Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft
File:                     I1PVKkAkkfT5n-VHG90aXdb0K7w.mft (raw, json)
Hash identifier:          0i58Ox2FPx8pZF+fT5KcDyddyzcohcJ7KRrvBinafgE=
Subject key identifier:   DF:D4:B3:09:08:D1:6C:D4:ED:6A:3A:62:C6:C5:42:96:3E:93:2D:E2
Authority key identifier: 23:53:D5:2A:40:24:91:F4:F9:9F:E5:47:1B:DD:1A:5D:D6:F4:2B:BC
Certificate issuer:       /CN=2353d52a402491f4f99fe5471bdd1a5dd6f42bbc
Certificate serial:       019748FA988F1FB3132AF7BF6DDD91FF2698
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I1PVKkAkkfT5n-VHG90aXdb0K7w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft
Manifest number:          1576
Signing time:             Sat 07 Jun 2025 06:01:11 +0000
Manifest this update:     Sat 07 Jun 2025 06:01:11 +0000
Manifest next update:     Sun 08 Jun 2025 06:01:11 +0000
Files and hashes:         1: I1PVKkAkkfT5n-VHG90aXdb0K7w.crl (hash: G3jCAQEx1zeG6yoeizoRkyGlIagHD3qQoB+zW8ILRag=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I1PVKkAkkfT5n-VHG90aXdb0K7w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:fa:98:8f:1f:b3:13:2a:f7:bf:6d:dd:91:ff:26:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2353d52a402491f4f99fe5471bdd1a5dd6f42bbc
        Validity
            Not Before: Jun  7 06:01:11 2025 GMT
            Not After : Jun  8 06:01:11 2025 GMT
        Subject: CN=dfd4b30908d16cd4ed6a3a62c6c542963e932de2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:30:bc:8f:49:df:22:18:60:7b:0b:30:76:aa:
                    40:a8:56:bf:b8:68:0b:69:b9:fc:f7:5b:58:33:4b:
                    d9:b3:e2:e1:b0:56:f1:eb:c9:19:db:56:c6:c5:0e:
                    70:2a:7e:79:1b:b0:4f:18:0c:eb:6f:6c:c0:67:7b:
                    58:ec:6e:c0:63:ec:e0:6d:5f:df:9b:15:b3:cd:30:
                    fb:9f:f5:68:2a:3c:fb:6a:45:3f:c6:76:0e:a1:30:
                    58:d6:25:93:bf:4d:c6:ba:71:bf:6e:2c:c5:96:30:
                    cb:af:df:f8:a1:ab:47:4c:d4:2f:f2:bc:3b:7e:e8:
                    65:96:f8:38:ac:8f:00:11:49:92:2b:54:19:c7:a1:
                    d0:e4:77:92:e0:ab:a3:14:82:8f:56:9d:ca:e6:77:
                    9f:8d:ff:fe:43:86:05:01:39:d2:e8:61:5d:9c:1b:
                    3b:d8:67:7f:73:39:dc:88:e1:d8:4d:a0:63:ca:58:
                    f0:e0:4e:9c:43:68:4f:ac:b3:06:00:ae:86:7c:11:
                    05:6e:1a:82:3a:df:c9:27:f2:81:96:b5:de:ce:eb:
                    03:82:d9:25:89:2f:d8:7b:5c:77:1c:dc:fa:7b:7e:
                    55:b0:ea:2f:0c:64:4b:5c:62:36:09:0c:28:37:36:
                    fa:01:34:59:5b:37:ea:88:19:07:de:06:26:a3:dd:
                    9f:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:D4:B3:09:08:D1:6C:D4:ED:6A:3A:62:C6:C5:42:96:3E:93:2D:E2
            X509v3 Authority Key Identifier:
                keyid:23:53:D5:2A:40:24:91:F4:F9:9F:E5:47:1B:DD:1A:5D:D6:F4:2B:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I1PVKkAkkfT5n-VHG90aXdb0K7w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:c9:39:5b:9c:10:77:92:2e:65:38:73:79:17:6f:e1:9b:1f:
         cc:8e:f3:54:df:cc:e9:f7:47:16:a9:76:8f:69:ce:1f:28:30:
         82:0c:90:31:ce:29:66:31:25:1b:0e:fd:cf:3d:cc:dc:9e:34:
         05:75:70:cf:2e:fa:ec:a6:17:20:a4:f5:39:dd:8d:97:c9:75:
         55:b6:4d:a8:5d:b5:5a:10:e0:5b:70:14:7d:98:b7:de:4e:6f:
         2e:34:f8:a9:1e:89:9a:bf:f1:f9:d0:d3:01:1e:22:08:65:0b:
         e6:89:06:c2:08:33:8a:de:dc:ba:50:7d:69:87:3d:2a:ae:19:
         f0:69:01:d7:f2:c8:1c:95:35:93:30:56:5e:75:91:f2:98:6f:
         ab:5c:d3:5a:c1:0a:7c:92:c3:e9:f4:d5:48:f3:78:0e:16:4b:
         87:29:23:e1:03:ec:b5:e3:7a:47:7d:1d:b2:0a:0e:2c:19:45:
         72:1b:85:1b:20:fc:e6:75:9b:22:58:91:68:a4:52:7e:ab:ca:
         35:76:2b:e7:8d:7b:3a:99:2f:9d:f8:db:5f:58:9e:75:a1:ec:
         89:00:33:8d:67:59:99:5f:a5:51:00:8d:8e:4f:83:f0:7e:11:
         d5:3e:bd:ad:16:a9:0f:85:e9:d8:45:c8:19:87:51:fe:d1:0e:
         bb:fc:18:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdI+piPH7MTKve/bd2R/yaYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNTNkNTJhNDAyNDkxZjRmOTlmZTU0NzFiZGQxYTVkZDZm
NDJiYmMwHhcNMjUwNjA3MDYwMTExWhcNMjUwNjA4MDYwMTExWjAzMTEwLwYDVQQD
EyhkZmQ0YjMwOTA4ZDE2Y2Q0ZWQ2YTNhNjJjNmM1NDI5NjNlOTMyZGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0TC8j0nfIhhgewswdqpAqFa/uGgL
abn891tYM0vZs+LhsFbx68kZ21bGxQ5wKn55G7BPGAzrb2zAZ3tY7G7AY+zgbV/f
mxWzzTD7n/VoKjz7akU/xnYOoTBY1iWTv03GunG/bizFljDLr9/4oatHTNQv8rw7
fuhllvg4rI8AEUmSK1QZx6HQ5HeS4KujFIKPVp3K5nefjf/+Q4YFATnS6GFdnBs7
2Gd/cznciOHYTaBjyljw4E6cQ2hPrLMGAK6GfBEFbhqCOt/JJ/KBlrXezusDgtkl
iS/Ye1x3HNz6e35VsOovDGRLXGI2CQwoNzb6ATRZWzfqiBkH3gYmo92fvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN/UswkI0WzU7Wo6YsbFQpY+ky3iMB8GA1UdIwQY
MBaAFCNT1SpAJJH0+Z/lRxvdGl3W9Cu8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTFQVktrQWtrZlQ1bi1WSEc5MGFYZGIwSzd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xZjFhZjYtZGQxYi00MTE3LWFjMTct
ZGVhYjg1ODZmMmNlLzEvSTFQVktrQWtrZlQ1bi1WSEc5MGFYZGIwSzd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xZjFhZjYtZGQxYi00MTE3LWFjMTctZGVhYjg1ODZmMmNl
LzEvSTFQVktrQWtrZlQ1bi1WSEc5MGFYZGIwSzd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUsk5W5wQ
d5IuZThzeRdv4ZsfzI7zVN/M6fdHFql2j2nOHygwggyQMc4pZjElGw79zz3M3J40
BXVwzy767KYXIKT1Od2Nl8l1VbZNqF21WhDgW3AUfZi33k5vLjT4qR6Jmr/x+dDT
AR4iCGUL5okGwggzit7culB9aYc9Kq4Z8GkB1/LIHJU1kzBWXnWR8phvq1zTWsEK
fJLD6fTVSPN4DhZLhykj4QPsteN6R30dsgoOLBlFchuFGyD85nWbIliRaKRSfqvK
NXYr5417OpkvnfjbX1iedaHsiQAzjWdZmV+lUQCNjk+D8H4R1T69rRapD4Xp2EXI
GYdR/tEOu/wYaA==
-----END CERTIFICATE-----