Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft
File:                     gY1FuJShqq5kDmhOV8_bUw36umk.mft (raw, json)
Hash identifier:          1voY0EOnN0PqhD8r+++z6VXAqt9rcvYrfINSm1J+Pzc=
Subject key identifier:   25:0D:F0:25:57:43:89:ED:14:2F:02:CB:24:91:94:76:43:67:3D:8B
Authority key identifier: 81:8D:45:B8:94:A1:AA:AE:64:0E:68:4E:57:CF:DB:53:0D:FA:BA:69
Certificate issuer:       /CN=818d45b894a1aaae640e684e57cfdb530dfaba69
Certificate serial:       0198D4DFEBB4A3E5A6BD4561F9FBEB306E15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gY1FuJShqq5kDmhOV8_bUw36umk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft
Manifest number:          0AD7
Signing time:             Sat 23 Aug 2025 03:01:41 +0000
Manifest this update:     Sat 23 Aug 2025 03:01:41 +0000
Manifest next update:     Sun 24 Aug 2025 03:01:41 +0000
Files and hashes:         1: gY1FuJShqq5kDmhOV8_bUw36umk.crl (hash: ToDVC06o0zpUyGgwFZlyL6hZMe9Q4O++xwIWTFKh3r8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gY1FuJShqq5kDmhOV8_bUw36umk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 03:01:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:df:eb:b4:a3:e5:a6:bd:45:61:f9:fb:eb:30:6e:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=818d45b894a1aaae640e684e57cfdb530dfaba69
        Validity
            Not Before: Aug 23 03:01:41 2025 GMT
            Not After : Aug 24 03:01:41 2025 GMT
        Subject: CN=250df025574389ed142f02cb2491947643673d8b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:6a:d7:34:4a:1e:7b:ff:a3:80:13:16:ec:e5:
                    0e:eb:32:c7:b7:af:4e:0a:39:a4:ad:77:63:56:34:
                    cc:91:d3:6c:9a:8b:6d:fc:7d:9c:ce:7f:2e:c0:73:
                    83:1b:f2:0a:a9:77:0d:f0:c7:4f:1d:64:50:73:ed:
                    0c:b3:68:73:3f:15:cc:e7:78:78:e5:2d:e1:9d:10:
                    f1:e7:66:f2:53:e9:a1:b9:e1:ae:68:01:b2:d5:f7:
                    93:8d:d9:f2:01:05:b8:38:77:c6:8a:d6:4c:1f:d6:
                    9c:79:6a:0e:68:7a:1b:8e:3d:73:d4:c0:04:38:a3:
                    c7:17:c4:0a:e1:54:9a:c5:90:25:96:da:32:40:bb:
                    71:37:c2:f3:db:eb:e6:2d:37:74:a5:2f:a4:46:67:
                    7a:2b:b8:88:da:08:05:ab:03:71:f7:a4:63:81:41:
                    fa:00:55:ba:01:6f:89:00:1b:49:24:de:49:c6:ce:
                    75:e4:65:59:ea:d9:c7:b3:48:7b:e1:f1:3b:17:fd:
                    1d:e8:33:97:24:ec:1e:c6:2f:1c:9b:f6:af:9b:46:
                    b8:81:19:07:0c:b6:e1:31:d8:e2:2c:ae:cb:62:83:
                    17:79:3d:62:d3:4b:c0:47:36:01:13:0f:57:94:1a:
                    7d:e1:e1:c1:b5:0f:f6:c4:98:c5:51:e5:c2:21:f7:
                    36:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:0D:F0:25:57:43:89:ED:14:2F:02:CB:24:91:94:76:43:67:3D:8B
            X509v3 Authority Key Identifier:
                keyid:81:8D:45:B8:94:A1:AA:AE:64:0E:68:4E:57:CF:DB:53:0D:FA:BA:69

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gY1FuJShqq5kDmhOV8_bUw36umk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:94:ab:1f:c1:23:fe:cd:29:bb:ad:5a:b9:97:c6:81:7e:21:
         d9:9a:3a:e6:47:da:f6:5f:58:87:2c:75:fd:90:ab:cf:7a:62:
         3e:ac:65:5c:65:d7:cb:05:eb:4e:d1:47:5a:1e:c0:17:ca:c3:
         58:c5:1c:59:1f:64:f8:98:75:43:06:c2:67:0e:03:28:aa:db:
         5f:76:68:a8:13:83:c1:2d:53:6d:75:0c:c1:d6:d0:7f:20:56:
         7f:4d:23:ee:62:bf:7b:ee:28:4b:bc:8f:71:9a:bc:09:9e:43:
         62:32:96:8c:96:6b:7a:fc:7a:61:a3:b9:9b:a1:31:e2:bf:30:
         e8:eb:ee:a0:e7:99:a3:45:29:32:de:d4:bc:3c:17:0e:20:6a:
         b7:36:b8:22:e3:e0:8f:29:94:19:3a:99:57:10:a0:fe:40:55:
         96:4d:a0:e7:60:f7:27:6d:8a:db:99:9c:85:8f:d6:64:31:2b:
         f3:da:24:b2:be:8a:8b:8c:a6:06:51:f5:38:21:f8:c6:45:79:
         a4:d8:36:c3:c9:4c:03:d2:d8:64:16:65:ef:61:58:6a:23:eb:
         13:79:e7:2d:cb:88:26:07:02:81:ad:9a:f5:2c:3a:a2:08:b4:
         d8:95:1e:a6:eb:9a:e1:ca:6e:22:66:08:05:8f:35:29:9e:d1:
         be:ed:d7:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU3+u0o+WmvUVh+fvrMG4VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOGQ0NWI4OTRhMWFhYWU2NDBlNjg0ZTU3Y2ZkYjUzMGRm
YWJhNjkwHhcNMjUwODIzMDMwMTQxWhcNMjUwODI0MDMwMTQxWjAzMTEwLwYDVQQD
EygyNTBkZjAyNTU3NDM4OWVkMTQyZjAyY2IyNDkxOTQ3NjQzNjczZDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjmrXNEoee/+jgBMW7OUO6zLHt69O
CjmkrXdjVjTMkdNsmott/H2czn8uwHODG/IKqXcN8MdPHWRQc+0Ms2hzPxXM53h4
5S3hnRDx52byU+mhueGuaAGy1feTjdnyAQW4OHfGitZMH9aceWoOaHobjj1z1MAE
OKPHF8QK4VSaxZAlltoyQLtxN8Lz2+vmLTd0pS+kRmd6K7iI2ggFqwNx96RjgUH6
AFW6AW+JABtJJN5Jxs515GVZ6tnHs0h74fE7F/0d6DOXJOwexi8cm/avm0a4gRkH
DLbhMdjiLK7LYoMXeT1i00vARzYBEw9XlBp94eHBtQ/2xJjFUeXCIfc2fwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCUN8CVXQ4ntFC8CyySRlHZDZz2LMB8GA1UdIwQY
MBaAFIGNRbiUoaquZA5oTlfP21MN+rppMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1kxRnVKU2hxcTVrRG1oT1Y4X2JVdzM2dW1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC83MDMzNTgtYjY5Yi00ODkzLWFiNGUt
ZTA2OTlkMzA0OTE5LzEvZ1kxRnVKU2hxcTVrRG1oT1Y4X2JVdzM2dW1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC83MDMzNTgtYjY5Yi00ODkzLWFiNGUtZTA2OTlkMzA0OTE5
LzEvZ1kxRnVKU2hxcTVrRG1oT1Y4X2JVdzM2dW1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANZSrH8Ej
/s0pu61auZfGgX4h2Zo65kfa9l9Yhyx1/ZCrz3piPqxlXGXXywXrTtFHWh7AF8rD
WMUcWR9k+Jh1QwbCZw4DKKrbX3ZoqBODwS1TbXUMwdbQfyBWf00j7mK/e+4oS7yP
cZq8CZ5DYjKWjJZrevx6YaO5m6Ex4r8w6OvuoOeZo0UpMt7UvDwXDiBqtza4IuPg
jymUGTqZVxCg/kBVlk2g52D3J22K25mchY/WZDEr89oksr6Ki4ymBlH1OCH4xkV5
pNg2w8lMA9LYZBZl72FYaiPrE3nnLcuIJgcCga2a9Sw6ogi02JUepuua4cpuImYI
BY81KZ7Rvu3X2w==
-----END CERTIFICATE-----