Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft
File:                     7HDF2GfeIA8BSGsaiAqUuEldciA.mft (raw, json)
Hash identifier:          cwsf9JxsXoAe2QapdRVlY+dQPbHkqflRIJ9npfPzrOk=
Subject key identifier:   94:49:EC:AC:19:58:4D:26:B7:D2:E4:6A:C6:1E:E2:C5:3F:F5:B6:9F
Authority key identifier: EC:70:C5:D8:67:DE:20:0F:01:48:6B:1A:88:0A:94:B8:49:5D:72:20
Certificate issuer:       /CN=ec70c5d867de200f01486b1a880a94b8495d7220
Certificate serial:       01974A43A7FB72D3114AF04D176B19CC9639
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7HDF2GfeIA8BSGsaiAqUuEldciA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft
Manifest number:          0E3F
Signing time:             Sat 07 Jun 2025 12:00:37 +0000
Manifest this update:     Sat 07 Jun 2025 12:00:37 +0000
Manifest next update:     Sun 08 Jun 2025 12:00:37 +0000
Files and hashes:         1: 7HDF2GfeIA8BSGsaiAqUuEldciA.crl (hash: YkQzpDsU0iC3kG+GIEi3HVoNO/357Axafa890ow4+Wo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7HDF2GfeIA8BSGsaiAqUuEldciA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 12:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:43:a7:fb:72:d3:11:4a:f0:4d:17:6b:19:cc:96:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ec70c5d867de200f01486b1a880a94b8495d7220
        Validity
            Not Before: Jun  7 12:00:37 2025 GMT
            Not After : Jun  8 12:00:37 2025 GMT
        Subject: CN=9449ecac19584d26b7d2e46ac61ee2c53ff5b69f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f8:cd:c4:1c:3c:7e:b8:ee:ce:4f:33:c8:af:9d:
                    a9:a4:96:91:e8:09:ea:74:04:e9:55:3b:f9:8e:15:
                    ac:13:70:db:5c:3f:e4:29:b2:16:25:31:c8:ab:7e:
                    7f:ae:ee:85:fd:98:7b:11:cd:32:d9:78:45:70:e8:
                    20:a9:32:71:b4:c1:89:a6:b1:0b:d2:e3:01:f9:d4:
                    8d:b5:15:89:5d:57:a5:8c:59:02:4c:b3:b1:b7:40:
                    ff:99:e2:a4:10:4e:c9:bf:8f:3b:9b:01:98:42:4c:
                    ad:61:42:4a:c2:98:e6:9f:44:be:7e:87:aa:3f:da:
                    88:66:96:57:ab:8f:a1:90:fc:26:60:d3:20:9f:73:
                    d1:56:26:74:ea:9c:e0:ef:5c:01:e5:5d:f7:02:f9:
                    85:93:da:05:d4:47:d8:45:7b:2b:3f:9c:ae:83:e6:
                    e4:91:c4:ca:be:c6:df:fb:5e:88:ea:57:e5:a5:f5:
                    ca:0e:d4:cb:f8:6f:35:60:00:3c:13:ac:45:13:bd:
                    dd:39:81:b4:1d:70:64:92:51:59:2c:03:66:f9:de:
                    89:19:f0:a8:b6:f4:83:aa:fd:8b:7b:fe:5b:8f:76:
                    58:5a:76:99:03:c1:64:32:7c:8f:21:ac:4a:b0:c7:
                    15:e4:cf:12:84:1e:bb:c3:2d:3e:ea:63:eb:a8:83:
                    32:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:49:EC:AC:19:58:4D:26:B7:D2:E4:6A:C6:1E:E2:C5:3F:F5:B6:9F
            X509v3 Authority Key Identifier:
                keyid:EC:70:C5:D8:67:DE:20:0F:01:48:6B:1A:88:0A:94:B8:49:5D:72:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7HDF2GfeIA8BSGsaiAqUuEldciA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:ef:83:c5:6c:f3:0f:15:38:0f:4b:ce:e7:c8:a0:e6:30:5a:
         ab:10:10:6e:ff:54:ca:06:d1:45:91:e6:45:6c:5b:4e:d4:78:
         50:98:81:8e:76:66:c5:de:3f:76:63:e4:a2:92:92:b4:d0:7e:
         e1:6e:2c:60:0b:22:76:7c:d0:21:81:58:da:13:19:71:4a:b5:
         ef:37:aa:79:d8:07:48:fd:5f:0e:5b:42:68:87:59:2c:e9:2f:
         39:ea:11:d4:07:f1:71:8f:49:13:6f:51:68:e7:07:35:72:79:
         63:17:9a:f2:39:08:b3:8f:d0:5d:b3:4a:18:ac:52:3a:b2:ef:
         a3:4e:c9:e5:5e:03:1a:f5:96:5c:bf:18:b2:00:80:0e:c9:5e:
         33:dc:e1:6a:17:11:fc:e7:e4:af:fd:0c:1e:e2:7d:97:17:23:
         39:aa:74:90:92:e9:35:a1:a9:c2:3d:ec:e8:50:15:6e:10:62:
         17:20:96:c6:af:80:71:3c:f3:bd:a5:0a:9d:a9:f2:16:f8:8a:
         4d:45:af:d9:dc:b8:bd:fb:e8:ef:0d:e6:a8:35:40:98:9f:88:
         d3:88:70:67:3b:22:6f:33:ad:87:0d:7f:5e:e0:23:20:3b:5b:
         c1:91:71:06:33:20:37:6d:8a:41:8a:4b:4c:62:85:df:23:5c:
         e5:0d:9e:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKQ6f7ctMRSvBNF2sZzJY5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNzBjNWQ4NjdkZTIwMGYwMTQ4NmIxYTg4MGE5NGI4NDk1
ZDcyMjAwHhcNMjUwNjA3MTIwMDM3WhcNMjUwNjA4MTIwMDM3WjAzMTEwLwYDVQQD
Eyg5NDQ5ZWNhYzE5NTg0ZDI2YjdkMmU0NmFjNjFlZTJjNTNmZjViNjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+M3EHDx+uO7OTzPIr52ppJaR6Anq
dATpVTv5jhWsE3DbXD/kKbIWJTHIq35/ru6F/Zh7Ec0y2XhFcOggqTJxtMGJprEL
0uMB+dSNtRWJXVeljFkCTLOxt0D/meKkEE7Jv487mwGYQkytYUJKwpjmn0S+foeq
P9qIZpZXq4+hkPwmYNMgn3PRViZ06pzg71wB5V33AvmFk9oF1EfYRXsrP5yug+bk
kcTKvsbf+16I6lflpfXKDtTL+G81YAA8E6xFE73dOYG0HXBkklFZLANm+d6JGfCo
tvSDqv2Le/5bj3ZYWnaZA8FkMnyPIaxKsMcV5M8ShB67wy0+6mPrqIMy3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJRJ7KwZWE0mt9LkasYe4sU/9bafMB8GA1UdIwQY
MBaAFOxwxdhn3iAPAUhrGogKlLhJXXIgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0hERjJHZmVJQThCU0dzYWlBcVV1RWxkY2lBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS82ZWY1NGMtYjAzNC00OWU2LThkYTQt
YzVhZDE1M2MyZDQ2LzEvN0hERjJHZmVJQThCU0dzYWlBcVV1RWxkY2lBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS82ZWY1NGMtYjAzNC00OWU2LThkYTQtYzVhZDE1M2MyZDQ2
LzEvN0hERjJHZmVJQThCU0dzYWlBcVV1RWxkY2lBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj++DxWzz
DxU4D0vO58ig5jBaqxAQbv9UygbRRZHmRWxbTtR4UJiBjnZmxd4/dmPkopKStNB+
4W4sYAsidnzQIYFY2hMZcUq17zeqedgHSP1fDltCaIdZLOkvOeoR1AfxcY9JE29R
aOcHNXJ5Yxea8jkIs4/QXbNKGKxSOrLvo07J5V4DGvWWXL8YsgCADsleM9zhahcR
/Ofkr/0MHuJ9lxcjOap0kJLpNaGpwj3s6FAVbhBiFyCWxq+AcTzzvaUKnanyFviK
TUWv2dy4vfvo7w3mqDVAmJ+I04hwZzsibzOthw1/XuAjIDtbwZFxBjMgN22KQYpL
TGKF3yNc5Q2emw==
-----END CERTIFICATE-----