Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/f2ccc0-3732-4351-b770-6b0da9e4fb10/1/IClZ7xuVPXmKoPVkMafxG2vhltY.mft
File:                     IClZ7xuVPXmKoPVkMafxG2vhltY.mft (raw, json)
Hash identifier:          XvBkMmjO9EURUCzOpZVyss+b2IYtfN5kDXUluMoYYEc=
Subject key identifier:   D4:7A:A4:07:10:FC:DB:EC:4F:C1:F6:9E:30:C8:B9:92:63:89:B3:9E
Authority key identifier: 20:29:59:EF:1B:95:3D:79:8A:A0:F5:64:31:A7:F1:1B:6B:E1:96:D6
Certificate issuer:       /CN=202959ef1b953d798aa0f56431a7f11b6be196d6
Certificate serial:       0197B77CCD9A9AE8F72216449F367D67C878
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IClZ7xuVPXmKoPVkMafxG2vhltY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/f2ccc0-3732-4351-b770-6b0da9e4fb10/1/IClZ7xuVPXmKoPVkMafxG2vhltY.mft
Manifest number:          11AE
Signing time:             Sat 28 Jun 2025 17:01:38 +0000
Manifest this update:     Sat 28 Jun 2025 17:01:38 +0000
Manifest next update:     Sun 29 Jun 2025 17:01:38 +0000
Files and hashes:         1: IClZ7xuVPXmKoPVkMafxG2vhltY.crl (hash: twhHN4EritzxZClFMk1CFQkyLT4eKhJMjJXxtig5zdU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/f2ccc0-3732-4351-b770-6b0da9e4fb10/1/IClZ7xuVPXmKoPVkMafxG2vhltY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/f2ccc0-3732-4351-b770-6b0da9e4fb10/1/IClZ7xuVPXmKoPVkMafxG2vhltY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IClZ7xuVPXmKoPVkMafxG2vhltY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:cd:9a:9a:e8:f7:22:16:44:9f:36:7d:67:c8:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=202959ef1b953d798aa0f56431a7f11b6be196d6
        Validity
            Not Before: Jun 28 17:01:38 2025 GMT
            Not After : Jun 29 17:01:38 2025 GMT
        Subject: CN=d47aa40710fcdbec4fc1f69e30c8b9926389b39e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:53:fe:bd:aa:51:05:44:dd:d8:be:59:2d:62:
                    1a:a5:24:6a:a0:6e:91:31:ae:3c:ef:6f:0c:9f:14:
                    2d:af:6a:3a:b5:62:98:7d:a7:30:0a:60:14:f4:0e:
                    fb:84:9d:72:7b:e3:e3:8c:51:78:25:b8:5b:4d:bb:
                    23:a3:a5:eb:b6:b1:55:7d:ae:89:db:35:8d:b9:a6:
                    e9:b6:30:13:54:22:b3:47:9a:56:d7:6e:07:aa:c3:
                    6c:e6:54:39:9d:b1:29:2a:85:d9:25:c2:5e:5a:40:
                    a0:e5:58:41:01:5e:18:55:95:6b:52:1f:05:4c:84:
                    ea:41:f3:31:ca:56:c7:54:2d:9f:60:1a:dd:5e:de:
                    cb:0b:3b:01:31:12:27:29:c5:fc:95:23:84:60:cc:
                    39:ec:93:c6:a8:ff:63:c8:82:38:8e:5d:47:72:22:
                    ec:39:b3:5e:44:9b:37:8e:7c:ae:7b:1a:29:4f:03:
                    5d:78:09:f1:f4:c7:68:9e:3c:32:99:6e:ca:73:6b:
                    a1:8f:8a:ec:7c:16:5d:20:4c:5b:d0:aa:7b:42:39:
                    6f:5a:97:e1:1a:92:ca:d5:7d:06:f5:7e:ed:40:70:
                    84:3c:9b:fd:ac:2d:f0:eb:43:a5:53:b5:1c:f2:6c:
                    32:1a:dc:ba:1b:89:68:87:46:06:d4:a0:72:89:3d:
                    68:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:7A:A4:07:10:FC:DB:EC:4F:C1:F6:9E:30:C8:B9:92:63:89:B3:9E
            X509v3 Authority Key Identifier:
                keyid:20:29:59:EF:1B:95:3D:79:8A:A0:F5:64:31:A7:F1:1B:6B:E1:96:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IClZ7xuVPXmKoPVkMafxG2vhltY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/f2ccc0-3732-4351-b770-6b0da9e4fb10/1/IClZ7xuVPXmKoPVkMafxG2vhltY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/f2ccc0-3732-4351-b770-6b0da9e4fb10/1/IClZ7xuVPXmKoPVkMafxG2vhltY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:de:38:16:a7:ac:af:05:6f:8b:d8:37:66:e1:d0:5a:95:bb:
         b3:35:4c:1a:bb:4b:44:80:fe:ee:e6:43:e0:6b:79:7b:bb:8c:
         38:21:b1:8f:c8:81:35:dc:a2:e1:df:24:11:7a:1e:60:07:3b:
         be:39:7b:96:2a:d6:6d:4c:2d:6c:3c:54:1c:4a:68:f3:01:b4:
         f4:9d:05:1c:7a:42:7e:20:f5:77:ba:48:3e:95:fe:b1:e8:38:
         63:d6:4d:7c:5a:cd:b1:7c:f0:57:6f:2a:1f:24:14:04:21:e4:
         ec:d0:a4:5c:bd:69:34:f2:1c:e7:95:90:2c:5d:6f:30:eb:1c:
         24:cd:48:cf:8b:0c:05:33:15:87:08:89:d5:e4:82:ca:d6:14:
         54:d9:a8:6b:f7:84:8a:71:ef:ad:b6:8c:3a:bb:d0:bd:40:2e:
         03:73:19:63:64:6e:23:16:8c:86:c2:0e:f8:e7:e7:e0:dd:a7:
         5f:3f:51:71:1f:33:9a:eb:b0:27:b1:3e:e5:77:00:43:a7:e3:
         c4:82:01:cc:5e:be:6d:8e:73:c7:6d:b5:65:4b:ca:65:b7:86:
         08:d0:87:ab:8b:19:ea:de:21:be:fe:63:07:f2:94:2f:57:22:
         a3:41:10:f0:2f:96:32:a3:7f:46:4e:30:26:7d:0e:37:54:07:
         e0:8a:86:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fM2amuj3IhZEnzZ9Z8h4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMjk1OWVmMWI5NTNkNzk4YWEwZjU2NDMxYTdmMTFiNmJl
MTk2ZDYwHhcNMjUwNjI4MTcwMTM4WhcNMjUwNjI5MTcwMTM4WjAzMTEwLwYDVQQD
EyhkNDdhYTQwNzEwZmNkYmVjNGZjMWY2OWUzMGM4Yjk5MjYzODliMzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlP+vapRBUTd2L5ZLWIapSRqoG6R
Ma48728MnxQtr2o6tWKYfacwCmAU9A77hJ1ye+PjjFF4JbhbTbsjo6XrtrFVfa6J
2zWNuabptjATVCKzR5pW124HqsNs5lQ5nbEpKoXZJcJeWkCg5VhBAV4YVZVrUh8F
TITqQfMxylbHVC2fYBrdXt7LCzsBMRInKcX8lSOEYMw57JPGqP9jyII4jl1HciLs
ObNeRJs3jnyuexopTwNdeAnx9MdonjwymW7Kc2uhj4rsfBZdIExb0Kp7QjlvWpfh
GpLK1X0G9X7tQHCEPJv9rC3w60OlU7Uc8mwyGty6G4loh0YG1KByiT1oUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNR6pAcQ/NvsT8H2njDIuZJjibOeMB8GA1UdIwQY
MBaAFCApWe8blT15iqD1ZDGn8Rtr4ZbWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUNsWjd4dVZQWG1Lb1BWa01hZnhHMnZobHRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9mMmNjYzAtMzczMi00MzUxLWI3NzAt
NmIwZGE5ZTRmYjEwLzEvSUNsWjd4dVZQWG1Lb1BWa01hZnhHMnZobHRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9mMmNjYzAtMzczMi00MzUxLWI3NzAtNmIwZGE5ZTRmYjEw
LzEvSUNsWjd4dVZQWG1Lb1BWa01hZnhHMnZobHRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE944Fqes
rwVvi9g3ZuHQWpW7szVMGrtLRID+7uZD4Gt5e7uMOCGxj8iBNdyi4d8kEXoeYAc7
vjl7lirWbUwtbDxUHEpo8wG09J0FHHpCfiD1d7pIPpX+seg4Y9ZNfFrNsXzwV28q
HyQUBCHk7NCkXL1pNPIc55WQLF1vMOscJM1Iz4sMBTMVhwiJ1eSCytYUVNmoa/eE
inHvrbaMOrvQvUAuA3MZY2RuIxaMhsIO+Ofn4N2nXz9RcR8zmuuwJ7E+5XcAQ6fj
xIIBzF6+bY5zx221ZUvKZbeGCNCHq4sZ6t4hvv5jB/KUL1cio0EQ8C+WMqN/Rk4w
Jn0ON1QH4IqGLA==
-----END CERTIFICATE-----