Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft
File:                     ulwqMT590aRJ4sH7JsWrA-UmgY0.mft (raw, json)
Hash identifier:          7BvkaXt66XVWVIVEzU/05oUMzoHxRUw0kteX8ZP3fa8=
Subject key identifier:   A9:8D:2A:F5:29:F9:E9:87:5A:16:0A:3D:49:C8:F0:A9:D8:BD:7A:31
Authority key identifier: BA:5C:2A:31:3E:7D:D1:A4:49:E2:C1:FB:26:C5:AB:03:E5:26:81:8D
Certificate issuer:       /CN=ba5c2a313e7dd1a449e2c1fb26c5ab03e526818d
Certificate serial:       0197C5381D94183F3368827F81C9A8B17262
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ulwqMT590aRJ4sH7JsWrA-UmgY0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft
Manifest number:          02E9
Signing time:             Tue 01 Jul 2025 09:01:18 +0000
Manifest this update:     Tue 01 Jul 2025 09:01:18 +0000
Manifest next update:     Wed 02 Jul 2025 09:01:18 +0000
Files and hashes:         1: ulwqMT590aRJ4sH7JsWrA-UmgY0.crl (hash: k2B9sWSS9kdYC8wkoSCimxcP+zkq16h3+oWtW5Iq/CI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ulwqMT590aRJ4sH7JsWrA-UmgY0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 02 Jul 2025 08:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c5:38:1d:94:18:3f:33:68:82:7f:81:c9:a8:b1:72:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba5c2a313e7dd1a449e2c1fb26c5ab03e526818d
        Validity
            Not Before: Jul  1 09:01:18 2025 GMT
            Not After : Jul  2 09:01:18 2025 GMT
        Subject: CN=a98d2af529f9e9875a160a3d49c8f0a9d8bd7a31
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:50:9e:a0:5c:d7:49:2e:51:13:a5:b2:e1:d8:
                    62:4c:95:a9:c8:b9:4c:f6:1e:2f:76:e1:be:62:8d:
                    71:14:3f:71:03:b4:58:b3:30:c4:7e:d4:b0:4e:74:
                    c5:cf:8f:de:fc:e3:39:b1:5f:32:b9:36:88:d8:01:
                    34:84:99:08:73:3a:3a:25:8e:67:49:5b:a5:99:68:
                    34:49:12:5f:5e:3c:d5:4a:4c:78:6d:5c:05:c3:8e:
                    ef:88:99:84:19:44:b4:e0:4f:17:50:54:24:9e:2e:
                    dc:3a:f2:5c:4b:29:18:de:63:e2:aa:c3:0f:56:4c:
                    23:09:b8:05:e3:7b:85:2a:92:40:d1:e9:aa:e2:da:
                    84:c4:4f:d0:bc:0a:8e:58:1d:da:24:a4:c5:7d:99:
                    c1:bb:7a:e2:e3:64:dc:ed:bd:3d:9e:5f:5a:57:a6:
                    99:17:7d:9c:94:ee:66:e0:b4:ff:04:a1:ff:b0:e5:
                    0c:73:93:26:d8:c7:b8:7d:91:d1:e6:87:b3:0f:d4:
                    9f:51:6e:6e:0e:2e:9c:2c:fd:39:95:79:40:7b:73:
                    e6:55:4b:47:8f:df:a2:6a:49:eb:04:1d:19:f6:2e:
                    cd:38:f6:1e:89:3c:58:1d:08:db:6e:93:c2:4b:7e:
                    50:69:ec:e3:28:01:59:41:0b:c0:db:09:8e:f5:09:
                    64:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:8D:2A:F5:29:F9:E9:87:5A:16:0A:3D:49:C8:F0:A9:D8:BD:7A:31
            X509v3 Authority Key Identifier:
                keyid:BA:5C:2A:31:3E:7D:D1:A4:49:E2:C1:FB:26:C5:AB:03:E5:26:81:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ulwqMT590aRJ4sH7JsWrA-UmgY0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:02:b1:31:b9:03:71:b8:5d:70:f2:61:07:7e:03:85:d3:15:
         b7:eb:12:d8:68:f6:66:cb:2c:d0:32:a1:60:29:58:1c:d3:83:
         23:9f:69:a0:a6:bf:5e:e4:2a:68:96:7d:a1:34:17:45:0d:72:
         be:b9:c1:53:04:db:11:1f:a8:32:45:bb:76:ef:e4:3d:fb:73:
         fa:dc:6a:da:c2:d5:9a:70:36:2f:cf:0e:7f:6c:ba:ad:a9:6b:
         67:71:65:22:66:ff:a6:7c:15:e8:7c:8f:16:99:0e:c0:26:31:
         b1:2f:85:de:be:78:9a:28:11:19:5a:f8:cc:1b:91:55:7c:ed:
         4e:e2:cc:65:f3:55:2d:63:05:41:b9:c3:b8:e2:33:1d:9b:ad:
         49:c6:62:55:77:e2:5d:de:27:f2:c7:d6:71:80:7d:06:16:59:
         36:88:b1:9b:ad:ce:b4:9d:0e:9e:2c:e1:96:29:0a:7b:29:fd:
         5b:90:d7:03:a2:d5:c7:36:6f:4f:8a:af:17:28:c6:d3:44:b6:
         94:e5:2d:45:16:c7:70:c6:8b:f9:a6:e5:30:9b:90:0a:72:35:
         c1:b2:10:95:95:a0:f4:23:81:64:2a:7b:10:23:36:f7:0f:b4:
         3b:50:83:64:89:01:23:cf:d3:3f:56:2f:d3:80:58:2b:01:b2:
         8d:5b:2c:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfFOB2UGD8zaIJ/gcmosXJiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNWMyYTMxM2U3ZGQxYTQ0OWUyYzFmYjI2YzVhYjAzZTUy
NjgxOGQwHhcNMjUwNzAxMDkwMTE4WhcNMjUwNzAyMDkwMTE4WjAzMTEwLwYDVQQD
EyhhOThkMmFmNTI5ZjllOTg3NWExNjBhM2Q0OWM4ZjBhOWQ4YmQ3YTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVCeoFzXSS5RE6Wy4dhiTJWpyLlM
9h4vduG+Yo1xFD9xA7RYszDEftSwTnTFz4/e/OM5sV8yuTaI2AE0hJkIczo6JY5n
SVulmWg0SRJfXjzVSkx4bVwFw47viJmEGUS04E8XUFQkni7cOvJcSykY3mPiqsMP
VkwjCbgF43uFKpJA0emq4tqExE/QvAqOWB3aJKTFfZnBu3ri42Tc7b09nl9aV6aZ
F32clO5m4LT/BKH/sOUMc5Mm2Me4fZHR5oezD9SfUW5uDi6cLP05lXlAe3PmVUtH
j9+iaknrBB0Z9i7NOPYeiTxYHQjbbpPCS35QaezjKAFZQQvA2wmO9QlkyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKmNKvUp+emHWhYKPUnI8KnYvXoxMB8GA1UdIwQY
MBaAFLpcKjE+fdGkSeLB+ybFqwPlJoGNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWx3cU1UNTkwYVJKNHNIN0pzV3JBLVVtZ1kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9mOGVhOTgtNGZiYy00ZjNlLWI2NTgt
ZTBhN2FlMjE2Y2I3LzEvdWx3cU1UNTkwYVJKNHNIN0pzV3JBLVVtZ1kwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9mOGVhOTgtNGZiYy00ZjNlLWI2NTgtZTBhN2FlMjE2Y2I3
LzEvdWx3cU1UNTkwYVJKNHNIN0pzV3JBLVVtZ1kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoAKxMbkD
cbhdcPJhB34DhdMVt+sS2Gj2Zsss0DKhYClYHNODI59poKa/XuQqaJZ9oTQXRQ1y
vrnBUwTbER+oMkW7du/kPftz+txq2sLVmnA2L88Of2y6ralrZ3FlImb/pnwV6HyP
FpkOwCYxsS+F3r54migRGVr4zBuRVXztTuLMZfNVLWMFQbnDuOIzHZutScZiVXfi
Xd4n8sfWcYB9BhZZNoixm63OtJ0OnizhlikKeyn9W5DXA6LVxzZvT4qvFyjG00S2
lOUtRRbHcMaL+ablMJuQCnI1wbIQlZWg9COBZCp7ECM29w+0O1CDZIkBI8/TP1Yv
04BYKwGyjVssvA==
-----END CERTIFICATE-----