Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.mft
File:                     TJ2SOjtDQWlZV2vLQAQWylz2Bg0.mft (raw, json)
Hash identifier:          pSEpRRUfdSOeZbl9iV4HhfSIETHdlwr6kS7XgYJ8IuI=
Subject key identifier:   B3:3B:4D:C6:03:8D:1B:00:B4:7B:44:3E:5E:57:C6:CB:92:FE:5F:AE
Authority key identifier: 4C:9D:92:3A:3B:43:41:69:59:57:6B:CB:40:04:16:CA:5C:F6:06:0D
Certificate issuer:       /CN=4c9d923a3b43416959576bcb400416ca5cf6060d
Certificate serial:       0197B88EFC877A49CA33037689828EA13C48
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.mft
Manifest number:          0726
Signing time:             Sat 28 Jun 2025 22:01:07 +0000
Manifest this update:     Sat 28 Jun 2025 22:01:07 +0000
Manifest next update:     Sun 29 Jun 2025 22:01:07 +0000
Files and hashes:         1: TJ2SOjtDQWlZV2vLQAQWylz2Bg0.crl (hash: bQKr2lc8vQZYjCiajfrmuXt5pZMhK6s1pbYJb1d1SHQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 19:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8e:fc:87:7a:49:ca:33:03:76:89:82:8e:a1:3c:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c9d923a3b43416959576bcb400416ca5cf6060d
        Validity
            Not Before: Jun 28 22:01:07 2025 GMT
            Not After : Jun 29 22:01:07 2025 GMT
        Subject: CN=b33b4dc6038d1b00b47b443e5e57c6cb92fe5fae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:93:c0:6e:96:fc:7a:8a:3e:55:bd:3f:e6:d8:
                    1e:e2:df:5f:e6:f5:c5:be:ea:c6:3c:d2:a1:7e:34:
                    f9:f7:78:e3:1b:10:40:36:da:67:37:a2:20:62:db:
                    3c:44:6c:4e:a5:38:46:47:8f:85:3d:1a:b0:17:a6:
                    18:8b:fe:ea:b3:c5:f2:4c:e9:ca:17:3d:04:29:62:
                    70:fc:f9:00:81:cc:c3:61:fb:ee:02:82:9e:d1:d6:
                    1b:6b:b8:ec:38:a9:ed:27:b0:91:52:51:cf:5b:84:
                    62:8b:f1:6d:72:7d:37:aa:58:4f:24:12:d9:9f:c4:
                    7c:99:ed:f0:2c:96:15:f9:1c:fe:5c:20:3c:52:db:
                    ef:f5:2d:b4:0b:75:f7:8e:ae:9e:c0:58:1c:e7:74:
                    06:b7:59:99:99:ef:3e:b6:6a:99:6c:c3:9d:ad:7d:
                    93:5a:d8:1d:0d:cf:fe:97:eb:d6:f5:f9:b8:3e:1b:
                    fe:18:92:7c:de:9a:bd:67:f7:85:8e:2a:e2:97:73:
                    94:f4:4e:3a:04:dd:8c:9a:23:9f:b6:1c:21:e3:1f:
                    ed:79:18:99:f9:d0:68:ee:f3:e6:1b:a1:5d:37:8f:
                    17:3a:05:9e:f7:29:50:cd:4f:b2:c4:f5:39:bc:f7:
                    74:6b:6d:5f:2e:d8:da:76:e3:35:b3:92:b5:33:24:
                    13:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:3B:4D:C6:03:8D:1B:00:B4:7B:44:3E:5E:57:C6:CB:92:FE:5F:AE
            X509v3 Authority Key Identifier:
                keyid:4C:9D:92:3A:3B:43:41:69:59:57:6B:CB:40:04:16:CA:5C:F6:06:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:fc:80:ae:cf:7e:4c:a9:20:34:db:35:ae:3a:27:b2:77:72:
         1c:b1:b0:34:8c:1c:e4:06:e8:96:48:12:0d:50:c4:bc:c7:21:
         04:40:d6:6d:1f:5b:e9:e2:c8:7a:3b:82:ea:98:dd:6e:4c:6e:
         9c:51:46:a1:02:33:cb:6d:63:70:bc:77:47:55:db:20:ea:17:
         8d:33:2d:82:63:03:04:86:2b:cd:05:47:b3:8d:9c:e5:c7:2a:
         0a:58:49:27:c2:c7:a5:4e:cf:cf:f1:a8:ff:f0:2d:c6:31:f0:
         17:fb:3a:15:5b:a5:aa:a3:5c:40:7c:2f:35:d7:d5:d2:68:e6:
         79:ba:4c:71:54:d6:ce:95:be:e9:c0:c4:30:98:e4:44:51:ba:
         b6:fc:19:72:23:fa:64:e6:c4:3f:47:07:d8:67:c4:67:13:e4:
         47:de:19:4f:96:06:19:b6:56:94:c1:00:e2:5a:55:3d:2d:9d:
         22:33:1c:02:75:0e:b6:77:70:99:ef:f7:61:4d:51:5e:f6:b0:
         6b:bb:c4:69:7e:3b:07:56:49:d2:9e:c5:23:b8:a6:dd:b9:6d:
         ea:a6:64:a9:05:ed:d0:cb:8a:56:53:0a:1b:86:9b:f7:95:8e:
         49:27:ff:32:b3:1c:62:86:11:89:58:ee:fd:e4:a6:b0:2f:af:
         cd:cc:d0:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4jvyHeknKMwN2iYKOoTxIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjOWQ5MjNhM2I0MzQxNjk1OTU3NmJjYjQwMDQxNmNhNWNm
NjA2MGQwHhcNMjUwNjI4MjIwMTA3WhcNMjUwNjI5MjIwMTA3WjAzMTEwLwYDVQQD
EyhiMzNiNGRjNjAzOGQxYjAwYjQ3YjQ0M2U1ZTU3YzZjYjkyZmU1ZmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3JPAbpb8eoo+Vb0/5tge4t9f5vXF
vurGPNKhfjT593jjGxBANtpnN6IgYts8RGxOpThGR4+FPRqwF6YYi/7qs8XyTOnK
Fz0EKWJw/PkAgczDYfvuAoKe0dYba7jsOKntJ7CRUlHPW4Rii/Ftcn03qlhPJBLZ
n8R8me3wLJYV+Rz+XCA8Utvv9S20C3X3jq6ewFgc53QGt1mZme8+tmqZbMOdrX2T
WtgdDc/+l+vW9fm4Phv+GJJ83pq9Z/eFjiril3OU9E46BN2MmiOfthwh4x/teRiZ
+dBo7vPmG6FdN48XOgWe9ylQzU+yxPU5vPd0a21fLtjaduM1s5K1MyQTNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLM7TcYDjRsAtHtEPl5XxsuS/l+uMB8GA1UdIwQY
MBaAFEydkjo7Q0FpWVdry0AEFspc9gYNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEoyU09qdERRV2xaVjJ2TFFBUVd5bHoyQmcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9lNzFjOWMtZjU4OS00NzZjLWIwODAt
YzAxZGI5ZDUzNDc5LzEvVEoyU09qdERRV2xaVjJ2TFFBUVd5bHoyQmcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9lNzFjOWMtZjU4OS00NzZjLWIwODAtYzAxZGI5ZDUzNDc5
LzEvVEoyU09qdERRV2xaVjJ2TFFBUVd5bHoyQmcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAivyArs9+
TKkgNNs1rjonsndyHLGwNIwc5AbolkgSDVDEvMchBEDWbR9b6eLIejuC6pjdbkxu
nFFGoQIzy21jcLx3R1XbIOoXjTMtgmMDBIYrzQVHs42c5ccqClhJJ8LHpU7Pz/Go
//AtxjHwF/s6FVulqqNcQHwvNdfV0mjmebpMcVTWzpW+6cDEMJjkRFG6tvwZciP6
ZObEP0cH2GfEZxPkR94ZT5YGGbZWlMEA4lpVPS2dIjMcAnUOtndwme/3YU1RXvaw
a7vEaX47B1ZJ0p7FI7im3blt6qZkqQXt0MuKVlMKG4ab95WOSSf/MrMcYoYRiVju
/eSmsC+vzczQyg==
-----END CERTIFICATE-----