Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft
File:                     cUt8OIAz4WI_xti-t69cOUJRkds.mft (raw, json)
Hash identifier:          GO+7J8L0WtniyGovZxl3E5l+n3vpYoZ330ZPp59F/h0=
Subject key identifier:   A4:87:7F:94:01:AA:10:DE:AE:0D:AB:E0:37:91:5B:01:5E:1D:21:67
Authority key identifier: 71:4B:7C:38:80:33:E1:62:3F:C6:D8:BE:B7:AF:5C:39:42:51:91:DB
Certificate issuer:       /CN=714b7c388033e1623fc6d8beb7af5c39425191db
Certificate serial:       01974A43BB347E581B27C93B872E0ACF6A6C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cUt8OIAz4WI_xti-t69cOUJRkds.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft
Manifest number:          0734
Signing time:             Sat 07 Jun 2025 12:00:42 +0000
Manifest this update:     Sat 07 Jun 2025 12:00:42 +0000
Manifest next update:     Sun 08 Jun 2025 12:00:42 +0000
Files and hashes:         1: cUt8OIAz4WI_xti-t69cOUJRkds.crl (hash: hVkcvaVFc/Eugpml9m2QjLjuEXcXwmBhDFUV6kZBFqQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cUt8OIAz4WI_xti-t69cOUJRkds.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 12:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:43:bb:34:7e:58:1b:27:c9:3b:87:2e:0a:cf:6a:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=714b7c388033e1623fc6d8beb7af5c39425191db
        Validity
            Not Before: Jun  7 12:00:42 2025 GMT
            Not After : Jun  8 12:00:42 2025 GMT
        Subject: CN=a4877f9401aa10deae0dabe037915b015e1d2167
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:45:6d:2a:86:7d:f9:d7:4e:1c:23:c4:b1:58:
                    89:9c:0f:41:54:e2:bc:2f:55:90:59:36:0b:85:3f:
                    2d:37:ce:42:86:a8:96:af:5f:79:f7:13:e7:bb:b2:
                    27:01:e4:e2:b6:86:34:fa:b4:06:5c:76:64:bd:0f:
                    b3:ca:2b:35:2a:3e:fb:51:bb:04:e4:f3:a5:c6:87:
                    54:62:5d:c9:c4:7b:80:68:1b:e5:cb:e8:1e:72:35:
                    7f:21:d9:db:98:a9:b0:ca:a0:7e:aa:ca:3d:95:84:
                    03:de:fb:b0:cc:0e:db:55:83:ae:47:7a:79:99:25:
                    aa:c1:ca:4d:e2:39:ab:92:60:bc:88:1a:ec:d9:88:
                    95:67:61:ef:51:29:8f:e3:18:b5:67:5d:2a:eb:d9:
                    46:36:e2:ce:7c:84:33:b7:88:85:fb:2e:c6:2d:3a:
                    1a:2f:fd:8c:53:3d:e1:5a:7f:0e:3b:b9:0c:6e:92:
                    5e:b3:19:c2:a4:af:06:55:6e:5d:45:8b:6e:2a:81:
                    2a:c4:bb:d6:fc:03:16:41:b1:31:f8:4b:ec:3a:79:
                    1c:15:e6:2a:24:0e:e9:d3:ee:5e:18:ff:94:a0:13:
                    b0:16:4b:cb:46:0b:51:94:8d:62:1a:16:06:f5:cd:
                    68:89:7d:c8:39:2d:38:f1:43:78:34:4e:72:79:4d:
                    9b:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:87:7F:94:01:AA:10:DE:AE:0D:AB:E0:37:91:5B:01:5E:1D:21:67
            X509v3 Authority Key Identifier:
                keyid:71:4B:7C:38:80:33:E1:62:3F:C6:D8:BE:B7:AF:5C:39:42:51:91:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cUt8OIAz4WI_xti-t69cOUJRkds.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:fd:1e:8b:1f:b2:fe:b6:8d:4a:d8:e0:76:68:66:76:bb:91:
         58:e1:ed:5b:44:b7:0c:7a:4d:1e:38:1a:66:57:53:61:7d:51:
         98:6e:c7:c4:b1:6e:2d:f3:0a:74:68:16:f6:db:39:c4:47:84:
         38:1c:75:9e:ea:2a:78:33:6f:29:b6:d6:a7:61:9f:5d:03:b1:
         67:3d:1c:71:43:36:73:55:12:4f:2c:0a:ed:cd:2f:89:3f:da:
         fb:ff:da:ff:2d:3a:7e:3b:f1:84:a3:3a:dd:be:5d:eb:88:73:
         02:67:0b:bc:ef:77:aa:b4:85:4b:62:3b:c8:32:99:b7:d0:a6:
         c0:53:cf:58:84:0f:96:eb:80:20:ad:37:45:f9:b1:5d:99:1f:
         a0:e0:0b:af:a8:32:51:dd:4c:e3:96:c6:29:dd:6b:85:07:0f:
         74:68:de:43:a3:ed:dd:af:4c:14:2f:d5:9d:61:33:0e:6b:fe:
         3c:fc:e4:0d:9e:b3:30:18:11:fe:d3:2b:e9:20:2a:92:a1:37:
         73:6e:89:6d:1e:a1:b6:c5:c2:a1:f6:30:b7:b7:4e:a7:3a:b8:
         4d:8f:a4:d0:8c:ad:f7:25:df:b4:34:f2:44:a2:bf:6f:fa:97:
         f6:cd:82:3a:a1:8a:6a:f9:b9:84:51:55:51:28:5a:9a:90:b4:
         80:41:dd:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKQ7s0flgbJ8k7hy4Kz2psMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxNGI3YzM4ODAzM2UxNjIzZmM2ZDhiZWI3YWY1YzM5NDI1
MTkxZGIwHhcNMjUwNjA3MTIwMDQyWhcNMjUwNjA4MTIwMDQyWjAzMTEwLwYDVQQD
EyhhNDg3N2Y5NDAxYWExMGRlYWUwZGFiZTAzNzkxNWIwMTVlMWQyMTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0UVtKoZ9+ddOHCPEsViJnA9BVOK8
L1WQWTYLhT8tN85ChqiWr1959xPnu7InAeTitoY0+rQGXHZkvQ+zyis1Kj77UbsE
5POlxodUYl3JxHuAaBvly+gecjV/IdnbmKmwyqB+qso9lYQD3vuwzA7bVYOuR3p5
mSWqwcpN4jmrkmC8iBrs2YiVZ2HvUSmP4xi1Z10q69lGNuLOfIQzt4iF+y7GLToa
L/2MUz3hWn8OO7kMbpJesxnCpK8GVW5dRYtuKoEqxLvW/AMWQbEx+EvsOnkcFeYq
JA7p0+5eGP+UoBOwFkvLRgtRlI1iGhYG9c1oiX3IOS048UN4NE5yeU2bOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKSHf5QBqhDerg2r4DeRWwFeHSFnMB8GA1UdIwQY
MBaAFHFLfDiAM+FiP8bYvrevXDlCUZHbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1V0OE9JQXo0V0lfeHRpLXQ2OWNPVUpSa2RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9lMDU2NGQtOTQ1My00ZGMyLWFjYTIt
YTAzOGJlMTViOTdiLzEvY1V0OE9JQXo0V0lfeHRpLXQ2OWNPVUpSa2RzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9lMDU2NGQtOTQ1My00ZGMyLWFjYTItYTAzOGJlMTViOTdi
LzEvY1V0OE9JQXo0V0lfeHRpLXQ2OWNPVUpSa2RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASP0eix+y
/raNStjgdmhmdruRWOHtW0S3DHpNHjgaZldTYX1RmG7HxLFuLfMKdGgW9ts5xEeE
OBx1nuoqeDNvKbbWp2GfXQOxZz0ccUM2c1USTywK7c0viT/a+//a/y06fjvxhKM6
3b5d64hzAmcLvO93qrSFS2I7yDKZt9CmwFPPWIQPluuAIK03RfmxXZkfoOALr6gy
Ud1M45bGKd1rhQcPdGjeQ6Pt3a9MFC/VnWEzDmv+PPzkDZ6zMBgR/tMr6SAqkqE3
c26JbR6htsXCofYwt7dOpzq4TY+k0Iyt9yXftDTyRKK/b/qX9s2COqGKavm5hFFV
UShampC0gEHdwQ==
-----END CERTIFICATE-----