Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/4781ea-0a32-43f9-9890-de97bcd40368/1/VFjdpvrZNtqJUgABqigr-syLguM.mft
File:                     VFjdpvrZNtqJUgABqigr-syLguM.mft (raw, json)
Hash identifier:          YsF8fIByr7GfWWx60h3tUDCpAeQ5048CrpJncIAFkZU=
Subject key identifier:   DA:8E:C5:B8:CB:45:60:DB:30:4D:D9:10:43:A1:A1:91:ED:80:65:AB
Authority key identifier: 54:58:DD:A6:FA:D9:36:DA:89:52:00:01:AA:28:2B:FA:CC:8B:82:E3
Certificate issuer:       /CN=5458dda6fad936da89520001aa282bfacc8b82e3
Certificate serial:       0197BA7D66BBBD0DBDE29553CEB4B335F4BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VFjdpvrZNtqJUgABqigr-syLguM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/4781ea-0a32-43f9-9890-de97bcd40368/1/VFjdpvrZNtqJUgABqigr-syLguM.mft
Manifest number:          109E
Signing time:             Sun 29 Jun 2025 07:01:09 +0000
Manifest this update:     Sun 29 Jun 2025 07:01:09 +0000
Manifest next update:     Mon 30 Jun 2025 07:01:09 +0000
Files and hashes:         1: VFjdpvrZNtqJUgABqigr-syLguM.crl (hash: f+d2X23NcSY77lb0PZOkwYMsdGhy+FB6JIGUkIGJ5gY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/4781ea-0a32-43f9-9890-de97bcd40368/1/VFjdpvrZNtqJUgABqigr-syLguM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/4781ea-0a32-43f9-9890-de97bcd40368/1/VFjdpvrZNtqJUgABqigr-syLguM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VFjdpvrZNtqJUgABqigr-syLguM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 04:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:ba:7d:66:bb:bd:0d:bd:e2:95:53:ce:b4:b3:35:f4:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5458dda6fad936da89520001aa282bfacc8b82e3
        Validity
            Not Before: Jun 29 07:01:09 2025 GMT
            Not After : Jun 30 07:01:09 2025 GMT
        Subject: CN=da8ec5b8cb4560db304dd91043a1a191ed8065ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:be:06:48:d3:f1:6e:f5:bf:1d:59:f7:fe:d4:
                    9a:9c:29:41:00:d9:74:36:67:da:09:44:06:a2:4c:
                    e9:0e:58:77:82:58:39:61:e1:f4:d4:10:c6:c7:75:
                    be:ed:73:1c:cf:4f:dc:0b:46:6c:d5:35:93:2f:c9:
                    95:c0:68:0e:eb:3f:9f:79:c2:e7:71:a7:99:6d:cc:
                    4a:7f:cc:f5:aa:e4:13:1e:ce:75:b9:19:95:7c:00:
                    aa:61:8e:b0:ce:d3:e3:13:db:66:46:dc:57:1d:ec:
                    91:32:ee:84:77:1c:83:c2:a5:5b:d8:32:44:22:56:
                    99:ca:89:1c:42:9a:dd:61:48:61:89:42:ea:c4:bb:
                    c9:37:de:e9:ae:50:8b:8f:73:3a:16:8e:52:32:d8:
                    2e:f9:15:3e:ca:25:5c:3e:b9:6b:1e:fd:a6:8e:ec:
                    c0:dc:31:6e:20:80:9b:c7:cf:a8:04:23:ba:70:fa:
                    86:76:b3:bc:a9:b7:74:5b:8b:3c:55:7c:0c:ef:46:
                    a2:96:6c:de:5f:ff:a8:f8:71:d2:1e:74:e5:87:f9:
                    57:6f:f6:87:3f:22:6e:da:f0:6f:d6:75:86:70:f6:
                    8c:fa:f4:b7:15:1f:1f:7f:9d:fd:4f:d0:ae:26:78:
                    13:5b:63:17:fb:e5:6a:4c:d5:b2:37:b7:f8:8c:c7:
                    ba:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:8E:C5:B8:CB:45:60:DB:30:4D:D9:10:43:A1:A1:91:ED:80:65:AB
            X509v3 Authority Key Identifier:
                keyid:54:58:DD:A6:FA:D9:36:DA:89:52:00:01:AA:28:2B:FA:CC:8B:82:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VFjdpvrZNtqJUgABqigr-syLguM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/4781ea-0a32-43f9-9890-de97bcd40368/1/VFjdpvrZNtqJUgABqigr-syLguM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/4781ea-0a32-43f9-9890-de97bcd40368/1/VFjdpvrZNtqJUgABqigr-syLguM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:b9:31:e7:27:37:8b:ac:bb:61:c9:e0:7f:16:d7:6f:2e:19:
         94:61:24:59:d3:10:bc:c5:ae:3c:e1:0b:d7:e4:94:7a:b6:da:
         f9:dd:80:38:21:cf:01:b9:21:ba:cb:3e:31:1e:12:71:b0:e4:
         55:82:94:45:12:c5:f0:cb:95:7e:70:db:13:58:24:5a:64:19:
         28:7f:cd:53:f6:cb:b9:4e:d6:df:5a:cc:a5:a0:75:2d:8a:32:
         d3:10:80:31:dc:67:a5:9b:b7:97:e3:e8:f3:37:ec:b1:f1:90:
         38:a5:f4:d7:ae:d3:80:37:4e:b3:bc:b9:21:a8:bc:a7:b4:12:
         a6:12:f7:10:1e:a1:23:10:9d:f6:dc:3c:30:03:8f:b2:a3:69:
         d8:07:8e:94:d5:7c:e8:f2:cf:94:36:94:ca:c4:37:07:2b:af:
         c3:57:5b:24:2d:fc:b7:86:f3:84:01:37:6c:16:38:db:0f:cd:
         40:ef:69:98:ee:57:90:03:2e:95:4c:b7:a7:0a:44:30:ac:65:
         c1:fb:75:28:63:c5:31:fc:4e:ec:bf:47:a2:b2:56:6c:1a:f0:
         dd:78:ed:ee:d1:f0:7d:99:ee:28:de:73:0d:a2:c7:81:38:bf:
         9d:a2:c2:9e:1a:f0:f2:4d:b4:b7:65:e2:aa:8c:75:68:22:63:
         fe:38:d3:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe6fWa7vQ294pVTzrSzNfS/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NThkZGE2ZmFkOTM2ZGE4OTUyMDAwMWFhMjgyYmZhY2M4
YjgyZTMwHhcNMjUwNjI5MDcwMTA5WhcNMjUwNjMwMDcwMTA5WjAzMTEwLwYDVQQD
EyhkYThlYzViOGNiNDU2MGRiMzA0ZGQ5MTA0M2ExYTE5MWVkODA2NWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqr4GSNPxbvW/HVn3/tSanClBANl0
NmfaCUQGokzpDlh3glg5YeH01BDGx3W+7XMcz0/cC0Zs1TWTL8mVwGgO6z+fecLn
caeZbcxKf8z1quQTHs51uRmVfACqYY6wztPjE9tmRtxXHeyRMu6EdxyDwqVb2DJE
IlaZyokcQprdYUhhiULqxLvJN97prlCLj3M6Fo5SMtgu+RU+yiVcPrlrHv2mjuzA
3DFuIICbx8+oBCO6cPqGdrO8qbd0W4s8VXwM70ailmzeX/+o+HHSHnTlh/lXb/aH
PyJu2vBv1nWGcPaM+vS3FR8ff539T9CuJngTW2MX++VqTNWyN7f4jMe6+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNqOxbjLRWDbME3ZEEOhoZHtgGWrMB8GA1UdIwQY
MBaAFFRY3ab62TbaiVIAAaooK/rMi4LjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkZqZHB2clpOdHFKVWdBQnFpZ3Itc3lMZ3VNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC80NzgxZWEtMGEzMi00M2Y5LTk4OTAt
ZGU5N2JjZDQwMzY4LzEvVkZqZHB2clpOdHFKVWdBQnFpZ3Itc3lMZ3VNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC80NzgxZWEtMGEzMi00M2Y5LTk4OTAtZGU5N2JjZDQwMzY4
LzEvVkZqZHB2clpOdHFKVWdBQnFpZ3Itc3lMZ3VNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgrkx5yc3
i6y7YcngfxbXby4ZlGEkWdMQvMWuPOEL1+SUerba+d2AOCHPAbkhuss+MR4ScbDk
VYKURRLF8MuVfnDbE1gkWmQZKH/NU/bLuU7W31rMpaB1LYoy0xCAMdxnpZu3l+Po
8zfssfGQOKX0167TgDdOs7y5Iai8p7QSphL3EB6hIxCd9tw8MAOPsqNp2AeOlNV8
6PLPlDaUysQ3Byuvw1dbJC38t4bzhAE3bBY42w/NQO9pmO5XkAMulUy3pwpEMKxl
wft1KGPFMfxO7L9HorJWbBrw3Xjt7tHwfZnuKN5zDaLHgTi/naLCnhrw8k20t2Xi
qox1aCJj/jjTqA==
-----END CERTIFICATE-----