Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.mft
File:                     TJ2SOjtDQWlZV2vLQAQWylz2Bg0.mft (raw, json)
Hash identifier:          b+LhCps9IXJTaA2YzzHD/6E6SboHCJJU4rwavC5QM+8=
Subject key identifier:   1C:B6:AD:6D:A5:27:33:DF:FB:2F:1C:51:36:60:DC:F1:66:F7:A6:17
Authority key identifier: 4C:9D:92:3A:3B:43:41:69:59:57:6B:CB:40:04:16:CA:5C:F6:06:0D
Certificate issuer:       /CN=4c9d923a3b43416959576bcb400416ca5cf6060d
Certificate serial:       01974A7B354C0787E826662475C54A95F59C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.mft
Manifest number:          06ED
Signing time:             Sat 07 Jun 2025 13:01:17 +0000
Manifest this update:     Sat 07 Jun 2025 13:01:17 +0000
Manifest next update:     Sun 08 Jun 2025 13:01:17 +0000
Files and hashes:         1: TJ2SOjtDQWlZV2vLQAQWylz2Bg0.crl (hash: y6R1hCuupUhrV4I8cc1lffLJqfKBqTK2LYQ3LRQOL+4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 11:24:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7b:35:4c:07:87:e8:26:66:24:75:c5:4a:95:f5:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c9d923a3b43416959576bcb400416ca5cf6060d
        Validity
            Not Before: Jun  7 13:01:17 2025 GMT
            Not After : Jun  8 13:01:17 2025 GMT
        Subject: CN=1cb6ad6da52733dffb2f1c513660dcf166f7a617
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:90:df:ca:5a:2f:8f:78:7c:f6:4d:e1:c7:fe:
                    49:ca:31:08:21:66:a0:ce:c5:de:25:f1:74:7c:be:
                    b6:3c:52:6e:71:26:9d:0d:57:4d:6d:da:b2:04:2b:
                    17:c2:95:f7:d9:5d:60:1e:f6:8c:51:17:f3:98:4c:
                    f6:97:1a:b8:0d:39:93:2e:d6:36:fb:5f:87:ac:24:
                    bf:4c:a1:5e:8c:ee:fc:70:a7:f8:14:26:7f:fb:88:
                    72:18:52:7a:4a:ab:73:cb:87:d7:6a:d9:58:ec:81:
                    ad:ee:ab:3f:84:7f:23:eb:79:f8:86:00:08:3d:ea:
                    33:c4:09:24:e4:14:3f:58:7b:21:fc:a4:a7:55:c0:
                    79:1e:f6:4b:c2:66:09:62:31:ea:37:05:45:27:ef:
                    9d:7f:52:3d:fc:63:eb:df:f8:1f:e3:30:52:70:b8:
                    45:26:33:7d:37:60:2e:52:ed:6e:a4:b2:09:a6:42:
                    9e:07:c7:21:45:62:0f:97:56:72:39:f3:b4:86:ec:
                    52:b4:8e:3b:ab:25:b4:c6:9e:fa:1d:2c:62:75:9f:
                    3a:77:14:b3:93:8b:d7:b1:4b:0f:e7:de:47:a2:b2:
                    16:9c:5e:7c:7a:29:4c:46:82:71:6e:5f:3f:78:07:
                    8f:f5:fa:91:f9:8f:9a:2a:22:b8:32:6c:15:16:8a:
                    bb:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:B6:AD:6D:A5:27:33:DF:FB:2F:1C:51:36:60:DC:F1:66:F7:A6:17
            X509v3 Authority Key Identifier:
                keyid:4C:9D:92:3A:3B:43:41:69:59:57:6B:CB:40:04:16:CA:5C:F6:06:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:89:11:fe:ae:1e:4f:d4:17:45:94:d0:1f:89:67:11:58:e4:
         fc:bd:cd:df:86:c3:73:5e:27:83:99:c0:64:5c:e2:78:d4:a0:
         0c:97:d3:88:90:72:9e:8e:f9:95:93:35:a5:7a:d4:7f:41:19:
         31:c9:04:9a:19:63:5d:6f:fd:4e:fb:fa:4f:59:fe:e0:d5:8d:
         7e:7f:cf:99:de:81:9a:f7:89:46:ce:21:5e:06:06:83:0f:ed:
         95:19:69:c2:1b:66:bc:c0:37:c9:e2:d9:60:76:a3:48:62:ec:
         f1:99:5d:1e:b3:2e:c9:b6:ef:e1:22:b4:6f:4e:3a:42:46:ef:
         19:ba:2b:dc:7b:9f:05:c6:75:3e:b6:0e:22:22:1b:b6:af:da:
         1e:59:f8:55:8a:bb:28:51:30:be:96:ff:c7:64:94:1f:ba:b1:
         01:26:98:f4:03:e1:95:5c:e2:62:07:63:a7:ac:72:fc:2d:2e:
         3c:7e:e9:3c:63:16:61:58:31:51:a9:00:b5:db:e2:e9:a1:37:
         1f:04:91:24:50:f3:5a:28:27:44:43:a1:ef:f8:6d:33:08:f8:
         7c:6f:1b:e1:36:26:11:49:a8:22:65:b6:77:b4:19:46:eb:f1:
         8c:13:a0:cd:6d:73:3b:8d:78:26:1c:d0:90:85:8e:a9:f1:67:
         33:24:10:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKezVMB4foJmYkdcVKlfWcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjOWQ5MjNhM2I0MzQxNjk1OTU3NmJjYjQwMDQxNmNhNWNm
NjA2MGQwHhcNMjUwNjA3MTMwMTE3WhcNMjUwNjA4MTMwMTE3WjAzMTEwLwYDVQQD
EygxY2I2YWQ2ZGE1MjczM2RmZmIyZjFjNTEzNjYwZGNmMTY2ZjdhNjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz5Dfylovj3h89k3hx/5JyjEIIWag
zsXeJfF0fL62PFJucSadDVdNbdqyBCsXwpX32V1gHvaMURfzmEz2lxq4DTmTLtY2
+1+HrCS/TKFejO78cKf4FCZ/+4hyGFJ6Sqtzy4fXatlY7IGt7qs/hH8j63n4hgAI
PeozxAkk5BQ/WHsh/KSnVcB5HvZLwmYJYjHqNwVFJ++df1I9/GPr3/gf4zBScLhF
JjN9N2AuUu1upLIJpkKeB8chRWIPl1ZyOfO0huxStI47qyW0xp76HSxidZ86dxSz
k4vXsUsP595HorIWnF58eilMRoJxbl8/eAeP9fqR+Y+aKiK4MmwVFoq7IwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBy2rW2lJzPf+y8cUTZg3PFm96YXMB8GA1UdIwQY
MBaAFEydkjo7Q0FpWVdry0AEFspc9gYNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEoyU09qdERRV2xaVjJ2TFFBUVd5bHoyQmcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9lNzFjOWMtZjU4OS00NzZjLWIwODAt
YzAxZGI5ZDUzNDc5LzEvVEoyU09qdERRV2xaVjJ2TFFBUVd5bHoyQmcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9lNzFjOWMtZjU4OS00NzZjLWIwODAtYzAxZGI5ZDUzNDc5
LzEvVEoyU09qdERRV2xaVjJ2TFFBUVd5bHoyQmcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWYkR/q4e
T9QXRZTQH4lnEVjk/L3N34bDc14ng5nAZFzieNSgDJfTiJByno75lZM1pXrUf0EZ
MckEmhljXW/9Tvv6T1n+4NWNfn/Pmd6BmveJRs4hXgYGgw/tlRlpwhtmvMA3yeLZ
YHajSGLs8ZldHrMuybbv4SK0b046QkbvGbor3HufBcZ1PrYOIiIbtq/aHln4VYq7
KFEwvpb/x2SUH7qxASaY9APhlVziYgdjp6xy/C0uPH7pPGMWYVgxUakAtdvi6aE3
HwSRJFDzWignREOh7/htMwj4fG8b4TYmEUmoImW2d7QZRuvxjBOgzW1zO414JhzQ
kIWOqfFnMyQQqA==
-----END CERTIFICATE-----