Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft
File:                     pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft (raw, json)
Hash identifier:          KUzx7RJwzl/526uXCIB1ATELyEITM31cKkhrSvsuOPQ=
Subject key identifier:   EC:A1:52:BC:C6:F7:B7:BB:92:9E:9B:2C:1D:F6:94:F2:29:03:28:C8
Authority key identifier: A5:8E:FD:10:8D:4C:5B:0F:4F:9A:88:AE:53:BB:7F:EC:9D:59:4B:92
Certificate issuer:       /CN=a58efd108d4c5b0f4f9a88ae53bb7fec9d594b92
Certificate serial:       0197B6A1AE95F8D8A967A7B0F554A5F96D0B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pY79EI1MWw9PmoiuU7t_7J1ZS5I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft
Manifest number:          10B2
Signing time:             Sat 28 Jun 2025 13:02:18 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:18 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:18 +0000
Files and hashes:         1: pY79EI1MWw9PmoiuU7t_7J1ZS5I.crl (hash: AKgufWVqgS3Mj/NY1Sn+6t2Z+TvJE4A4UtK0g7Dye98=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pY79EI1MWw9PmoiuU7t_7J1ZS5I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:ae:95:f8:d8:a9:67:a7:b0:f5:54:a5:f9:6d:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a58efd108d4c5b0f4f9a88ae53bb7fec9d594b92
        Validity
            Not Before: Jun 28 13:02:18 2025 GMT
            Not After : Jun 29 13:02:18 2025 GMT
        Subject: CN=eca152bcc6f7b7bb929e9b2c1df694f2290328c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:f3:bc:94:c2:bc:0d:c8:68:36:9e:cf:e7:dc:
                    ea:65:c1:57:35:7f:4b:7c:c6:f0:ea:50:b1:6b:f7:
                    79:74:6f:18:2a:22:db:4c:da:d2:92:df:e7:95:7d:
                    1c:6e:b4:58:fd:47:ba:4e:3b:c6:63:3f:ee:62:cb:
                    2f:3b:a8:96:be:bf:02:3c:e9:cd:e9:f2:2c:ce:3a:
                    2f:2d:69:6c:89:02:d4:68:31:74:7c:89:44:d5:43:
                    08:b9:32:1e:23:1e:5c:03:f7:11:97:ea:74:0b:84:
                    7d:e3:6b:80:61:af:2c:b1:c0:3b:82:f6:be:e1:76:
                    7a:b0:b7:df:f2:f0:eb:f3:06:43:15:9f:52:cf:fe:
                    dd:df:ce:34:a4:37:3f:1d:48:7e:14:5e:05:5f:f4:
                    dc:1d:5c:c2:42:bf:22:97:a5:ac:bc:8a:77:18:ab:
                    8a:74:85:1b:3e:38:5d:0a:2c:23:91:d1:bf:c7:ba:
                    dd:be:86:8c:50:a9:c3:7a:fa:30:74:eb:d2:10:5c:
                    46:c1:79:c7:cb:31:6a:67:64:10:51:43:5c:06:15:
                    5f:f4:4f:1d:7b:f1:ef:75:75:54:cc:88:51:2a:f1:
                    87:8a:3b:38:ae:30:02:88:fd:4a:a1:df:5b:a7:62:
                    5c:c4:f9:c7:cd:4e:ac:92:1a:3f:33:5b:f0:3b:e7:
                    08:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:A1:52:BC:C6:F7:B7:BB:92:9E:9B:2C:1D:F6:94:F2:29:03:28:C8
            X509v3 Authority Key Identifier:
                keyid:A5:8E:FD:10:8D:4C:5B:0F:4F:9A:88:AE:53:BB:7F:EC:9D:59:4B:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pY79EI1MWw9PmoiuU7t_7J1ZS5I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:6d:f3:f1:cc:f2:65:c0:34:19:c1:de:f5:ac:d8:07:f1:70:
         48:cf:cd:0d:b7:ed:64:1a:7f:29:2a:58:23:15:07:51:46:c9:
         20:76:b6:5d:a1:1e:0c:b2:c9:22:f5:45:1a:db:4e:0f:f1:ef:
         0b:01:21:fb:85:ab:4c:7e:d4:f3:0d:f9:40:fe:13:39:07:27:
         d4:49:d5:a6:4d:89:21:53:57:4c:c4:f8:64:3d:4b:02:ba:3b:
         13:79:21:f3:8a:79:4f:7c:24:d4:2f:06:4b:16:dd:f6:18:68:
         61:c4:68:b7:e6:13:a8:6d:e5:71:b9:00:61:b4:67:ab:80:88:
         1d:e2:db:5e:61:3f:bd:de:11:90:27:81:30:ac:fb:ca:e0:c7:
         7e:e7:99:01:a8:be:35:cd:e0:19:e1:17:64:eb:c7:38:9e:a8:
         f6:c9:ba:51:c6:47:84:a4:56:98:6c:a0:7d:c2:80:18:f5:89:
         b0:ba:98:6b:15:c4:9f:38:52:fc:2a:1a:59:c7:fb:4c:50:60:
         3c:f2:ab:53:94:3c:52:d6:d2:9a:41:13:86:da:33:85:52:69:
         94:6f:3b:6a:6b:79:01:8e:be:19:32:f3:76:83:2a:11:d2:0f:
         d4:f7:34:c0:b8:6d:6c:40:56:0e:fe:f0:66:cd:3c:c0:4e:1d:
         22:ae:f8:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oa6V+NipZ6ew9VSl+W0LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1OGVmZDEwOGQ0YzViMGY0ZjlhODhhZTUzYmI3ZmVjOWQ1
OTRiOTIwHhcNMjUwNjI4MTMwMjE4WhcNMjUwNjI5MTMwMjE4WjAzMTEwLwYDVQQD
EyhlY2ExNTJiY2M2ZjdiN2JiOTI5ZTliMmMxZGY2OTRmMjI5MDMyOGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/O8lMK8DchoNp7P59zqZcFXNX9L
fMbw6lCxa/d5dG8YKiLbTNrSkt/nlX0cbrRY/Ue6TjvGYz/uYssvO6iWvr8CPOnN
6fIszjovLWlsiQLUaDF0fIlE1UMIuTIeIx5cA/cRl+p0C4R942uAYa8sscA7gva+
4XZ6sLff8vDr8wZDFZ9Sz/7d3840pDc/HUh+FF4FX/TcHVzCQr8il6WsvIp3GKuK
dIUbPjhdCiwjkdG/x7rdvoaMUKnDevowdOvSEFxGwXnHyzFqZ2QQUUNcBhVf9E8d
e/HvdXVUzIhRKvGHijs4rjACiP1Kod9bp2JcxPnHzU6skho/M1vwO+cIVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOyhUrzG97e7kp6bLB32lPIpAyjIMB8GA1UdIwQY
MBaAFKWO/RCNTFsPT5qIrlO7f+ydWUuSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFk3OUVJMU1XdzlQbW9pdVU3dF83SjFaUzVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9hM2I1YjItNjYzOC00YTRiLTliODUt
MTVjYzVkYTA3ODI2LzEvcFk3OUVJMU1XdzlQbW9pdVU3dF83SjFaUzVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9hM2I1YjItNjYzOC00YTRiLTliODUtMTVjYzVkYTA3ODI2
LzEvcFk3OUVJMU1XdzlQbW9pdVU3dF83SjFaUzVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPW3z8czy
ZcA0GcHe9azYB/FwSM/NDbftZBp/KSpYIxUHUUbJIHa2XaEeDLLJIvVFGttOD/Hv
CwEh+4WrTH7U8w35QP4TOQcn1EnVpk2JIVNXTMT4ZD1LAro7E3kh84p5T3wk1C8G
Sxbd9hhoYcRot+YTqG3lcbkAYbRnq4CIHeLbXmE/vd4RkCeBMKz7yuDHfueZAai+
Nc3gGeEXZOvHOJ6o9sm6UcZHhKRWmGygfcKAGPWJsLqYaxXEnzhS/CoaWcf7TFBg
PPKrU5Q8UtbSmkEThtozhVJplG87amt5AY6+GTLzdoMqEdIP1Pc0wLhtbEBWDv7w
Zs08wE4dIq74vw==
-----END CERTIFICATE-----