Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft
File:                     lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft (raw, json)
Hash identifier:          jyPtwCx+phcwiAx1voQNgXj5VCZVQ8J1yr4gwbHCCV4=
Subject key identifier:   EC:61:6C:59:53:7B:95:A1:B0:F7:7F:19:E4:C1:FA:2B:54:2A:81:09
Authority key identifier: 94:75:ED:DC:A9:5B:73:66:53:A4:C9:F9:D9:15:40:D2:D3:EF:B5:3D
Certificate issuer:       /CN=9475eddca95b736653a4c9f9d91540d2d3efb53d
Certificate serial:       0197C0491DB48EB471D39909D948A369001A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lHXt3Klbc2ZTpMn52RVA0tPvtT0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft
Manifest number:          01F7
Signing time:             Mon 30 Jun 2025 10:01:46 +0000
Manifest this update:     Mon 30 Jun 2025 10:01:46 +0000
Manifest next update:     Tue 01 Jul 2025 10:01:46 +0000
Files and hashes:         1: lHXt3Klbc2ZTpMn52RVA0tPvtT0.crl (hash: YsaiGmBjKjHGlugZZ6F3ppuPwCSwDmDJCEceGV7rNyo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lHXt3Klbc2ZTpMn52RVA0tPvtT0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 01 Jul 2025 07:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c0:49:1d:b4:8e:b4:71:d3:99:09:d9:48:a3:69:00:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9475eddca95b736653a4c9f9d91540d2d3efb53d
        Validity
            Not Before: Jun 30 10:01:46 2025 GMT
            Not After : Jul  1 10:01:46 2025 GMT
        Subject: CN=ec616c59537b95a1b0f77f19e4c1fa2b542a8109
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:29:2c:d7:c4:4e:c4:23:91:b6:c0:e6:a1:69:
                    35:6e:9c:3b:0e:c0:d9:a4:fa:55:78:a0:d9:44:20:
                    5b:75:99:d9:22:94:2e:74:60:99:d8:2a:19:5b:47:
                    a8:3b:4d:4c:4a:b9:66:3b:5e:f7:a0:a4:4b:f4:3d:
                    2a:93:38:cb:67:79:58:98:f9:c3:30:40:dc:5f:8b:
                    00:d9:d8:f8:69:5a:ed:94:b4:86:d3:02:1f:a8:e3:
                    2e:43:32:a0:62:c3:5c:99:60:c4:bb:0d:86:17:f8:
                    62:4f:3c:74:87:a1:60:e8:25:1a:d4:f0:b7:d1:76:
                    5c:33:34:19:20:6f:05:52:11:80:f4:a4:dc:ad:b5:
                    88:de:53:35:3b:5b:08:f0:6d:f0:bc:8f:58:82:21:
                    34:23:28:68:54:a9:34:ad:d6:62:42:19:cf:eb:9b:
                    4d:42:88:37:9f:49:c6:c9:83:df:48:f9:fe:3c:59:
                    36:55:4f:06:e6:55:83:a4:be:b8:41:07:a6:a6:55:
                    49:9f:16:59:5a:02:d2:00:f5:8f:ad:d8:81:4a:ee:
                    cc:a3:62:13:20:f1:e0:68:64:8b:75:14:06:69:36:
                    32:c8:7f:2f:6b:3f:f1:5f:b8:98:4e:68:d8:12:33:
                    1a:8d:fe:44:1f:64:54:a5:e6:00:f3:fd:f3:a6:81:
                    1d:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:61:6C:59:53:7B:95:A1:B0:F7:7F:19:E4:C1:FA:2B:54:2A:81:09
            X509v3 Authority Key Identifier:
                keyid:94:75:ED:DC:A9:5B:73:66:53:A4:C9:F9:D9:15:40:D2:D3:EF:B5:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lHXt3Klbc2ZTpMn52RVA0tPvtT0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:44:1b:b4:a3:29:a6:03:6d:8e:67:a8:db:f9:a9:8a:2f:00:
         bc:b6:13:6b:b3:79:2f:7d:d6:b1:c5:60:df:3a:c6:49:45:cb:
         71:7e:1f:3f:52:38:0c:3c:52:1f:e3:d3:04:9b:15:7c:21:9d:
         5a:41:af:f9:2a:20:15:4d:84:0b:36:ab:aa:5e:1a:2e:6d:58:
         5e:a5:1f:73:28:be:c8:78:d4:3a:a2:1a:e6:ec:3f:f6:de:6a:
         89:d9:1c:bc:13:60:33:73:3e:0f:db:5f:eb:9d:f3:6a:a5:d4:
         3f:6b:69:f6:7e:9d:76:7f:79:cb:ee:2a:9e:8f:43:39:d1:bc:
         e9:fd:68:20:10:50:08:96:b0:e0:ed:d5:d3:f8:24:be:79:c4:
         a9:9c:cf:3e:95:75:f8:f3:34:97:24:21:fe:c0:54:64:69:47:
         61:7c:0d:ed:37:af:3c:e1:81:70:16:d5:7e:78:e0:98:4f:da:
         1b:eb:5e:d5:32:ba:db:da:77:0b:a6:e8:11:a6:9c:23:93:a6:
         c5:62:37:a2:53:0f:53:45:6a:b3:aa:bf:c2:0e:84:10:0c:8a:
         d2:2e:04:2a:bc:26:a2:c9:94:95:69:65:4f:88:10:d3:6c:a7:
         cf:5c:cc:65:0f:2e:b4:63:13:29:6b:55:58:19:f1:8f:5a:de:
         a2:ea:9f:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfASR20jrRx05kJ2UijaQAaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NzVlZGRjYTk1YjczNjY1M2E0YzlmOWQ5MTU0MGQyZDNl
ZmI1M2QwHhcNMjUwNjMwMTAwMTQ2WhcNMjUwNzAxMTAwMTQ2WjAzMTEwLwYDVQQD
EyhlYzYxNmM1OTUzN2I5NWExYjBmNzdmMTllNGMxZmEyYjU0MmE4MTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Cks18ROxCORtsDmoWk1bpw7DsDZ
pPpVeKDZRCBbdZnZIpQudGCZ2CoZW0eoO01MSrlmO173oKRL9D0qkzjLZ3lYmPnD
MEDcX4sA2dj4aVrtlLSG0wIfqOMuQzKgYsNcmWDEuw2GF/hiTzx0h6Fg6CUa1PC3
0XZcMzQZIG8FUhGA9KTcrbWI3lM1O1sI8G3wvI9YgiE0IyhoVKk0rdZiQhnP65tN
Qog3n0nGyYPfSPn+PFk2VU8G5lWDpL64QQemplVJnxZZWgLSAPWPrdiBSu7Mo2IT
IPHgaGSLdRQGaTYyyH8vaz/xX7iYTmjYEjMajf5EH2RUpeYA8/3zpoEdPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOxhbFlTe5WhsPd/GeTB+itUKoEJMB8GA1UdIwQY
MBaAFJR17dypW3NmU6TJ+dkVQNLT77U9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEhYdDNLbGJjMlpUcE1uNTJSVkEwdFB2dFQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yM2NhMjEtYmNlYi00MzNlLWI3ZDkt
N2IwMDM5ODRiODYzLzEvbEhYdDNLbGJjMlpUcE1uNTJSVkEwdFB2dFQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8yM2NhMjEtYmNlYi00MzNlLWI3ZDktN2IwMDM5ODRiODYz
LzEvbEhYdDNLbGJjMlpUcE1uNTJSVkEwdFB2dFQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApkQbtKMp
pgNtjmeo2/mpii8AvLYTa7N5L33WscVg3zrGSUXLcX4fP1I4DDxSH+PTBJsVfCGd
WkGv+SogFU2ECzarql4aLm1YXqUfcyi+yHjUOqIa5uw/9t5qidkcvBNgM3M+D9tf
653zaqXUP2tp9n6ddn95y+4qno9DOdG86f1oIBBQCJaw4O3V0/gkvnnEqZzPPpV1
+PM0lyQh/sBUZGlHYXwN7TevPOGBcBbVfnjgmE/aG+te1TK629p3C6boEaacI5Om
xWI3olMPU0Vqs6q/wg6EEAyK0i4EKrwmosmUlWllT4gQ02ynz1zMZQ8utGMTKWtV
WBnxj1reouqfBg==
-----END CERTIFICATE-----