Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/0fe7a3-6fce-42b6-8a18-251867bdc13f/1/ULhDqNkbFYJOYOLNaJpvRR4lal4.mft
File:                     ULhDqNkbFYJOYOLNaJpvRR4lal4.mft (raw, json)
Hash identifier:          kLRVkxDqN9MSQ1ASYFZsc/+bu33d599YQ7YO2nd9RPM=
Subject key identifier:   89:45:5A:CF:A1:4A:3D:FA:4B:3F:D0:57:48:B9:7A:A7:8B:4C:A5:FA
Authority key identifier: 50:B8:43:A8:D9:1B:15:82:4E:60:E2:CD:68:9A:6F:45:1E:25:6A:5E
Certificate issuer:       /CN=50b843a8d91b15824e60e2cd689a6f451e256a5e
Certificate serial:       0197BA0F9EA1859F332716C6251FD6A54D04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ULhDqNkbFYJOYOLNaJpvRR4lal4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/0fe7a3-6fce-42b6-8a18-251867bdc13f/1/ULhDqNkbFYJOYOLNaJpvRR4lal4.mft
Manifest number:          0328
Signing time:             Sun 29 Jun 2025 05:01:14 +0000
Manifest this update:     Sun 29 Jun 2025 05:01:14 +0000
Manifest next update:     Mon 30 Jun 2025 05:01:14 +0000
Files and hashes:         1: ULhDqNkbFYJOYOLNaJpvRR4lal4.crl (hash: fxn5wfKoUMj6nSdw551QxzCBloOmQlFRA5e9jC69N9I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/0fe7a3-6fce-42b6-8a18-251867bdc13f/1/ULhDqNkbFYJOYOLNaJpvRR4lal4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/0fe7a3-6fce-42b6-8a18-251867bdc13f/1/ULhDqNkbFYJOYOLNaJpvRR4lal4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ULhDqNkbFYJOYOLNaJpvRR4lal4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 04:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:ba:0f:9e:a1:85:9f:33:27:16:c6:25:1f:d6:a5:4d:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=50b843a8d91b15824e60e2cd689a6f451e256a5e
        Validity
            Not Before: Jun 29 05:01:14 2025 GMT
            Not After : Jun 30 05:01:14 2025 GMT
        Subject: CN=89455acfa14a3dfa4b3fd05748b97aa78b4ca5fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:ee:60:44:29:3c:00:28:f9:95:bf:44:ff:a9:
                    12:89:09:1e:ea:fe:30:4c:63:46:5d:35:05:a5:6d:
                    09:f2:38:f1:a4:9e:9c:0d:56:fd:97:3e:7e:37:b8:
                    e0:2b:15:25:86:6a:93:ec:9c:36:9a:71:81:d3:33:
                    cc:03:8b:98:51:e9:38:56:ad:b2:14:0e:23:58:7c:
                    21:53:fa:2c:87:0f:93:b2:bf:db:12:f2:50:67:32:
                    53:59:f5:9e:f3:dc:32:30:02:a9:28:32:5f:91:a6:
                    4d:05:17:91:c3:30:4c:f7:29:53:58:9b:4b:6b:59:
                    b1:78:0b:9b:f5:3d:ac:c6:8c:90:81:30:65:dc:38:
                    18:99:90:57:19:7b:fe:a6:35:c4:8d:98:14:e2:dd:
                    29:6e:e7:dd:08:18:7c:83:4e:13:2c:a3:1f:36:06:
                    91:65:8e:ff:eb:fe:83:ef:28:e9:66:b5:c0:20:a7:
                    f4:6c:a1:12:c3:9e:f6:b6:a0:f3:6f:8f:0c:e9:17:
                    22:45:5b:e6:50:e5:35:a0:ad:18:c9:a9:52:80:18:
                    4e:e6:50:b2:89:a1:a1:d6:25:d7:61:ea:8e:62:20:
                    5c:15:99:87:de:e0:01:f8:5a:44:79:06:15:62:8e:
                    e2:de:77:1f:a9:cc:21:cb:dd:85:0e:77:12:e7:c1:
                    a4:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:45:5A:CF:A1:4A:3D:FA:4B:3F:D0:57:48:B9:7A:A7:8B:4C:A5:FA
            X509v3 Authority Key Identifier:
                keyid:50:B8:43:A8:D9:1B:15:82:4E:60:E2:CD:68:9A:6F:45:1E:25:6A:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ULhDqNkbFYJOYOLNaJpvRR4lal4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/0fe7a3-6fce-42b6-8a18-251867bdc13f/1/ULhDqNkbFYJOYOLNaJpvRR4lal4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/0fe7a3-6fce-42b6-8a18-251867bdc13f/1/ULhDqNkbFYJOYOLNaJpvRR4lal4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:e4:e7:33:76:71:57:0b:f9:20:a2:22:57:33:5b:6f:cf:e8:
         7a:a2:7b:ca:78:8b:f2:47:6e:4b:04:a9:f1:48:e9:2b:21:70:
         a3:96:7f:80:bf:2f:d9:70:62:60:84:a8:e6:06:9d:11:be:17:
         23:20:40:5f:59:70:19:b4:58:83:0d:70:3c:85:e7:56:63:92:
         a6:77:a3:da:eb:31:d4:ab:68:0c:95:98:fe:73:88:34:5d:68:
         03:0c:5d:eb:82:99:bc:83:d3:37:8c:11:42:fb:19:10:1f:18:
         10:fe:a5:36:6f:cf:a2:30:e3:58:50:60:3b:85:96:a0:22:fd:
         cc:a0:2d:58:a4:44:cd:e8:a1:2c:b0:09:5e:72:8d:1d:c1:a2:
         32:e3:7f:b7:dc:52:7d:12:56:14:ad:50:3c:06:17:c0:45:93:
         ff:3a:38:79:c2:9f:09:59:a9:2c:c3:f2:d4:a3:8d:7f:66:b4:
         9c:38:c4:da:bc:1b:99:4b:41:d7:a5:0f:1d:a9:f6:85:dc:7e:
         57:17:b9:ac:67:8e:4b:c0:90:1d:cc:5d:f3:5e:e2:2b:5d:ef:
         1a:fd:d5:c4:0a:c7:95:2a:95:5c:7a:d9:9b:23:a6:5a:5c:8b:
         7d:6a:e5:c7:5f:56:e7:fd:ec:ea:c1:51:d2:39:9e:fb:55:6c:
         5b:95:30:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe6D56hhZ8zJxbGJR/WpU0EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwYjg0M2E4ZDkxYjE1ODI0ZTYwZTJjZDY4OWE2ZjQ1MWUy
NTZhNWUwHhcNMjUwNjI5MDUwMTE0WhcNMjUwNjMwMDUwMTE0WjAzMTEwLwYDVQQD
Eyg4OTQ1NWFjZmExNGEzZGZhNGIzZmQwNTc0OGI5N2FhNzhiNGNhNWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqe5gRCk8ACj5lb9E/6kSiQke6v4w
TGNGXTUFpW0J8jjxpJ6cDVb9lz5+N7jgKxUlhmqT7Jw2mnGB0zPMA4uYUek4Vq2y
FA4jWHwhU/oshw+Tsr/bEvJQZzJTWfWe89wyMAKpKDJfkaZNBReRwzBM9ylTWJtL
a1mxeAub9T2sxoyQgTBl3DgYmZBXGXv+pjXEjZgU4t0pbufdCBh8g04TLKMfNgaR
ZY7/6/6D7yjpZrXAIKf0bKESw572tqDzb48M6RciRVvmUOU1oK0YyalSgBhO5lCy
iaGh1iXXYeqOYiBcFZmH3uAB+FpEeQYVYo7i3ncfqcwhy92FDncS58GklwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIlFWs+hSj36Sz/QV0i5eqeLTKX6MB8GA1UdIwQY
MBaAFFC4Q6jZGxWCTmDizWiab0UeJWpeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUxoRHFOa2JGWUpPWU9MTmFKcHZSUjRsYWw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8wZmU3YTMtNmZjZS00MmI2LThhMTgt
MjUxODY3YmRjMTNmLzEvVUxoRHFOa2JGWUpPWU9MTmFKcHZSUjRsYWw0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8wZmU3YTMtNmZjZS00MmI2LThhMTgtMjUxODY3YmRjMTNm
LzEvVUxoRHFOa2JGWUpPWU9MTmFKcHZSUjRsYWw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADOTnM3Zx
Vwv5IKIiVzNbb8/oeqJ7yniL8kduSwSp8UjpKyFwo5Z/gL8v2XBiYISo5gadEb4X
IyBAX1lwGbRYgw1wPIXnVmOSpnej2usx1KtoDJWY/nOINF1oAwxd64KZvIPTN4wR
QvsZEB8YEP6lNm/PojDjWFBgO4WWoCL9zKAtWKREzeihLLAJXnKNHcGiMuN/t9xS
fRJWFK1QPAYXwEWT/zo4ecKfCVmpLMPy1KONf2a0nDjE2rwbmUtB16UPHan2hdx+
Vxe5rGeOS8CQHcxd817iK13vGv3VxArHlSqVXHrZmyOmWlyLfWrlx19W5/3s6sFR
0jme+1VsW5UwZg==
-----END CERTIFICATE-----