Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft
File:                     a5HhwatXAlaAjt-5y3VZxV3PrWE.mft (raw, json)
Hash identifier:          EE/j1vMo+w1H/VVUyYHjCURGXGl5XuHuQKxx/zeLSIw=
Subject key identifier:   1E:36:86:56:12:67:34:0A:20:58:D7:B3:AD:06:FE:20:98:D3:E4:58
Authority key identifier: 6B:91:E1:C1:AB:57:02:56:80:8E:DF:B9:CB:75:59:C5:5D:CF:AD:61
Certificate issuer:       /CN=6b91e1c1ab570256808edfb9cb7559c55dcfad61
Certificate serial:       0197BBC74CBA3E0125C602F4F5FC5EFB82F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft
Manifest number:          0977
Signing time:             Sun 29 Jun 2025 13:01:29 +0000
Manifest this update:     Sun 29 Jun 2025 13:01:29 +0000
Manifest next update:     Mon 30 Jun 2025 13:01:29 +0000
Files and hashes:         1: a5HhwatXAlaAjt-5y3VZxV3PrWE.crl (hash: lLu/2tonmYNe3YwdDn4l5My/J4KdnDjZcxfT6eRbuxg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 07:42:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:bb:c7:4c:ba:3e:01:25:c6:02:f4:f5:fc:5e:fb:82:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b91e1c1ab570256808edfb9cb7559c55dcfad61
        Validity
            Not Before: Jun 29 13:01:29 2025 GMT
            Not After : Jun 30 13:01:29 2025 GMT
        Subject: CN=1e3686561267340a2058d7b3ad06fe2098d3e458
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:0d:b3:56:31:e9:b9:b0:04:be:a6:31:8c:26:
                    cd:e2:20:9a:73:01:f2:3e:f6:89:09:60:93:ee:d1:
                    66:eb:c4:6a:37:66:ff:9b:bc:93:34:d5:88:35:de:
                    48:9b:83:d3:63:ff:b2:65:27:2c:0b:5d:31:21:62:
                    69:bf:56:10:2c:cc:16:ca:d0:b9:fe:1b:67:89:55:
                    31:17:f1:fc:ff:3c:79:0e:9e:11:b5:ec:fb:2e:fe:
                    bb:80:01:b3:d7:20:e5:b8:c3:b7:29:82:96:1c:23:
                    7a:77:3f:a1:f4:1b:29:bb:bc:e6:14:69:de:33:67:
                    bb:7f:1a:d3:b4:48:21:04:fa:10:fe:f8:1f:61:6e:
                    01:e5:2a:ae:d9:4c:c4:6f:8f:46:fc:4b:cf:b5:6d:
                    24:60:fa:df:b6:09:ed:b3:6d:9e:3b:e3:02:06:a0:
                    12:e9:bb:2a:9e:56:f6:cb:4f:07:73:51:60:a3:66:
                    ff:08:f8:d2:a6:b0:fc:8b:94:db:01:3c:98:42:77:
                    ef:3e:13:bb:76:03:a5:bb:98:56:10:cb:24:bb:24:
                    ac:b0:1b:ef:b6:e9:d5:52:35:c2:4c:59:96:8b:f3:
                    61:27:3f:57:77:f9:5b:d5:b3:a8:f5:5e:fe:06:a6:
                    0f:ea:59:56:47:cb:98:77:c9:85:77:35:da:74:b9:
                    ce:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:36:86:56:12:67:34:0A:20:58:D7:B3:AD:06:FE:20:98:D3:E4:58
            X509v3 Authority Key Identifier:
                keyid:6B:91:E1:C1:AB:57:02:56:80:8E:DF:B9:CB:75:59:C5:5D:CF:AD:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:ef:b2:97:20:fc:90:ad:c1:68:de:4f:dd:e7:37:59:df:b1:
         e6:b9:98:c3:d1:38:0c:b0:bb:81:62:3a:3e:fe:f3:cb:c6:f6:
         6e:80:41:90:5a:03:de:35:ae:a2:9a:11:a0:2d:d5:e8:f5:22:
         09:00:75:af:51:f0:a3:19:39:6c:3f:31:ad:bf:33:4b:3f:12:
         00:01:20:b2:f4:f0:69:1b:e6:24:8d:68:3f:0a:34:db:b8:b4:
         fa:a4:99:06:f8:52:cf:a7:c6:ab:90:6e:d0:d7:ca:97:4f:41:
         5a:2f:25:94:e5:0c:f4:80:28:95:bc:d1:25:db:55:8c:26:63:
         2c:b3:61:a2:19:68:be:d5:31:53:d0:6a:60:a3:93:25:97:57:
         f2:af:1e:7a:63:95:c7:c6:b2:12:c1:27:37:d5:3b:3d:95:6a:
         a8:9c:25:11:cd:68:5d:db:da:20:0b:aa:5e:64:64:42:3f:bc:
         86:5b:cc:f3:e1:3e:28:a9:ae:ab:7f:47:e1:d9:83:da:19:c1:
         92:af:49:a6:4b:50:35:dd:d6:e7:1c:8f:0a:48:27:d6:c8:c4:
         69:ab:8d:4b:86:e2:3a:0d:53:d2:07:dd:42:ba:a7:5b:44:42:
         6f:70:da:e9:40:c0:ed:68:9c:93:5b:9c:c7:95:e0:ac:e7:0c:
         b3:ff:ba:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe7x0y6PgElxgL09fxe+4LyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiOTFlMWMxYWI1NzAyNTY4MDhlZGZiOWNiNzU1OWM1NWRj
ZmFkNjEwHhcNMjUwNjI5MTMwMTI5WhcNMjUwNjMwMTMwMTI5WjAzMTEwLwYDVQQD
EygxZTM2ODY1NjEyNjczNDBhMjA1OGQ3YjNhZDA2ZmUyMDk4ZDNlNDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmg2zVjHpubAEvqYxjCbN4iCacwHy
PvaJCWCT7tFm68RqN2b/m7yTNNWINd5Im4PTY/+yZScsC10xIWJpv1YQLMwWytC5
/htniVUxF/H8/zx5Dp4Rtez7Lv67gAGz1yDluMO3KYKWHCN6dz+h9Bspu7zmFGne
M2e7fxrTtEghBPoQ/vgfYW4B5Squ2UzEb49G/EvPtW0kYPrftgnts22eO+MCBqAS
6bsqnlb2y08Hc1Fgo2b/CPjSprD8i5TbATyYQnfvPhO7dgOlu5hWEMskuySssBvv
tunVUjXCTFmWi/NhJz9Xd/lb1bOo9V7+BqYP6llWR8uYd8mFdzXadLnO0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB42hlYSZzQKIFjXs60G/iCY0+RYMB8GA1UdIwQY
MBaAFGuR4cGrVwJWgI7fuct1WcVdz61hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9hNWQzYzEtYmQ1ZS00MzU2LTk3MWMt
MDk4YTAyOTI5MDg5LzEvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9hNWQzYzEtYmQ1ZS00MzU2LTk3MWMtMDk4YTAyOTI5MDg5
LzEvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR++ylyD8
kK3BaN5P3ec3Wd+x5rmYw9E4DLC7gWI6Pv7zy8b2boBBkFoD3jWuopoRoC3V6PUi
CQB1r1Hwoxk5bD8xrb8zSz8SAAEgsvTwaRvmJI1oPwo027i0+qSZBvhSz6fGq5Bu
0NfKl09BWi8llOUM9IAolbzRJdtVjCZjLLNhohlovtUxU9BqYKOTJZdX8q8eemOV
x8ayEsEnN9U7PZVqqJwlEc1oXdvaIAuqXmRkQj+8hlvM8+E+KKmuq39H4dmD2hnB
kq9JpktQNd3W5xyPCkgn1sjEaauNS4biOg1T0gfdQrqnW0RCb3Da6UDA7Wick1uc
x5XgrOcMs/+64Q==
-----END CERTIFICATE-----