Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/a8b3c2-cad5-45a3-afaa-9ced5e5eff0f/1/iDyv-AezKVLWjHGq8BuRmErR6gg.mft
File:                     iDyv-AezKVLWjHGq8BuRmErR6gg.mft (raw, json)
Hash identifier:          sjt0uFr+TPaYREZ0JR1v0urGtcXPP/iNWcMapY6a3ak=
Subject key identifier:   7A:04:0B:87:E6:0E:DD:5E:27:C0:8A:01:B5:08:6C:D4:EE:C9:12:0E
Authority key identifier: 88:3C:AF:F8:07:B3:29:52:D6:8C:71:AA:F0:1B:91:98:4A:D1:EA:08
Certificate issuer:       /CN=883caff807b32952d68c71aaf01b91984ad1ea08
Certificate serial:       0197B8C5BF923FA78F6F7FFAF9699D386AB4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iDyv-AezKVLWjHGq8BuRmErR6gg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/a8b3c2-cad5-45a3-afaa-9ced5e5eff0f/1/iDyv-AezKVLWjHGq8BuRmErR6gg.mft
Manifest number:          039F
Signing time:             Sat 28 Jun 2025 23:00:56 +0000
Manifest this update:     Sat 28 Jun 2025 23:00:56 +0000
Manifest next update:     Sun 29 Jun 2025 23:00:56 +0000
Files and hashes:         1: iDyv-AezKVLWjHGq8BuRmErR6gg.crl (hash: wNDWKBZRI8y5XOIaHVqgdpfB5P2KQA09LgW0YscijhQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/a8b3c2-cad5-45a3-afaa-9ced5e5eff0f/1/iDyv-AezKVLWjHGq8BuRmErR6gg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/a8b3c2-cad5-45a3-afaa-9ced5e5eff0f/1/iDyv-AezKVLWjHGq8BuRmErR6gg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iDyv-AezKVLWjHGq8BuRmErR6gg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 23:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:c5:bf:92:3f:a7:8f:6f:7f:fa:f9:69:9d:38:6a:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=883caff807b32952d68c71aaf01b91984ad1ea08
        Validity
            Not Before: Jun 28 23:00:56 2025 GMT
            Not After : Jun 29 23:00:56 2025 GMT
        Subject: CN=7a040b87e60edd5e27c08a01b5086cd4eec9120e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:57:5c:23:df:8c:eb:34:9a:26:40:bd:c6:d5:
                    8c:7f:c9:95:04:7d:c1:0d:0d:e3:4c:7f:45:08:a0:
                    47:b3:ac:de:bb:c4:7b:24:a2:90:87:92:5c:db:2e:
                    4c:14:dc:41:6e:23:3c:81:f5:6c:da:5a:98:28:3b:
                    7a:ed:1c:1a:4f:3a:54:30:91:38:64:b7:1b:ff:cf:
                    5b:72:45:f4:fc:d6:64:b6:b4:95:93:63:82:2a:bd:
                    75:ff:d5:e3:d8:9b:14:2e:9a:ce:b7:4d:c0:80:28:
                    a7:1e:18:16:06:d9:b9:63:be:29:80:b2:3b:0b:7a:
                    c7:fa:73:fc:8a:28:50:01:92:d6:3f:9a:bd:40:ed:
                    5c:bc:d8:50:ef:4b:e3:f6:e8:24:2d:13:70:80:e7:
                    b4:15:47:3b:a6:e9:e5:96:91:ff:02:a6:11:56:fd:
                    fa:4e:d5:47:09:21:4f:bd:e6:bd:40:3b:9b:2f:bf:
                    6b:b4:0f:18:cf:50:40:fc:1f:aa:86:2a:f4:14:b8:
                    f2:da:c6:f5:62:0b:06:38:d7:eb:c6:df:55:a6:04:
                    f5:6a:c8:00:e5:d8:d7:3d:a5:11:5d:db:b6:0b:07:
                    34:7c:55:47:02:ec:d9:8e:51:9c:73:c1:5a:0f:6a:
                    ea:69:f6:31:ca:e4:e9:fc:85:89:73:dd:58:8b:dd:
                    d4:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:04:0B:87:E6:0E:DD:5E:27:C0:8A:01:B5:08:6C:D4:EE:C9:12:0E
            X509v3 Authority Key Identifier:
                keyid:88:3C:AF:F8:07:B3:29:52:D6:8C:71:AA:F0:1B:91:98:4A:D1:EA:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iDyv-AezKVLWjHGq8BuRmErR6gg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/a8b3c2-cad5-45a3-afaa-9ced5e5eff0f/1/iDyv-AezKVLWjHGq8BuRmErR6gg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/a8b3c2-cad5-45a3-afaa-9ced5e5eff0f/1/iDyv-AezKVLWjHGq8BuRmErR6gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:54:15:22:30:bb:04:66:48:75:3c:e8:d1:1a:2b:b2:1c:d9:
         57:e1:dc:61:12:c2:c2:7e:c8:ae:e6:a1:eb:8a:e8:b1:8b:bf:
         49:45:f5:e8:0c:77:b8:eb:5b:4b:89:97:70:c6:13:98:61:2f:
         4c:5f:56:7b:f5:f7:84:74:60:ef:7c:c6:89:d5:4a:9f:cf:56:
         99:2b:3f:50:9a:06:89:ca:30:17:3f:04:c3:6b:20:04:12:39:
         8e:bf:cf:2e:87:cc:2d:ca:98:71:bd:a1:8a:41:47:e1:a5:c5:
         89:96:0e:14:03:15:3c:f5:56:55:e3:77:a0:02:40:c9:5b:28:
         e0:32:2b:53:c0:bf:a3:56:b2:18:df:4a:86:fb:85:01:60:bf:
         9b:93:51:53:61:0c:82:fe:38:7d:86:e5:42:24:75:d5:24:d7:
         c0:06:12:da:65:ec:f1:92:e7:8c:24:6f:ee:38:31:d4:d4:61:
         7a:40:c5:f5:2f:35:f4:2b:56:4a:03:9b:24:18:0c:58:ec:c9:
         42:75:d0:dc:d3:dc:44:02:a2:de:3d:f5:51:98:8b:a6:2d:5c:
         17:11:ed:95:13:c0:c1:37:cc:0f:c9:6f:29:c6:ab:16:01:6a:
         24:c7:3b:f1:28:81:1c:73:7c:45:57:73:45:e1:9b:98:2f:2e:
         e5:15:4e:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4xb+SP6ePb3/6+WmdOGq0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4M2NhZmY4MDdiMzI5NTJkNjhjNzFhYWYwMWI5MTk4NGFk
MWVhMDgwHhcNMjUwNjI4MjMwMDU2WhcNMjUwNjI5MjMwMDU2WjAzMTEwLwYDVQQD
Eyg3YTA0MGI4N2U2MGVkZDVlMjdjMDhhMDFiNTA4NmNkNGVlYzkxMjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm1dcI9+M6zSaJkC9xtWMf8mVBH3B
DQ3jTH9FCKBHs6zeu8R7JKKQh5Jc2y5MFNxBbiM8gfVs2lqYKDt67RwaTzpUMJE4
ZLcb/89bckX0/NZktrSVk2OCKr11/9Xj2JsULprOt03AgCinHhgWBtm5Y74pgLI7
C3rH+nP8iihQAZLWP5q9QO1cvNhQ70vj9ugkLRNwgOe0FUc7punllpH/AqYRVv36
TtVHCSFPvea9QDubL79rtA8Yz1BA/B+qhir0FLjy2sb1YgsGONfrxt9VpgT1asgA
5djXPaURXdu2Cwc0fFVHAuzZjlGcc8FaD2rqafYxyuTp/IWJc91Yi93U1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHoEC4fmDt1eJ8CKAbUIbNTuyRIOMB8GA1UdIwQY
MBaAFIg8r/gHsylS1oxxqvAbkZhK0eoIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUR5di1BZXpLVkxXakhHcThCdVJtRXJSNmdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9hOGIzYzItY2FkNS00NWEzLWFmYWEt
OWNlZDVlNWVmZjBmLzEvaUR5di1BZXpLVkxXakhHcThCdVJtRXJSNmdnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9hOGIzYzItY2FkNS00NWEzLWFmYWEtOWNlZDVlNWVmZjBm
LzEvaUR5di1BZXpLVkxXakhHcThCdVJtRXJSNmdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP1QVIjC7
BGZIdTzo0RorshzZV+HcYRLCwn7Iruah64rosYu/SUX16Ax3uOtbS4mXcMYTmGEv
TF9We/X3hHRg73zGidVKn89WmSs/UJoGicowFz8Ew2sgBBI5jr/PLofMLcqYcb2h
ikFH4aXFiZYOFAMVPPVWVeN3oAJAyVso4DIrU8C/o1ayGN9KhvuFAWC/m5NRU2EM
gv44fYblQiR11STXwAYS2mXs8ZLnjCRv7jgx1NRhekDF9S819CtWSgObJBgMWOzJ
QnXQ3NPcRAKi3j31UZiLpi1cFxHtlRPAwTfMD8lvKcarFgFqJMc78SiBHHN8RVdz
ReGbmC8u5RVOOw==
-----END CERTIFICATE-----