Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/a72453-fea1-4a70-a54b-911d34f014f3/1/Gveb-Kq2vgFJ2NtcigztvJVw8W4.mft
File:                     Gveb-Kq2vgFJ2NtcigztvJVw8W4.mft (raw, json)
Hash identifier:          7IeBYFKRODNZsBBKeFUmHQ8sDJOPXUB1L1mPEv+wmxc=
Subject key identifier:   2A:DA:97:16:B3:ED:6D:1C:16:49:66:C7:F4:83:C6:F9:43:72:C0:DC
Authority key identifier: 1A:F7:9B:F8:AA:B6:BE:01:49:D8:DB:5C:8A:0C:ED:BC:95:70:F1:6E
Certificate issuer:       /CN=1af79bf8aab6be0149d8db5c8a0cedbc9570f16e
Certificate serial:       0198D5F14A59DC540E71C86D268C1B18511D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Gveb-Kq2vgFJ2NtcigztvJVw8W4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/a72453-fea1-4a70-a54b-911d34f014f3/1/Gveb-Kq2vgFJ2NtcigztvJVw8W4.mft
Manifest number:          0130
Signing time:             Sat 23 Aug 2025 08:00:16 +0000
Manifest this update:     Sat 23 Aug 2025 08:00:16 +0000
Manifest next update:     Sun 24 Aug 2025 08:00:16 +0000
Files and hashes:         1: Gveb-Kq2vgFJ2NtcigztvJVw8W4.crl (hash: JVRc6BOSJHhmlPQkg24GDGFEmRa2SbU7Wlhn/5TLWlU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4b/a72453-fea1-4a70-a54b-911d34f014f3/1/Gveb-Kq2vgFJ2NtcigztvJVw8W4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4b/a72453-fea1-4a70-a54b-911d34f014f3/1/Gveb-Kq2vgFJ2NtcigztvJVw8W4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Gveb-Kq2vgFJ2NtcigztvJVw8W4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:f1:4a:59:dc:54:0e:71:c8:6d:26:8c:1b:18:51:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1af79bf8aab6be0149d8db5c8a0cedbc9570f16e
        Validity
            Not Before: Aug 23 08:00:16 2025 GMT
            Not After : Aug 24 08:00:16 2025 GMT
        Subject: CN=2ada9716b3ed6d1c164966c7f483c6f94372c0dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:c3:18:6a:55:95:7b:9d:cb:67:02:7f:96:45:
                    e1:77:cb:92:49:59:e8:ad:58:6d:65:9c:21:e3:14:
                    f0:e4:f8:45:a3:e9:b5:e7:c8:e0:33:56:ba:26:4c:
                    c1:3a:d0:bf:72:5d:bd:ea:bd:3d:fc:7f:f4:a1:ba:
                    d7:07:80:20:d1:41:9a:63:f8:f2:56:a7:2b:6d:90:
                    82:c4:e3:39:45:ac:c8:63:83:38:31:84:ca:32:da:
                    06:a9:70:ad:4a:be:fd:cc:38:a8:21:47:fd:d6:86:
                    29:95:b5:c7:a3:6e:bd:a2:d0:73:08:e7:51:07:fd:
                    67:35:a0:7b:fc:33:43:a6:82:17:93:a2:f2:9a:ca:
                    8d:0f:e1:f1:8b:0c:10:82:58:d7:74:a5:e7:9b:73:
                    04:93:a9:0b:d5:f5:9b:34:f4:a1:92:e6:fd:c7:f7:
                    ec:81:f0:0f:89:8e:9a:c4:14:9e:f4:65:ed:a3:af:
                    ff:3a:ec:08:ce:2a:ec:60:23:c1:1f:4d:18:be:ec:
                    7c:cf:36:cc:77:78:9e:e3:03:6e:ec:00:f9:1f:4c:
                    97:c9:89:ee:10:84:52:75:41:b7:e0:fd:0d:47:cb:
                    1c:a8:53:6e:62:6d:6a:71:5a:4e:0b:4e:e1:d6:a9:
                    9a:33:d7:c4:fb:5a:71:02:e9:a1:84:62:24:35:37:
                    2a:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:DA:97:16:B3:ED:6D:1C:16:49:66:C7:F4:83:C6:F9:43:72:C0:DC
            X509v3 Authority Key Identifier:
                keyid:1A:F7:9B:F8:AA:B6:BE:01:49:D8:DB:5C:8A:0C:ED:BC:95:70:F1:6E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gveb-Kq2vgFJ2NtcigztvJVw8W4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/a72453-fea1-4a70-a54b-911d34f014f3/1/Gveb-Kq2vgFJ2NtcigztvJVw8W4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/a72453-fea1-4a70-a54b-911d34f014f3/1/Gveb-Kq2vgFJ2NtcigztvJVw8W4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:3a:ad:6d:c3:c3:46:5c:86:4f:ea:c5:f9:96:98:10:e0:15:
         28:f5:10:ad:af:82:cb:09:4d:23:d3:8c:67:3e:0b:97:dd:f0:
         a2:10:95:6c:e3:74:2f:2d:24:18:f3:b0:5a:bc:02:56:de:ed:
         9a:22:f9:5e:43:dc:59:18:d9:9b:89:91:86:5d:ed:30:da:ea:
         ae:fa:25:1d:cd:29:7e:b8:66:0d:fa:00:fe:8a:21:03:5e:f7:
         81:ce:5d:4d:a7:0d:65:f8:08:ea:d7:ed:5b:17:a7:a8:02:94:
         b1:56:bd:02:94:78:e4:ef:de:46:78:66:c0:e6:84:d9:b9:67:
         88:ab:3e:97:fc:22:a8:35:f8:78:f6:db:f7:a3:9c:b5:35:b7:
         66:7d:45:69:9c:9d:b5:c4:9a:08:71:90:c3:2e:49:38:6d:8f:
         a4:d2:38:db:67:39:ef:fb:71:8e:4c:7a:5b:97:7b:df:fb:88:
         61:2b:ef:39:5c:4e:56:95:46:9f:8f:b4:a1:38:ac:a2:1c:90:
         95:c9:b6:18:9a:9b:6b:d8:36:83:02:3a:9e:d2:45:e7:c5:1b:
         5e:4a:6b:88:78:86:31:f1:17:c9:d9:ff:ac:30:fd:cd:65:67:
         f9:9b:9d:bb:09:b6:b0:e1:d5:88:da:95:28:c3:a9:e6:65:6f:
         ba:b7:d8:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjV8UpZ3FQOcchtJowbGFEdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZjc5YmY4YWFiNmJlMDE0OWQ4ZGI1YzhhMGNlZGJjOTU3
MGYxNmUwHhcNMjUwODIzMDgwMDE2WhcNMjUwODI0MDgwMDE2WjAzMTEwLwYDVQQD
EygyYWRhOTcxNmIzZWQ2ZDFjMTY0OTY2YzdmNDgzYzZmOTQzNzJjMGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA88MYalWVe53LZwJ/lkXhd8uSSVno
rVhtZZwh4xTw5PhFo+m158jgM1a6JkzBOtC/cl296r09/H/0obrXB4Ag0UGaY/jy
VqcrbZCCxOM5RazIY4M4MYTKMtoGqXCtSr79zDioIUf91oYplbXHo269otBzCOdR
B/1nNaB7/DNDpoIXk6LymsqND+HxiwwQgljXdKXnm3MEk6kL1fWbNPShkub9x/fs
gfAPiY6axBSe9GXto6//OuwIzirsYCPBH00Yvux8zzbMd3ie4wNu7AD5H0yXyYnu
EIRSdUG34P0NR8scqFNuYm1qcVpOC07h1qmaM9fE+1pxAumhhGIkNTcqfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCralxaz7W0cFklmx/SDxvlDcsDcMB8GA1UdIwQY
MBaAFBr3m/iqtr4BSdjbXIoM7byVcPFuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3ZlYi1LcTJ2Z0ZKMk50Y2lnenR2SlZ3OFc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9hNzI0NTMtZmVhMS00YTcwLWE1NGIt
OTExZDM0ZjAxNGYzLzEvR3ZlYi1LcTJ2Z0ZKMk50Y2lnenR2SlZ3OFc0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9hNzI0NTMtZmVhMS00YTcwLWE1NGItOTExZDM0ZjAxNGYz
LzEvR3ZlYi1LcTJ2Z0ZKMk50Y2lnenR2SlZ3OFc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZzqtbcPD
RlyGT+rF+ZaYEOAVKPUQra+CywlNI9OMZz4Ll93wohCVbON0Ly0kGPOwWrwCVt7t
miL5XkPcWRjZm4mRhl3tMNrqrvolHc0pfrhmDfoA/oohA173gc5dTacNZfgI6tft
WxenqAKUsVa9ApR45O/eRnhmwOaE2blniKs+l/wiqDX4ePbb96OctTW3Zn1FaZyd
tcSaCHGQwy5JOG2PpNI422c57/txjkx6W5d73/uIYSvvOVxOVpVGn4+0oTisohyQ
lcm2GJqba9g2gwI6ntJF58UbXkpriHiGMfEXydn/rDD9zWVn+Zuduwm2sOHViNqV
KMOp5mVvurfYgA==
-----END CERTIFICATE-----