Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/996da3-9f8c-475b-8bf6-c7467da2db60/1/mNtTOItvp7HlovTGhjq3Hxz7VRI.mft
File:                     mNtTOItvp7HlovTGhjq3Hxz7VRI.mft (raw, json)
Hash identifier:          i/r/20qbFOTfJ66I8c8FLn9D6KfESIs2BecdmsZgjW4=
Subject key identifier:   54:FD:71:C8:69:C1:13:5A:B7:72:E4:A4:C2:AB:CC:07:90:6D:63:19
Authority key identifier: 98:DB:53:38:8B:6F:A7:B1:E5:A2:F4:C6:86:3A:B7:1F:1C:FB:55:12
Certificate issuer:       /CN=98db53388b6fa7b1e5a2f4c6863ab71f1cfb5512
Certificate serial:       0197BA7D3B168F389D4CF56BA1F6CF893C75
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mNtTOItvp7HlovTGhjq3Hxz7VRI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/996da3-9f8c-475b-8bf6-c7467da2db60/1/mNtTOItvp7HlovTGhjq3Hxz7VRI.mft
Manifest number:          02BD
Signing time:             Sun 29 Jun 2025 07:00:58 +0000
Manifest this update:     Sun 29 Jun 2025 07:00:58 +0000
Manifest next update:     Mon 30 Jun 2025 07:00:58 +0000
Files and hashes:         1: mNtTOItvp7HlovTGhjq3Hxz7VRI.crl (hash: WQeHwJhESEhhbC0qcuWl7QbJ7ER5ATzUDVXHmup+qcg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/18/996da3-9f8c-475b-8bf6-c7467da2db60/1/mNtTOItvp7HlovTGhjq3Hxz7VRI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/18/996da3-9f8c-475b-8bf6-c7467da2db60/1/mNtTOItvp7HlovTGhjq3Hxz7VRI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mNtTOItvp7HlovTGhjq3Hxz7VRI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 04:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:ba:7d:3b:16:8f:38:9d:4c:f5:6b:a1:f6:cf:89:3c:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=98db53388b6fa7b1e5a2f4c6863ab71f1cfb5512
        Validity
            Not Before: Jun 29 07:00:58 2025 GMT
            Not After : Jun 30 07:00:58 2025 GMT
        Subject: CN=54fd71c869c1135ab772e4a4c2abcc07906d6319
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:d4:ca:36:f9:0f:d3:a1:5c:d1:43:2d:d4:ce:
                    59:4e:ee:19:db:a6:74:0c:a1:fd:9a:15:a4:6c:31:
                    75:eb:c6:be:c3:4b:5a:9f:9c:74:45:0c:b8:be:89:
                    c9:cc:0e:fa:20:2d:f1:34:17:1b:ef:71:6d:24:6b:
                    3f:bd:22:25:d6:c9:35:0f:2a:e8:2e:f0:4c:10:a1:
                    59:7e:20:ce:e1:c7:56:56:bf:7d:4a:7a:d7:75:f5:
                    a1:0b:b3:b1:ea:6a:9a:3c:df:b9:c7:db:87:1b:90:
                    fa:54:6d:c6:3b:9d:e6:fb:69:94:34:09:34:7a:85:
                    2f:bb:e9:a4:c0:77:70:2e:54:e2:5e:f4:ff:85:4b:
                    a5:87:5a:68:d8:ff:fb:0d:3f:51:fe:b1:e2:e5:e1:
                    14:c5:00:cb:5c:9e:1c:61:70:e3:85:dc:18:36:ba:
                    20:dc:2e:b1:85:d7:ef:e7:bb:c7:57:9c:3b:3d:0e:
                    a5:f0:5b:b8:c2:e9:ac:a8:b2:2e:15:a1:ba:40:44:
                    39:7e:f9:3d:5e:b7:79:06:6e:23:2a:5e:a3:d2:de:
                    18:19:24:9d:75:71:1e:47:49:e7:4c:ee:2b:01:17:
                    3c:9d:35:d0:57:ee:78:c5:8d:5e:20:0c:c0:14:67:
                    fc:12:52:ce:37:6f:25:e9:86:4c:07:3f:5d:9b:bf:
                    52:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:FD:71:C8:69:C1:13:5A:B7:72:E4:A4:C2:AB:CC:07:90:6D:63:19
            X509v3 Authority Key Identifier:
                keyid:98:DB:53:38:8B:6F:A7:B1:E5:A2:F4:C6:86:3A:B7:1F:1C:FB:55:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mNtTOItvp7HlovTGhjq3Hxz7VRI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/996da3-9f8c-475b-8bf6-c7467da2db60/1/mNtTOItvp7HlovTGhjq3Hxz7VRI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/996da3-9f8c-475b-8bf6-c7467da2db60/1/mNtTOItvp7HlovTGhjq3Hxz7VRI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:38:df:fd:4c:56:39:e4:81:c6:90:57:26:0d:c4:12:b6:63:
         33:fa:6a:3e:d2:35:bd:1d:26:17:db:3d:9a:3d:6a:45:3f:ac:
         ff:01:2e:8e:17:f9:88:4a:8e:f6:5f:d8:90:9b:2b:ce:7d:b5:
         9b:d8:1a:29:1f:a0:87:29:51:60:d2:6d:50:9b:57:43:a3:c4:
         4e:b8:a8:ae:23:cd:99:e1:f3:80:90:b2:a9:d9:03:4c:86:a5:
         ce:b5:53:6e:56:a7:41:f4:ca:c0:ec:2a:4b:19:5c:9c:60:79:
         07:6b:29:7b:a6:93:14:d2:7e:ad:cf:1e:b9:b3:55:61:23:70:
         5a:86:69:b7:96:16:1a:c0:08:e5:ce:f4:1e:40:dd:ce:07:03:
         ea:d3:76:fd:a7:53:d9:5f:71:0f:72:fb:7d:92:f1:76:e1:df:
         7d:ae:39:4e:3f:96:3e:6b:5e:77:b8:59:ef:0b:d7:46:ed:2e:
         d8:7f:66:3d:2a:7c:2d:81:3f:d3:08:04:70:1c:21:12:18:8f:
         27:80:d4:cf:1c:48:ce:2e:e6:0e:4b:36:ee:9b:7b:d9:22:b8:
         04:a0:a1:f4:8e:6b:59:60:68:2b:32:1d:ea:b1:bb:c6:44:c6:
         2e:f9:76:05:6a:0b:39:69:8f:9e:d3:6d:66:fc:ad:bf:e8:2f:
         19:4c:81:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe6fTsWjzidTPVrofbPiTx1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4ZGI1MzM4OGI2ZmE3YjFlNWEyZjRjNjg2M2FiNzFmMWNm
YjU1MTIwHhcNMjUwNjI5MDcwMDU4WhcNMjUwNjMwMDcwMDU4WjAzMTEwLwYDVQQD
Eyg1NGZkNzFjODY5YzExMzVhYjc3MmU0YTRjMmFiY2MwNzkwNmQ2MzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9TKNvkP06Fc0UMt1M5ZTu4Z26Z0
DKH9mhWkbDF168a+w0tan5x0RQy4vonJzA76IC3xNBcb73FtJGs/vSIl1sk1Dyro
LvBMEKFZfiDO4cdWVr99SnrXdfWhC7Ox6mqaPN+5x9uHG5D6VG3GO53m+2mUNAk0
eoUvu+mkwHdwLlTiXvT/hUulh1po2P/7DT9R/rHi5eEUxQDLXJ4cYXDjhdwYNrog
3C6xhdfv57vHV5w7PQ6l8Fu4wumsqLIuFaG6QEQ5fvk9Xrd5Bm4jKl6j0t4YGSSd
dXEeR0nnTO4rARc8nTXQV+54xY1eIAzAFGf8ElLON28l6YZMBz9dm79ScwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFT9cchpwRNat3LkpMKrzAeQbWMZMB8GA1UdIwQY
MBaAFJjbUziLb6ex5aL0xoY6tx8c+1USMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbU50VE9JdHZwN0hsb3ZUR2hqcTNIeHo3VlJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC85OTZkYTMtOWY4Yy00NzViLThiZjYt
Yzc0NjdkYTJkYjYwLzEvbU50VE9JdHZwN0hsb3ZUR2hqcTNIeHo3VlJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC85OTZkYTMtOWY4Yy00NzViLThiZjYtYzc0NjdkYTJkYjYw
LzEvbU50VE9JdHZwN0hsb3ZUR2hqcTNIeHo3VlJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGjjf/UxW
OeSBxpBXJg3EErZjM/pqPtI1vR0mF9s9mj1qRT+s/wEujhf5iEqO9l/YkJsrzn21
m9gaKR+ghylRYNJtUJtXQ6PETrioriPNmeHzgJCyqdkDTIalzrVTblanQfTKwOwq
SxlcnGB5B2spe6aTFNJ+rc8eubNVYSNwWoZpt5YWGsAI5c70HkDdzgcD6tN2/adT
2V9xD3L7fZLxduHffa45Tj+WPmted7hZ7wvXRu0u2H9mPSp8LYE/0wgEcBwhEhiP
J4DUzxxIzi7mDks27pt72SK4BKCh9I5rWWBoKzId6rG7xkTGLvl2BWoLOWmPntNt
Zvytv+gvGUyBAg==
-----END CERTIFICATE-----