Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/d29d3f-1696-4ed4-96d2-e7eb817ede30/1/Da7a5Z2cmvUe9UivsMlkOM73IRw.mft
File:                     Da7a5Z2cmvUe9UivsMlkOM73IRw.mft (raw, json)
Hash identifier:          ueSet5OxaX3mcjktKlVaZ0KhhAyzY5de1fygQWUr8/0=
Subject key identifier:   2A:AE:9B:0C:C9:93:6A:6E:CD:6D:98:4A:E2:63:CC:D0:63:37:96:AC
Authority key identifier: 0D:AE:DA:E5:9D:9C:9A:F5:1E:F5:48:AF:B0:C9:64:38:CE:F7:21:1C
Certificate issuer:       /CN=0daedae59d9c9af51ef548afb0c96438cef7211c
Certificate serial:       019749318AE403584975A574734F26B2C75F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Da7a5Z2cmvUe9UivsMlkOM73IRw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/d29d3f-1696-4ed4-96d2-e7eb817ede30/1/Da7a5Z2cmvUe9UivsMlkOM73IRw.mft
Manifest number:          1579
Signing time:             Sat 07 Jun 2025 07:01:12 +0000
Manifest this update:     Sat 07 Jun 2025 07:01:12 +0000
Manifest next update:     Sun 08 Jun 2025 07:01:12 +0000
Files and hashes:         1: Da7a5Z2cmvUe9UivsMlkOM73IRw.crl (hash: VrDBe84tEYfdmrSoyrwGGafTVqNop5iThNgYiRqvPfY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f5/d29d3f-1696-4ed4-96d2-e7eb817ede30/1/Da7a5Z2cmvUe9UivsMlkOM73IRw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f5/d29d3f-1696-4ed4-96d2-e7eb817ede30/1/Da7a5Z2cmvUe9UivsMlkOM73IRw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Da7a5Z2cmvUe9UivsMlkOM73IRw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 07:01:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:31:8a:e4:03:58:49:75:a5:74:73:4f:26:b2:c7:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0daedae59d9c9af51ef548afb0c96438cef7211c
        Validity
            Not Before: Jun  7 07:01:12 2025 GMT
            Not After : Jun  8 07:01:12 2025 GMT
        Subject: CN=2aae9b0cc9936a6ecd6d984ae263ccd0633796ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:cf:b8:3b:d4:77:30:b2:4c:1a:1d:c8:40:c5:
                    20:f3:b5:bc:92:3e:5c:4a:9b:df:cc:ab:7c:50:da:
                    1a:15:13:c5:bf:cc:13:b6:9d:cc:57:c2:2d:86:6f:
                    55:2b:ae:1b:5a:6e:0a:46:44:aa:e7:25:41:dc:c1:
                    c2:23:23:76:5e:bd:8d:85:29:b4:ba:e3:b4:66:8f:
                    fa:b6:08:ba:98:13:e9:ff:db:26:24:eb:fc:1d:c1:
                    a3:93:b5:8d:a2:25:28:93:94:d5:a7:a5:c9:6c:b4:
                    cf:ac:f3:de:9b:e8:6f:49:f7:40:f8:62:03:72:c3:
                    17:4c:fe:3a:75:11:1d:26:c0:6b:4f:bc:8f:bf:e6:
                    81:14:bf:08:06:9f:84:30:df:90:de:43:3b:47:cb:
                    5d:ba:8c:67:6e:70:24:06:13:3e:5a:65:93:a2:cc:
                    c2:09:db:39:7a:16:17:26:94:cb:fc:3b:37:11:e8:
                    e7:86:ce:fd:d1:f9:71:07:e7:17:da:66:23:7f:d1:
                    29:c3:07:6f:90:df:54:bb:c4:06:01:62:8d:65:2d:
                    ac:cf:db:99:a1:d6:6f:13:1b:6e:56:ab:ab:32:15:
                    77:da:9e:c1:2b:fe:8a:00:62:2e:3b:94:61:be:8a:
                    13:86:88:34:f8:d9:f8:ee:48:36:48:f5:be:06:54:
                    81:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:AE:9B:0C:C9:93:6A:6E:CD:6D:98:4A:E2:63:CC:D0:63:37:96:AC
            X509v3 Authority Key Identifier:
                keyid:0D:AE:DA:E5:9D:9C:9A:F5:1E:F5:48:AF:B0:C9:64:38:CE:F7:21:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Da7a5Z2cmvUe9UivsMlkOM73IRw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d29d3f-1696-4ed4-96d2-e7eb817ede30/1/Da7a5Z2cmvUe9UivsMlkOM73IRw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d29d3f-1696-4ed4-96d2-e7eb817ede30/1/Da7a5Z2cmvUe9UivsMlkOM73IRw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:e1:7b:e2:4b:0f:33:e9:7d:c7:df:7c:f2:d9:e5:8d:51:3a:
         bb:01:3f:cd:ce:42:9f:2c:1c:22:2d:e3:f8:29:0b:eb:a9:b7:
         72:bb:45:78:6e:cc:dc:bd:45:eb:59:01:69:60:e0:f5:84:00:
         f3:a2:43:f4:ae:ec:88:a8:c1:18:e6:b9:9c:d9:49:5d:4a:6b:
         5a:a3:db:54:05:43:66:58:b3:fc:3b:59:17:cf:49:55:b8:c7:
         48:e3:a7:36:b9:f8:85:f0:21:00:7d:ce:7f:58:69:a0:ab:12:
         a9:13:49:6f:d8:e0:47:28:bb:5b:7e:54:03:ef:04:6e:69:48:
         38:85:1a:36:e9:f0:90:ac:04:c7:b7:0f:5d:a9:b4:b7:6b:a3:
         82:10:f9:ea:09:78:77:c3:ae:1f:49:61:72:c4:27:a9:fa:d7:
         8f:38:59:67:d3:52:74:17:e3:0f:51:78:50:de:70:60:2f:83:
         9c:b6:76:f8:ab:0c:b1:4a:52:be:1f:9e:56:2c:c8:be:ff:72:
         f0:bc:1f:a6:82:da:e0:62:af:92:55:7c:c0:ac:8b:85:d9:cd:
         d3:af:7e:8e:2b:1e:3b:b8:4a:fd:fb:5b:3a:3d:7b:8b:39:49:
         1b:87:29:52:ab:88:60:de:7e:2b:f8:e0:53:d5:1c:f9:07:f7:
         4b:cd:c9:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJMYrkA1hJdaV0c08mssdfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYWVkYWU1OWQ5YzlhZjUxZWY1NDhhZmIwYzk2NDM4Y2Vm
NzIxMWMwHhcNMjUwNjA3MDcwMTEyWhcNMjUwNjA4MDcwMTEyWjAzMTEwLwYDVQQD
EygyYWFlOWIwY2M5OTM2YTZlY2Q2ZDk4NGFlMjYzY2NkMDYzMzc5NmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzc+4O9R3MLJMGh3IQMUg87W8kj5c
SpvfzKt8UNoaFRPFv8wTtp3MV8Ithm9VK64bWm4KRkSq5yVB3MHCIyN2Xr2NhSm0
uuO0Zo/6tgi6mBPp/9smJOv8HcGjk7WNoiUok5TVp6XJbLTPrPPem+hvSfdA+GID
csMXTP46dREdJsBrT7yPv+aBFL8IBp+EMN+Q3kM7R8tduoxnbnAkBhM+WmWToszC
Cds5ehYXJpTL/Ds3Eejnhs790flxB+cX2mYjf9EpwwdvkN9Uu8QGAWKNZS2sz9uZ
odZvExtuVqurMhV32p7BK/6KAGIuO5RhvooThog0+Nn47kg2SPW+BlSB0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCqumwzJk2puzW2YSuJjzNBjN5asMB8GA1UdIwQY
MBaAFA2u2uWdnJr1HvVIr7DJZDjO9yEcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGE3YTVaMmNtdlVlOVVpdnNNbGtPTTczSVJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9kMjlkM2YtMTY5Ni00ZWQ0LTk2ZDIt
ZTdlYjgxN2VkZTMwLzEvRGE3YTVaMmNtdlVlOVVpdnNNbGtPTTczSVJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9kMjlkM2YtMTY5Ni00ZWQ0LTk2ZDItZTdlYjgxN2VkZTMw
LzEvRGE3YTVaMmNtdlVlOVVpdnNNbGtPTTczSVJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd+F74ksP
M+l9x9988tnljVE6uwE/zc5CnywcIi3j+CkL66m3crtFeG7M3L1F61kBaWDg9YQA
86JD9K7siKjBGOa5nNlJXUprWqPbVAVDZliz/DtZF89JVbjHSOOnNrn4hfAhAH3O
f1hpoKsSqRNJb9jgRyi7W35UA+8EbmlIOIUaNunwkKwEx7cPXam0t2ujghD56gl4
d8OuH0lhcsQnqfrXjzhZZ9NSdBfjD1F4UN5wYC+DnLZ2+KsMsUpSvh+eVizIvv9y
8LwfpoLa4GKvklV8wKyLhdnN069+jiseO7hK/ftbOj17izlJG4cpUquIYN5+K/jg
U9Uc+Qf3S83Jvw==
-----END CERTIFICATE-----