Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
File:                     1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft (raw, json)
Hash identifier:          4oPoO3pnlXJzHv2hFWUYj/kCpeTmuQ154u0nmIZWS1A=
Subject key identifier:   65:50:47:9F:59:DE:FA:F0:4A:B0:10:97:EC:47:1D:8C:E2:27:F6:99
Authority key identifier: D5:F6:23:DA:4C:D2:EE:DD:C2:C8:7C:51:5C:62:51:8C:43:1D:3F:B5
Certificate issuer:       /CN=d5f623da4cd2eeddc2c87c515c62518c431d3fb5
Certificate serial:       0197B77C113856A2A5E904A1CE65F419A8E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
Manifest number:          02CD
Signing time:             Sat 28 Jun 2025 17:00:50 +0000
Manifest this update:     Sat 28 Jun 2025 17:00:50 +0000
Manifest next update:     Sun 29 Jun 2025 17:00:50 +0000
Files and hashes:         1: 1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl (hash: jcCHxHSsqErixE1OsyRGLYX1Y88auf7uhkiudgJvU34=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:11:38:56:a2:a5:e9:04:a1:ce:65:f4:19:a8:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5f623da4cd2eeddc2c87c515c62518c431d3fb5
        Validity
            Not Before: Jun 28 17:00:50 2025 GMT
            Not After : Jun 29 17:00:50 2025 GMT
        Subject: CN=6550479f59defaf04ab01097ec471d8ce227f699
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:a5:b5:5f:4e:73:78:4a:6e:b3:7c:88:fa:3e:
                    fa:7f:54:a7:0c:49:4a:14:2e:c8:dd:75:97:0b:2b:
                    b6:37:88:3a:ea:46:57:fe:e4:04:1e:89:fc:1f:e5:
                    89:2e:e3:8b:10:20:c1:e3:5c:8a:f9:20:e8:c1:20:
                    86:bb:e2:b3:b6:e7:ca:9c:6e:bc:74:af:3f:de:ff:
                    a5:42:c5:0e:bf:31:c3:13:a1:d0:99:02:4c:4a:f9:
                    6f:79:b7:48:07:3a:0b:d5:53:bd:0b:d8:1d:ce:60:
                    46:24:cc:4f:89:02:fa:c4:cc:7c:58:66:30:3b:44:
                    f9:66:9e:ef:61:84:e2:79:91:aa:4c:06:a5:e7:ba:
                    6b:fc:8e:ff:32:c9:9f:6b:a6:05:7e:5c:a1:d7:7f:
                    ce:48:cb:4a:54:49:07:33:c8:25:64:5b:ce:6c:11:
                    c8:b0:38:03:66:fd:48:8a:ba:ff:d2:e4:aa:70:df:
                    ac:0b:a9:b0:d0:65:1d:29:f5:3e:7c:04:9a:68:53:
                    c1:20:99:da:85:6a:08:48:02:df:29:4c:c0:10:1a:
                    9d:5d:22:02:6b:c8:73:f7:fa:50:ba:45:c9:11:36:
                    85:eb:8a:dd:51:b2:4a:e1:78:93:0e:d5:94:d7:f1:
                    48:33:f3:50:4f:8e:c2:82:73:8f:86:10:81:28:06:
                    ac:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:50:47:9F:59:DE:FA:F0:4A:B0:10:97:EC:47:1D:8C:E2:27:F6:99
            X509v3 Authority Key Identifier:
                keyid:D5:F6:23:DA:4C:D2:EE:DD:C2:C8:7C:51:5C:62:51:8C:43:1D:3F:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:56:75:51:06:73:e8:1d:a0:e1:68:d1:eb:4b:2e:1e:fb:45:
         40:80:ba:94:4d:7c:da:9a:43:77:ed:2c:4c:74:b6:37:1a:d4:
         82:15:d6:d4:01:85:fb:f2:ee:8c:10:c2:aa:23:d0:f4:34:4f:
         ee:17:b1:e2:e7:7c:48:79:2f:9c:72:f9:f0:da:e0:ca:a6:90:
         ef:8a:6e:cf:49:bb:bd:43:4c:08:c6:c0:07:04:f2:7a:ea:79:
         35:76:0d:49:02:71:c5:b5:8c:a3:38:03:fb:a5:23:ed:fb:0f:
         12:a4:5e:42:eb:76:1f:bd:f4:c0:0f:29:d5:94:20:6a:12:e6:
         0a:f3:ad:9f:72:d8:00:bc:3b:45:25:21:6c:36:d4:a4:ae:f5:
         3c:77:45:e6:85:69:87:d5:e5:5d:d8:3a:fb:8e:01:90:b7:2d:
         f9:6b:1c:3c:52:db:d0:93:3f:86:59:b8:81:2f:03:61:66:4f:
         30:5c:9d:10:56:de:16:59:8d:14:67:e0:fb:7f:a0:46:6f:44:
         34:08:ce:73:a3:ac:b7:3b:1a:fb:18:1a:2c:ae:a9:1b:26:75:
         21:37:93:ae:cb:f4:82:3a:16:4b:19:fd:7a:c8:47:92:15:9b:
         60:2d:73:a2:f8:fe:af:0a:4c:76:f6:a8:53:b8:16:47:94:e9:
         a3:77:27:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fBE4VqKl6QShzmX0GajgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZjYyM2RhNGNkMmVlZGRjMmM4N2M1MTVjNjI1MThjNDMx
ZDNmYjUwHhcNMjUwNjI4MTcwMDUwWhcNMjUwNjI5MTcwMDUwWjAzMTEwLwYDVQQD
Eyg2NTUwNDc5ZjU5ZGVmYWYwNGFiMDEwOTdlYzQ3MWQ4Y2UyMjdmNjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKW1X05zeEpus3yI+j76f1SnDElK
FC7I3XWXCyu2N4g66kZX/uQEHon8H+WJLuOLECDB41yK+SDowSCGu+KztufKnG68
dK8/3v+lQsUOvzHDE6HQmQJMSvlvebdIBzoL1VO9C9gdzmBGJMxPiQL6xMx8WGYw
O0T5Zp7vYYTieZGqTAal57pr/I7/Msmfa6YFflyh13/OSMtKVEkHM8glZFvObBHI
sDgDZv1Iirr/0uSqcN+sC6mw0GUdKfU+fASaaFPBIJnahWoISALfKUzAEBqdXSIC
a8hz9/pQukXJETaF64rdUbJK4XiTDtWU1/FIM/NQT47CgnOPhhCBKAas6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGVQR59Z3vrwSrAQl+xHHYziJ/aZMB8GA1UdIwQY
MBaAFNX2I9pM0u7dwsh8UVxiUYxDHT+1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8zMTNjMTEtZGY4Ny00ZDc3LTg3Mzkt
MDRmMWRjZWMzMjBlLzEvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8zMTNjMTEtZGY4Ny00ZDc3LTg3MzktMDRmMWRjZWMzMjBl
LzEvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmVZ1UQZz
6B2g4WjR60suHvtFQIC6lE182ppDd+0sTHS2NxrUghXW1AGF+/LujBDCqiPQ9DRP
7hex4ud8SHkvnHL58NrgyqaQ74puz0m7vUNMCMbABwTyeup5NXYNSQJxxbWMozgD
+6Uj7fsPEqReQut2H730wA8p1ZQgahLmCvOtn3LYALw7RSUhbDbUpK71PHdF5oVp
h9XlXdg6+44BkLct+WscPFLb0JM/hlm4gS8DYWZPMFydEFbeFlmNFGfg+3+gRm9E
NAjOc6Ostzsa+xgaLK6pGyZ1ITeTrsv0gjoWSxn9eshHkhWbYC1zovj+rwpMdvao
U7gWR5Tpo3cn+w==
-----END CERTIFICATE-----