Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft
File:                     582m42RtyToNLUKV0esJR2xmvKY.mft (raw, json)
Hash identifier:          /xIkWWYmskXPJl1h+IG1JpFvgUviIZcAn2uX8HEtBrc=
Subject key identifier:   D2:0C:2E:69:83:6B:03:AF:3B:47:A3:D9:60:90:80:74:28:7E:D0:01
Authority key identifier: E7:CD:A6:E3:64:6D:C9:3A:0D:2D:42:95:D1:EB:09:47:6C:66:BC:A6
Certificate issuer:       /CN=e7cda6e3646dc93a0d2d4295d1eb09476c66bca6
Certificate serial:       0198D54E36626B33C70ECA798110AC0E0FBF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/582m42RtyToNLUKV0esJR2xmvKY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft
Manifest number:          0370
Signing time:             Sat 23 Aug 2025 05:02:09 +0000
Manifest this update:     Sat 23 Aug 2025 05:02:09 +0000
Manifest next update:     Sun 24 Aug 2025 05:02:09 +0000
Files and hashes:         1: 582m42RtyToNLUKV0esJR2xmvKY.crl (hash: XP4Xo/ftx2YnmjOIY2qKGes9H650WsW/Mx4z/o6X7Mc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/582m42RtyToNLUKV0esJR2xmvKY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:4e:36:62:6b:33:c7:0e:ca:79:81:10:ac:0e:0f:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7cda6e3646dc93a0d2d4295d1eb09476c66bca6
        Validity
            Not Before: Aug 23 05:02:09 2025 GMT
            Not After : Aug 24 05:02:09 2025 GMT
        Subject: CN=d20c2e69836b03af3b47a3d960908074287ed001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:1b:1b:c0:37:a6:c5:3b:6a:d3:8e:4d:fe:a6:
                    78:9d:03:04:fe:e0:a2:d3:b7:ce:ef:e0:62:fc:9b:
                    42:d5:f5:95:20:f2:0a:41:d8:0f:93:11:3d:dd:93:
                    03:39:52:e7:b4:01:77:b7:7f:8b:0b:a2:54:1a:7c:
                    4c:26:3b:cd:79:c5:23:17:bd:1d:c3:96:c9:b5:02:
                    d9:a8:26:cd:a6:24:14:13:91:87:ba:b0:c9:e8:95:
                    1a:9b:66:1c:e1:e1:ca:fa:59:a3:ad:c6:aa:0d:e7:
                    5a:87:25:0e:86:20:b9:6e:49:7f:77:6a:92:0f:12:
                    fe:9d:32:1b:14:4d:b2:32:4a:c2:40:83:59:e0:04:
                    06:4e:da:59:0a:66:07:22:f7:94:c4:ea:99:01:17:
                    74:b6:bf:9e:d6:87:b8:80:17:ad:fd:8e:09:55:57:
                    96:4c:69:a1:55:59:4d:f5:a6:fb:0f:0a:5d:f1:54:
                    b4:51:28:c4:e3:55:63:b4:29:f7:8b:a0:20:5b:0a:
                    37:2e:30:15:16:c2:a3:85:6a:d4:2c:2b:57:ee:06:
                    c3:d8:2d:6e:f7:46:e4:ad:35:35:59:d9:16:d3:72:
                    fb:84:0c:27:75:82:d7:4d:e0:85:58:f9:40:9b:43:
                    f0:57:cd:0a:ef:4d:32:5c:b3:1a:ae:c8:ad:d8:d9:
                    a5:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:0C:2E:69:83:6B:03:AF:3B:47:A3:D9:60:90:80:74:28:7E:D0:01
            X509v3 Authority Key Identifier:
                keyid:E7:CD:A6:E3:64:6D:C9:3A:0D:2D:42:95:D1:EB:09:47:6C:66:BC:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/582m42RtyToNLUKV0esJR2xmvKY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:d7:15:f1:dc:cf:48:87:76:cc:bd:93:87:0d:fd:74:5a:0f:
         63:50:82:29:f5:26:6c:d2:3e:ca:57:16:93:e7:7b:b1:4f:9b:
         f9:22:ee:4d:45:63:b6:ad:b9:48:10:5c:00:bd:0a:6a:ea:71:
         f5:e7:1e:1c:c2:24:86:49:4c:6b:9d:34:ed:57:7d:90:f3:7a:
         4a:4a:bc:6e:2f:64:97:c1:10:50:dd:62:b9:60:1e:e8:da:ba:
         93:d1:fb:08:df:de:63:47:c9:c6:56:c2:37:01:12:04:73:1d:
         b2:5a:5c:ce:12:ec:c0:fd:c7:9d:2e:d0:6e:58:ee:d6:8c:cf:
         6d:67:59:e6:d0:26:ba:67:b9:a5:bd:c2:ea:b0:5c:dc:53:fc:
         72:5f:e1:ef:69:1b:6f:94:35:aa:e9:8b:ed:7e:63:88:7b:2f:
         81:a6:61:49:b6:52:88:3d:10:b6:15:1e:26:3b:70:3f:4e:e4:
         33:66:f4:5e:0c:e5:e7:a8:0c:08:65:22:79:ec:05:12:5b:80:
         22:2f:a9:0f:8c:e3:16:42:c7:ab:56:5e:3d:b0:b6:ef:88:90:
         11:e1:1e:bf:9c:8b:12:9c:b7:09:13:f1:e4:58:75:4c:a0:85:
         88:54:5b:aa:87:38:0f:5a:46:c6:8e:6b:30:81:b1:3e:3d:50:
         67:a1:ec:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTjZiazPHDsp5gRCsDg+/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2RhNmUzNjQ2ZGM5M2EwZDJkNDI5NWQxZWIwOTQ3NmM2
NmJjYTYwHhcNMjUwODIzMDUwMjA5WhcNMjUwODI0MDUwMjA5WjAzMTEwLwYDVQQD
EyhkMjBjMmU2OTgzNmIwM2FmM2I0N2EzZDk2MDkwODA3NDI4N2VkMDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRsbwDemxTtq045N/qZ4nQME/uCi
07fO7+Bi/JtC1fWVIPIKQdgPkxE93ZMDOVLntAF3t3+LC6JUGnxMJjvNecUjF70d
w5bJtQLZqCbNpiQUE5GHurDJ6JUam2Yc4eHK+lmjrcaqDedahyUOhiC5bkl/d2qS
DxL+nTIbFE2yMkrCQINZ4AQGTtpZCmYHIveUxOqZARd0tr+e1oe4gBet/Y4JVVeW
TGmhVVlN9ab7Dwpd8VS0USjE41VjtCn3i6AgWwo3LjAVFsKjhWrULCtX7gbD2C1u
90bkrTU1WdkW03L7hAwndYLXTeCFWPlAm0PwV80K700yXLMarsit2Nml/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNIMLmmDawOvO0ej2WCQgHQoftABMB8GA1UdIwQY
MBaAFOfNpuNkbck6DS1CldHrCUdsZrymMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTgybTQyUnR5VG9OTFVLVjBlc0pSMnhtdktZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8zYTZkMjgtMWM0My00YjhiLWI3MTMt
NTY4YzQwN2IzMGY3LzEvNTgybTQyUnR5VG9OTFVLVjBlc0pSMnhtdktZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8zYTZkMjgtMWM0My00YjhiLWI3MTMtNTY4YzQwN2IzMGY3
LzEvNTgybTQyUnR5VG9OTFVLVjBlc0pSMnhtdktZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAntcV8dzP
SId2zL2Thw39dFoPY1CCKfUmbNI+ylcWk+d7sU+b+SLuTUVjtq25SBBcAL0Kaupx
9eceHMIkhklMa5007Vd9kPN6Skq8bi9kl8EQUN1iuWAe6Nq6k9H7CN/eY0fJxlbC
NwESBHMdslpczhLswP3HnS7Qblju1ozPbWdZ5tAmume5pb3C6rBc3FP8cl/h72kb
b5Q1qumL7X5jiHsvgaZhSbZSiD0QthUeJjtwP07kM2b0Xgzl56gMCGUieewFEluA
Ii+pD4zjFkLHq1ZePbC274iQEeEev5yLEpy3CRPx5Fh1TKCFiFRbqoc4D1pGxo5r
MIGxPj1QZ6HsBA==
-----END CERTIFICATE-----