Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/35b59e-bc27-4206-a7d9-53569aca3a5f/1/5-aiybui7N1AdLMVN1mDXoI6uOQ.mft
File:                     5-aiybui7N1AdLMVN1mDXoI6uOQ.mft (raw, json)
Hash identifier:          d9XA0ujsLbG1vlQNnWJWA6nTAQFboRscSXlNe/X+n8I=
Subject key identifier:   FE:F4:BA:32:D3:0E:43:C7:DA:EC:C4:52:0C:91:A5:58:3A:75:54:ED
Authority key identifier: E7:E6:A2:C9:BB:A2:EC:DD:40:74:B3:15:37:59:83:5E:82:3A:B8:E4
Certificate issuer:       /CN=e7e6a2c9bba2ecdd4074b3153759835e823ab8e4
Certificate serial:       0198D474627C3489E819E15D9A3618FCFF39
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5-aiybui7N1AdLMVN1mDXoI6uOQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/35b59e-bc27-4206-a7d9-53569aca3a5f/1/5-aiybui7N1AdLMVN1mDXoI6uOQ.mft
Manifest number:          0D29
Signing time:             Sat 23 Aug 2025 01:04:13 +0000
Manifest this update:     Sat 23 Aug 2025 01:04:13 +0000
Manifest next update:     Sun 24 Aug 2025 01:04:13 +0000
Files and hashes:         1: 5-aiybui7N1AdLMVN1mDXoI6uOQ.crl (hash: d3S2agj8UJwgtter+E7pQ89vsRUxfP/MKEkQiCnHUtg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7b/35b59e-bc27-4206-a7d9-53569aca3a5f/1/5-aiybui7N1AdLMVN1mDXoI6uOQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7b/35b59e-bc27-4206-a7d9-53569aca3a5f/1/5-aiybui7N1AdLMVN1mDXoI6uOQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5-aiybui7N1AdLMVN1mDXoI6uOQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 01:04:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:74:62:7c:34:89:e8:19:e1:5d:9a:36:18:fc:ff:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7e6a2c9bba2ecdd4074b3153759835e823ab8e4
        Validity
            Not Before: Aug 23 01:04:13 2025 GMT
            Not After : Aug 24 01:04:13 2025 GMT
        Subject: CN=fef4ba32d30e43c7daecc4520c91a5583a7554ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:c9:79:be:8c:e8:7b:1f:19:7a:d6:23:fd:a7:
                    e7:1a:4e:a1:04:31:9c:2a:89:a9:e7:0d:09:2b:6e:
                    0e:72:27:d1:1e:cd:54:a2:87:4c:63:30:bb:e3:4d:
                    5c:b9:98:dc:b4:09:5c:d0:1b:9e:21:0e:c5:24:28:
                    56:86:f8:8a:47:82:ae:42:6c:8e:32:3b:a0:74:01:
                    fb:99:05:81:9b:3b:6c:c0:74:fd:fe:2a:8c:e9:e7:
                    1d:93:ba:87:4e:a7:60:3c:32:21:33:e2:e4:05:17:
                    84:81:3d:67:b2:c4:43:d0:af:60:ae:1c:e5:7b:76:
                    a4:dc:c9:71:0f:7a:fc:18:d4:c4:28:2d:85:49:25:
                    37:20:e4:bd:01:79:99:bb:01:e3:6d:6e:af:c7:0d:
                    1b:94:cb:aa:ab:64:05:33:a7:2e:47:64:be:3d:27:
                    ca:62:4d:2b:83:fb:0d:60:f7:f1:c1:06:14:a1:e1:
                    80:05:5e:cf:47:a2:7f:be:11:40:33:34:6a:ae:99:
                    64:73:9b:d4:2b:32:31:5e:07:52:00:5f:e7:4b:1d:
                    39:d7:be:fa:fb:97:dd:5b:9a:55:db:3d:6a:1b:85:
                    13:a8:b6:be:33:3b:e5:16:01:25:56:57:e9:87:fb:
                    f4:56:49:0e:48:08:c9:b1:84:66:e5:8a:69:bc:e2:
                    03:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:F4:BA:32:D3:0E:43:C7:DA:EC:C4:52:0C:91:A5:58:3A:75:54:ED
            X509v3 Authority Key Identifier:
                keyid:E7:E6:A2:C9:BB:A2:EC:DD:40:74:B3:15:37:59:83:5E:82:3A:B8:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5-aiybui7N1AdLMVN1mDXoI6uOQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/35b59e-bc27-4206-a7d9-53569aca3a5f/1/5-aiybui7N1AdLMVN1mDXoI6uOQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/35b59e-bc27-4206-a7d9-53569aca3a5f/1/5-aiybui7N1AdLMVN1mDXoI6uOQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:9c:dc:4a:b6:44:7f:31:4b:17:9d:ee:15:a0:c9:59:d7:9e:
         87:b0:60:1f:dc:9c:c1:65:a6:37:cc:7e:a6:f2:8e:f9:11:82:
         b8:64:6d:82:94:88:b8:08:36:05:7b:f0:68:ef:8e:60:45:4d:
         b0:7b:ed:55:e1:97:e4:60:9e:4d:86:fe:ce:59:e8:aa:15:eb:
         b3:b2:ff:52:52:75:44:4b:e3:ca:19:58:85:12:7f:31:b1:f9:
         6f:b0:94:e4:31:7e:b7:01:30:5b:fe:a1:cb:0e:08:62:d5:77:
         5d:7e:11:05:f1:2a:02:3f:1a:39:ed:c8:f5:5f:a2:f1:db:1d:
         59:c7:42:48:43:91:1d:81:58:ea:a7:48:0c:39:5d:5f:8d:97:
         65:64:cf:e2:0c:5e:16:d8:94:d9:9f:f3:8e:88:9e:51:3a:d8:
         49:55:06:f9:79:e6:5e:e9:55:2a:b4:4b:72:82:b2:b3:7a:64:
         10:39:e7:49:73:42:17:ef:71:de:29:54:41:37:f8:e1:80:30:
         d2:82:b9:c2:d5:67:4d:3d:cf:bb:fa:b1:7d:63:e5:54:a3:52:
         0e:b5:46:a2:b7:2b:a4:55:07:74:96:fe:d1:73:3a:06:86:9b:
         bb:a5:77:77:ab:98:7f:79:75:11:6b:4d:a2:ca:2e:bd:49:8a:
         07:8e:a7:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUdGJ8NInoGeFdmjYY/P85MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3ZTZhMmM5YmJhMmVjZGQ0MDc0YjMxNTM3NTk4MzVlODIz
YWI4ZTQwHhcNMjUwODIzMDEwNDEzWhcNMjUwODI0MDEwNDEzWjAzMTEwLwYDVQQD
EyhmZWY0YmEzMmQzMGU0M2M3ZGFlY2M0NTIwYzkxYTU1ODNhNzU1NGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscl5vozoex8ZetYj/afnGk6hBDGc
Komp5w0JK24OcifRHs1UoodMYzC7401cuZjctAlc0BueIQ7FJChWhviKR4KuQmyO
MjugdAH7mQWBmztswHT9/iqM6ecdk7qHTqdgPDIhM+LkBReEgT1nssRD0K9grhzl
e3ak3MlxD3r8GNTEKC2FSSU3IOS9AXmZuwHjbW6vxw0blMuqq2QFM6cuR2S+PSfK
Yk0rg/sNYPfxwQYUoeGABV7PR6J/vhFAMzRqrplkc5vUKzIxXgdSAF/nSx051776
+5fdW5pV2z1qG4UTqLa+MzvlFgElVlfph/v0VkkOSAjJsYRm5YppvOIDRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP70ujLTDkPH2uzEUgyRpVg6dVTtMB8GA1UdIwQY
MBaAFOfmosm7ouzdQHSzFTdZg16COrjkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNS1haXlidWk3TjFBZExNVk4xbURYb0k2dU9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8zNWI1OWUtYmMyNy00MjA2LWE3ZDkt
NTM1NjlhY2EzYTVmLzEvNS1haXlidWk3TjFBZExNVk4xbURYb0k2dU9RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8zNWI1OWUtYmMyNy00MjA2LWE3ZDktNTM1NjlhY2EzYTVm
LzEvNS1haXlidWk3TjFBZExNVk4xbURYb0k2dU9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARJzcSrZE
fzFLF53uFaDJWdeeh7BgH9ycwWWmN8x+pvKO+RGCuGRtgpSIuAg2BXvwaO+OYEVN
sHvtVeGX5GCeTYb+zlnoqhXrs7L/UlJ1REvjyhlYhRJ/MbH5b7CU5DF+twEwW/6h
yw4IYtV3XX4RBfEqAj8aOe3I9V+i8dsdWcdCSEORHYFY6qdIDDldX42XZWTP4gxe
FtiU2Z/zjoieUTrYSVUG+XnmXulVKrRLcoKys3pkEDnnSXNCF+9x3ilUQTf44YAw
0oK5wtVnTT3Pu/qxfWPlVKNSDrVGorcrpFUHdJb+0XM6Boabu6V3d6uYf3l1EWtN
osouvUmKB46nvw==
-----END CERTIFICATE-----