Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/bcad8d-8e55-4a81-b393-274251252077/1/idSzdf1Mr9XfusQG3SWmHSLdNso.mft
File:                     idSzdf1Mr9XfusQG3SWmHSLdNso.mft (raw, json)
Hash identifier:          wjKp6mT7LrjU3/XVNDAPKC2u7j+iANIQijdclmSNaJA=
Subject key identifier:   9E:61:C3:EF:0A:DA:9A:2A:96:51:2C:85:FE:97:68:6C:DF:E0:56:26
Authority key identifier: 89:D4:B3:75:FD:4C:AF:D5:DF:BA:C4:06:DD:25:A6:1D:22:DD:36:CA
Certificate issuer:       /CN=89d4b375fd4cafd5dfbac406dd25a61d22dd36ca
Certificate serial:       01974A7A805E7AF4103AA7160D49BD3A9DD3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/idSzdf1Mr9XfusQG3SWmHSLdNso.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c6/bcad8d-8e55-4a81-b393-274251252077/1/idSzdf1Mr9XfusQG3SWmHSLdNso.mft
Manifest number:          10FA
Signing time:             Sat 07 Jun 2025 13:00:31 +0000
Manifest this update:     Sat 07 Jun 2025 13:00:31 +0000
Manifest next update:     Sun 08 Jun 2025 13:00:31 +0000
Files and hashes:         1: idSzdf1Mr9XfusQG3SWmHSLdNso.crl (hash: HqASg/bkqjQorB/brLAFogetrrrgUpVZwsuarQWH8CI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c6/bcad8d-8e55-4a81-b393-274251252077/1/idSzdf1Mr9XfusQG3SWmHSLdNso.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c6/bcad8d-8e55-4a81-b393-274251252077/1/idSzdf1Mr9XfusQG3SWmHSLdNso.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/idSzdf1Mr9XfusQG3SWmHSLdNso.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7a:80:5e:7a:f4:10:3a:a7:16:0d:49:bd:3a:9d:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89d4b375fd4cafd5dfbac406dd25a61d22dd36ca
        Validity
            Not Before: Jun  7 13:00:31 2025 GMT
            Not After : Jun  8 13:00:31 2025 GMT
        Subject: CN=9e61c3ef0ada9a2a96512c85fe97686cdfe05626
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:d6:c1:eb:f5:ba:ff:99:d3:82:ac:b2:a6:fe:
                    a7:14:e9:d9:96:a8:83:03:14:36:5c:f6:2a:8e:a8:
                    0f:e9:87:c0:12:58:05:79:05:be:5d:ee:80:09:48:
                    b3:6b:59:02:17:1b:0c:6a:04:be:2f:c0:0c:cc:26:
                    07:da:d1:23:ca:03:b5:eb:6c:ae:6a:0d:f1:ed:6d:
                    3c:0b:36:a9:89:f3:73:55:58:e2:81:42:24:09:3d:
                    7a:83:c3:89:37:b9:05:cd:ef:e7:dc:23:d6:1e:29:
                    f0:5d:cd:51:1a:e3:18:aa:38:af:5f:57:c4:86:ea:
                    d4:e0:de:b9:15:b2:c9:3c:39:b5:9c:cc:7d:4d:c2:
                    74:5c:db:f1:b6:c5:a2:88:b2:f6:ed:9f:a9:ef:18:
                    ee:28:16:0f:3b:42:56:2a:cf:ee:8e:1c:df:ce:77:
                    b5:b0:e0:d1:e9:6d:86:1b:9b:15:06:03:7d:40:e9:
                    5f:b5:db:60:62:5d:38:13:46:b7:2a:0e:36:ae:0e:
                    a9:a9:c2:33:03:a6:ed:58:69:23:58:f3:a7:7e:b2:
                    09:70:be:3a:c8:2a:ce:f1:c2:3f:ae:0a:41:fd:72:
                    37:72:8c:55:64:36:48:88:fb:5a:99:43:d6:96:13:
                    d5:96:81:77:95:e7:b4:3a:5e:87:de:61:3e:ee:93:
                    91:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:61:C3:EF:0A:DA:9A:2A:96:51:2C:85:FE:97:68:6C:DF:E0:56:26
            X509v3 Authority Key Identifier:
                keyid:89:D4:B3:75:FD:4C:AF:D5:DF:BA:C4:06:DD:25:A6:1D:22:DD:36:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/idSzdf1Mr9XfusQG3SWmHSLdNso.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/bcad8d-8e55-4a81-b393-274251252077/1/idSzdf1Mr9XfusQG3SWmHSLdNso.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/bcad8d-8e55-4a81-b393-274251252077/1/idSzdf1Mr9XfusQG3SWmHSLdNso.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:b2:dc:91:1c:9e:4f:c1:59:93:47:1a:c3:3f:a4:e8:16:4f:
         36:dd:ba:62:4c:22:0c:92:04:86:c4:32:28:67:ca:ed:f6:d4:
         09:2e:12:44:38:4d:e0:a3:2e:30:17:6b:38:b2:a0:2a:f2:be:
         5e:19:40:3e:fb:3f:6a:74:e7:35:f0:46:2d:9a:8c:a7:ad:ad:
         ce:11:63:de:39:9d:29:44:e4:e6:ad:23:e7:bd:34:57:51:7c:
         20:79:be:04:df:76:51:0f:7e:d3:4e:7f:59:99:2b:07:25:33:
         b3:08:e7:ad:ae:22:bf:6a:3f:48:bc:f8:9e:dd:fc:da:9e:df:
         2c:a0:13:0e:6e:ac:ef:b8:b5:c8:2b:55:62:46:b5:c7:84:a2:
         ef:9d:a3:09:0a:0c:cb:ae:0a:70:1c:0e:fa:65:95:56:61:97:
         0f:af:25:75:ff:3a:27:5f:9e:a8:ae:4f:95:75:49:4c:a6:9e:
         49:3e:32:67:7f:0a:9d:79:30:ec:32:13:6d:a9:cf:0b:98:7d:
         ea:15:df:bc:24:90:56:9d:46:53:28:0c:57:82:57:87:d9:ce:
         23:05:df:47:da:12:d7:3f:3a:9b:4c:32:70:ff:0a:76:cd:15:
         87:bd:50:fa:d3:dd:fa:8c:dd:ff:ff:90:52:d4:0d:0f:e7:88:
         36:59:3c:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKeoBeevQQOqcWDUm9Op3TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ZDRiMzc1ZmQ0Y2FmZDVkZmJhYzQwNmRkMjVhNjFkMjJk
ZDM2Y2EwHhcNMjUwNjA3MTMwMDMxWhcNMjUwNjA4MTMwMDMxWjAzMTEwLwYDVQQD
Eyg5ZTYxYzNlZjBhZGE5YTJhOTY1MTJjODVmZTk3Njg2Y2RmZTA1NjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNbB6/W6/5nTgqyypv6nFOnZlqiD
AxQ2XPYqjqgP6YfAElgFeQW+Xe6ACUiza1kCFxsMagS+L8AMzCYH2tEjygO162yu
ag3x7W08CzapifNzVVjigUIkCT16g8OJN7kFze/n3CPWHinwXc1RGuMYqjivX1fE
hurU4N65FbLJPDm1nMx9TcJ0XNvxtsWiiLL27Z+p7xjuKBYPO0JWKs/ujhzfzne1
sODR6W2GG5sVBgN9QOlftdtgYl04E0a3Kg42rg6pqcIzA6btWGkjWPOnfrIJcL46
yCrO8cI/rgpB/XI3coxVZDZIiPtamUPWlhPVloF3lee0Ol6H3mE+7pORvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ5hw+8K2poqllEshf6XaGzf4FYmMB8GA1UdIwQY
MBaAFInUs3X9TK/V37rEBt0lph0i3TbKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWRTemRmMU1yOVhmdXNRRzNTV21IU0xkTnNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi9iY2FkOGQtOGU1NS00YTgxLWIzOTMt
Mjc0MjUxMjUyMDc3LzEvaWRTemRmMU1yOVhmdXNRRzNTV21IU0xkTnNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi9iY2FkOGQtOGU1NS00YTgxLWIzOTMtMjc0MjUxMjUyMDc3
LzEvaWRTemRmMU1yOVhmdXNRRzNTV21IU0xkTnNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk7LckRye
T8FZk0cawz+k6BZPNt26YkwiDJIEhsQyKGfK7fbUCS4SRDhN4KMuMBdrOLKgKvK+
XhlAPvs/anTnNfBGLZqMp62tzhFj3jmdKUTk5q0j5700V1F8IHm+BN92UQ9+005/
WZkrByUzswjnra4iv2o/SLz4nt382p7fLKATDm6s77i1yCtVYka1x4Si752jCQoM
y64KcBwO+mWVVmGXD68ldf86J1+eqK5PlXVJTKaeST4yZ38KnXkw7DITbanPC5h9
6hXfvCSQVp1GUygMV4JXh9nOIwXfR9oS1z86m0wycP8Kds0Vh71Q+tPd+ozd//+Q
UtQND+eINlk8VQ==
-----END CERTIFICATE-----