Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft
File:                     kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft (raw, json)
Hash identifier:          EwCnwaq24TYFwDcBp8rKtZeGqSkGBNV7sIw62iS06s8=
Subject key identifier:   1D:EC:39:82:1F:60:E9:2C:3C:86:9D:34:1D:A2:CA:51:E3:6D:44:F8
Authority key identifier: 90:36:10:CF:2A:54:64:3A:0A:1B:6B:15:1F:A6:6E:32:50:04:CB:4A
Certificate issuer:       /CN=903610cf2a54643a0a1b6b151fa66e325004cb4a
Certificate serial:       0198D4E04CF5B38D4985A9187E823A61813E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kDYQzypUZDoKG2sVH6ZuMlAEy0o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft
Manifest number:          0573
Signing time:             Sat 23 Aug 2025 03:02:06 +0000
Manifest this update:     Sat 23 Aug 2025 03:02:06 +0000
Manifest next update:     Sun 24 Aug 2025 03:02:06 +0000
Files and hashes:         1: kDYQzypUZDoKG2sVH6ZuMlAEy0o.crl (hash: 8qejkqI+mNsbqjpQ3P+7yPGNemk+qsrhjbhYElWpMQ0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kDYQzypUZDoKG2sVH6ZuMlAEy0o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 03:02:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:e0:4c:f5:b3:8d:49:85:a9:18:7e:82:3a:61:81:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=903610cf2a54643a0a1b6b151fa66e325004cb4a
        Validity
            Not Before: Aug 23 03:02:06 2025 GMT
            Not After : Aug 24 03:02:06 2025 GMT
        Subject: CN=1dec39821f60e92c3c869d341da2ca51e36d44f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:c0:12:0d:ca:ab:7a:40:27:dd:4e:d1:98:64:
                    22:4f:9e:88:6f:17:10:e7:d7:16:59:33:95:ca:12:
                    a4:61:88:8a:f3:e9:32:fe:43:10:a4:f5:4d:93:48:
                    77:0d:3d:eb:7b:61:b4:bc:7e:ff:5b:1c:18:9d:a3:
                    f9:1b:aa:cd:58:c9:97:a2:d0:67:24:d7:c9:90:5d:
                    13:44:be:f0:ea:be:ce:11:a2:5a:a7:7f:d4:04:b8:
                    76:b6:98:2f:a3:a9:d0:3d:d1:49:23:70:f0:0c:22:
                    74:4d:cd:3d:92:b2:96:d4:48:41:50:2b:0c:87:c1:
                    71:a7:8b:2d:92:24:19:d2:ca:eb:39:a5:dd:0c:70:
                    18:db:eb:a9:6b:6b:f9:ee:8d:e7:d0:d1:5c:8f:40:
                    b6:08:7b:76:74:2c:c4:33:0d:e0:62:94:56:19:cc:
                    3d:72:d7:c3:c7:97:b2:5c:24:aa:37:ec:84:32:35:
                    c8:0c:1c:a0:c4:ab:d8:25:3e:98:ea:af:6b:9d:65:
                    ef:c3:07:e8:4a:76:2e:0c:41:af:4a:c5:5a:e5:ec:
                    db:9c:98:30:d7:f5:36:88:1a:a7:8e:ff:ef:26:55:
                    96:dc:c6:4e:c3:a2:65:cb:87:e3:d8:e6:59:82:f6:
                    6e:82:14:c1:d0:3d:7e:d6:6b:d4:5f:bb:51:f8:1f:
                    42:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:EC:39:82:1F:60:E9:2C:3C:86:9D:34:1D:A2:CA:51:E3:6D:44:F8
            X509v3 Authority Key Identifier:
                keyid:90:36:10:CF:2A:54:64:3A:0A:1B:6B:15:1F:A6:6E:32:50:04:CB:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kDYQzypUZDoKG2sVH6ZuMlAEy0o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:f4:bb:bd:72:fd:b7:fe:3f:33:78:00:fc:22:2f:32:1b:9f:
         9e:5e:f8:fa:ca:1e:f9:27:71:cd:dc:40:61:44:83:4b:f4:78:
         1f:36:e6:98:0b:27:79:6d:9d:f3:3a:fb:02:95:90:dd:c8:d7:
         de:52:2c:cb:61:02:e6:07:d1:69:f6:8f:68:e9:1a:90:51:b2:
         d6:28:61:85:73:a3:fc:70:72:fd:1b:0f:51:ce:94:3b:70:2f:
         f4:e8:49:9d:fc:f0:75:ce:16:5e:91:0e:91:de:5f:1a:1e:44:
         b7:b6:c6:50:03:9c:59:67:99:65:82:02:40:33:63:99:f2:a0:
         10:db:80:fa:0e:a3:b7:69:d0:97:d3:01:cc:8f:4f:61:e2:bd:
         42:26:f2:cc:78:ca:45:c7:07:b5:30:ea:4c:9a:a8:4d:b7:91:
         5f:8e:53:bb:d3:60:23:fc:ee:ba:ed:26:5d:a6:66:73:7e:f7:
         ae:6e:99:25:18:97:c5:3b:9b:f9:8a:ab:d3:97:1d:67:31:cb:
         bd:63:c9:d3:6e:b1:b2:7a:a8:20:0e:45:45:b3:b3:a0:d8:fc:
         90:46:0a:f5:11:af:22:d7:fe:dd:22:74:12:ad:20:70:6e:d6:
         90:e6:d6:a8:ff:9e:94:00:90:2a:b0:62:5e:32:16:4e:50:72:
         6a:8e:08:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4Ez1s41JhakYfoI6YYE+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwMzYxMGNmMmE1NDY0M2EwYTFiNmIxNTFmYTY2ZTMyNTAw
NGNiNGEwHhcNMjUwODIzMDMwMjA2WhcNMjUwODI0MDMwMjA2WjAzMTEwLwYDVQQD
EygxZGVjMzk4MjFmNjBlOTJjM2M4NjlkMzQxZGEyY2E1MWUzNmQ0NGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw8ASDcqrekAn3U7RmGQiT56IbxcQ
59cWWTOVyhKkYYiK8+ky/kMQpPVNk0h3DT3re2G0vH7/WxwYnaP5G6rNWMmXotBn
JNfJkF0TRL7w6r7OEaJap3/UBLh2tpgvo6nQPdFJI3DwDCJ0Tc09krKW1EhBUCsM
h8Fxp4stkiQZ0srrOaXdDHAY2+upa2v57o3n0NFcj0C2CHt2dCzEMw3gYpRWGcw9
ctfDx5eyXCSqN+yEMjXIDBygxKvYJT6Y6q9rnWXvwwfoSnYuDEGvSsVa5ezbnJgw
1/U2iBqnjv/vJlWW3MZOw6Jly4fj2OZZgvZughTB0D1+1mvUX7tR+B9CBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB3sOYIfYOksPIadNB2iylHjbUT4MB8GA1UdIwQY
MBaAFJA2EM8qVGQ6ChtrFR+mbjJQBMtKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0RZUXp5cFVaRG9LRzJzVkg2WnVNbEFFeTBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9iNGUxYmItMzQ2YS00NGIzLWEwYWYt
YmM1M2YzODhmYWZhLzEva0RZUXp5cFVaRG9LRzJzVkg2WnVNbEFFeTBvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9iNGUxYmItMzQ2YS00NGIzLWEwYWYtYmM1M2YzODhmYWZh
LzEva0RZUXp5cFVaRG9LRzJzVkg2WnVNbEFFeTBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALPS7vXL9
t/4/M3gA/CIvMhufnl74+soe+SdxzdxAYUSDS/R4HzbmmAsneW2d8zr7ApWQ3cjX
3lIsy2EC5gfRafaPaOkakFGy1ihhhXOj/HBy/RsPUc6UO3Av9OhJnfzwdc4WXpEO
kd5fGh5Et7bGUAOcWWeZZYICQDNjmfKgENuA+g6jt2nQl9MBzI9PYeK9QibyzHjK
RccHtTDqTJqoTbeRX45Tu9NgI/zuuu0mXaZmc373rm6ZJRiXxTub+Yqr05cdZzHL
vWPJ026xsnqoIA5FRbOzoNj8kEYK9RGvItf+3SJ0Eq0gcG7WkObWqP+elACQKrBi
XjIWTlByao4IxA==
-----END CERTIFICATE-----