Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft
File:                     ulwqMT590aRJ4sH7JsWrA-UmgY0.mft (raw, json)
Hash identifier:          BiYoxw6gJZbE7ttlijo773bvEiaTt2DPrMTILQyd3UA=
Subject key identifier:   7F:89:9E:C5:E6:8D:55:FA:57:51:28:59:E2:5D:3C:3C:BF:9E:FE:88
Authority key identifier: BA:5C:2A:31:3E:7D:D1:A4:49:E2:C1:FB:26:C5:AB:03:E5:26:81:8D
Certificate issuer:       /CN=ba5c2a313e7dd1a449e2c1fb26c5ab03e526818d
Certificate serial:       01974D7BD95D8C8FAF434FC60064FE33A142
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ulwqMT590aRJ4sH7JsWrA-UmgY0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft
Manifest number:          02AB
Signing time:             Sun 08 Jun 2025 03:00:51 +0000
Manifest this update:     Sun 08 Jun 2025 03:00:51 +0000
Manifest next update:     Mon 09 Jun 2025 03:00:51 +0000
Files and hashes:         1: ulwqMT590aRJ4sH7JsWrA-UmgY0.crl (hash: AuNAKyQerzPk6I06cRJXxo3k9hrDAyKmefLaWd/dSvc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ulwqMT590aRJ4sH7JsWrA-UmgY0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4d:7b:d9:5d:8c:8f:af:43:4f:c6:00:64:fe:33:a1:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba5c2a313e7dd1a449e2c1fb26c5ab03e526818d
        Validity
            Not Before: Jun  8 03:00:51 2025 GMT
            Not After : Jun  9 03:00:51 2025 GMT
        Subject: CN=7f899ec5e68d55fa57512859e25d3c3cbf9efe88
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:9f:b2:2f:2b:05:5b:1c:14:ae:53:13:67:34:
                    49:90:d5:25:56:61:ec:38:f1:0c:4d:ad:46:fc:34:
                    a4:66:18:aa:ae:4e:cb:e8:b6:13:68:ec:fe:9b:eb:
                    9c:1b:c9:f3:61:9e:b1:20:8c:e3:d8:88:64:f5:8b:
                    4a:e8:cb:e9:99:67:13:9d:16:05:05:a8:09:dc:90:
                    71:81:31:20:ac:d5:29:59:0d:37:0e:e1:7f:8f:fa:
                    61:27:64:24:1b:d9:28:af:e3:6e:14:71:bf:2c:54:
                    7c:d1:9d:8f:38:d6:80:84:8e:7c:8b:5b:2c:b5:c4:
                    4f:41:d5:16:1d:bd:36:37:8b:00:58:6b:b7:f0:9c:
                    3e:59:5f:35:22:79:a2:e7:19:0a:5d:7d:c2:27:a6:
                    7a:47:9d:1e:4f:02:3a:b4:e8:6e:d0:c4:2f:52:b5:
                    4f:bc:32:bf:ad:78:c8:a0:27:92:df:8c:f5:11:64:
                    47:a8:14:0f:f6:95:c8:22:58:a1:f2:5a:d1:b9:bd:
                    b5:2c:9b:a7:36:05:5f:70:b6:3a:70:a9:d1:56:52:
                    85:bb:82:03:f6:94:85:df:7e:cb:f1:15:11:8c:cb:
                    87:e8:16:6f:90:11:80:1f:92:16:69:7c:8d:f6:47:
                    e0:80:f3:40:89:9d:ff:fd:1b:65:59:bd:bc:00:8f:
                    0f:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:89:9E:C5:E6:8D:55:FA:57:51:28:59:E2:5D:3C:3C:BF:9E:FE:88
            X509v3 Authority Key Identifier:
                keyid:BA:5C:2A:31:3E:7D:D1:A4:49:E2:C1:FB:26:C5:AB:03:E5:26:81:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ulwqMT590aRJ4sH7JsWrA-UmgY0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:83:b0:b0:af:91:95:8e:a4:c7:37:82:50:ac:e7:42:55:53:
         07:2e:7b:5e:58:a3:87:be:76:a8:62:6b:df:3f:f1:db:94:f8:
         36:a8:bb:1d:13:24:ab:f6:b2:51:bd:ba:6b:94:ba:0f:30:c0:
         65:1e:f3:51:95:1e:8e:14:63:1e:31:ea:43:31:d7:a1:4e:e4:
         36:a1:8b:43:55:f1:8c:50:13:83:0a:c8:68:59:af:97:f9:25:
         92:a1:61:a1:59:a8:29:12:c1:2b:6f:4d:7e:b1:97:1d:6f:a7:
         c4:64:61:ef:a4:77:a5:7b:1e:a4:79:21:f1:1c:d7:58:fd:e5:
         12:26:2c:22:a3:57:ad:5b:0e:ed:88:d1:ac:eb:61:ce:8f:2f:
         cd:f1:17:4e:64:ef:9f:66:8f:1c:53:e3:3e:d9:4b:8b:89:7d:
         62:9b:a2:a9:b4:36:ec:c2:ab:f7:80:0d:12:32:7b:40:13:37:
         cb:e8:7e:0b:5c:aa:c9:4e:f4:e5:c7:2c:5a:0a:a5:7a:91:c2:
         c5:e7:bb:bd:7d:72:69:e5:d0:bb:25:46:1e:cd:a8:30:1a:46:
         91:d3:4b:35:d1:7f:92:7c:ef:d2:62:5f:a7:f9:07:13:06:13:
         ec:5b:1f:da:1e:9f:e4:a1:70:38:cd:19:72:6d:2f:4f:f2:21:
         68:e2:01:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdNe9ldjI+vQ0/GAGT+M6FCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNWMyYTMxM2U3ZGQxYTQ0OWUyYzFmYjI2YzVhYjAzZTUy
NjgxOGQwHhcNMjUwNjA4MDMwMDUxWhcNMjUwNjA5MDMwMDUxWjAzMTEwLwYDVQQD
Eyg3Zjg5OWVjNWU2OGQ1NWZhNTc1MTI4NTllMjVkM2MzY2JmOWVmZTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5p+yLysFWxwUrlMTZzRJkNUlVmHs
OPEMTa1G/DSkZhiqrk7L6LYTaOz+m+ucG8nzYZ6xIIzj2Ihk9YtK6MvpmWcTnRYF
BagJ3JBxgTEgrNUpWQ03DuF/j/phJ2QkG9kor+NuFHG/LFR80Z2PONaAhI58i1ss
tcRPQdUWHb02N4sAWGu38Jw+WV81Inmi5xkKXX3CJ6Z6R50eTwI6tOhu0MQvUrVP
vDK/rXjIoCeS34z1EWRHqBQP9pXIIlih8lrRub21LJunNgVfcLY6cKnRVlKFu4ID
9pSF337L8RURjMuH6BZvkBGAH5IWaXyN9kfggPNAiZ3//RtlWb28AI8PLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH+JnsXmjVX6V1EoWeJdPDy/nv6IMB8GA1UdIwQY
MBaAFLpcKjE+fdGkSeLB+ybFqwPlJoGNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWx3cU1UNTkwYVJKNHNIN0pzV3JBLVVtZ1kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9mOGVhOTgtNGZiYy00ZjNlLWI2NTgt
ZTBhN2FlMjE2Y2I3LzEvdWx3cU1UNTkwYVJKNHNIN0pzV3JBLVVtZ1kwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9mOGVhOTgtNGZiYy00ZjNlLWI2NTgtZTBhN2FlMjE2Y2I3
LzEvdWx3cU1UNTkwYVJKNHNIN0pzV3JBLVVtZ1kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG4OwsK+R
lY6kxzeCUKznQlVTBy57Xlijh752qGJr3z/x25T4Nqi7HRMkq/ayUb26a5S6DzDA
ZR7zUZUejhRjHjHqQzHXoU7kNqGLQ1XxjFATgwrIaFmvl/klkqFhoVmoKRLBK29N
frGXHW+nxGRh76R3pXsepHkh8RzXWP3lEiYsIqNXrVsO7YjRrOthzo8vzfEXTmTv
n2aPHFPjPtlLi4l9YpuiqbQ27MKr94ANEjJ7QBM3y+h+C1yqyU705ccsWgqlepHC
xee7vX1yaeXQuyVGHs2oMBpGkdNLNdF/knzv0mJfp/kHEwYT7Fsf2h6f5KFwOM0Z
cm0vT/IhaOIB1Q==
-----END CERTIFICATE-----