Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/dcb110-62d6-44df-bde6-9a90a7ca508d/1/5LDTQqkyMznAd8XGreEJO1pADyQ.mft
File:                     5LDTQqkyMznAd8XGreEJO1pADyQ.mft (raw, json)
Hash identifier:          SEwWvUI2XAC1l963J03Jd+C7rRNsTrT4USW2LWjIVm4=
Subject key identifier:   89:FA:8E:3E:AC:0C:3D:60:AB:FC:5D:D4:43:56:9E:4D:70:53:4E:02
Authority key identifier: E4:B0:D3:42:A9:32:33:39:C0:77:C5:C6:AD:E1:09:3B:5A:40:0F:24
Certificate issuer:       /CN=e4b0d342a9323339c077c5c6ade1093b5a400f24
Certificate serial:       0197B821290D190A5914BF8F7EE8D60EF699
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5LDTQqkyMznAd8XGreEJO1pADyQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/dcb110-62d6-44df-bde6-9a90a7ca508d/1/5LDTQqkyMznAd8XGreEJO1pADyQ.mft
Manifest number:          021A
Signing time:             Sat 28 Jun 2025 20:01:10 +0000
Manifest this update:     Sat 28 Jun 2025 20:01:10 +0000
Manifest next update:     Sun 29 Jun 2025 20:01:10 +0000
Files and hashes:         1: 5LDTQqkyMznAd8XGreEJO1pADyQ.crl (hash: FMV+rHBneN/OvEVfVslzHR/m+TsBC0b/Gga3D4RuAKc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/73/dcb110-62d6-44df-bde6-9a90a7ca508d/1/5LDTQqkyMznAd8XGreEJO1pADyQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/73/dcb110-62d6-44df-bde6-9a90a7ca508d/1/5LDTQqkyMznAd8XGreEJO1pADyQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5LDTQqkyMznAd8XGreEJO1pADyQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:21:29:0d:19:0a:59:14:bf:8f:7e:e8:d6:0e:f6:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e4b0d342a9323339c077c5c6ade1093b5a400f24
        Validity
            Not Before: Jun 28 20:01:10 2025 GMT
            Not After : Jun 29 20:01:10 2025 GMT
        Subject: CN=89fa8e3eac0c3d60abfc5dd443569e4d70534e02
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:5c:c5:a2:c3:cf:64:49:19:b3:ad:06:f7:9e:
                    5a:7f:5b:95:1a:42:3e:25:9c:8b:eb:80:00:5b:a3:
                    d5:27:15:46:a7:00:6d:47:0c:4d:02:d8:12:a8:49:
                    e7:4f:8e:d6:66:40:16:2e:1e:a5:a2:4b:d2:90:95:
                    4b:85:07:08:2e:8e:49:d4:74:a5:6f:6c:b0:49:48:
                    48:79:35:48:05:98:35:c4:7c:25:7b:f6:03:4d:75:
                    8c:61:1c:22:95:72:17:82:c3:0c:1f:25:ae:8d:37:
                    7e:ed:2a:39:74:46:1e:19:48:9a:a8:4b:72:7f:8f:
                    1c:6f:c2:a8:31:b1:62:2c:6a:72:7b:0d:d3:12:48:
                    a7:5e:55:b8:3f:d7:c8:b6:7c:b6:84:b4:d9:db:5d:
                    1a:a8:bf:37:1e:f9:14:90:0f:4d:d9:1f:cd:11:6c:
                    9c:3a:a2:70:27:ce:a1:1d:c9:99:6e:c5:68:1e:4c:
                    b9:e6:c1:94:2e:dd:d1:49:5a:e1:e4:34:53:56:e1:
                    63:23:9d:62:6d:e8:6b:0c:8a:e8:11:9b:3a:03:dc:
                    e1:cb:16:98:2a:3d:a1:ae:65:8e:8a:ac:4c:88:4e:
                    52:73:96:e5:2d:c0:c4:13:8a:e0:77:c9:31:eb:2a:
                    10:6a:c0:e3:7a:74:8f:43:54:cb:de:b5:7b:fd:bc:
                    b1:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:FA:8E:3E:AC:0C:3D:60:AB:FC:5D:D4:43:56:9E:4D:70:53:4E:02
            X509v3 Authority Key Identifier:
                keyid:E4:B0:D3:42:A9:32:33:39:C0:77:C5:C6:AD:E1:09:3B:5A:40:0F:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5LDTQqkyMznAd8XGreEJO1pADyQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/dcb110-62d6-44df-bde6-9a90a7ca508d/1/5LDTQqkyMznAd8XGreEJO1pADyQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/dcb110-62d6-44df-bde6-9a90a7ca508d/1/5LDTQqkyMznAd8XGreEJO1pADyQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:b4:44:d0:fd:77:60:6b:63:e4:55:49:c4:1e:e6:1b:b5:38:
         1b:fa:59:35:25:9f:e0:d4:13:4e:d4:70:17:08:60:1b:7f:88:
         e9:67:c0:27:57:1a:d7:f5:c7:d9:0b:05:ac:cb:41:f0:b1:bb:
         ec:b0:11:c4:60:8a:a9:63:ac:d1:f6:9d:06:2d:08:2e:47:66:
         5a:43:c0:0c:66:d6:93:12:40:ee:2e:52:3b:51:e6:5a:21:4b:
         1b:b5:b1:a1:7f:01:ab:b3:48:d9:fa:f7:e7:49:90:f7:39:4b:
         04:f0:06:29:ac:1a:a5:56:9d:a8:53:5a:a6:98:bd:1c:51:17:
         de:67:cd:ed:0c:72:a4:d8:33:00:ef:bb:53:6c:38:b3:dc:d3:
         57:fa:1a:f2:8d:af:67:58:6f:77:b6:86:88:d0:86:23:58:b6:
         20:00:fd:e9:b9:33:0a:5c:5c:ed:8e:04:ee:76:77:d5:13:dd:
         a5:f8:0f:76:ae:4d:39:4a:98:bf:70:7a:58:fd:64:05:2e:43:
         2f:e8:6a:64:ac:73:6b:d1:c7:25:01:f8:a0:1b:fb:89:1a:d6:
         00:f8:15:4f:23:cb:80:0f:75:d7:05:94:2f:94:d7:99:e1:95:
         5c:7d:86:0f:89:e6:ab:c3:6c:aa:9c:8a:96:94:ec:20:4a:3c:
         ec:9a:fc:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4ISkNGQpZFL+PfujWDvaZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YjBkMzQyYTkzMjMzMzljMDc3YzVjNmFkZTEwOTNiNWE0
MDBmMjQwHhcNMjUwNjI4MjAwMTEwWhcNMjUwNjI5MjAwMTEwWjAzMTEwLwYDVQQD
Eyg4OWZhOGUzZWFjMGMzZDYwYWJmYzVkZDQ0MzU2OWU0ZDcwNTM0ZTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlzFosPPZEkZs60G955af1uVGkI+
JZyL64AAW6PVJxVGpwBtRwxNAtgSqEnnT47WZkAWLh6lokvSkJVLhQcILo5J1HSl
b2ywSUhIeTVIBZg1xHwle/YDTXWMYRwilXIXgsMMHyWujTd+7So5dEYeGUiaqEty
f48cb8KoMbFiLGpyew3TEkinXlW4P9fItny2hLTZ210aqL83HvkUkA9N2R/NEWyc
OqJwJ86hHcmZbsVoHky55sGULt3RSVrh5DRTVuFjI51ibehrDIroEZs6A9zhyxaY
Kj2hrmWOiqxMiE5Sc5blLcDEE4rgd8kx6yoQasDjenSPQ1TL3rV7/byxHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIn6jj6sDD1gq/xd1ENWnk1wU04CMB8GA1UdIwQY
MBaAFOSw00KpMjM5wHfFxq3hCTtaQA8kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUxEVFFxa3lNem5BZDhYR3JlRUpPMXBBRHlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9kY2IxMTAtNjJkNi00NGRmLWJkZTYt
OWE5MGE3Y2E1MDhkLzEvNUxEVFFxa3lNem5BZDhYR3JlRUpPMXBBRHlRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9kY2IxMTAtNjJkNi00NGRmLWJkZTYtOWE5MGE3Y2E1MDhk
LzEvNUxEVFFxa3lNem5BZDhYR3JlRUpPMXBBRHlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQbRE0P13
YGtj5FVJxB7mG7U4G/pZNSWf4NQTTtRwFwhgG3+I6WfAJ1ca1/XH2QsFrMtB8LG7
7LARxGCKqWOs0fadBi0ILkdmWkPADGbWkxJA7i5SO1HmWiFLG7WxoX8Bq7NI2fr3
50mQ9zlLBPAGKawapVadqFNappi9HFEX3mfN7QxypNgzAO+7U2w4s9zTV/oa8o2v
Z1hvd7aGiNCGI1i2IAD96bkzClxc7Y4E7nZ31RPdpfgPdq5NOUqYv3B6WP1kBS5D
L+hqZKxza9HHJQH4oBv7iRrWAPgVTyPLgA911wWUL5TXmeGVXH2GD4nmq8NsqpyK
lpTsIEo87Jr8mQ==
-----END CERTIFICATE-----