Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/053310-03af-4434-8307-dfa707940537/1/E7QhuCq3u6bi9V6QKp-4H6OvKY8.mft
File:                     E7QhuCq3u6bi9V6QKp-4H6OvKY8.mft (raw, json)
Hash identifier:          vkBDzQJ2SuJ+yTS8qRBzUZhMN2lLEW5OwDU384c4i+w=
Subject key identifier:   18:E1:D0:71:9B:CE:29:1C:86:A8:DA:6E:5F:82:42:A3:DB:12:3D:70
Authority key identifier: 13:B4:21:B8:2A:B7:BB:A6:E2:F5:5E:90:2A:9F:B8:1F:A3:AF:29:8F
Certificate issuer:       /CN=13b421b82ab7bba6e2f55e902a9fb81fa3af298f
Certificate serial:       0197B77C61439D136A455172B243792E55D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/E7QhuCq3u6bi9V6QKp-4H6OvKY8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/053310-03af-4434-8307-dfa707940537/1/E7QhuCq3u6bi9V6QKp-4H6OvKY8.mft
Manifest number:          0201
Signing time:             Sat 28 Jun 2025 17:01:11 +0000
Manifest this update:     Sat 28 Jun 2025 17:01:11 +0000
Manifest next update:     Sun 29 Jun 2025 17:01:11 +0000
Files and hashes:         1: E7QhuCq3u6bi9V6QKp-4H6OvKY8.crl (hash: URE0guV/5FXfx2F6odehGVv8aZVNqKrgnAmetfbbKtA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/053310-03af-4434-8307-dfa707940537/1/E7QhuCq3u6bi9V6QKp-4H6OvKY8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/053310-03af-4434-8307-dfa707940537/1/E7QhuCq3u6bi9V6QKp-4H6OvKY8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/E7QhuCq3u6bi9V6QKp-4H6OvKY8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:61:43:9d:13:6a:45:51:72:b2:43:79:2e:55:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=13b421b82ab7bba6e2f55e902a9fb81fa3af298f
        Validity
            Not Before: Jun 28 17:01:11 2025 GMT
            Not After : Jun 29 17:01:11 2025 GMT
        Subject: CN=18e1d0719bce291c86a8da6e5f8242a3db123d70
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:45:ee:9d:db:9d:8a:70:dd:2f:44:ff:fe:3d:
                    28:42:fe:67:b1:5e:8b:3e:95:32:e9:23:17:61:f4:
                    dc:1d:5e:de:b4:3f:f0:04:8f:8c:e6:e0:44:d4:25:
                    fa:5c:bc:4f:a1:86:20:b2:53:85:e8:20:65:0c:9b:
                    af:e7:6d:69:0f:a0:24:fb:ae:e4:96:2f:bc:aa:7c:
                    45:46:ba:d9:26:c8:03:04:8d:b3:3d:07:67:9d:b2:
                    9c:68:e3:94:b8:4f:8d:61:04:d0:ab:a6:fd:ca:ae:
                    52:e1:73:a4:97:c3:b8:fc:1b:6a:c3:89:42:99:54:
                    f6:f0:a2:10:a3:d7:bc:59:22:19:21:4c:7d:ba:1e:
                    2b:1c:10:1d:8f:d9:ee:5e:c6:87:24:03:2d:ad:98:
                    14:a4:2c:42:b1:98:ad:91:d4:14:85:99:aa:b3:f4:
                    ea:eb:dd:12:41:f2:02:bd:55:52:19:49:58:f2:0c:
                    bb:3d:07:44:35:e8:16:72:52:36:3f:d5:67:b6:86:
                    14:5c:f2:68:38:9c:6e:40:1e:d4:de:e5:e6:88:8a:
                    e3:c0:cb:9a:a8:b7:14:1e:5e:fe:0e:df:d8:e5:1e:
                    c4:8e:68:81:27:07:81:df:8d:9d:06:a6:e6:32:6e:
                    e2:3f:ac:b0:4c:0e:7d:2b:41:b8:c8:fa:71:d8:6c:
                    61:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:E1:D0:71:9B:CE:29:1C:86:A8:DA:6E:5F:82:42:A3:DB:12:3D:70
            X509v3 Authority Key Identifier:
                keyid:13:B4:21:B8:2A:B7:BB:A6:E2:F5:5E:90:2A:9F:B8:1F:A3:AF:29:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E7QhuCq3u6bi9V6QKp-4H6OvKY8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/053310-03af-4434-8307-dfa707940537/1/E7QhuCq3u6bi9V6QKp-4H6OvKY8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/053310-03af-4434-8307-dfa707940537/1/E7QhuCq3u6bi9V6QKp-4H6OvKY8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:94:13:95:80:0c:91:d1:01:d0:f3:1a:65:e6:08:0f:94:93:
         f1:2b:c1:19:92:a7:46:b6:1a:f9:2d:64:2e:6e:0d:41:73:a3:
         e7:78:57:bc:02:29:28:83:cb:10:eb:5a:28:a4:f8:66:ca:a6:
         77:01:04:d4:5a:5b:76:28:fb:01:cc:eb:40:7f:e6:d6:6f:22:
         57:8c:27:1d:27:5d:c5:ad:76:65:c0:2d:6e:50:8a:1f:f2:4f:
         8a:54:fd:4e:ce:0f:9b:56:d8:25:a4:13:b1:05:41:b9:20:63:
         9a:64:f5:eb:c9:d6:62:dd:27:da:2d:4f:6b:07:a1:0f:54:92:
         6f:69:f9:db:64:db:ae:6a:75:48:2d:8d:e7:85:fc:45:88:97:
         f7:7f:12:58:fd:08:18:35:2a:b4:43:24:89:36:dc:b9:db:a2:
         22:d3:63:ba:b9:13:f2:7c:f9:5b:44:54:8f:26:5c:20:59:30:
         41:1e:f0:45:c1:60:dc:9e:2d:b8:08:60:db:c6:3c:a0:0b:4c:
         6f:27:03:09:2d:1a:d4:77:cf:70:63:ad:66:0b:b7:fb:28:90:
         3d:74:58:c1:25:fd:2a:1e:4f:b9:3e:1c:b5:ef:4e:3e:9a:ce:
         76:f3:40:dc:e1:d7:e4:02:54:12:39:69:2c:9a:ef:d5:15:76:
         84:83:a8:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fGFDnRNqRVFyskN5LlXWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzYjQyMWI4MmFiN2JiYTZlMmY1NWU5MDJhOWZiODFmYTNh
ZjI5OGYwHhcNMjUwNjI4MTcwMTExWhcNMjUwNjI5MTcwMTExWjAzMTEwLwYDVQQD
EygxOGUxZDA3MTliY2UyOTFjODZhOGRhNmU1ZjgyNDJhM2RiMTIzZDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokXundudinDdL0T//j0oQv5nsV6L
PpUy6SMXYfTcHV7etD/wBI+M5uBE1CX6XLxPoYYgslOF6CBlDJuv521pD6Ak+67k
li+8qnxFRrrZJsgDBI2zPQdnnbKcaOOUuE+NYQTQq6b9yq5S4XOkl8O4/Btqw4lC
mVT28KIQo9e8WSIZIUx9uh4rHBAdj9nuXsaHJAMtrZgUpCxCsZitkdQUhZmqs/Tq
690SQfICvVVSGUlY8gy7PQdENegWclI2P9VntoYUXPJoOJxuQB7U3uXmiIrjwMua
qLcUHl7+Dt/Y5R7EjmiBJweB342dBqbmMm7iP6ywTA59K0G4yPpx2GxhowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBjh0HGbzikchqjabl+CQqPbEj1wMB8GA1UdIwQY
MBaAFBO0Ibgqt7um4vVekCqfuB+jrymPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTdRaHVDcTN1NmJpOVY2UUtwLTRINk92S1k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8wNTMzMTAtMDNhZi00NDM0LTgzMDct
ZGZhNzA3OTQwNTM3LzEvRTdRaHVDcTN1NmJpOVY2UUtwLTRINk92S1k4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8wNTMzMTAtMDNhZi00NDM0LTgzMDctZGZhNzA3OTQwNTM3
LzEvRTdRaHVDcTN1NmJpOVY2UUtwLTRINk92S1k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXJQTlYAM
kdEB0PMaZeYID5ST8SvBGZKnRrYa+S1kLm4NQXOj53hXvAIpKIPLEOtaKKT4Zsqm
dwEE1Fpbdij7AczrQH/m1m8iV4wnHSddxa12ZcAtblCKH/JPilT9Ts4Pm1bYJaQT
sQVBuSBjmmT168nWYt0n2i1PawehD1SSb2n522Tbrmp1SC2N54X8RYiX938SWP0I
GDUqtEMkiTbcuduiItNjurkT8nz5W0RUjyZcIFkwQR7wRcFg3J4tuAhg28Y8oAtM
bycDCS0a1HfPcGOtZgu3+yiQPXRYwSX9Kh5PuT4cte9OPprOdvNA3OHX5AJUEjlp
LJrv1RV2hIOomA==
-----END CERTIFICATE-----