:07:75:35:BE:2C:B7:EB:9D:A9:C7:31:28:E6:AD:E0:3D:D4:F4
            X509v3 Authority Key Identifier:
                keyid:25:A2:90:55:9F:72:A7:01:23:1C:02:8E:70:A2:50:69:03:55:A6:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:24:c5:2b:41:33:2a:6c:0d:6c:63:ad:45:40:d9:1e:21:3e:
         2c:85:fe:1f:84:e3:15:57:30:9e:3d:b8:1b:4e:e5:77:71:aa:
         27:b7:00:d3:8f:d2:73:d5:b3:b1:cd:84:bb:3d:2a:ec:ec:8a:
         29:70:a3:7c:e2:8e:8f:3b:c2:b4:17:45:82:e3:32:9d:ac:b4:
         9f:3d:31:50:59:61:f2:7d:b7:ad:e0:dc:47:41:e0:42:23:32:
         42:ee:f0:2b:7f:af:cf:49:c4:07:48:b1:72:a4:4d:b3:45:3b:
         f3:c0:25:45:6f:13:ea:09:8b:b0:67:49:14:8d:df:98:84:e4:
         2b:04:99:37:6b:8e:b6:4d:1e:e8:20:49:7b:55:fb:7d:a8:90:
         78:9b:e1:02:a0:17:c6:40:f3:a9:e4:56:3f:e7:68:fb:3c:67:
         ba:02:4c:bd:10:2a:ff:a6:db:9a:33:23:2b:4d:f1:f2:b7:e6:
         31:95:9a:3f:d0:44:bb:ae:a4:de:6b:93:10:b5:0c:5c:75:f9:
         1f:40:29:d9:34:f8:38:5c:2e:dc:7a:e9:e9:d7:b6:31:ac:22:
         de:f0:b8:3b:79:83:f7:55:b0:eb:4f:82:26:6f:51:12:0e:43:
         97:98:bd:4a:6c:9b:a6:2b:20:9f:12:67:29:50:16:7d:da:73:
         a1:90:e8:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdUIr656/pn6X7J9cHqMRWjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1YTI5MDU1OWY3MmE3MDEyMzFjMDI4ZTcwYTI1MDY5MDM1
NWE2MzkwHhcNMjUwNjA5MTAwMDUyWhcNMjUwNjEwMTAwMDUyWjAzMTEwLwYDVQQD
Eyg4ODIyMDc3NTM1YmUyY2I3ZWI5ZGE5YzczMTI4ZTZhZGUwM2RkNGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+XU4agbB1HRdAfkpE9QYnKyxRtZQ
fUenU1FHkN8fmPD1L2oFomC/wf9Ikgl7s3nBRQUSiD62ob8zkYO6JdoOlmiNolJa
JosvbAmPeSxM/oQGGEqTzJfZY8F0lpH7ZF5FkDwMUErL7XBTemfS7nuLOD2Ad6mF
xDG0n4H22VDQiQlYz/+3j5ydi0fSZTqjbWrcAI3xA3xto43e/eAOCJGEIXhf1chJ
oqj0q/y2tNonjo0Sqsb7OZzl34KTCwcVbtu1r5uakBXvQOw7qOqj6du6V25qcucz
IG26G48XpvKMqcAWj73nmlEDcLoFbSeKOIEhfzEpl7e1QuXlqTN6JimzZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIgiB3U1viy3652pxzEo5q3gPdT0MB8GA1UdIwQY
MBaAFCWikFWfcqcBIxwCjnCiUGkDVaY5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmFLUVZaOXlwd0VqSEFLT2NLSlFhUU5WcGprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9lN2ZlMDYtNGQ0NC00MzBmLTllY2It
Mjk1ZmNmODdlYTI3LzEvSmFLUVZaOXlwd0VqSEFLT2NLSlFhUU5WcGprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9lN2ZlMDYtNGQ0NC00MzBmLTllY2ItMjk1ZmNmODdlYTI3
LzEvSmFLUVZaOXlwd0VqSEFLT2NLSlFhUU5WcGprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWyTFK0Ez
KmwNbGOtRUDZHiE+LIX+H4TjFVcwnj24G07ld3GqJ7cA04/Sc9Wzsc2Euz0q7OyK
KXCjfOKOjzvCtBdFguMynay0nz0xUFlh8n23reDcR0HgQiMyQu7wK3+vz0nEB0ix
cqRNs0U788AlRW8T6gmLsGdJFI3fmITkKwSZN2uOtk0e6CBJe1X7faiQeJvhAqAX
xkDzqeRWP+do+zxnugJMvRAq/6bbmjMjK03x8rfmMZWaP9BEu66k3muTELUMXHX5
H0Ap2TT4OFwu3Hrp6de2Mawi3vC4O3mD91Ww60+CJm9REg5Dl5i9SmybpisgnxJn
KVAWfdpzoZDoqw==
-----END CERTIFICATE-----