Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/e24ec2-d956-4575-9287-157e3ed52f11/1/7nwowZyp0nBozrxpyBVBZ13BLN8.mft
File:                     7nwowZyp0nBozrxpyBVBZ13BLN8.mft (raw, json)
Hash identifier:          9L1so018ZCTlfS/SFDUpY6lfTFaWWn46XT1ACjwvXHc=
Subject key identifier:   B6:A4:4D:45:9F:3A:E4:7D:82:20:5A:32:35:CA:3C:44:10:8F:AD:B3
Authority key identifier: EE:7C:28:C1:9C:A9:D2:70:68:CE:BC:69:C8:15:41:67:5D:C1:2C:DF
Certificate issuer:       /CN=ee7c28c19ca9d27068cebc69c81541675dc12cdf
Certificate serial:       0197488CA48E43EAF845A1A26C38EFBEFCCC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7nwowZyp0nBozrxpyBVBZ13BLN8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/e24ec2-d956-4575-9287-157e3ed52f11/1/7nwowZyp0nBozrxpyBVBZ13BLN8.mft
Manifest number:          157A
Signing time:             Sat 07 Jun 2025 04:01:06 +0000
Manifest this update:     Sat 07 Jun 2025 04:01:06 +0000
Manifest next update:     Sun 08 Jun 2025 04:01:06 +0000
Files and hashes:         1: 7nwowZyp0nBozrxpyBVBZ13BLN8.crl (hash: uOcw8sME1qL/i6shAgDVfzf4vOvkZmH/KxBj5Inc/pU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/e24ec2-d956-4575-9287-157e3ed52f11/1/7nwowZyp0nBozrxpyBVBZ13BLN8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/e24ec2-d956-4575-9287-157e3ed52f11/1/7nwowZyp0nBozrxpyBVBZ13BLN8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7nwowZyp0nBozrxpyBVBZ13BLN8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8c:a4:8e:43:ea:f8:45:a1:a2:6c:38:ef:be:fc:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ee7c28c19ca9d27068cebc69c81541675dc12cdf
        Validity
            Not Before: Jun  7 04:01:06 2025 GMT
            Not After : Jun  8 04:01:06 2025 GMT
        Subject: CN=b6a44d459f3ae47d82205a3235ca3c44108fadb3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:77:6a:8a:92:86:ac:ed:0c:19:0a:8e:d4:62:
                    1e:69:83:7a:94:8c:11:d3:5c:fb:ed:de:1b:ec:db:
                    d0:85:14:4d:53:b0:7c:d6:f7:97:90:f9:2e:be:b1:
                    bc:be:72:bd:7d:b4:7b:45:23:30:b3:41:56:7b:4e:
                    98:99:fd:de:12:cf:75:c1:af:88:95:ec:e7:fb:d9:
                    6a:cc:66:54:df:c6:d5:6a:55:5e:fd:d8:7e:1c:f9:
                    2f:52:6c:61:9f:ed:72:ab:48:9d:fe:58:9a:53:97:
                    95:3b:22:73:77:b5:7e:dc:2b:de:0b:8d:7c:57:d4:
                    26:5a:2a:9f:4e:7f:fe:03:db:90:19:c5:6e:9c:2a:
                    48:06:14:e6:f2:76:9b:a0:34:53:03:9a:a0:dc:75:
                    87:a1:e3:f3:e1:e2:38:5a:a5:74:5d:8e:25:d4:e9:
                    ef:c7:37:e9:9b:1a:35:ca:eb:cf:95:70:64:38:ee:
                    93:bc:7f:f2:da:f7:d0:0f:03:73:89:ce:45:be:23:
                    01:f9:13:57:fc:c6:84:0f:50:3d:40:c4:22:bb:d1:
                    e4:d7:03:3e:50:9c:2b:a9:8d:d3:31:fb:df:68:2f:
                    5c:1c:31:c6:eb:17:81:9a:c5:b8:22:e2:9c:1d:6f:
                    70:ec:f5:a3:32:a9:cd:96:ae:55:52:88:88:4e:44:
                    de:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:A4:4D:45:9F:3A:E4:7D:82:20:5A:32:35:CA:3C:44:10:8F:AD:B3
            X509v3 Authority Key Identifier:
                keyid:EE:7C:28:C1:9C:A9:D2:70:68:CE:BC:69:C8:15:41:67:5D:C1:2C:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7nwowZyp0nBozrxpyBVBZ13BLN8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/e24ec2-d956-4575-9287-157e3ed52f11/1/7nwowZyp0nBozrxpyBVBZ13BLN8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/e24ec2-d956-4575-9287-157e3ed52f11/1/7nwowZyp0nBozrxpyBVBZ13BLN8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:ef:37:f3:8b:f2:c7:81:b7:5a:9d:de:80:ae:a4:2f:08:89:
         6d:38:66:71:97:c1:65:3a:e6:4d:5a:39:06:38:2f:02:89:88:
         86:27:44:89:c0:84:68:65:9d:f7:2c:ef:94:fc:c4:c4:0e:5b:
         34:ee:39:14:6f:03:12:20:29:4d:d4:6a:33:d8:65:7f:fd:93:
         25:24:dd:a4:bc:13:59:09:21:ba:5e:a7:86:d5:49:f8:2d:9d:
         a9:86:58:c8:0d:62:62:a3:df:96:6b:34:48:1f:3c:a3:5c:59:
         20:c9:3c:5e:ef:86:f5:3e:d2:94:2a:69:69:2d:06:ce:d5:c6:
         74:b8:20:97:8d:ff:f9:d5:83:4c:01:2d:f4:cd:3e:07:b6:28:
         88:73:c7:88:2a:57:b1:76:b2:ff:60:d8:e8:89:7e:08:ac:6a:
         b7:09:a7:c7:78:05:a5:ac:96:7c:20:6c:ab:4b:78:41:ec:c8:
         6f:2c:0e:7a:48:37:3b:2f:98:92:5b:c9:a0:af:a9:d8:e6:5f:
         a3:76:d2:cf:45:1a:e9:d6:56:3f:ca:45:94:e4:ce:d7:02:9a:
         85:50:01:8a:9f:ed:ad:39:6f:1c:b8:31:5a:8a:d9:3e:0d:a7:
         91:46:30:63:3b:57:61:9f:d6:87:4a:12:49:41:0c:15:1e:f8:
         07:6c:99:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjKSOQ+r4RaGibDjvvvzMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlN2MyOGMxOWNhOWQyNzA2OGNlYmM2OWM4MTU0MTY3NWRj
MTJjZGYwHhcNMjUwNjA3MDQwMTA2WhcNMjUwNjA4MDQwMTA2WjAzMTEwLwYDVQQD
EyhiNmE0NGQ0NTlmM2FlNDdkODIyMDVhMzIzNWNhM2M0NDEwOGZhZGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXdqipKGrO0MGQqO1GIeaYN6lIwR
01z77d4b7NvQhRRNU7B81veXkPkuvrG8vnK9fbR7RSMws0FWe06Ymf3eEs91wa+I
lezn+9lqzGZU38bValVe/dh+HPkvUmxhn+1yq0id/liaU5eVOyJzd7V+3CveC418
V9QmWiqfTn/+A9uQGcVunCpIBhTm8naboDRTA5qg3HWHoePz4eI4WqV0XY4l1Onv
xzfpmxo1yuvPlXBkOO6TvH/y2vfQDwNzic5FviMB+RNX/MaED1A9QMQiu9Hk1wM+
UJwrqY3TMfvfaC9cHDHG6xeBmsW4IuKcHW9w7PWjMqnNlq5VUoiITkTe7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLakTUWfOuR9giBaMjXKPEQQj62zMB8GA1UdIwQY
MBaAFO58KMGcqdJwaM68acgVQWddwSzfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN253b3daeXAwbkJvenJ4cHlCVkJaMTNCTE44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9lMjRlYzItZDk1Ni00NTc1LTkyODct
MTU3ZTNlZDUyZjExLzEvN253b3daeXAwbkJvenJ4cHlCVkJaMTNCTE44Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9lMjRlYzItZDk1Ni00NTc1LTkyODctMTU3ZTNlZDUyZjEx
LzEvN253b3daeXAwbkJvenJ4cHlCVkJaMTNCTE44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJu8384vy
x4G3Wp3egK6kLwiJbThmcZfBZTrmTVo5BjgvAomIhidEicCEaGWd9yzvlPzExA5b
NO45FG8DEiApTdRqM9hlf/2TJSTdpLwTWQkhul6nhtVJ+C2dqYZYyA1iYqPflms0
SB88o1xZIMk8Xu+G9T7SlCppaS0GztXGdLggl43/+dWDTAEt9M0+B7YoiHPHiCpX
sXay/2DY6Il+CKxqtwmnx3gFpayWfCBsq0t4QezIbywOekg3Oy+YklvJoK+p2OZf
o3bSz0Ua6dZWP8pFlOTO1wKahVABip/trTlvHLgxWorZPg2nkUYwYztXYZ/Wh0oS
SUEMFR74B2yZYw==
-----END CERTIFICATE-----