Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/03d3fa-9e22-441e-b5c5-d203e20018f5/1/ulnZ9a887kQgFLc1lhxzuWkmDhk.mft
File:                     ulnZ9a887kQgFLc1lhxzuWkmDhk.mft (raw, json)
Hash identifier:          9R3+OkhRLN2iG+6nr7280qOOPFfhKibLWrV+3RLGEKQ=
Subject key identifier:   F1:C4:C7:8D:F2:14:B6:1D:9D:64:1C:70:F6:30:4F:7C:9E:29:6B:8B
Authority key identifier: BA:59:D9:F5:AF:3C:EE:44:20:14:B7:35:96:1C:73:B9:69:26:0E:19
Certificate issuer:       /CN=ba59d9f5af3cee442014b735961c73b969260e19
Certificate serial:       0197469DFA961DF0AF6FC92078C3CE2D47B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ulnZ9a887kQgFLc1lhxzuWkmDhk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ad/03d3fa-9e22-441e-b5c5-d203e20018f5/1/ulnZ9a887kQgFLc1lhxzuWkmDhk.mft
Manifest number:          1576
Signing time:             Fri 06 Jun 2025 19:00:47 +0000
Manifest this update:     Fri 06 Jun 2025 19:00:47 +0000
Manifest next update:     Sat 07 Jun 2025 19:00:47 +0000
Files and hashes:         1: ulnZ9a887kQgFLc1lhxzuWkmDhk.crl (hash: 4G3nX0owI/KrsYqtiamB+8u9dcTMB/yX57dVz/ckzkU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ad/03d3fa-9e22-441e-b5c5-d203e20018f5/1/ulnZ9a887kQgFLc1lhxzuWkmDhk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ad/03d3fa-9e22-441e-b5c5-d203e20018f5/1/ulnZ9a887kQgFLc1lhxzuWkmDhk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ulnZ9a887kQgFLc1lhxzuWkmDhk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 19:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:46:9d:fa:96:1d:f0:af:6f:c9:20:78:c3:ce:2d:47:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba59d9f5af3cee442014b735961c73b969260e19
        Validity
            Not Before: Jun  6 19:00:47 2025 GMT
            Not After : Jun  7 19:00:47 2025 GMT
        Subject: CN=f1c4c78df214b61d9d641c70f6304f7c9e296b8b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:42:15:8f:b7:03:61:f6:48:a6:6b:48:b2:93:
                    77:31:b6:df:d8:36:5f:ba:7d:a1:f7:29:7c:dd:22:
                    f1:8c:11:0f:7d:08:e6:c1:03:91:fd:d2:1f:e2:e0:
                    99:39:a0:3d:bb:40:ea:de:b3:f3:2f:c3:3c:9d:cf:
                    b9:57:a2:e0:21:46:43:02:18:a9:b6:79:bd:9d:81:
                    93:b4:16:70:05:3f:31:28:98:ad:5b:3e:8f:d9:77:
                    a5:02:d1:d3:16:a1:c8:c1:0e:e4:6e:7b:6e:33:11:
                    ca:9e:ce:7d:8e:bc:6b:2a:53:0e:32:95:2f:81:16:
                    45:01:42:f6:0d:21:fb:96:4f:8c:4d:51:7a:3d:b9:
                    0f:43:7c:f3:bc:d9:c8:ea:81:22:a6:0f:5f:82:81:
                    b8:c4:b3:d6:23:a5:46:18:19:71:c1:02:ae:0f:56:
                    8e:59:eb:f8:f7:74:78:06:f4:30:78:e1:de:dc:15:
                    3d:d5:f7:30:c8:0a:41:83:91:a9:af:75:9d:c6:0d:
                    f5:57:3c:fd:fe:bd:3d:c9:01:2b:8b:b8:4e:45:3f:
                    2a:80:f0:65:1d:56:d5:49:e3:17:8b:bb:72:10:58:
                    7b:ac:0c:b9:7b:d7:9b:e8:31:f5:5e:44:6b:b4:16:
                    f5:b1:f8:f7:6f:90:0f:e5:33:f7:fd:e5:86:a6:eb:
                    d0:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:C4:C7:8D:F2:14:B6:1D:9D:64:1C:70:F6:30:4F:7C:9E:29:6B:8B
            X509v3 Authority Key Identifier:
                keyid:BA:59:D9:F5:AF:3C:EE:44:20:14:B7:35:96:1C:73:B9:69:26:0E:19

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ulnZ9a887kQgFLc1lhxzuWkmDhk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/03d3fa-9e22-441e-b5c5-d203e20018f5/1/ulnZ9a887kQgFLc1lhxzuWkmDhk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/03d3fa-9e22-441e-b5c5-d203e20018f5/1/ulnZ9a887kQgFLc1lhxzuWkmDhk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:79:c8:9d:9a:60:30:64:4a:78:f9:f1:bd:0b:ed:81:31:89:
         35:18:9b:da:a8:f7:a3:cb:30:8f:18:94:5d:7c:22:c5:35:c6:
         5d:e0:f6:af:4b:a4:0a:76:53:cc:69:8b:70:b4:29:52:08:83:
         f5:2c:81:fd:c9:99:63:0f:c4:99:e5:93:44:55:68:62:fe:f0:
         72:01:f4:3b:35:bb:ef:15:2d:76:7e:ed:75:81:a2:ef:44:4b:
         7e:7f:6e:4e:40:07:58:1d:6b:3e:86:b6:6a:57:97:4c:6a:d3:
         56:0b:ad:84:96:11:fd:e4:77:b2:39:18:29:f3:01:53:11:09:
         9c:69:52:1c:57:74:25:95:a7:bf:46:0a:cf:30:9b:2c:a2:50:
         bf:88:ce:4c:67:ad:5b:ed:61:d9:8f:93:d7:2f:80:2d:e4:35:
         d3:3f:f1:9e:53:da:f6:c2:48:bf:23:f4:47:e3:46:b5:1c:f0:
         70:cb:2a:8c:e5:71:51:f3:b0:b8:9b:a0:ea:fd:91:46:fb:49:
         b0:13:4c:fd:5e:54:37:ce:0a:45:fa:b2:9d:fb:ee:3c:bf:76:
         37:73:d9:0e:86:81:ef:4d:ad:da:f6:03:3f:22:b5:69:87:c7:
         ca:59:bf:bb:cf:81:0f:80:0a:5b:1f:1c:af:b8:cf:9b:ca:5a:
         bf:36:dc:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdGnfqWHfCvb8kgeMPOLUexMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNTlkOWY1YWYzY2VlNDQyMDE0YjczNTk2MWM3M2I5Njky
NjBlMTkwHhcNMjUwNjA2MTkwMDQ3WhcNMjUwNjA3MTkwMDQ3WjAzMTEwLwYDVQQD
EyhmMWM0Yzc4ZGYyMTRiNjFkOWQ2NDFjNzBmNjMwNGY3YzllMjk2YjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7UIVj7cDYfZIpmtIspN3Mbbf2DZf
un2h9yl83SLxjBEPfQjmwQOR/dIf4uCZOaA9u0Dq3rPzL8M8nc+5V6LgIUZDAhip
tnm9nYGTtBZwBT8xKJitWz6P2XelAtHTFqHIwQ7kbntuMxHKns59jrxrKlMOMpUv
gRZFAUL2DSH7lk+MTVF6PbkPQ3zzvNnI6oEipg9fgoG4xLPWI6VGGBlxwQKuD1aO
Wev493R4BvQweOHe3BU91fcwyApBg5Gpr3Wdxg31Vzz9/r09yQEri7hORT8qgPBl
HVbVSeMXi7tyEFh7rAy5e9eb6DH1XkRrtBb1sfj3b5AP5TP3/eWGpuvQIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPHEx43yFLYdnWQccPYwT3yeKWuLMB8GA1UdIwQY
MBaAFLpZ2fWvPO5EIBS3NZYcc7lpJg4ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWxuWjlhODg3a1FnRkxjMWxoeHp1V2ttRGhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC8wM2QzZmEtOWUyMi00NDFlLWI1YzUt
ZDIwM2UyMDAxOGY1LzEvdWxuWjlhODg3a1FnRkxjMWxoeHp1V2ttRGhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC8wM2QzZmEtOWUyMi00NDFlLWI1YzUtZDIwM2UyMDAxOGY1
LzEvdWxuWjlhODg3a1FnRkxjMWxoeHp1V2ttRGhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgnnInZpg
MGRKePnxvQvtgTGJNRib2qj3o8swjxiUXXwixTXGXeD2r0ukCnZTzGmLcLQpUgiD
9SyB/cmZYw/EmeWTRFVoYv7wcgH0OzW77xUtdn7tdYGi70RLfn9uTkAHWB1rPoa2
aleXTGrTVguthJYR/eR3sjkYKfMBUxEJnGlSHFd0JZWnv0YKzzCbLKJQv4jOTGet
W+1h2Y+T1y+ALeQ10z/xnlPa9sJIvyP0R+NGtRzwcMsqjOVxUfOwuJug6v2RRvtJ
sBNM/V5UN84KRfqynfvuPL92N3PZDoaB702t2vYDPyK1aYfHylm/u8+BD4AKWx8c
r7jPm8pavzbcQg==
-----END CERTIFICATE-----