Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/87aa20-222c-4acb-b291-f629508c072d/1/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.mft
File:                     IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.mft (raw, json)
Hash identifier:          3T4EWcmAAG/sthEYspQ0NqEWUYBAmT1aMvSfa2VNLDY=
Subject key identifier:   8B:98:2E:04:E9:AC:E9:05:E0:6E:76:F1:35:E1:5C:6D:F5:9F:94:59
Authority key identifier: 22:FB:EF:69:5F:A9:5D:0C:95:90:9E:51:AA:1F:AB:94:FC:40:26:7D
Certificate issuer:       /CN=22fbef695fa95d0c95909e51aa1fab94fc40267d
Certificate serial:       019749684432A3BCD6BF925ED8BC313675E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/87aa20-222c-4acb-b291-f629508c072d/1/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.mft
Manifest number:          0B4D
Signing time:             Sat 07 Jun 2025 08:00:59 +0000
Manifest this update:     Sat 07 Jun 2025 08:00:59 +0000
Manifest next update:     Sun 08 Jun 2025 08:00:59 +0000
Files and hashes:         1: IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.crl (hash: uqTbBuFAqNTxHhqtPG2HHVFNexAdr7aLPZOZgV/TKoM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/82/87aa20-222c-4acb-b291-f629508c072d/1/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/82/87aa20-222c-4acb-b291-f629508c072d/1/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 08:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:68:44:32:a3:bc:d6:bf:92:5e:d8:bc:31:36:75:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22fbef695fa95d0c95909e51aa1fab94fc40267d
        Validity
            Not Before: Jun  7 08:00:59 2025 GMT
            Not After : Jun  8 08:00:59 2025 GMT
        Subject: CN=8b982e04e9ace905e06e76f135e15c6df59f9459
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:e4:d6:71:ba:4a:dd:dc:40:76:2b:9a:a8:3f:
                    12:73:96:b1:ee:54:d0:3f:e8:1e:c7:90:d2:7a:2a:
                    38:75:75:95:5b:83:c3:df:8d:bd:d0:a0:a5:0b:93:
                    5d:37:bb:8b:e6:ad:13:60:f7:fa:1b:83:0b:b5:0e:
                    48:fe:5a:54:77:f3:a1:6e:6f:0a:ce:5f:f7:2d:a9:
                    ee:04:51:cd:74:8b:5c:47:c3:27:86:f7:b8:2e:36:
                    ba:17:38:31:38:e6:c4:4a:31:36:67:55:c6:5e:e6:
                    94:10:88:a1:85:f1:ca:b4:35:8c:74:cb:62:c9:43:
                    5c:16:50:4b:43:1c:96:66:5b:f9:79:f5:3e:bb:9c:
                    31:3f:b3:1d:c5:f0:c8:f7:ef:62:e8:78:40:86:0f:
                    c2:41:1c:8b:09:c9:bb:29:68:24:64:e0:d5:54:9e:
                    f5:66:ce:82:da:19:56:2f:b1:b5:d5:0a:cb:c6:d9:
                    11:49:eb:a4:c6:2b:f3:66:0d:d5:e7:ae:31:da:1c:
                    c6:d0:d9:9a:61:da:17:9e:30:74:a0:5e:4f:c9:15:
                    af:15:ba:5a:ea:65:5a:56:5c:7d:52:84:9e:ae:12:
                    58:09:44:6d:47:a2:de:31:7a:16:56:f5:ab:92:22:
                    9e:0b:f7:96:0b:c6:f7:09:01:45:f6:fe:33:f3:73:
                    5e:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:98:2E:04:E9:AC:E9:05:E0:6E:76:F1:35:E1:5C:6D:F5:9F:94:59
            X509v3 Authority Key Identifier:
                keyid:22:FB:EF:69:5F:A9:5D:0C:95:90:9E:51:AA:1F:AB:94:FC:40:26:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/87aa20-222c-4acb-b291-f629508c072d/1/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/87aa20-222c-4acb-b291-f629508c072d/1/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b7:37:f3:28:a7:7d:8e:a5:53:cd:77:22:f0:88:6c:77:f1:dc:
         7e:cb:51:20:ac:b6:88:4c:e1:58:47:39:04:66:8e:00:44:5c:
         16:af:de:7f:f7:f2:54:f9:e1:bf:7e:9f:f1:fc:a8:72:ce:aa:
         c5:0a:2d:c0:b1:ce:8b:3e:65:98:8c:bf:ce:8b:22:f3:94:47:
         3b:fd:b5:9b:53:1f:5b:ec:ae:88:83:c3:a6:f2:fd:a0:6b:da:
         2e:63:e2:8b:0d:93:9a:50:31:d0:0f:38:31:2e:27:96:f8:3b:
         86:e8:cd:d1:66:0f:0f:92:8e:41:14:ba:3f:dd:bd:ed:a1:14:
         7e:1a:85:d2:80:f1:f8:c4:31:9e:98:f6:7b:d4:ca:cc:f6:22:
         53:ff:74:02:3f:c7:31:74:30:b7:f0:96:96:46:fa:11:5d:bc:
         09:9b:50:1c:fe:66:70:89:d0:21:ed:83:9e:e0:0b:d9:19:e8:
         a9:0b:14:38:58:75:fb:43:cf:ff:65:5f:2d:26:63:ef:d3:13:
         fd:69:be:7a:29:e4:34:2b:00:1b:7f:0e:48:55:aa:1c:79:f7:
         58:4b:82:6f:9f:0c:4b:d3:5d:e7:d7:76:f3:ee:88:84:39:50:
         78:92:51:fa:40:72:05:31:b3:5f:17:c3:e5:4f:dc:d5:0c:3d:
         22:53:35:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJaEQyo7zWv5Je2LwxNnXgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZmJlZjY5NWZhOTVkMGM5NTkwOWU1MWFhMWZhYjk0ZmM0
MDI2N2QwHhcNMjUwNjA3MDgwMDU5WhcNMjUwNjA4MDgwMDU5WjAzMTEwLwYDVQQD
Eyg4Yjk4MmUwNGU5YWNlOTA1ZTA2ZTc2ZjEzNWUxNWM2ZGY1OWY5NDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+TWcbpK3dxAdiuaqD8Sc5ax7lTQ
P+gex5DSeio4dXWVW4PD34290KClC5NdN7uL5q0TYPf6G4MLtQ5I/lpUd/Ohbm8K
zl/3LanuBFHNdItcR8Mnhve4Lja6FzgxOObESjE2Z1XGXuaUEIihhfHKtDWMdMti
yUNcFlBLQxyWZlv5efU+u5wxP7MdxfDI9+9i6HhAhg/CQRyLCcm7KWgkZODVVJ71
Zs6C2hlWL7G11QrLxtkRSeukxivzZg3V564x2hzG0NmaYdoXnjB0oF5PyRWvFbpa
6mVaVlx9UoSerhJYCURtR6LeMXoWVvWrkiKeC/eWC8b3CQFF9v4z83NeiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIuYLgTprOkF4G528TXhXG31n5RZMB8GA1UdIwQY
MBaAFCL772lfqV0MlZCeUaofq5T8QCZ9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZ2dmFWLXBYUXlWa0o1UnFoLXJsUHhBSm4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi84N2FhMjAtMjIyYy00YWNiLWIyOTEt
ZjYyOTUwOGMwNzJkLzEvSXZ2dmFWLXBYUXlWa0o1UnFoLXJsUHhBSm4wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi84N2FhMjAtMjIyYy00YWNiLWIyOTEtZjYyOTUwOGMwNzJk
LzEvSXZ2dmFWLXBYUXlWa0o1UnFoLXJsUHhBSm4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtzfzKKd9
jqVTzXci8Ihsd/HcfstRIKy2iEzhWEc5BGaOAERcFq/ef/fyVPnhv36f8fyocs6q
xQotwLHOiz5lmIy/zosi85RHO/21m1MfW+yuiIPDpvL9oGvaLmPiiw2TmlAx0A84
MS4nlvg7hujN0WYPD5KOQRS6P9297aEUfhqF0oDx+MQxnpj2e9TKzPYiU/90Aj/H
MXQwt/CWlkb6EV28CZtQHP5mcInQIe2DnuAL2RnoqQsUOFh1+0PP/2VfLSZj79MT
/Wm+einkNCsAG38OSFWqHHn3WEuCb58MS9Nd59d28+6IhDlQeJJR+kByBTGzXxfD
5U/c1Qw9IlM1hQ==
-----END CERTIFICATE-----