Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/3df09b-61ed-4083-978b-263350dec194/1/1T5Pyhar83QtTaK_nD2abpHpbuU.mft
File:                     1T5Pyhar83QtTaK_nD2abpHpbuU.mft (raw, json)
Hash identifier:          jk+RunNXcfM9LW9DiCgRuH+gnPxp8Ojq9g0mKyTLBpM=
Subject key identifier:   5E:95:F2:03:4D:C0:F8:E0:79:BE:75:0E:84:8D:3D:32:9A:AB:40:A0
Authority key identifier: D5:3E:4F:CA:16:AB:F3:74:2D:4D:A2:BF:9C:3D:9A:6E:91:E9:6E:E5
Certificate issuer:       /CN=d53e4fca16abf3742d4da2bf9c3d9a6e91e96ee5
Certificate serial:       0198D54E56931615642B368C68DC057D797A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1T5Pyhar83QtTaK_nD2abpHpbuU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/3df09b-61ed-4083-978b-263350dec194/1/1T5Pyhar83QtTaK_nD2abpHpbuU.mft
Manifest number:          135C
Signing time:             Sat 23 Aug 2025 05:02:17 +0000
Manifest this update:     Sat 23 Aug 2025 05:02:17 +0000
Manifest next update:     Sun 24 Aug 2025 05:02:17 +0000
Files and hashes:         1: 1T5Pyhar83QtTaK_nD2abpHpbuU.crl (hash: Z9qUccdswnTvGw3jd+dEdvtBZ2PSwxx+6tG69gEaNF8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7a/3df09b-61ed-4083-978b-263350dec194/1/1T5Pyhar83QtTaK_nD2abpHpbuU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7a/3df09b-61ed-4083-978b-263350dec194/1/1T5Pyhar83QtTaK_nD2abpHpbuU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1T5Pyhar83QtTaK_nD2abpHpbuU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:4e:56:93:16:15:64:2b:36:8c:68:dc:05:7d:79:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d53e4fca16abf3742d4da2bf9c3d9a6e91e96ee5
        Validity
            Not Before: Aug 23 05:02:17 2025 GMT
            Not After : Aug 24 05:02:17 2025 GMT
        Subject: CN=5e95f2034dc0f8e079be750e848d3d329aab40a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:a5:63:46:e5:d6:50:35:58:a7:03:1c:d5:ad:
                    04:c6:76:51:93:8e:1a:4d:06:be:c7:40:c3:72:c8:
                    8b:a7:72:2e:ba:b3:3b:c3:a1:5a:b2:71:6d:b5:17:
                    22:c4:1f:fc:4e:3c:1c:aa:95:a0:64:eb:f3:9d:a0:
                    b7:30:f4:63:f9:81:9d:11:5e:99:3c:2e:a0:a0:97:
                    4f:01:7a:7b:1c:c8:bc:81:66:b2:8f:05:26:34:d0:
                    06:8f:a1:db:ca:84:30:76:58:43:e3:20:bb:55:91:
                    b5:1e:b1:35:91:5e:5b:69:15:f1:3d:d8:45:dc:b8:
                    4d:cd:f9:98:e9:1f:36:b6:06:f0:b1:b2:fe:35:5f:
                    0b:83:27:8d:87:6e:1e:83:3c:12:f7:95:c4:d3:31:
                    99:e7:f0:01:2c:86:d4:50:df:a6:37:e3:73:ee:35:
                    22:a6:8f:33:a0:e0:3b:29:cf:cd:52:5a:72:0a:e5:
                    86:7e:7a:86:24:a8:fa:88:13:86:9b:81:07:57:f4:
                    01:96:68:7a:e9:c1:a9:0e:d3:1f:a8:eb:c0:a9:82:
                    2e:32:1a:75:fc:6b:98:c7:da:27:fd:e0:b9:a8:0d:
                    8a:f6:bb:bc:0c:a9:c8:6c:22:7b:d6:02:f5:d6:c2:
                    c9:91:10:ca:01:1e:39:20:56:68:04:ba:03:5a:f2:
                    b8:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:95:F2:03:4D:C0:F8:E0:79:BE:75:0E:84:8D:3D:32:9A:AB:40:A0
            X509v3 Authority Key Identifier:
                keyid:D5:3E:4F:CA:16:AB:F3:74:2D:4D:A2:BF:9C:3D:9A:6E:91:E9:6E:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1T5Pyhar83QtTaK_nD2abpHpbuU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/3df09b-61ed-4083-978b-263350dec194/1/1T5Pyhar83QtTaK_nD2abpHpbuU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/3df09b-61ed-4083-978b-263350dec194/1/1T5Pyhar83QtTaK_nD2abpHpbuU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:3f:bd:d6:f2:e9:83:bf:17:52:f1:87:95:a4:61:40:3b:83:
         5e:db:a7:21:54:a6:71:db:b5:c2:38:7d:b8:f0:c1:09:1d:ef:
         ab:e7:7e:dc:60:80:a7:e8:ef:95:42:61:dd:43:19:c3:24:59:
         c1:e8:df:17:bc:04:4c:c6:24:c1:40:7f:c5:94:90:1a:89:dc:
         36:cc:ea:61:66:eb:49:f9:d3:8e:37:f7:d1:b5:73:da:17:1e:
         3c:e3:77:48:11:e4:eb:15:66:6f:d1:de:0f:71:af:47:ca:6c:
         f4:d1:a8:37:47:d1:01:1a:b7:7e:50:1d:fc:ba:1a:2e:dc:0b:
         5b:8c:f2:91:96:ed:a1:6b:5e:d0:c4:13:d5:06:b6:47:de:12:
         e9:40:ab:9f:65:51:7a:c5:33:51:e0:eb:1d:c3:99:a5:03:49:
         9a:4f:fb:17:a3:03:3c:17:0f:a6:0c:4e:6d:87:16:d3:6f:9e:
         6b:9e:21:99:69:78:6d:30:eb:05:d7:22:6c:a8:79:ab:2e:3e:
         25:ba:d3:3b:16:f1:41:fb:94:ca:91:48:58:3a:02:5b:21:0d:
         db:6a:27:12:66:dd:54:db:19:d7:22:a7:38:90:68:3f:82:d3:
         41:dd:ba:69:0c:2d:71:79:a2:30:0c:8c:60:07:59:f0:b4:77:
         42:9a:2f:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTlaTFhVkKzaMaNwFfXl6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1M2U0ZmNhMTZhYmYzNzQyZDRkYTJiZjljM2Q5YTZlOTFl
OTZlZTUwHhcNMjUwODIzMDUwMjE3WhcNMjUwODI0MDUwMjE3WjAzMTEwLwYDVQQD
Eyg1ZTk1ZjIwMzRkYzBmOGUwNzliZTc1MGU4NDhkM2QzMjlhYWI0MGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz6VjRuXWUDVYpwMc1a0ExnZRk44a
TQa+x0DDcsiLp3IuurM7w6FasnFttRcixB/8TjwcqpWgZOvznaC3MPRj+YGdEV6Z
PC6goJdPAXp7HMi8gWayjwUmNNAGj6HbyoQwdlhD4yC7VZG1HrE1kV5baRXxPdhF
3LhNzfmY6R82tgbwsbL+NV8LgyeNh24egzwS95XE0zGZ5/ABLIbUUN+mN+Nz7jUi
po8zoOA7Kc/NUlpyCuWGfnqGJKj6iBOGm4EHV/QBlmh66cGpDtMfqOvAqYIuMhp1
/GuYx9on/eC5qA2K9ru8DKnIbCJ71gL11sLJkRDKAR45IFZoBLoDWvK43QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF6V8gNNwPjgeb51DoSNPTKaq0CgMB8GA1UdIwQY
MBaAFNU+T8oWq/N0LU2iv5w9mm6R6W7lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVQ1UHloYXI4M1F0VGFLX25EMmFicEhwYnVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8zZGYwOWItNjFlZC00MDgzLTk3OGIt
MjYzMzUwZGVjMTk0LzEvMVQ1UHloYXI4M1F0VGFLX25EMmFicEhwYnVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8zZGYwOWItNjFlZC00MDgzLTk3OGItMjYzMzUwZGVjMTk0
LzEvMVQ1UHloYXI4M1F0VGFLX25EMmFicEhwYnVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAj+91vLp
g78XUvGHlaRhQDuDXtunIVSmcdu1wjh9uPDBCR3vq+d+3GCAp+jvlUJh3UMZwyRZ
wejfF7wETMYkwUB/xZSQGoncNszqYWbrSfnTjjf30bVz2hcePON3SBHk6xVmb9He
D3GvR8ps9NGoN0fRARq3flAd/LoaLtwLW4zykZbtoWte0MQT1Qa2R94S6UCrn2VR
esUzUeDrHcOZpQNJmk/7F6MDPBcPpgxObYcW02+ea54hmWl4bTDrBdcibKh5qy4+
JbrTOxbxQfuUypFIWDoCWyEN22onEmbdVNsZ1yKnOJBoP4LTQd26aQwtcXmiMAyM
YAdZ8LR3Qpov5Q==
-----END CERTIFICATE-----