Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/2c74d9-c3e0-496b-a4be-8dd45d2bca7a/1/gAVnqlixEmbTjGRvpkc_VEk3fE0.mft
File:                     gAVnqlixEmbTjGRvpkc_VEk3fE0.mft (raw, json)
Hash identifier:          DJZLTs7x0eQ/B5lTyd6zqICCVvYb0DPpehxf/lp4Rkg=
Subject key identifier:   F7:04:FE:15:79:FB:86:CC:19:26:86:7C:56:35:66:AE:B9:3C:C0:35
Authority key identifier: 80:05:67:AA:58:B1:12:66:D3:8C:64:6F:A6:47:3F:54:49:37:7C:4D
Certificate issuer:       /CN=800567aa58b11266d38c646fa6473f5449377c4d
Certificate serial:       0197B7B32E4EE347E476E9ADBB485DB77588
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gAVnqlixEmbTjGRvpkc_VEk3fE0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/2c74d9-c3e0-496b-a4be-8dd45d2bca7a/1/gAVnqlixEmbTjGRvpkc_VEk3fE0.mft
Manifest number:          6D
Signing time:             Sat 28 Jun 2025 18:01:02 +0000
Manifest this update:     Sat 28 Jun 2025 18:01:02 +0000
Manifest next update:     Sun 29 Jun 2025 18:01:02 +0000
Files and hashes:         1: gAVnqlixEmbTjGRvpkc_VEk3fE0.crl (hash: mHF7zd8aMxAHDq+e396MTLW0TFUaHlOWxD+WuzBTO/c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/2c74d9-c3e0-496b-a4be-8dd45d2bca7a/1/gAVnqlixEmbTjGRvpkc_VEk3fE0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/2c74d9-c3e0-496b-a4be-8dd45d2bca7a/1/gAVnqlixEmbTjGRvpkc_VEk3fE0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gAVnqlixEmbTjGRvpkc_VEk3fE0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:b3:2e:4e:e3:47:e4:76:e9:ad:bb:48:5d:b7:75:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=800567aa58b11266d38c646fa6473f5449377c4d
        Validity
            Not Before: Jun 28 18:01:02 2025 GMT
            Not After : Jun 29 18:01:02 2025 GMT
        Subject: CN=f704fe1579fb86cc1926867c563566aeb93cc035
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:10:04:e0:16:d7:b9:e8:a5:cb:a7:4c:07:ff:
                    91:4a:ea:71:ba:28:d5:c3:d1:76:9c:0a:e4:b1:27:
                    a8:a7:f6:03:cc:a1:68:de:b2:17:a9:87:12:77:24:
                    16:fe:8d:ea:19:b8:6f:1b:14:3b:2e:5c:0e:b6:f6:
                    9e:a4:c5:96:e0:8f:07:07:31:e5:42:3e:3b:54:3c:
                    62:28:83:6d:d9:d7:ba:b5:8e:b3:80:a0:e7:84:60:
                    e4:64:d1:01:2d:00:23:a0:88:04:c6:e8:c1:22:fe:
                    56:ef:88:c8:18:9b:36:a8:a7:e3:34:23:30:22:79:
                    8b:5e:d7:c1:39:17:98:f3:4f:a3:2d:28:25:df:ea:
                    17:72:87:5f:94:7c:9d:98:8a:a1:90:ff:01:9e:7c:
                    16:3c:b5:e9:ba:c8:58:05:77:b9:e8:db:8c:e1:68:
                    46:8e:ff:17:b7:81:a0:ab:54:bf:d7:dd:f8:af:c6:
                    60:87:4d:80:60:72:eb:a6:84:25:6b:05:eb:86:06:
                    d0:4b:d6:37:ea:2e:2e:17:17:90:60:b7:86:c7:b3:
                    80:16:f9:2e:e9:a1:cf:2f:5b:f7:04:83:17:ea:da:
                    ef:65:f7:70:6a:9b:6d:9b:ba:0e:92:ff:ac:27:3f:
                    94:0f:df:ba:2c:d6:d8:52:12:81:f6:fe:08:3b:aa:
                    86:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:04:FE:15:79:FB:86:CC:19:26:86:7C:56:35:66:AE:B9:3C:C0:35
            X509v3 Authority Key Identifier:
                keyid:80:05:67:AA:58:B1:12:66:D3:8C:64:6F:A6:47:3F:54:49:37:7C:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gAVnqlixEmbTjGRvpkc_VEk3fE0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/2c74d9-c3e0-496b-a4be-8dd45d2bca7a/1/gAVnqlixEmbTjGRvpkc_VEk3fE0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/2c74d9-c3e0-496b-a4be-8dd45d2bca7a/1/gAVnqlixEmbTjGRvpkc_VEk3fE0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:25:ee:f1:9e:c9:b0:8f:59:89:b3:c8:6b:3c:4b:ec:6f:75:
         30:e0:71:f2:d3:82:f8:b6:20:f0:86:9f:87:0a:75:28:1f:c8:
         93:40:c3:eb:1e:03:9f:bd:f1:e0:c5:4a:be:b4:27:eb:b8:e0:
         0d:30:e7:cf:69:5a:65:39:f3:ef:6b:11:27:64:91:a5:24:7d:
         6f:4e:05:90:29:71:e7:f5:7f:3e:c7:37:05:0e:a5:e4:1b:91:
         17:22:a5:75:16:2c:8f:92:e2:ac:0f:f4:06:de:58:7c:d8:b2:
         9e:e7:ff:f5:e8:2e:ee:7f:1e:72:52:80:ed:cf:6e:f4:2a:73:
         62:a7:55:a2:9b:e3:20:98:f8:4e:6f:7b:36:d0:8d:0b:4e:67:
         23:04:a4:bc:89:75:a9:e0:3c:65:21:15:9c:a6:b6:4f:1b:bd:
         da:46:cf:cf:de:05:71:7a:b6:5a:64:4a:b1:29:17:58:c3:5d:
         ea:56:a1:30:73:cd:80:26:1b:f4:37:b9:39:c5:d4:8e:f8:42:
         86:0f:8c:d9:06:8c:3a:3e:94:96:ab:96:0b:a4:ed:c2:9f:e3:
         a0:59:e1:c8:d8:86:f2:e2:d0:bb:22:4a:0c:3c:80:bf:44:64:
         ef:37:82:94:32:af:57:43:08:7f:ba:f1:df:f4:22:ae:05:ce:
         37:00:3e:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3sy5O40fkdumtu0hdt3WIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwMDU2N2FhNThiMTEyNjZkMzhjNjQ2ZmE2NDczZjU0NDkz
NzdjNGQwHhcNMjUwNjI4MTgwMTAyWhcNMjUwNjI5MTgwMTAyWjAzMTEwLwYDVQQD
EyhmNzA0ZmUxNTc5ZmI4NmNjMTkyNjg2N2M1NjM1NjZhZWI5M2NjMDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthAE4BbXueily6dMB/+RSupxuijV
w9F2nArksSeop/YDzKFo3rIXqYcSdyQW/o3qGbhvGxQ7LlwOtvaepMWW4I8HBzHl
Qj47VDxiKINt2de6tY6zgKDnhGDkZNEBLQAjoIgExujBIv5W74jIGJs2qKfjNCMw
InmLXtfBOReY80+jLSgl3+oXcodflHydmIqhkP8BnnwWPLXpushYBXe56NuM4WhG
jv8Xt4Ggq1S/1934r8Zgh02AYHLrpoQlawXrhgbQS9Y36i4uFxeQYLeGx7OAFvku
6aHPL1v3BIMX6trvZfdwapttm7oOkv+sJz+UD9+6LNbYUhKB9v4IO6qGgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPcE/hV5+4bMGSaGfFY1Zq65PMA1MB8GA1UdIwQY
MBaAFIAFZ6pYsRJm04xkb6ZHP1RJN3xNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0FWbnFsaXhFbWJUakdSdnBrY19WRWszZkUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS8yYzc0ZDktYzNlMC00OTZiLWE0YmUt
OGRkNDVkMmJjYTdhLzEvZ0FWbnFsaXhFbWJUakdSdnBrY19WRWszZkUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS8yYzc0ZDktYzNlMC00OTZiLWE0YmUtOGRkNDVkMmJjYTdh
LzEvZ0FWbnFsaXhFbWJUakdSdnBrY19WRWszZkUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhyXu8Z7J
sI9ZibPIazxL7G91MOBx8tOC+LYg8Iafhwp1KB/Ik0DD6x4Dn73x4MVKvrQn67jg
DTDnz2laZTnz72sRJ2SRpSR9b04FkClx5/V/Psc3BQ6l5BuRFyKldRYsj5LirA/0
Bt5YfNiynuf/9egu7n8eclKA7c9u9CpzYqdVopvjIJj4Tm97NtCNC05nIwSkvIl1
qeA8ZSEVnKa2Txu92kbPz94FcXq2WmRKsSkXWMNd6lahMHPNgCYb9De5OcXUjvhC
hg+M2QaMOj6UlquWC6Ttwp/joFnhyNiG8uLQuyJKDDyAv0Rk7zeClDKvV0MIf7rx
3/QirgXONwA+mw==
-----END CERTIFICATE-----