Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/5a81a9-2d4d-4b26-91d1-ea17da2284ff/1/kWV5napb3fL1Nt2BtybPrtDmCFs.mft
File:                     kWV5napb3fL1Nt2BtybPrtDmCFs.mft (raw, json)
Hash identifier:          vfUd4CA6FfXy8J8nH115687M8UpaWb0gDwRJDkoHyVg=
Subject key identifier:   72:66:80:1E:87:D5:F9:BC:C7:F2:A3:1C:64:DB:7D:43:C0:77:66:99
Authority key identifier: 91:65:79:9D:AA:5B:DD:F2:F5:36:DD:81:B7:26:CF:AE:D0:E6:08:5B
Certificate issuer:       /CN=9165799daa5bddf2f536dd81b726cfaed0e6085b
Certificate serial:       0197B6A1C71BCCDC664047C0C344DF2FFBB8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kWV5napb3fL1Nt2BtybPrtDmCFs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/5a81a9-2d4d-4b26-91d1-ea17da2284ff/1/kWV5napb3fL1Nt2BtybPrtDmCFs.mft
Manifest number:          2E
Signing time:             Sat 28 Jun 2025 13:02:24 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:24 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:24 +0000
Files and hashes:         1: kWV5napb3fL1Nt2BtybPrtDmCFs.crl (hash: ppikFsUcIVABqKmL/sAbezEyMQ8CoCh4VTxA7n3+QpQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/5a81a9-2d4d-4b26-91d1-ea17da2284ff/1/kWV5napb3fL1Nt2BtybPrtDmCFs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/5a81a9-2d4d-4b26-91d1-ea17da2284ff/1/kWV5napb3fL1Nt2BtybPrtDmCFs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kWV5napb3fL1Nt2BtybPrtDmCFs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:c7:1b:cc:dc:66:40:47:c0:c3:44:df:2f:fb:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9165799daa5bddf2f536dd81b726cfaed0e6085b
        Validity
            Not Before: Jun 28 13:02:24 2025 GMT
            Not After : Jun 29 13:02:24 2025 GMT
        Subject: CN=7266801e87d5f9bcc7f2a31c64db7d43c0776699
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:d9:63:55:2c:ed:ca:7d:38:94:9c:c3:c9:3c:
                    07:fe:a1:43:72:43:1e:2f:86:e4:e1:a3:73:42:b5:
                    9a:d4:66:75:6d:0b:40:47:78:c0:e5:18:b4:ec:3b:
                    10:37:8a:38:99:08:c7:12:cc:af:67:01:80:5e:da:
                    6c:c4:b2:0a:4f:dd:8a:f0:0e:12:75:01:77:a4:85:
                    3e:b9:dc:33:f2:18:76:d7:1f:c1:66:52:39:24:b0:
                    8d:25:59:83:30:4d:90:f8:0c:47:10:ac:44:05:0d:
                    1f:8f:41:94:f1:89:4f:39:96:b6:f2:ac:1a:05:7b:
                    25:af:2d:93:e2:30:5b:19:ed:f8:8c:01:c5:65:58:
                    ac:22:09:8f:fa:c2:16:53:54:86:7c:aa:aa:1c:3a:
                    ac:b8:3d:19:69:de:75:29:dc:56:c7:2b:94:2b:34:
                    2b:cf:0a:ec:c0:eb:96:ea:50:a0:a9:81:9f:e6:f3:
                    4f:49:6e:f4:10:d7:2f:1b:63:79:30:c3:b0:c0:13:
                    c8:fa:78:61:a6:a8:23:fe:48:23:19:b2:dd:d6:8b:
                    20:e7:3f:76:4d:c8:a2:79:c2:38:5b:fb:e2:32:a6:
                    9f:e7:85:8c:27:2d:f2:1c:92:3a:64:2b:e2:f2:3a:
                    54:8f:5c:4e:2d:0d:15:76:7c:c8:fc:cd:8f:76:ab:
                    b2:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:66:80:1E:87:D5:F9:BC:C7:F2:A3:1C:64:DB:7D:43:C0:77:66:99
            X509v3 Authority Key Identifier:
                keyid:91:65:79:9D:AA:5B:DD:F2:F5:36:DD:81:B7:26:CF:AE:D0:E6:08:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kWV5napb3fL1Nt2BtybPrtDmCFs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/5a81a9-2d4d-4b26-91d1-ea17da2284ff/1/kWV5napb3fL1Nt2BtybPrtDmCFs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/5a81a9-2d4d-4b26-91d1-ea17da2284ff/1/kWV5napb3fL1Nt2BtybPrtDmCFs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:e0:2f:97:8d:6b:a8:6a:64:7e:d2:50:8a:bc:40:85:fe:8e:
         9d:26:39:c4:40:08:ab:d2:2e:f0:28:35:5d:0e:fa:58:f4:03:
         c4:2f:38:4a:00:7e:d6:bc:08:81:b9:de:5b:b9:65:ee:e4:18:
         dd:c2:fa:8a:77:c0:73:c5:8f:20:db:4c:02:27:1e:44:ee:f1:
         e4:9a:fc:7b:a3:61:07:a4:37:44:cc:40:2d:fe:46:ac:d9:09:
         2e:01:44:fb:9d:36:7d:c6:75:78:06:1f:0c:ac:2b:da:35:99:
         95:98:34:07:c2:56:5c:6d:99:17:c1:54:df:ba:b1:25:bc:91:
         1a:2e:4b:3b:3e:a7:30:be:84:37:ac:49:c0:fe:c9:cd:64:d6:
         09:e7:3d:b1:37:81:f8:fe:64:e5:4e:9d:d7:df:d6:8f:7f:7f:
         50:b2:1d:dd:fa:a5:31:2b:cd:bc:f8:f8:e3:3a:db:3d:6b:17:
         f6:65:0f:ea:4b:a9:b1:cc:71:04:f6:ce:2c:5a:6a:90:15:c8:
         67:c8:56:ae:5d:76:50:a9:06:e8:78:bf:e9:b9:a5:c5:ab:0a:
         1a:a6:1c:a7:9f:4c:4e:d4:82:d7:58:4a:9b:c6:ab:75:ce:a9:
         58:e9:11:e1:ef:c4:c1:fa:03:3e:9f:f3:a6:20:0b:2c:d8:bc:
         63:93:ab:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2occbzNxmQEfAw0TfL/u4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNjU3OTlkYWE1YmRkZjJmNTM2ZGQ4MWI3MjZjZmFlZDBl
NjA4NWIwHhcNMjUwNjI4MTMwMjI0WhcNMjUwNjI5MTMwMjI0WjAzMTEwLwYDVQQD
Eyg3MjY2ODAxZTg3ZDVmOWJjYzdmMmEzMWM2NGRiN2Q0M2MwNzc2Njk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAydljVSztyn04lJzDyTwH/qFDckMe
L4bk4aNzQrWa1GZ1bQtAR3jA5Ri07DsQN4o4mQjHEsyvZwGAXtpsxLIKT92K8A4S
dQF3pIU+udwz8hh21x/BZlI5JLCNJVmDME2Q+AxHEKxEBQ0fj0GU8YlPOZa28qwa
BXslry2T4jBbGe34jAHFZVisIgmP+sIWU1SGfKqqHDqsuD0Zad51KdxWxyuUKzQr
zwrswOuW6lCgqYGf5vNPSW70ENcvG2N5MMOwwBPI+nhhpqgj/kgjGbLd1osg5z92
TciiecI4W/viMqaf54WMJy3yHJI6ZCvi8jpUj1xOLQ0VdnzI/M2PdquyrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHJmgB6H1fm8x/KjHGTbfUPAd2aZMB8GA1UdIwQY
MBaAFJFleZ2qW93y9Tbdgbcmz67Q5ghbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1dWNW5hcGIzZkwxTnQyQnR5YlBydERtQ0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi81YTgxYTktMmQ0ZC00YjI2LTkxZDEt
ZWExN2RhMjI4NGZmLzEva1dWNW5hcGIzZkwxTnQyQnR5YlBydERtQ0ZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi81YTgxYTktMmQ0ZC00YjI2LTkxZDEtZWExN2RhMjI4NGZm
LzEva1dWNW5hcGIzZkwxTnQyQnR5YlBydERtQ0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaOAvl41r
qGpkftJQirxAhf6OnSY5xEAIq9Iu8Cg1XQ76WPQDxC84SgB+1rwIgbneW7ll7uQY
3cL6infAc8WPINtMAiceRO7x5Jr8e6NhB6Q3RMxALf5GrNkJLgFE+502fcZ1eAYf
DKwr2jWZlZg0B8JWXG2ZF8FU37qxJbyRGi5LOz6nML6EN6xJwP7JzWTWCec9sTeB
+P5k5U6d19/Wj39/ULId3fqlMSvNvPj44zrbPWsX9mUP6kupscxxBPbOLFpqkBXI
Z8hWrl12UKkG6Hi/6bmlxasKGqYcp59MTtSC11hKm8ardc6pWOkR4e/EwfoDPp/z
piALLNi8Y5Or/Q==
-----END CERTIFICATE-----