Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.mft
File:                     jRHN6i8zL8ztMzil3x-y30Uh-OI.mft (raw, json)
Hash identifier:          fzVHjtJim8VV3T6KyiPRquV24MVziF3urQHblbdAtKs=
Subject key identifier:   B0:30:10:93:EA:77:BD:3C:C2:DE:C9:A9:E7:81:13:DC:38:79:FE:27
Authority key identifier: 8D:11:CD:EA:2F:33:2F:CC:ED:33:38:A5:DF:1F:B2:DF:45:21:F8:E2
Certificate issuer:       /CN=8d11cdea2f332fcced3338a5df1fb2df4521f8e2
Certificate serial:       01974A7B84B7E51140E9AD0E8DF4E3CE190D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jRHN6i8zL8ztMzil3x-y30Uh-OI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.mft
Manifest number:          1091
Signing time:             Sat 07 Jun 2025 13:01:38 +0000
Manifest this update:     Sat 07 Jun 2025 13:01:38 +0000
Manifest next update:     Sun 08 Jun 2025 13:01:38 +0000
Files and hashes:         1: jRHN6i8zL8ztMzil3x-y30Uh-OI.crl (hash: EuCS5y8D8/h4vuWyV+2wsbJvG+oDVxvEO+uk+LU+I7A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jRHN6i8zL8ztMzil3x-y30Uh-OI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 13:01:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7b:84:b7:e5:11:40:e9:ad:0e:8d:f4:e3:ce:19:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d11cdea2f332fcced3338a5df1fb2df4521f8e2
        Validity
            Not Before: Jun  7 13:01:38 2025 GMT
            Not After : Jun  8 13:01:38 2025 GMT
        Subject: CN=b0301093ea77bd3cc2dec9a9e78113dc3879fe27
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:be:66:89:ed:83:2d:43:d0:75:42:48:ca:d2:
                    93:48:e6:c5:d9:36:05:84:40:b2:f5:70:64:0b:ac:
                    53:cf:14:63:ee:0f:7e:db:44:7b:d7:40:62:6d:e6:
                    d7:49:a8:5e:36:b5:aa:15:b4:dc:13:98:2b:1e:38:
                    83:ce:bf:6a:a4:d6:e3:da:a1:09:73:09:f8:07:65:
                    d3:a5:60:67:0e:55:73:9f:13:1a:12:b8:5e:39:1b:
                    f1:32:04:a9:05:fe:3a:db:d0:4f:3d:49:99:1a:84:
                    02:c8:fe:cb:7b:0f:0d:36:4e:97:77:75:c2:29:3f:
                    e8:88:92:2a:52:de:cc:cf:ff:cc:85:79:ae:92:25:
                    60:7c:f9:41:04:98:77:4a:95:04:a7:8b:83:48:53:
                    5b:cd:ee:9a:4a:0d:75:52:1a:f7:88:07:a4:aa:5a:
                    10:f4:4c:d7:11:a3:3d:db:07:11:26:28:5b:64:89:
                    0a:1e:c5:fc:82:ec:50:1c:15:e0:b4:ca:a9:c6:88:
                    9a:1b:42:b3:df:81:19:f5:4e:c0:db:e5:2a:32:15:
                    e7:86:a5:e4:fc:e5:6d:46:17:30:a1:13:fb:ee:13:
                    1a:83:2a:8f:96:ca:a8:c6:15:13:b7:ec:67:84:0a:
                    ed:e7:62:8e:c9:5d:4d:57:72:a0:1f:48:4c:dc:ab:
                    99:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:30:10:93:EA:77:BD:3C:C2:DE:C9:A9:E7:81:13:DC:38:79:FE:27
            X509v3 Authority Key Identifier:
                keyid:8D:11:CD:EA:2F:33:2F:CC:ED:33:38:A5:DF:1F:B2:DF:45:21:F8:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHN6i8zL8ztMzil3x-y30Uh-OI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:07:71:67:9d:25:a3:2a:8a:28:47:f0:6d:3c:bc:91:17:42:
         07:fa:2d:57:91:ef:14:8b:c8:d3:fc:ca:20:e1:55:01:2b:33:
         ba:a7:72:c0:c8:47:a6:c3:72:4d:a2:62:10:c5:37:5e:29:56:
         36:28:f1:ec:2f:74:6a:f1:a7:b0:e1:51:d0:a8:58:ae:63:ed:
         4d:17:5a:81:51:b7:f6:71:ff:ed:39:c2:9f:01:ae:80:2f:69:
         cb:ea:9a:c0:f5:ca:80:58:78:c5:5b:46:22:76:d6:50:60:dc:
         0b:e7:4f:89:4a:2e:c6:25:3b:a0:97:f3:1f:d9:11:46:52:a4:
         7e:f3:fd:41:63:13:64:dd:f3:b1:f4:7b:84:6d:a1:13:0c:db:
         19:ba:25:3f:de:76:38:4f:16:1d:f1:2b:24:25:61:c1:f1:e1:
         87:bb:b8:13:7c:64:00:56:94:d6:31:10:70:b4:8c:a8:33:32:
         60:d1:77:f8:83:9b:52:34:74:4e:2e:17:dc:2e:95:1f:5f:3b:
         7a:a1:00:61:ba:d7:7c:31:a6:2b:e5:f5:54:10:9b:c8:d1:2e:
         be:11:de:dd:ed:2f:e8:e5:1c:98:af:13:b9:a1:10:e2:05:23:
         9f:45:91:5a:18:f6:6e:4d:35:72:f5:f0:52:cc:8f:bf:db:d1:
         46:09:56:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKe4S35RFA6a0OjfTjzhkNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMTFjZGVhMmYzMzJmY2NlZDMzMzhhNWRmMWZiMmRmNDUy
MWY4ZTIwHhcNMjUwNjA3MTMwMTM4WhcNMjUwNjA4MTMwMTM4WjAzMTEwLwYDVQQD
EyhiMDMwMTA5M2VhNzdiZDNjYzJkZWM5YTllNzgxMTNkYzM4NzlmZTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7L5mie2DLUPQdUJIytKTSObF2TYF
hECy9XBkC6xTzxRj7g9+20R710BibebXSaheNrWqFbTcE5grHjiDzr9qpNbj2qEJ
cwn4B2XTpWBnDlVznxMaErheORvxMgSpBf4629BPPUmZGoQCyP7Lew8NNk6Xd3XC
KT/oiJIqUt7Mz//MhXmukiVgfPlBBJh3SpUEp4uDSFNbze6aSg11Uhr3iAekqloQ
9EzXEaM92wcRJihbZIkKHsX8guxQHBXgtMqpxoiaG0Kz34EZ9U7A2+UqMhXnhqXk
/OVtRhcwoRP77hMagyqPlsqoxhUTt+xnhArt52KOyV1NV3KgH0hM3KuZCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLAwEJPqd708wt7JqeeBE9w4ef4nMB8GA1UdIwQY
MBaAFI0RzeovMy/M7TM4pd8fst9FIfjiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJITjZpOHpMOHp0TXppbDN4LXkzMFVoLU9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC83ZGFkZDMtM2U1NS00NmJlLTk0ZTEt
YzkwNjU4ZWJkNjk3LzEvalJITjZpOHpMOHp0TXppbDN4LXkzMFVoLU9JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC83ZGFkZDMtM2U1NS00NmJlLTk0ZTEtYzkwNjU4ZWJkNjk3
LzEvalJITjZpOHpMOHp0TXppbDN4LXkzMFVoLU9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfwdxZ50l
oyqKKEfwbTy8kRdCB/otV5HvFIvI0/zKIOFVASszuqdywMhHpsNyTaJiEMU3XilW
Nijx7C90avGnsOFR0KhYrmPtTRdagVG39nH/7TnCnwGugC9py+qawPXKgFh4xVtG
InbWUGDcC+dPiUouxiU7oJfzH9kRRlKkfvP9QWMTZN3zsfR7hG2hEwzbGbolP952
OE8WHfErJCVhwfHhh7u4E3xkAFaU1jEQcLSMqDMyYNF3+IObUjR0Ti4X3C6VH187
eqEAYbrXfDGmK+X1VBCbyNEuvhHe3e0v6OUcmK8TuaEQ4gUjn0WRWhj2bk01cvXw
UsyPv9vRRglW9A==
-----END CERTIFICATE-----