Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/745fcb-f472-4039-8b1d-44efd130659c/1/Ba5fI9uYP9E2rp1x6H4eUTC89tQ.mft
File:                     Ba5fI9uYP9E2rp1x6H4eUTC89tQ.mft (raw, json)
Hash identifier:          xZyTpI0uj3I9fOJ4Cd+asR2nmXhcZZU2FvdF3dVkVos=
Subject key identifier:   7B:F3:6D:BC:B9:0E:ED:52:62:53:E7:17:B3:E3:23:53:5D:C4:2E:89
Authority key identifier: 05:AE:5F:23:DB:98:3F:D1:36:AE:9D:71:E8:7E:1E:51:30:BC:F6:D4
Certificate issuer:       /CN=05ae5f23db983fd136ae9d71e87e1e5130bcf6d4
Certificate serial:       019765BAD4F2E36040BE7D76B8A2339D6DFD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ba5fI9uYP9E2rp1x6H4eUTC89tQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/745fcb-f472-4039-8b1d-44efd130659c/1/Ba5fI9uYP9E2rp1x6H4eUTC89tQ.mft
Manifest number:          158C
Signing time:             Thu 12 Jun 2025 20:00:32 +0000
Manifest this update:     Thu 12 Jun 2025 20:00:32 +0000
Manifest next update:     Fri 13 Jun 2025 20:00:32 +0000
Files and hashes:         1: Ba5fI9uYP9E2rp1x6H4eUTC89tQ.crl (hash: ipiR/NnFsNpheTjiwSFuM0yOTHT05rfIpiNAp8Wdtbc=)
                          2: xQ3PdmMDye_3ODxtjF3bxTEbrgU.roa (hash: OnYXJU1mRvo0V2FhsSO8D1b8k47DbXdYSrQ7JN4NAuQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/745fcb-f472-4039-8b1d-44efd130659c/1/Ba5fI9uYP9E2rp1x6H4eUTC89tQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/745fcb-f472-4039-8b1d-44efd130659c/1/Ba5fI9uYP9E2rp1x6H4eUTC89tQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ba5fI9uYP9E2rp1x6H4eUTC89tQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 13:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:65:ba:d4:f2:e3:60:40:be:7d:76:b8:a2:33:9d:6d:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05ae5f23db983fd136ae9d71e87e1e5130bcf6d4
        Validity
            Not Before: Jun 12 20:00:32 2025 GMT
            Not After : Jun 13 20:00:32 2025 GMT
        Subject: CN=7bf36dbcb90eed526253e717b3e323535dc42e89
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:13:d3:0f:4b:62:f1:11:1f:aa:6e:e3:c4:71:
                    b5:e0:ce:95:d3:3f:b6:f1:a0:a4:62:7a:52:3e:14:
                    07:6c:2e:5c:55:b4:39:a0:68:fa:5b:90:f0:15:59:
                    92:c2:31:d8:34:c9:f2:df:37:a1:e9:c9:d8:fe:5e:
                    cc:a8:63:bc:38:85:53:dd:16:77:37:dd:09:8b:b0:
                    1b:d3:6f:7d:37:0d:c8:32:4e:96:56:85:f1:e1:89:
                    02:e4:92:32:5e:ed:d7:d7:cc:23:64:17:bb:fb:92:
                    5b:8c:9e:e8:a7:dc:de:b9:1b:04:5c:28:a5:1c:5b:
                    57:6c:d0:44:2c:3a:37:c5:6c:3f:56:3b:c1:c7:c5:
                    88:2b:99:d2:62:75:b5:db:3b:74:d4:88:50:77:4d:
                    86:b2:31:dd:52:45:89:1a:c1:cb:66:16:fc:08:fa:
                    b1:00:58:d6:bd:57:4f:6c:72:87:66:db:87:e9:51:
                    bb:8e:42:cf:4b:d6:be:e7:92:5e:86:af:4c:40:4e:
                    1b:ca:ed:6f:6c:13:02:7b:36:d5:1c:fc:2b:52:e4:
                    98:44:cf:4b:67:9c:4e:64:6c:cc:b0:ba:e6:48:b6:
                    6d:f2:56:87:76:6c:bb:59:a1:f0:0a:89:d8:38:4d:
                    c5:66:91:bf:23:d6:17:4f:81:5b:c0:f9:57:b0:00:
                    99:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:F3:6D:BC:B9:0E:ED:52:62:53:E7:17:B3:E3:23:53:5D:C4:2E:89
            X509v3 Authority Key Identifier:
                keyid:05:AE:5F:23:DB:98:3F:D1:36:AE:9D:71:E8:7E:1E:51:30:BC:F6:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ba5fI9uYP9E2rp1x6H4eUTC89tQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/745fcb-f472-4039-8b1d-44efd130659c/1/Ba5fI9uYP9E2rp1x6H4eUTC89tQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/745fcb-f472-4039-8b1d-44efd130659c/1/Ba5fI9uYP9E2rp1x6H4eUTC89tQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:11:6f:3e:f6:db:26:48:8b:4a:a4:83:21:91:08:20:92:62:
         b5:d2:d5:a4:1c:35:7a:90:ca:6f:fe:24:b0:7a:8f:92:3b:26:
         03:a1:60:6c:06:74:a7:95:c2:98:5f:87:09:e9:43:3f:9c:a9:
         c3:f1:ea:11:54:fc:53:90:28:4a:71:01:b5:2f:31:57:64:0b:
         d7:2d:80:ae:e4:a8:ce:7b:c8:c1:d9:96:1a:48:81:b9:30:1a:
         f2:61:71:24:57:91:b4:2d:ee:08:a0:3e:5b:a6:ee:43:e3:7b:
         16:03:6d:77:6e:6b:a8:94:c4:ea:3f:cf:c2:9a:3f:8d:fe:c1:
         42:08:dc:06:06:25:55:89:f8:22:8f:ce:c7:75:fe:0f:04:41:
         42:7c:e3:71:96:64:91:70:9e:03:ba:d2:c3:01:17:8d:ea:b2:
         b9:f2:b4:cf:7d:2a:a9:99:a9:a8:48:d7:6e:c5:e8:46:76:96:
         57:42:8d:29:cb:61:08:92:0f:2b:9d:e3:fe:6b:51:d9:af:cb:
         ec:5e:24:97:1c:97:d6:de:92:47:a8:2d:c1:b2:f1:83:80:d5:
         b8:9b:44:c0:b0:46:4d:39:4b:60:e3:d9:29:b8:5b:92:ba:d6:
         9a:6f:da:10:2c:e2:ec:2c:b4:c4:46:93:dd:39:41:b7:e3:00:
         d3:84:37:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdlutTy42BAvn12uKIznW39MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YWU1ZjIzZGI5ODNmZDEzNmFlOWQ3MWU4N2UxZTUxMzBi
Y2Y2ZDQwHhcNMjUwNjEyMjAwMDMyWhcNMjUwNjEzMjAwMDMyWjAzMTEwLwYDVQQD
Eyg3YmYzNmRiY2I5MGVlZDUyNjI1M2U3MTdiM2UzMjM1MzVkYzQyZTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6xPTD0ti8REfqm7jxHG14M6V0z+2
8aCkYnpSPhQHbC5cVbQ5oGj6W5DwFVmSwjHYNMny3zeh6cnY/l7MqGO8OIVT3RZ3
N90Ji7Ab0299Nw3IMk6WVoXx4YkC5JIyXu3X18wjZBe7+5JbjJ7op9zeuRsEXCil
HFtXbNBELDo3xWw/VjvBx8WIK5nSYnW12zt01IhQd02GsjHdUkWJGsHLZhb8CPqx
AFjWvVdPbHKHZtuH6VG7jkLPS9a+55Jehq9MQE4byu1vbBMCezbVHPwrUuSYRM9L
Z5xOZGzMsLrmSLZt8laHdmy7WaHwConYOE3FZpG/I9YXT4FbwPlXsACZSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHvzbby5Du1SYlPnF7PjI1NdxC6JMB8GA1UdIwQY
MBaAFAWuXyPbmD/RNq6dceh+HlEwvPbUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmE1Zkk5dVlQOUUycnAxeDZINGVVVEM4OXRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS83NDVmY2ItZjQ3Mi00MDM5LThiMWQt
NDRlZmQxMzA2NTljLzEvQmE1Zkk5dVlQOUUycnAxeDZINGVVVEM4OXRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS83NDVmY2ItZjQ3Mi00MDM5LThiMWQtNDRlZmQxMzA2NTlj
LzEvQmE1Zkk5dVlQOUUycnAxeDZINGVVVEM4OXRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjBFvPvbb
JkiLSqSDIZEIIJJitdLVpBw1epDKb/4ksHqPkjsmA6FgbAZ0p5XCmF+HCelDP5yp
w/HqEVT8U5AoSnEBtS8xV2QL1y2AruSoznvIwdmWGkiBuTAa8mFxJFeRtC3uCKA+
W6buQ+N7FgNtd25rqJTE6j/Pwpo/jf7BQgjcBgYlVYn4Io/Ox3X+DwRBQnzjcZZk
kXCeA7rSwwEXjeqyufK0z30qqZmpqEjXbsXoRnaWV0KNKcthCJIPK53j/mtR2a/L
7F4klxyX1t6SR6gtwbLxg4DVuJtEwLBGTTlLYOPZKbhbkrrWmm/aECzi7Cy0xEaT
3TlBt+MA04Q3xQ==
-----END CERTIFICATE-----
Generated at Thu Jun 12 22:01:48 2025 by rpki-client