Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.mft
File:                     IYCTB4hvuv261Th2Eu_-dxOHowA.mft (raw, json)
Hash identifier:          v9e2MEjAck2judhN7+jI9RuZGyvaj/3TMOQYvaRuWPk=
Subject key identifier:   F8:34:3A:32:D6:C6:B8:EC:0E:F3:D3:CD:1E:4F:A9:AF:F1:12:02:B1
Authority key identifier: 21:80:93:07:88:6F:BA:FD:BA:D5:38:76:12:EF:FE:77:13:87:A3:00
Certificate issuer:       /CN=21809307886fbafdbad5387612effe771387a300
Certificate serial:       0197469E45D2A019324F9FC4F8ABBC8E17E6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYCTB4hvuv261Th2Eu_-dxOHowA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.mft
Manifest number:          06BF
Signing time:             Fri 06 Jun 2025 19:01:06 +0000
Manifest this update:     Fri 06 Jun 2025 19:01:06 +0000
Manifest next update:     Sat 07 Jun 2025 19:01:06 +0000
Files and hashes:         1: IYCTB4hvuv261Th2Eu_-dxOHowA.crl (hash: HXd7VzPPfVJ+x0YLxihLwYpjHHFGSAfVALsIW9ycD9c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYCTB4hvuv261Th2Eu_-dxOHowA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:46:9e:45:d2:a0:19:32:4f:9f:c4:f8:ab:bc:8e:17:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=21809307886fbafdbad5387612effe771387a300
        Validity
            Not Before: Jun  6 19:01:06 2025 GMT
            Not After : Jun  7 19:01:06 2025 GMT
        Subject: CN=f8343a32d6c6b8ec0ef3d3cd1e4fa9aff11202b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:88:98:52:b4:58:9b:81:34:0e:fd:c1:30:c3:
                    65:87:b6:9e:6c:6c:91:bb:c2:a8:04:8b:d2:a5:7e:
                    d4:7c:ec:62:2f:a0:82:bf:93:33:ed:5e:26:37:c5:
                    a1:33:1e:1b:5d:af:e6:10:bb:58:0d:5e:4a:2d:dc:
                    5e:6b:a9:f3:97:2f:22:93:59:16:aa:5a:37:5c:f2:
                    3f:9d:60:fe:39:ef:81:cf:14:6c:fe:d9:f3:1d:91:
                    eb:82:f2:e9:b9:cf:e4:05:fc:8c:79:1f:2a:46:53:
                    7b:ee:d9:7f:d4:d8:bc:e4:40:2f:4c:25:a2:ef:fc:
                    74:3b:48:43:4b:d0:23:65:c3:b3:68:8a:8f:dc:26:
                    0b:08:a8:19:7e:3c:42:a7:c8:84:ab:52:fe:fd:a9:
                    ee:1d:ef:2c:b6:9f:d5:b4:c0:37:da:ed:5b:52:86:
                    97:51:aa:ed:e1:b6:d9:d7:77:7a:9b:1a:01:49:1a:
                    17:d4:98:7b:ca:f8:12:0d:d8:0a:64:b6:a3:5a:8a:
                    0a:53:aa:9a:54:26:79:03:72:00:5d:64:0c:c0:f4:
                    27:39:ec:65:21:d1:82:6d:04:25:68:3a:61:d4:27:
                    94:63:96:e9:6c:d1:8d:17:d7:a2:4c:a4:5e:5d:4b:
                    66:a4:75:13:ba:ca:72:37:28:7e:e2:7c:50:30:3a:
                    13:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:34:3A:32:D6:C6:B8:EC:0E:F3:D3:CD:1E:4F:A9:AF:F1:12:02:B1
            X509v3 Authority Key Identifier:
                keyid:21:80:93:07:88:6F:BA:FD:BA:D5:38:76:12:EF:FE:77:13:87:A3:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYCTB4hvuv261Th2Eu_-dxOHowA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:8b:65:b0:cd:65:89:15:cd:bb:09:a6:3a:6a:ed:6c:00:80:
         13:27:19:42:a4:75:5d:21:ef:dd:46:4b:07:7a:40:ca:72:7d:
         e4:eb:e0:6a:ae:55:ad:75:b2:a0:7f:37:1b:07:71:0a:b4:5b:
         50:37:33:1f:09:97:85:f1:e9:98:1e:b2:7d:08:e4:1b:12:3e:
         fb:d9:a5:9e:56:44:03:fb:48:e5:c3:eb:b5:e1:56:ff:9f:d9:
         5a:c9:d4:13:f0:ea:f9:8f:74:8b:fb:6d:5e:01:aa:7a:8e:a4:
         dd:3a:4d:58:cf:85:54:40:78:e4:e3:eb:08:cc:97:c5:4d:3c:
         e1:59:58:4e:61:03:40:7f:b2:ff:96:1d:bd:f4:70:53:a1:6b:
         8c:9a:66:e4:fa:aa:49:59:ae:ba:14:5f:e7:18:12:36:97:d1:
         f5:fa:27:33:49:7c:b4:94:c8:97:2d:86:17:e9:b4:a1:68:d7:
         c4:20:26:fd:f5:f8:be:7c:f6:3f:1f:ba:2a:31:ce:9a:8f:b7:
         12:5d:d3:e1:7a:07:88:39:c7:96:82:93:fe:6b:4b:bc:4d:98:
         4f:70:bc:b1:41:74:34:06:a8:08:6c:11:a0:a4:63:be:18:0f:
         78:75:f8:90:80:fe:f2:50:02:ca:14:d8:06:11:ce:25:12:2c:
         ed:85:be:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdGnkXSoBkyT5/E+Ku8jhfmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxODA5MzA3ODg2ZmJhZmRiYWQ1Mzg3NjEyZWZmZTc3MTM4
N2EzMDAwHhcNMjUwNjA2MTkwMTA2WhcNMjUwNjA3MTkwMTA2WjAzMTEwLwYDVQQD
EyhmODM0M2EzMmQ2YzZiOGVjMGVmM2QzY2QxZTRmYTlhZmYxMTIwMmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4iYUrRYm4E0Dv3BMMNlh7aebGyR
u8KoBIvSpX7UfOxiL6CCv5Mz7V4mN8WhMx4bXa/mELtYDV5KLdxea6nzly8ik1kW
qlo3XPI/nWD+Oe+BzxRs/tnzHZHrgvLpuc/kBfyMeR8qRlN77tl/1Ni85EAvTCWi
7/x0O0hDS9AjZcOzaIqP3CYLCKgZfjxCp8iEq1L+/anuHe8stp/VtMA32u1bUoaX
Uart4bbZ13d6mxoBSRoX1Jh7yvgSDdgKZLajWooKU6qaVCZ5A3IAXWQMwPQnOexl
IdGCbQQlaDph1CeUY5bpbNGNF9eiTKReXUtmpHUTuspyNyh+4nxQMDoTswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPg0OjLWxrjsDvPTzR5Pqa/xEgKxMB8GA1UdIwQY
MBaAFCGAkweIb7r9utU4dhLv/ncTh6MAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVlDVEI0aHZ1djI2MVRoMkV1Xy1keE9Ib3dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9hN2NiYWEtYmI5ZC00N2Y1LTkyMmQt
ZjcwOGRhZDBlZWNhLzEvSVlDVEI0aHZ1djI2MVRoMkV1Xy1keE9Ib3dBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9hN2NiYWEtYmI5ZC00N2Y1LTkyMmQtZjcwOGRhZDBlZWNh
LzEvSVlDVEI0aHZ1djI2MVRoMkV1Xy1keE9Ib3dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfItlsM1l
iRXNuwmmOmrtbACAEycZQqR1XSHv3UZLB3pAynJ95Ovgaq5VrXWyoH83GwdxCrRb
UDczHwmXhfHpmB6yfQjkGxI++9mlnlZEA/tI5cPrteFW/5/ZWsnUE/Dq+Y90i/tt
XgGqeo6k3TpNWM+FVEB45OPrCMyXxU084VlYTmEDQH+y/5YdvfRwU6FrjJpm5Pqq
SVmuuhRf5xgSNpfR9fonM0l8tJTIly2GF+m0oWjXxCAm/fX4vnz2Px+6KjHOmo+3
El3T4XoHiDnHloKT/mtLvE2YT3C8sUF0NAaoCGwRoKRjvhgPeHX4kID+8lACyhTY
BhHOJRIs7YW+ZA==
-----END CERTIFICATE-----