Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/34fd08-ce76-4bc3-87c0-36d4d7f07c8a/1/qYI63d9sNfBbfByuB5BL_58vass.mft
File:                     qYI63d9sNfBbfByuB5BL_58vass.mft (raw, json)
Hash identifier:          2ENCGE3aLXTOYi0T/BpLPOfFfc/F93ltd3/jImxdvk4=
Subject key identifier:   0F:32:21:AF:CC:84:D2:7C:03:51:45:CF:30:50:3E:0E:8E:BA:52:DE
Authority key identifier: A9:82:3A:DD:DF:6C:35:F0:5B:7C:1C:AE:07:90:4B:FF:9F:2F:6A:CB
Certificate issuer:       /CN=a9823adddf6c35f05b7c1cae07904bff9f2f6acb
Certificate serial:       0197B70F28256D5236CA98BF9C7E3B1CD627
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qYI63d9sNfBbfByuB5BL_58vass.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/34fd08-ce76-4bc3-87c0-36d4d7f07c8a/1/qYI63d9sNfBbfByuB5BL_58vass.mft
Manifest number:          0A2B
Signing time:             Sat 28 Jun 2025 15:01:53 +0000
Manifest this update:     Sat 28 Jun 2025 15:01:53 +0000
Manifest next update:     Sun 29 Jun 2025 15:01:53 +0000
Files and hashes:         1: qYI63d9sNfBbfByuB5BL_58vass.crl (hash: PhcSJEAq6s8z4/aSPoR7P6MDuL/R8l+TnbRaG5NXMTw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/34fd08-ce76-4bc3-87c0-36d4d7f07c8a/1/qYI63d9sNfBbfByuB5BL_58vass.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/34fd08-ce76-4bc3-87c0-36d4d7f07c8a/1/qYI63d9sNfBbfByuB5BL_58vass.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qYI63d9sNfBbfByuB5BL_58vass.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0f:28:25:6d:52:36:ca:98:bf:9c:7e:3b:1c:d6:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a9823adddf6c35f05b7c1cae07904bff9f2f6acb
        Validity
            Not Before: Jun 28 15:01:53 2025 GMT
            Not After : Jun 29 15:01:53 2025 GMT
        Subject: CN=0f3221afcc84d27c035145cf30503e0e8eba52de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:1c:9d:3c:b0:29:ac:0a:da:b3:c7:63:5b:ff:
                    81:19:f0:e9:e6:fb:cf:d9:6a:3d:f6:87:49:0d:dd:
                    48:a0:44:bd:62:2f:ac:97:ba:da:f6:f4:a3:90:58:
                    d5:53:3e:36:8b:db:e0:32:90:cd:37:c7:f4:ca:ec:
                    9c:bf:c7:37:a5:26:67:18:9e:66:9e:e0:32:c9:19:
                    0a:2e:de:65:0d:fe:98:f8:2f:de:e8:2d:d3:1f:72:
                    d2:45:33:bd:d6:36:e0:0c:bd:04:1f:d8:62:58:5a:
                    14:8a:c6:2a:ae:49:bb:2a:a4:d5:a5:59:b9:43:54:
                    19:86:d3:d1:58:cc:6c:75:ed:03:18:18:d1:ed:b7:
                    94:4f:40:09:82:f6:2a:0f:dd:8c:f7:73:65:2b:ee:
                    43:03:d1:c9:ef:bb:6c:ec:3f:97:77:ab:68:8b:ee:
                    76:ee:5a:5d:6e:c0:8d:fb:93:a1:3e:0a:1c:d2:90:
                    0c:57:2e:29:7e:6e:6d:66:52:c5:30:c3:be:19:dc:
                    23:a7:fd:8d:1f:80:f2:16:3f:57:fa:9b:b0:e8:a5:
                    76:21:31:21:a3:34:c0:ac:54:e5:b5:7f:60:9f:74:
                    5d:41:9d:2e:d6:6b:8a:d7:b1:6f:e3:74:2f:ef:45:
                    2e:00:cc:e9:71:dd:ba:32:8f:b5:11:96:03:d6:13:
                    4e:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:32:21:AF:CC:84:D2:7C:03:51:45:CF:30:50:3E:0E:8E:BA:52:DE
            X509v3 Authority Key Identifier:
                keyid:A9:82:3A:DD:DF:6C:35:F0:5B:7C:1C:AE:07:90:4B:FF:9F:2F:6A:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qYI63d9sNfBbfByuB5BL_58vass.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/34fd08-ce76-4bc3-87c0-36d4d7f07c8a/1/qYI63d9sNfBbfByuB5BL_58vass.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/34fd08-ce76-4bc3-87c0-36d4d7f07c8a/1/qYI63d9sNfBbfByuB5BL_58vass.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:b6:a7:db:af:65:18:be:04:51:32:e7:17:0f:d0:ea:c5:0d:
         b8:5b:7d:04:ff:8d:03:18:5f:8f:10:6d:0b:a3:43:cb:05:8c:
         d8:0b:84:9e:ce:4b:fa:f4:8a:ec:c8:6e:11:44:45:ac:c8:3d:
         24:56:9b:90:d5:aa:63:80:d1:83:bd:a8:e9:89:77:df:7d:54:
         19:0c:f9:ce:05:7a:4a:5f:5b:01:43:9a:17:be:80:48:e2:74:
         c6:3f:cb:35:17:25:e0:79:61:5d:b3:4a:5b:05:a7:83:75:7b:
         4f:af:07:f1:72:35:c7:49:2e:8b:c9:7d:b5:2b:f2:d8:f2:36:
         97:1c:74:50:24:bd:99:e7:20:08:1b:89:dc:cb:4a:b0:f7:49:
         2a:ca:5b:c9:44:2e:8c:53:b0:70:0d:d7:60:53:e6:17:6e:10:
         11:66:4e:58:34:58:ce:18:8b:6b:27:bf:c4:dd:89:28:ce:47:
         e6:ca:1d:53:12:b7:a5:23:a4:e4:44:95:c2:a5:e6:15:70:17:
         8c:fd:9a:33:2d:f9:c1:b0:79:1b:16:3e:f3:56:53:13:12:13:
         f1:9b:e0:d9:88:59:f0:44:ac:e9:4d:72:65:bc:8f:61:29:75:
         7c:10:6e:26:3d:62:21:74:d1:97:6d:7c:78:4f:c1:03:8b:c7:
         98:ee:e1:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3DyglbVI2ypi/nH47HNYnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ODIzYWRkZGY2YzM1ZjA1YjdjMWNhZTA3OTA0YmZmOWYy
ZjZhY2IwHhcNMjUwNjI4MTUwMTUzWhcNMjUwNjI5MTUwMTUzWjAzMTEwLwYDVQQD
EygwZjMyMjFhZmNjODRkMjdjMDM1MTQ1Y2YzMDUwM2UwZThlYmE1MmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxydPLAprAras8djW/+BGfDp5vvP
2Wo99odJDd1IoES9Yi+sl7ra9vSjkFjVUz42i9vgMpDNN8f0yuycv8c3pSZnGJ5m
nuAyyRkKLt5lDf6Y+C/e6C3TH3LSRTO91jbgDL0EH9hiWFoUisYqrkm7KqTVpVm5
Q1QZhtPRWMxsde0DGBjR7beUT0AJgvYqD92M93NlK+5DA9HJ77ts7D+Xd6toi+52
7lpdbsCN+5OhPgoc0pAMVy4pfm5tZlLFMMO+Gdwjp/2NH4DyFj9X+puw6KV2ITEh
ozTArFTltX9gn3RdQZ0u1muK17Fv43Qv70UuAMzpcd26Mo+1EZYD1hNOTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA8yIa/MhNJ8A1FFzzBQPg6OulLeMB8GA1UdIwQY
MBaAFKmCOt3fbDXwW3wcrgeQS/+fL2rLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVlJNjNkOXNOZkJiZkJ5dUI1QkxfNTh2YXNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8zNGZkMDgtY2U3Ni00YmMzLTg3YzAt
MzZkNGQ3ZjA3YzhhLzEvcVlJNjNkOXNOZkJiZkJ5dUI1QkxfNTh2YXNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8zNGZkMDgtY2U3Ni00YmMzLTg3YzAtMzZkNGQ3ZjA3Yzhh
LzEvcVlJNjNkOXNOZkJiZkJ5dUI1QkxfNTh2YXNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV7an269l
GL4EUTLnFw/Q6sUNuFt9BP+NAxhfjxBtC6NDywWM2AuEns5L+vSK7MhuEURFrMg9
JFabkNWqY4DRg72o6Yl3331UGQz5zgV6Sl9bAUOaF76ASOJ0xj/LNRcl4HlhXbNK
WwWng3V7T68H8XI1x0kui8l9tSvy2PI2lxx0UCS9mecgCBuJ3MtKsPdJKspbyUQu
jFOwcA3XYFPmF24QEWZOWDRYzhiLaye/xN2JKM5H5sodUxK3pSOk5ESVwqXmFXAX
jP2aMy35wbB5GxY+81ZTExIT8Zvg2YhZ8ESs6U1yZbyPYSl1fBBuJj1iIXTRl218
eE/BA4vHmO7heQ==
-----END CERTIFICATE-----