Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/5974d6-6c67-442b-993a-7ae5987bee62/1/UmLT8nzAW-WSS7e9iQ9-be_7SX0.mft
File:                     UmLT8nzAW-WSS7e9iQ9-be_7SX0.mft (raw, json)
Hash identifier:          Gb9FGt9TO26upWHAArRaR90n2SrlqFGB/9hXOQlb7z0=
Subject key identifier:   8C:69:D5:31:1A:86:DA:D1:D6:B0:26:95:0E:36:BC:45:E9:49:4A:B6
Authority key identifier: 52:62:D3:F2:7C:C0:5B:E5:92:4B:B7:BD:89:0F:7E:6D:EF:FB:49:7D
Certificate issuer:       /CN=5262d3f27cc05be5924bb7bd890f7e6deffb497d
Certificate serial:       0197B77C1AF91EA5F4FF3FC5BD853BB71037
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UmLT8nzAW-WSS7e9iQ9-be_7SX0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ce/5974d6-6c67-442b-993a-7ae5987bee62/1/UmLT8nzAW-WSS7e9iQ9-be_7SX0.mft
Manifest number:          1513
Signing time:             Sat 28 Jun 2025 17:00:53 +0000
Manifest this update:     Sat 28 Jun 2025 17:00:53 +0000
Manifest next update:     Sun 29 Jun 2025 17:00:53 +0000
Files and hashes:         1: UmLT8nzAW-WSS7e9iQ9-be_7SX0.crl (hash: nOZdQGJK/VlpaCtypRueYqU+cng6XrbCHiY1kwO+bmc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ce/5974d6-6c67-442b-993a-7ae5987bee62/1/UmLT8nzAW-WSS7e9iQ9-be_7SX0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ce/5974d6-6c67-442b-993a-7ae5987bee62/1/UmLT8nzAW-WSS7e9iQ9-be_7SX0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UmLT8nzAW-WSS7e9iQ9-be_7SX0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:1a:f9:1e:a5:f4:ff:3f:c5:bd:85:3b:b7:10:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5262d3f27cc05be5924bb7bd890f7e6deffb497d
        Validity
            Not Before: Jun 28 17:00:53 2025 GMT
            Not After : Jun 29 17:00:53 2025 GMT
        Subject: CN=8c69d5311a86dad1d6b026950e36bc45e9494ab6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:c4:ea:75:25:74:b6:ff:8a:69:2a:08:19:43:
                    0a:e9:dd:30:54:68:cd:c9:95:ae:5b:b9:77:e6:fa:
                    f2:23:38:99:26:b2:e4:d5:94:a7:0a:b3:f1:30:8c:
                    7f:86:af:69:50:5d:1e:8b:19:fb:f7:54:4d:0b:64:
                    06:cb:20:18:4d:5e:c1:45:fa:59:31:6a:7a:80:07:
                    04:3b:d6:1c:70:01:30:b2:91:3d:a8:96:fc:e8:65:
                    ed:79:d3:f1:49:d6:71:b8:36:74:85:5e:f3:64:cc:
                    bd:b4:b5:23:0a:8b:55:b4:c9:fb:64:26:6d:41:24:
                    99:0e:af:cc:ad:68:11:2d:6b:31:86:76:fb:ba:26:
                    fa:50:f9:06:5f:e5:a5:6f:25:a1:b3:02:81:e1:f1:
                    ad:5a:ab:11:b7:08:fb:fd:15:2e:81:0a:3a:b3:4a:
                    29:aa:28:d5:f3:4c:0e:97:1b:da:55:9c:d0:9c:81:
                    af:21:38:0e:41:e5:3c:18:4b:18:49:bb:4d:3e:ac:
                    a2:e2:70:a7:46:b6:a3:c2:79:9b:da:e8:8a:10:22:
                    de:9d:a7:15:fd:bb:65:26:9d:26:fd:71:57:ea:7a:
                    ef:45:e4:5c:af:3f:3f:e1:61:e4:b3:92:be:e5:bb:
                    12:8a:d7:21:c1:da:01:d8:fa:95:3b:41:a3:0c:a4:
                    b2:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:69:D5:31:1A:86:DA:D1:D6:B0:26:95:0E:36:BC:45:E9:49:4A:B6
            X509v3 Authority Key Identifier:
                keyid:52:62:D3:F2:7C:C0:5B:E5:92:4B:B7:BD:89:0F:7E:6D:EF:FB:49:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmLT8nzAW-WSS7e9iQ9-be_7SX0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5974d6-6c67-442b-993a-7ae5987bee62/1/UmLT8nzAW-WSS7e9iQ9-be_7SX0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5974d6-6c67-442b-993a-7ae5987bee62/1/UmLT8nzAW-WSS7e9iQ9-be_7SX0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ba:cc:7b:a8:9c:8d:24:da:26:17:bf:47:1c:a5:f1:71:6a:72:
         f2:0f:23:d6:82:05:ae:54:22:7e:b9:17:27:d5:07:e3:12:e4:
         5c:e2:b8:ab:6b:1a:be:a0:63:93:68:6e:83:3f:fc:23:d9:53:
         06:a8:65:b6:d6:b9:91:f8:18:c4:0c:8c:5e:4b:c7:f3:3b:10:
         ba:fb:36:9c:8a:29:97:0f:22:88:db:bc:6d:04:54:bf:b7:b8:
         5a:23:fc:68:99:86:bd:e5:a8:aa:b0:78:44:15:48:43:03:29:
         51:66:30:4e:1e:98:ed:9a:46:c8:65:da:36:56:14:4f:24:01:
         18:73:51:b5:4b:f8:1c:99:77:65:0a:76:f7:12:f5:bd:4f:b8:
         d2:7f:56:5d:63:3a:10:30:23:b2:fd:94:d2:c4:90:d9:f8:8a:
         a9:09:db:8a:4c:2f:db:d6:2c:e0:2f:ec:a8:74:48:19:5e:ae:
         9e:b0:62:56:1b:e8:f3:ca:1c:e3:ac:cd:0a:87:4d:d4:06:97:
         12:aa:56:8f:69:2d:d3:c0:42:21:e7:c4:63:c6:81:91:39:2d:
         7a:07:eb:ce:b0:49:f6:d1:6a:0a:be:a6:9e:73:a9:6d:a7:4f:
         34:18:d7:6f:59:cd:9a:be:3c:a3:04:8a:e7:96:5f:13:e5:1e:
         80:20:02:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fBr5HqX0/z/FvYU7txA3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjJkM2YyN2NjMDViZTU5MjRiYjdiZDg5MGY3ZTZkZWZm
YjQ5N2QwHhcNMjUwNjI4MTcwMDUzWhcNMjUwNjI5MTcwMDUzWjAzMTEwLwYDVQQD
Eyg4YzY5ZDUzMTFhODZkYWQxZDZiMDI2OTUwZTM2YmM0NWU5NDk0YWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAycTqdSV0tv+KaSoIGUMK6d0wVGjN
yZWuW7l35vryIziZJrLk1ZSnCrPxMIx/hq9pUF0eixn791RNC2QGyyAYTV7BRfpZ
MWp6gAcEO9YccAEwspE9qJb86GXtedPxSdZxuDZ0hV7zZMy9tLUjCotVtMn7ZCZt
QSSZDq/MrWgRLWsxhnb7uib6UPkGX+WlbyWhswKB4fGtWqsRtwj7/RUugQo6s0op
qijV80wOlxvaVZzQnIGvITgOQeU8GEsYSbtNPqyi4nCnRrajwnmb2uiKECLenacV
/btlJp0m/XFX6nrvReRcrz8/4WHks5K+5bsSitchwdoB2PqVO0GjDKSyDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIxp1TEahtrR1rAmlQ42vEXpSUq2MB8GA1UdIwQY
MBaAFFJi0/J8wFvlkku3vYkPfm3v+0l9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1MVDhuekFXLVdTUzdlOWlROS1iZV83U1gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS81OTc0ZDYtNmM2Ny00NDJiLTk5M2Et
N2FlNTk4N2JlZTYyLzEvVW1MVDhuekFXLVdTUzdlOWlROS1iZV83U1gwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS81OTc0ZDYtNmM2Ny00NDJiLTk5M2EtN2FlNTk4N2JlZTYy
LzEvVW1MVDhuekFXLVdTUzdlOWlROS1iZV83U1gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAusx7qJyN
JNomF79HHKXxcWpy8g8j1oIFrlQifrkXJ9UH4xLkXOK4q2savqBjk2hugz/8I9lT
Bqhltta5kfgYxAyMXkvH8zsQuvs2nIoplw8iiNu8bQRUv7e4WiP8aJmGveWoqrB4
RBVIQwMpUWYwTh6Y7ZpGyGXaNlYUTyQBGHNRtUv4HJl3ZQp29xL1vU+40n9WXWM6
EDAjsv2U0sSQ2fiKqQnbikwv29Ys4C/sqHRIGV6unrBiVhvo88oc46zNCodN1AaX
EqpWj2kt08BCIefEY8aBkTktegfrzrBJ9tFqCr6mnnOpbadPNBjXb1nNmr48owSK
55ZfE+UegCACHQ==
-----END CERTIFICATE-----