Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.mft
File:                     dLJ8XVaEhkhT31uBVyIS7eMizgo.mft (raw, json)
Hash identifier:          lQ37YFtXp69riXlYQbGCEQbS0dus3JjFqcq1AVABBVs=
Subject key identifier:   5F:4E:FA:21:36:F8:77:EF:4E:66:C9:C5:86:09:C0:53:B4:A9:A2:5D
Authority key identifier: 74:B2:7C:5D:56:84:86:48:53:DF:5B:81:57:22:12:ED:E3:22:CE:0A
Certificate issuer:       /CN=74b27c5d5684864853df5b81572212ede322ce0a
Certificate serial:       0197B7EA5A2C4451AA4BEA7BE54B64943F75
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dLJ8XVaEhkhT31uBVyIS7eMizgo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.mft
Manifest number:          028A
Signing time:             Sat 28 Jun 2025 19:01:18 +0000
Manifest this update:     Sat 28 Jun 2025 19:01:18 +0000
Manifest next update:     Sun 29 Jun 2025 19:01:18 +0000
Files and hashes:         1: dLJ8XVaEhkhT31uBVyIS7eMizgo.crl (hash: 89bog0J9ZNGaoXPDYf4uhck/cOyrzEZQUurqAdRrepk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dLJ8XVaEhkhT31uBVyIS7eMizgo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:ea:5a:2c:44:51:aa:4b:ea:7b:e5:4b:64:94:3f:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74b27c5d5684864853df5b81572212ede322ce0a
        Validity
            Not Before: Jun 28 19:01:18 2025 GMT
            Not After : Jun 29 19:01:18 2025 GMT
        Subject: CN=5f4efa2136f877ef4e66c9c58609c053b4a9a25d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:08:9c:c1:93:8b:fe:8b:4a:17:01:75:f7:ca:
                    e8:59:56:05:b2:f0:b6:66:c5:69:fe:5a:7f:bb:f0:
                    d8:e7:8a:59:a9:35:4e:12:e4:38:49:d9:6a:10:45:
                    21:ef:cc:ee:23:5f:a2:b5:73:85:d2:f7:52:c2:22:
                    f6:e2:44:0f:97:8d:7b:7c:d0:8e:69:ef:2c:fd:70:
                    83:e3:4b:98:ae:eb:96:99:79:ec:5b:84:30:88:10:
                    4c:e6:05:ec:4e:38:95:39:87:82:72:5e:6f:29:55:
                    0f:a5:30:a9:bd:d1:ba:04:cb:9b:96:cb:8b:84:7a:
                    d7:67:51:9c:b5:9c:5c:e3:34:7f:48:21:a4:96:1c:
                    dc:73:bc:9a:56:39:20:ac:ff:e8:a6:da:e3:c1:88:
                    87:0d:a1:6d:5d:00:d2:ed:4f:9b:bf:36:45:70:bf:
                    d2:b2:67:a1:0d:c7:45:30:49:42:0e:30:73:db:d1:
                    a2:00:7a:1a:cb:a0:ca:6e:b1:0e:93:c8:0f:0c:98:
                    3d:92:96:3d:af:0c:3f:8c:3c:c2:03:d3:b8:58:03:
                    30:91:87:25:43:70:f1:8d:f6:a5:97:98:4e:9a:63:
                    8d:02:85:75:39:b5:c7:b0:30:44:1a:8c:29:67:38:
                    60:b5:0d:22:dd:a0:2b:63:c5:7b:76:ce:ba:07:bc:
                    70:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:4E:FA:21:36:F8:77:EF:4E:66:C9:C5:86:09:C0:53:B4:A9:A2:5D
            X509v3 Authority Key Identifier:
                keyid:74:B2:7C:5D:56:84:86:48:53:DF:5B:81:57:22:12:ED:E3:22:CE:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dLJ8XVaEhkhT31uBVyIS7eMizgo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:7d:a7:09:bc:3d:90:08:a0:6a:bc:b7:0b:04:69:aa:ee:d1:
         f9:ef:68:33:fc:5d:3f:f6:bc:0e:7a:c6:1b:ad:99:78:55:49:
         af:42:63:c7:76:9c:75:af:62:d7:89:d4:1f:12:03:6c:6f:c9:
         16:1c:b3:30:a9:a8:9a:b4:ce:d1:42:29:d9:0e:7f:0c:bd:5b:
         f3:ad:5c:d2:4f:43:63:3f:0b:be:c0:8b:6a:09:38:4b:73:65:
         10:36:17:86:59:e0:0f:87:74:9b:45:50:02:95:e4:fe:74:8e:
         b8:2a:6a:66:17:e8:13:5e:2e:91:7e:6f:2e:bb:b8:9e:f4:ba:
         36:8e:d9:63:fd:33:e9:24:fc:aa:3f:e8:d0:32:af:1c:12:be:
         b6:e3:7a:7e:c8:1d:ef:94:d4:f6:79:e5:4e:e9:f1:f9:71:64:
         00:2f:1a:e1:b6:f6:f0:b0:54:59:fd:5a:96:89:53:29:3f:b1:
         60:1e:ef:e2:16:72:3e:c9:e6:93:48:d0:44:a1:4e:de:f0:c4:
         9a:52:e2:b8:b0:90:51:9c:3a:ff:35:c6:25:48:a6:1d:31:94:
         b3:e3:26:60:b5:76:f2:e8:e8:a5:82:41:9c:1b:74:20:07:fe:
         75:66:e3:4a:a7:6c:35:cf:fd:e8:ff:24:36:6c:52:04:26:b6:
         43:6e:4e:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36losRFGqS+p75UtklD91MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0YjI3YzVkNTY4NDg2NDg1M2RmNWI4MTU3MjIxMmVkZTMy
MmNlMGEwHhcNMjUwNjI4MTkwMTE4WhcNMjUwNjI5MTkwMTE4WjAzMTEwLwYDVQQD
Eyg1ZjRlZmEyMTM2Zjg3N2VmNGU2NmM5YzU4NjA5YzA1M2I0YTlhMjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwicwZOL/otKFwF198roWVYFsvC2
ZsVp/lp/u/DY54pZqTVOEuQ4SdlqEEUh78zuI1+itXOF0vdSwiL24kQPl417fNCO
ae8s/XCD40uYruuWmXnsW4QwiBBM5gXsTjiVOYeCcl5vKVUPpTCpvdG6BMublsuL
hHrXZ1GctZxc4zR/SCGklhzcc7yaVjkgrP/optrjwYiHDaFtXQDS7U+bvzZFcL/S
smehDcdFMElCDjBz29GiAHoay6DKbrEOk8gPDJg9kpY9rww/jDzCA9O4WAMwkYcl
Q3Dxjfall5hOmmONAoV1ObXHsDBEGowpZzhgtQ0i3aArY8V7ds66B7xwCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF9O+iE2+HfvTmbJxYYJwFO0qaJdMB8GA1UdIwQY
MBaAFHSyfF1WhIZIU99bgVciEu3jIs4KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZExKOFhWYUVoa2hUMzF1QlZ5SVM3ZU1pemdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8yOTk2NTYtNzQ0YS00ZGFhLThjZmQt
MDEwYTk4NTZmNzg1LzEvZExKOFhWYUVoa2hUMzF1QlZ5SVM3ZU1pemdvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8yOTk2NTYtNzQ0YS00ZGFhLThjZmQtMDEwYTk4NTZmNzg1
LzEvZExKOFhWYUVoa2hUMzF1QlZ5SVM3ZU1pemdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZn2nCbw9
kAigary3CwRpqu7R+e9oM/xdP/a8DnrGG62ZeFVJr0Jjx3acda9i14nUHxIDbG/J
FhyzMKmomrTO0UIp2Q5/DL1b861c0k9DYz8LvsCLagk4S3NlEDYXhlngD4d0m0VQ
ApXk/nSOuCpqZhfoE14ukX5vLru4nvS6No7ZY/0z6ST8qj/o0DKvHBK+tuN6fsgd
75TU9nnlTunx+XFkAC8a4bb28LBUWf1alolTKT+xYB7v4hZyPsnmk0jQRKFO3vDE
mlLiuLCQUZw6/zXGJUimHTGUs+MmYLV28ujopYJBnBt0IAf+dWbjSqdsNc/96P8k
NmxSBCa2Q25Oug==
-----END CERTIFICATE-----