Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft
File:                     H38fQMjrspNo9ug7-d3QZ14H1O0.mft (raw, json)
Hash identifier:          C5EaiuM/gh+4VKw0YgsBL35ID2a3Hqpyn1PDxAOXtqI=
Subject key identifier:   FA:0A:09:35:39:9D:47:51:C6:4A:E9:63:40:95:6E:C1:84:4C:F0:E9
Authority key identifier: 1F:7F:1F:40:C8:EB:B2:93:68:F6:E8:3B:F9:DD:D0:67:5E:07:D4:ED
Certificate issuer:       /CN=1f7f1f40c8ebb29368f6e83bf9ddd0675e07d4ed
Certificate serial:       0197B6A148560447F3B7A60C7DB75C6B79D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H38fQMjrspNo9ug7-d3QZ14H1O0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft
Manifest number:          0E75
Signing time:             Sat 28 Jun 2025 13:01:52 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:52 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:52 +0000
Files and hashes:         1: H38fQMjrspNo9ug7-d3QZ14H1O0.crl (hash: uWPGQLX6FNAdW1CPOfUATI2rTnW6q7Vza+WKGY956o4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H38fQMjrspNo9ug7-d3QZ14H1O0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:01:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:48:56:04:47:f3:b7:a6:0c:7d:b7:5c:6b:79:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f7f1f40c8ebb29368f6e83bf9ddd0675e07d4ed
        Validity
            Not Before: Jun 28 13:01:52 2025 GMT
            Not After : Jun 29 13:01:52 2025 GMT
        Subject: CN=fa0a0935399d4751c64ae96340956ec1844cf0e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:57:8f:45:e5:5d:3d:6a:db:a9:71:64:e2:25:
                    ed:d7:ee:39:42:5d:af:35:1e:f1:87:4f:02:ab:2e:
                    c1:ea:c0:cf:38:56:8f:d2:00:46:f3:24:c9:2a:a1:
                    10:d5:c0:37:0f:8f:01:9f:32:a3:31:f5:fe:04:98:
                    f1:e6:94:81:1e:96:7c:dc:d2:59:e3:6e:3d:e2:5b:
                    da:a2:df:f9:cd:14:1b:a3:cd:0d:8b:3c:d7:ee:aa:
                    b5:54:7e:9f:25:b4:d8:74:8c:58:d7:31:c7:b0:08:
                    af:06:9b:7b:62:88:6e:cb:78:34:9a:87:28:f9:74:
                    64:c5:98:09:94:5e:da:7a:58:86:ed:f7:d5:33:8d:
                    9d:11:89:d1:f3:ab:ea:6d:11:a3:ac:28:34:00:2d:
                    8e:3b:6c:8f:d0:15:31:10:ab:e1:ad:06:50:8d:cb:
                    62:8e:f4:a7:bc:a5:05:11:f3:48:04:b7:82:62:c9:
                    5a:69:6c:10:7b:23:c9:28:84:cd:79:e4:14:44:e9:
                    da:6b:ea:c7:4c:ed:c6:1f:95:9e:50:9f:a4:d4:cc:
                    c9:ee:2e:c9:6c:84:bd:83:1e:76:bd:41:20:e8:a9:
                    6b:61:d9:87:0a:1d:9f:9a:47:63:43:07:26:67:27:
                    01:c4:0f:71:f0:15:00:70:b7:2a:d6:68:b3:42:90:
                    6a:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:0A:09:35:39:9D:47:51:C6:4A:E9:63:40:95:6E:C1:84:4C:F0:E9
            X509v3 Authority Key Identifier:
                keyid:1F:7F:1F:40:C8:EB:B2:93:68:F6:E8:3B:F9:DD:D0:67:5E:07:D4:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H38fQMjrspNo9ug7-d3QZ14H1O0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:cc:16:18:6a:58:26:47:21:d7:a2:e4:0a:02:65:8a:69:0f:
         4d:05:5f:e3:44:31:d6:35:d1:6d:c7:be:9c:77:51:e3:d3:43:
         0c:f0:a4:23:42:e2:b2:c3:aa:72:3b:2c:be:47:64:d1:e5:77:
         bb:4f:47:2c:6f:9d:2d:9b:02:29:3c:4a:d6:f5:74:3a:1d:14:
         47:ae:7d:32:36:dc:72:0b:d0:5b:ee:78:4c:a6:11:47:95:ca:
         5e:4b:9d:c2:9a:94:01:1d:c8:82:95:bb:c7:c4:04:23:78:7f:
         07:a6:d4:5d:14:c4:6a:03:5f:a0:94:e2:08:c4:45:26:21:89:
         61:7f:bf:bf:77:99:32:97:a1:0f:a8:46:7f:ed:46:b3:c9:db:
         7c:6d:53:ed:63:6e:c3:75:7c:d8:da:69:ea:d8:53:44:bc:18:
         3a:bb:61:ca:1a:93:e2:dc:d1:82:f3:49:08:f7:70:95:01:fc:
         b6:ea:ea:51:93:c5:bb:b6:0c:70:a2:ca:2e:fa:c5:5d:4f:26:
         40:0f:b3:f6:fd:42:a0:b8:3f:42:a4:f8:d9:fd:2f:ea:97:42:
         81:fc:2f:34:e6:2e:d3:48:fa:84:66:4a:cc:bb:50:da:90:66:
         01:bc:99:23:b4:9b:ec:72:50:05:d4:cf:f3:1d:62:52:be:bc:
         84:dd:84:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oUhWBEfzt6YMfbdca3nVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmN2YxZjQwYzhlYmIyOTM2OGY2ZTgzYmY5ZGRkMDY3NWUw
N2Q0ZWQwHhcNMjUwNjI4MTMwMTUyWhcNMjUwNjI5MTMwMTUyWjAzMTEwLwYDVQQD
EyhmYTBhMDkzNTM5OWQ0NzUxYzY0YWU5NjM0MDk1NmVjMTg0NGNmMGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolePReVdPWrbqXFk4iXt1+45Ql2v
NR7xh08Cqy7B6sDPOFaP0gBG8yTJKqEQ1cA3D48BnzKjMfX+BJjx5pSBHpZ83NJZ
42494lvaot/5zRQbo80NizzX7qq1VH6fJbTYdIxY1zHHsAivBpt7Yohuy3g0moco
+XRkxZgJlF7aeliG7ffVM42dEYnR86vqbRGjrCg0AC2OO2yP0BUxEKvhrQZQjcti
jvSnvKUFEfNIBLeCYslaaWwQeyPJKITNeeQUROnaa+rHTO3GH5WeUJ+k1MzJ7i7J
bIS9gx52vUEg6KlrYdmHCh2fmkdjQwcmZycBxA9x8BUAcLcq1mizQpBqRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPoKCTU5nUdRxkrpY0CVbsGETPDpMB8GA1UdIwQY
MBaAFB9/H0DI67KTaPboO/nd0GdeB9TtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDM4ZlFNanJzcE5vOXVnNy1kM1FaMTRIMU8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy83ZWQ2NjItMjVmMi00YTA0LWE3YjYt
Nzc3YTRmODAwMjQ1LzEvSDM4ZlFNanJzcE5vOXVnNy1kM1FaMTRIMU8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy83ZWQ2NjItMjVmMi00YTA0LWE3YjYtNzc3YTRmODAwMjQ1
LzEvSDM4ZlFNanJzcE5vOXVnNy1kM1FaMTRIMU8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANcwWGGpY
Jkch16LkCgJlimkPTQVf40Qx1jXRbce+nHdR49NDDPCkI0LissOqcjssvkdk0eV3
u09HLG+dLZsCKTxK1vV0Oh0UR659MjbccgvQW+54TKYRR5XKXkudwpqUAR3IgpW7
x8QEI3h/B6bUXRTEagNfoJTiCMRFJiGJYX+/v3eZMpehD6hGf+1Gs8nbfG1T7WNu
w3V82Npp6thTRLwYOrthyhqT4tzRgvNJCPdwlQH8turqUZPFu7YMcKLKLvrFXU8m
QA+z9v1CoLg/QqT42f0v6pdCgfwvNOYu00j6hGZKzLtQ2pBmAbyZI7Sb7HJQBdTP
8x1iUr68hN2Eqw==
-----END CERTIFICATE-----