Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/c025e5-399a-4ce8-b5f0-acbef018d03a/1/IIP4tbYgnefJQAjzM3vjQ2866-Y.mft
File:                     IIP4tbYgnefJQAjzM3vjQ2866-Y.mft (raw, json)
Hash identifier:          hfhtFo1mvkm6tl79xJfrVUsRqbX774DdFxVHOdKDzz0=
Subject key identifier:   8C:F4:6F:39:F0:96:E8:F2:AC:C3:FF:64:DF:D5:6A:B0:69:DA:C8:EE
Authority key identifier: 20:83:F8:B5:B6:20:9D:E7:C9:40:08:F3:33:7B:E3:43:6F:3A:EB:E6
Certificate issuer:       /CN=2083f8b5b6209de7c94008f3337be3436f3aebe6
Certificate serial:       0197B5C4885F1C7A7C50B9569C98748F3AD2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IIP4tbYgnefJQAjzM3vjQ2866-Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/c025e5-399a-4ce8-b5f0-acbef018d03a/1/IIP4tbYgnefJQAjzM3vjQ2866-Y.mft
Manifest number:          0609
Signing time:             Sat 28 Jun 2025 09:00:45 +0000
Manifest this update:     Sat 28 Jun 2025 09:00:45 +0000
Manifest next update:     Sun 29 Jun 2025 09:00:45 +0000
Files and hashes:         1: IIP4tbYgnefJQAjzM3vjQ2866-Y.crl (hash: SIUOARQuLZuWxJ2xYZsXf5yzCGQJ8lVL5wCt9r82TD4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/c025e5-399a-4ce8-b5f0-acbef018d03a/1/IIP4tbYgnefJQAjzM3vjQ2866-Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/c025e5-399a-4ce8-b5f0-acbef018d03a/1/IIP4tbYgnefJQAjzM3vjQ2866-Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IIP4tbYgnefJQAjzM3vjQ2866-Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 09:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b5:c4:88:5f:1c:7a:7c:50:b9:56:9c:98:74:8f:3a:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2083f8b5b6209de7c94008f3337be3436f3aebe6
        Validity
            Not Before: Jun 28 09:00:45 2025 GMT
            Not After : Jun 29 09:00:45 2025 GMT
        Subject: CN=8cf46f39f096e8f2acc3ff64dfd56ab069dac8ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:cb:3c:6c:b1:6f:21:2c:0e:46:34:cc:cb:6b:
                    ee:4e:e0:22:1d:86:57:8e:67:65:42:17:fd:95:1f:
                    91:01:e4:7e:5e:04:4d:a9:b9:7d:42:0e:6a:9a:8f:
                    4e:ba:71:24:ee:66:61:bc:7d:28:49:01:51:f1:e9:
                    a6:2b:bd:99:b8:04:ff:b2:7a:2c:3b:46:4b:e0:9c:
                    23:3f:c4:b7:79:e3:f3:46:34:8c:2e:d7:74:a8:8f:
                    5e:33:33:b5:4d:58:b5:2e:35:13:4b:0b:7c:4a:b3:
                    d8:d5:90:7e:3f:38:d1:90:6a:74:22:c3:35:c7:88:
                    89:a2:f9:1b:f4:8e:37:fa:d3:2a:2b:30:9b:9d:4a:
                    b0:81:79:7f:41:a7:cb:e0:45:41:0f:57:64:fd:bc:
                    14:7f:cf:d2:d0:a9:da:1b:ea:71:7c:69:86:88:bb:
                    93:54:1f:cf:40:c1:b5:b8:e3:d4:dd:28:8d:6a:db:
                    b9:cc:03:4d:fa:7f:03:b2:c1:14:4b:ff:d7:5e:88:
                    1b:8d:c3:0c:1a:c4:93:6e:78:4e:25:da:da:09:e0:
                    b1:f9:73:ef:8d:54:76:e0:a9:30:1a:21:35:44:97:
                    7d:9e:ff:44:3b:af:eb:78:2f:9a:d4:9e:f9:9e:0f:
                    94:52:0d:d7:6b:cf:f4:d8:d7:2f:43:2b:bc:31:a5:
                    e1:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:F4:6F:39:F0:96:E8:F2:AC:C3:FF:64:DF:D5:6A:B0:69:DA:C8:EE
            X509v3 Authority Key Identifier:
                keyid:20:83:F8:B5:B6:20:9D:E7:C9:40:08:F3:33:7B:E3:43:6F:3A:EB:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IIP4tbYgnefJQAjzM3vjQ2866-Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/c025e5-399a-4ce8-b5f0-acbef018d03a/1/IIP4tbYgnefJQAjzM3vjQ2866-Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/c025e5-399a-4ce8-b5f0-acbef018d03a/1/IIP4tbYgnefJQAjzM3vjQ2866-Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:be:9d:09:70:1d:55:1b:ec:67:2c:3a:33:d7:68:ff:f2:a9:
         b9:30:9c:6a:d5:9a:80:19:6b:30:47:88:94:9c:fb:78:75:aa:
         03:0c:a6:06:be:74:3b:cf:53:95:28:bd:e1:b1:a4:72:02:21:
         59:a6:68:af:27:cf:b4:bd:db:3e:fc:15:d8:d0:5c:35:23:bd:
         c1:a5:50:04:58:7a:f7:d8:d2:a5:8a:08:45:db:db:cb:d0:60:
         68:09:46:62:be:5f:43:5c:25:6c:c0:df:ab:bd:5a:0a:c3:b2:
         0b:50:49:21:67:7b:8a:e8:6f:82:63:7c:3f:99:c8:9f:74:c5:
         c7:8a:cf:94:ed:7a:4f:a2:54:2a:70:ca:90:e4:eb:23:6e:4c:
         ca:99:34:e3:07:aa:e1:2e:20:6c:d4:97:b1:36:e8:a6:bd:02:
         39:14:f7:05:d0:17:2f:3e:2f:7d:f0:9b:2d:6f:fd:36:86:d7:
         a0:a7:01:46:5b:fb:61:be:eb:18:23:85:7f:30:77:2f:0b:21:
         12:ff:55:54:1b:1c:86:0c:06:41:1c:2d:74:52:05:2e:c9:46:
         08:c8:43:64:41:a2:82:c6:58:25:97:ac:7d:02:28:14:9f:e7:
         4a:85:a7:1a:55:5f:4b:fa:3a:de:3d:78:77:4f:58:27:3e:3a:
         e9:27:20:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe1xIhfHHp8ULlWnJh0jzrSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwODNmOGI1YjYyMDlkZTdjOTQwMDhmMzMzN2JlMzQzNmYz
YWViZTYwHhcNMjUwNjI4MDkwMDQ1WhcNMjUwNjI5MDkwMDQ1WjAzMTEwLwYDVQQD
Eyg4Y2Y0NmYzOWYwOTZlOGYyYWNjM2ZmNjRkZmQ1NmFiMDY5ZGFjOGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwss8bLFvISwORjTMy2vuTuAiHYZX
jmdlQhf9lR+RAeR+XgRNqbl9Qg5qmo9OunEk7mZhvH0oSQFR8emmK72ZuAT/snos
O0ZL4JwjP8S3eePzRjSMLtd0qI9eMzO1TVi1LjUTSwt8SrPY1ZB+PzjRkGp0IsM1
x4iJovkb9I43+tMqKzCbnUqwgXl/QafL4EVBD1dk/bwUf8/S0KnaG+pxfGmGiLuT
VB/PQMG1uOPU3SiNatu5zANN+n8DssEUS//XXogbjcMMGsSTbnhOJdraCeCx+XPv
jVR24KkwGiE1RJd9nv9EO6/reC+a1J75ng+UUg3Xa8/02NcvQyu8MaXhMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIz0bznwlujyrMP/ZN/VarBp2sjuMB8GA1UdIwQY
MBaAFCCD+LW2IJ3nyUAI8zN740NvOuvmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUlQNHRiWWduZWZKUUFqek0zdmpRMjg2Ni1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9jMDI1ZTUtMzk5YS00Y2U4LWI1ZjAt
YWNiZWYwMThkMDNhLzEvSUlQNHRiWWduZWZKUUFqek0zdmpRMjg2Ni1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9jMDI1ZTUtMzk5YS00Y2U4LWI1ZjAtYWNiZWYwMThkMDNh
LzEvSUlQNHRiWWduZWZKUUFqek0zdmpRMjg2Ni1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVr6dCXAd
VRvsZyw6M9do//KpuTCcatWagBlrMEeIlJz7eHWqAwymBr50O89TlSi94bGkcgIh
WaZoryfPtL3bPvwV2NBcNSO9waVQBFh699jSpYoIRdvby9BgaAlGYr5fQ1wlbMDf
q71aCsOyC1BJIWd7iuhvgmN8P5nIn3TFx4rPlO16T6JUKnDKkOTrI25Mypk04weq
4S4gbNSXsTbopr0CORT3BdAXLz4vffCbLW/9NobXoKcBRlv7Yb7rGCOFfzB3Lwsh
Ev9VVBschgwGQRwtdFIFLslGCMhDZEGigsZYJZesfQIoFJ/nSoWnGlVfS/o63j14
d09YJz466Scgww==
-----END CERTIFICATE-----