Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft
File:                     cUt8OIAz4WI_xti-t69cOUJRkds.mft (raw, json)
Hash identifier:          ruz9Wd68SdzRUPtBqoMtqMkWPv2VizZD2P83TdaDjJg=
Subject key identifier:   CF:5E:13:8E:61:25:F2:CC:99:C0:DC:76:09:E7:8C:1B:91:04:AC:32
Authority key identifier: 71:4B:7C:38:80:33:E1:62:3F:C6:D8:BE:B7:AF:5C:39:42:51:91:DB
Certificate issuer:       /CN=714b7c388033e1623fc6d8beb7af5c39425191db
Certificate serial:       0197B6A1FCF7A0F8CD6C22CD9623D86BC3BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cUt8OIAz4WI_xti-t69cOUJRkds.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft
Manifest number:          076C
Signing time:             Sat 28 Jun 2025 13:02:38 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:38 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:38 +0000
Files and hashes:         1: cUt8OIAz4WI_xti-t69cOUJRkds.crl (hash: F9JURga19we4c4z9qmMwzk0Qk3uXmWqQO8cKYptXlp0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cUt8OIAz4WI_xti-t69cOUJRkds.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:fc:f7:a0:f8:cd:6c:22:cd:96:23:d8:6b:c3:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=714b7c388033e1623fc6d8beb7af5c39425191db
        Validity
            Not Before: Jun 28 13:02:38 2025 GMT
            Not After : Jun 29 13:02:38 2025 GMT
        Subject: CN=cf5e138e6125f2cc99c0dc7609e78c1b9104ac32
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:86:ed:9c:e1:35:43:70:14:87:83:50:18:fd:
                    dd:b1:36:6a:55:1f:3b:49:8e:3a:2d:2b:4d:bb:36:
                    a0:1b:df:f3:89:6e:58:a9:8f:72:aa:8e:1f:c8:1c:
                    7a:9f:89:e7:92:33:f7:60:2e:8f:71:0e:5a:ab:1d:
                    9c:ef:8d:3e:77:19:c7:52:d3:65:ff:b3:b7:29:bd:
                    cb:a1:a5:1d:86:33:85:c3:e0:69:8b:02:f0:7f:82:
                    7a:c7:16:8e:18:f2:32:44:ec:21:4e:8c:2c:55:f1:
                    23:a5:77:76:da:6b:78:89:04:65:64:17:4a:16:f5:
                    bb:c3:3a:27:33:db:48:3e:75:56:d5:61:3d:2c:cb:
                    dd:e4:d5:59:ab:b7:48:17:8d:eb:ab:ab:65:6e:8d:
                    6a:79:cd:b9:31:6c:73:45:86:2f:a1:85:af:0d:ec:
                    53:80:59:49:7d:db:32:c5:c1:64:2d:5b:fa:36:a5:
                    a4:df:18:ff:fa:dd:87:ee:3b:c2:84:43:6f:97:b1:
                    c2:03:67:a1:ee:83:1b:20:98:2a:58:d4:1a:ea:7b:
                    43:76:2c:42:ae:bc:ae:f5:37:ca:fa:86:8b:4d:4f:
                    7f:2a:a7:85:2e:be:b5:3b:84:dc:14:11:57:a2:4d:
                    80:2f:63:c4:b1:d7:59:29:ed:49:0d:74:a4:38:3f:
                    4b:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:5E:13:8E:61:25:F2:CC:99:C0:DC:76:09:E7:8C:1B:91:04:AC:32
            X509v3 Authority Key Identifier:
                keyid:71:4B:7C:38:80:33:E1:62:3F:C6:D8:BE:B7:AF:5C:39:42:51:91:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cUt8OIAz4WI_xti-t69cOUJRkds.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:76:ff:4f:0e:99:a9:76:7f:46:16:c7:bc:29:fb:ce:bc:2e:
         8f:55:82:93:8c:a4:75:21:7f:c7:b4:33:69:89:17:40:45:1e:
         ac:c0:09:aa:10:07:73:ab:99:70:53:6f:3a:c3:71:7e:0c:3e:
         22:dd:35:eb:47:d7:3a:ff:37:6d:59:61:4e:53:c2:de:fc:8d:
         34:60:67:7d:59:b2:33:ea:55:14:19:3c:88:49:9f:1d:e0:80:
         74:6b:81:1a:e3:69:63:03:7e:27:5f:01:af:c7:2b:42:a3:6a:
         13:be:25:07:cc:16:f8:a7:a9:7d:c3:dc:12:23:93:93:44:dd:
         60:78:14:ee:6e:19:87:6d:a9:d3:52:88:09:e7:d0:f4:3a:e9:
         45:ca:e1:95:dd:2c:cf:a9:4c:d7:b3:37:f0:62:9f:12:9b:7d:
         f9:13:db:30:d7:8d:9b:a7:f2:63:19:5c:e8:a6:f5:f1:79:e0:
         eb:3c:16:71:09:5f:c8:70:f0:58:a9:ce:f5:33:31:ff:31:85:
         40:5c:c8:9b:af:a3:e2:2d:5b:b6:d7:fe:c2:40:05:38:93:fe:
         28:8b:a7:0f:86:d2:a0:ed:7b:86:2b:03:74:73:4e:0b:19:d4:
         5b:bd:c2:53:01:9a:20:f6:a3:3d:e2:30:5f:82:d0:b2:9e:2e:
         f7:56:4f:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2ofz3oPjNbCLNliPYa8O9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxNGI3YzM4ODAzM2UxNjIzZmM2ZDhiZWI3YWY1YzM5NDI1
MTkxZGIwHhcNMjUwNjI4MTMwMjM4WhcNMjUwNjI5MTMwMjM4WjAzMTEwLwYDVQQD
EyhjZjVlMTM4ZTYxMjVmMmNjOTljMGRjNzYwOWU3OGMxYjkxMDRhYzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqobtnOE1Q3AUh4NQGP3dsTZqVR87
SY46LStNuzagG9/ziW5YqY9yqo4fyBx6n4nnkjP3YC6PcQ5aqx2c740+dxnHUtNl
/7O3Kb3LoaUdhjOFw+BpiwLwf4J6xxaOGPIyROwhTowsVfEjpXd22mt4iQRlZBdK
FvW7wzonM9tIPnVW1WE9LMvd5NVZq7dIF43rq6tlbo1qec25MWxzRYYvoYWvDexT
gFlJfdsyxcFkLVv6NqWk3xj/+t2H7jvChENvl7HCA2eh7oMbIJgqWNQa6ntDdixC
rryu9TfK+oaLTU9/KqeFLr61O4TcFBFXok2AL2PEsddZKe1JDXSkOD9LdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM9eE45hJfLMmcDcdgnnjBuRBKwyMB8GA1UdIwQY
MBaAFHFLfDiAM+FiP8bYvrevXDlCUZHbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1V0OE9JQXo0V0lfeHRpLXQ2OWNPVUpSa2RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9lMDU2NGQtOTQ1My00ZGMyLWFjYTIt
YTAzOGJlMTViOTdiLzEvY1V0OE9JQXo0V0lfeHRpLXQ2OWNPVUpSa2RzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9lMDU2NGQtOTQ1My00ZGMyLWFjYTItYTAzOGJlMTViOTdi
LzEvY1V0OE9JQXo0V0lfeHRpLXQ2OWNPVUpSa2RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAnb/Tw6Z
qXZ/RhbHvCn7zrwuj1WCk4ykdSF/x7QzaYkXQEUerMAJqhAHc6uZcFNvOsNxfgw+
It0160fXOv83bVlhTlPC3vyNNGBnfVmyM+pVFBk8iEmfHeCAdGuBGuNpYwN+J18B
r8crQqNqE74lB8wW+KepfcPcEiOTk0TdYHgU7m4Zh22p01KICefQ9DrpRcrhld0s
z6lM17M38GKfEpt9+RPbMNeNm6fyYxlc6Kb18Xng6zwWcQlfyHDwWKnO9TMx/zGF
QFzIm6+j4i1bttf+wkAFOJP+KIunD4bSoO17hisDdHNOCxnUW73CUwGaIPajPeIw
X4LQsp4u91ZPyQ==
-----END CERTIFICATE-----