Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/9d59e1-7a67-469d-b4da-8b3372234dc0/1/I3yDRH0XGDOA9Im8lGyLnjAP-x0.mft
File:                     I3yDRH0XGDOA9Im8lGyLnjAP-x0.mft (raw, json)
Hash identifier:          +eZvw/5Oc5HOwjdG7a+I36KE5dzNdZtHEIT4RyoPyrM=
Subject key identifier:   83:38:52:C5:7D:4E:1A:44:4D:A2:AC:DF:33:71:5D:FE:47:6D:19:19
Authority key identifier: 23:7C:83:44:7D:17:18:33:80:F4:89:BC:94:6C:8B:9E:30:0F:FB:1D
Certificate issuer:       /CN=237c83447d17183380f489bc946c8b9e300ffb1d
Certificate serial:       0197B96A9C55FA44EF0F0B07260F20BB3502
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I3yDRH0XGDOA9Im8lGyLnjAP-x0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/9d59e1-7a67-469d-b4da-8b3372234dc0/1/I3yDRH0XGDOA9Im8lGyLnjAP-x0.mft
Manifest number:          12CD
Signing time:             Sun 29 Jun 2025 02:01:01 +0000
Manifest this update:     Sun 29 Jun 2025 02:01:01 +0000
Manifest next update:     Mon 30 Jun 2025 02:01:01 +0000
Files and hashes:         1: I3yDRH0XGDOA9Im8lGyLnjAP-x0.crl (hash: HqYi6cpuUwr/dCUd9Sx+ujbzoj8TTMFK/tDwNSdhy58=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e5/9d59e1-7a67-469d-b4da-8b3372234dc0/1/I3yDRH0XGDOA9Im8lGyLnjAP-x0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e5/9d59e1-7a67-469d-b4da-8b3372234dc0/1/I3yDRH0XGDOA9Im8lGyLnjAP-x0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I3yDRH0XGDOA9Im8lGyLnjAP-x0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 00:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b9:6a:9c:55:fa:44:ef:0f:0b:07:26:0f:20:bb:35:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=237c83447d17183380f489bc946c8b9e300ffb1d
        Validity
            Not Before: Jun 29 02:01:01 2025 GMT
            Not After : Jun 30 02:01:01 2025 GMT
        Subject: CN=833852c57d4e1a444da2acdf33715dfe476d1919
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:91:cc:7d:48:e6:45:72:73:a3:60:7b:7f:20:
                    79:10:02:3c:63:7e:b7:4d:0b:50:40:13:8c:32:40:
                    c6:e5:b7:42:b4:6b:d1:df:8f:4d:bb:2f:93:33:85:
                    db:31:ef:40:01:7f:be:2b:30:7e:55:a0:8f:db:45:
                    30:ac:7f:19:00:67:74:8d:46:d6:88:5b:5e:45:77:
                    09:23:31:42:08:24:0c:d9:b6:69:65:ae:52:00:7a:
                    56:e9:30:d4:64:17:e3:6b:ce:76:fa:60:6a:fd:1d:
                    50:ed:dc:5f:99:61:55:cf:c8:8e:cc:54:c3:d7:9c:
                    98:6a:eb:5a:87:28:35:44:56:e2:79:3f:cc:83:b2:
                    5d:c6:4c:f5:1b:70:49:15:b9:15:fa:07:d8:10:46:
                    78:68:e3:9c:87:fa:40:e8:4e:1e:ac:ba:d3:19:9c:
                    51:eb:8f:7e:df:e9:20:74:43:3c:f8:af:ed:d2:a1:
                    39:7d:dc:c6:04:18:cf:7c:09:ff:f0:3c:d1:32:5d:
                    4e:26:87:8b:e9:bf:ab:6a:ca:92:23:2d:66:35:64:
                    5f:c7:8d:b1:20:19:2c:1c:22:ff:f7:02:36:5c:e9:
                    d7:8e:61:e4:ee:1d:47:f2:76:39:11:c6:2c:d3:8a:
                    78:d2:8a:e1:bf:64:12:36:98:2a:a9:07:cf:62:ca:
                    ed:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:38:52:C5:7D:4E:1A:44:4D:A2:AC:DF:33:71:5D:FE:47:6D:19:19
            X509v3 Authority Key Identifier:
                keyid:23:7C:83:44:7D:17:18:33:80:F4:89:BC:94:6C:8B:9E:30:0F:FB:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I3yDRH0XGDOA9Im8lGyLnjAP-x0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/9d59e1-7a67-469d-b4da-8b3372234dc0/1/I3yDRH0XGDOA9Im8lGyLnjAP-x0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/9d59e1-7a67-469d-b4da-8b3372234dc0/1/I3yDRH0XGDOA9Im8lGyLnjAP-x0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:2d:06:9e:4d:03:5c:e5:ba:de:79:70:b4:d2:7c:a0:91:8c:
         81:25:26:a7:53:18:0a:b1:ca:32:af:7d:f6:e6:d9:84:cb:46:
         14:39:7e:b1:57:af:2d:e1:72:0d:f5:a6:87:97:f5:0c:15:af:
         1b:90:86:ee:f1:69:40:a3:a6:a7:3c:15:86:76:2d:99:e4:da:
         ed:88:5b:cd:c6:43:f8:43:71:c0:6d:e4:43:48:86:be:7a:97:
         27:07:d7:c3:f4:f4:f5:b1:b7:16:61:7a:be:4e:e8:f1:9d:a1:
         c9:f1:92:81:81:91:32:03:a2:25:53:a7:53:f7:ae:23:d6:d1:
         f2:12:99:a9:a2:b8:2e:2d:4c:2d:ac:45:65:4a:a6:db:59:26:
         f0:99:8d:67:00:26:36:e4:bf:aa:fc:f9:9a:82:a0:61:1b:1c:
         ff:54:a6:8e:3b:a2:81:5b:90:06:d1:1e:c2:1d:a4:89:54:fd:
         f6:d7:3a:9c:c1:28:8b:fd:b1:99:a2:ad:b6:37:3d:64:98:fc:
         5d:dc:d6:44:9e:6d:97:ca:f0:12:cd:9d:b8:c4:65:3b:75:f7:
         6b:b0:de:05:33:ea:2f:65:20:1d:e2:92:7c:e6:a9:16:39:d6:
         21:4c:dc:1c:0e:f9:00:72:c2:01:fa:d7:fb:5d:18:74:c3:a5:
         8e:c8:74:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe5apxV+kTvDwsHJg8guzUCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzN2M4MzQ0N2QxNzE4MzM4MGY0ODliYzk0NmM4YjllMzAw
ZmZiMWQwHhcNMjUwNjI5MDIwMTAxWhcNMjUwNjMwMDIwMTAxWjAzMTEwLwYDVQQD
Eyg4MzM4NTJjNTdkNGUxYTQ0NGRhMmFjZGYzMzcxNWRmZTQ3NmQxOTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJHMfUjmRXJzo2B7fyB5EAI8Y363
TQtQQBOMMkDG5bdCtGvR349Nuy+TM4XbMe9AAX++KzB+VaCP20UwrH8ZAGd0jUbW
iFteRXcJIzFCCCQM2bZpZa5SAHpW6TDUZBfja852+mBq/R1Q7dxfmWFVz8iOzFTD
15yYautahyg1RFbieT/Mg7Jdxkz1G3BJFbkV+gfYEEZ4aOOch/pA6E4erLrTGZxR
649+3+kgdEM8+K/t0qE5fdzGBBjPfAn/8DzRMl1OJoeL6b+rasqSIy1mNWRfx42x
IBksHCL/9wI2XOnXjmHk7h1H8nY5EcYs04p40orhv2QSNpgqqQfPYsrtpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIM4UsV9ThpETaKs3zNxXf5HbRkZMB8GA1UdIwQY
MBaAFCN8g0R9FxgzgPSJvJRsi54wD/sdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTN5RFJIMFhHRE9BOUltOGxHeUxuakFQLXgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS85ZDU5ZTEtN2E2Ny00NjlkLWI0ZGEt
OGIzMzcyMjM0ZGMwLzEvSTN5RFJIMFhHRE9BOUltOGxHeUxuakFQLXgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS85ZDU5ZTEtN2E2Ny00NjlkLWI0ZGEtOGIzMzcyMjM0ZGMw
LzEvSTN5RFJIMFhHRE9BOUltOGxHeUxuakFQLXgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAey0Gnk0D
XOW63nlwtNJ8oJGMgSUmp1MYCrHKMq999ubZhMtGFDl+sVevLeFyDfWmh5f1DBWv
G5CG7vFpQKOmpzwVhnYtmeTa7YhbzcZD+ENxwG3kQ0iGvnqXJwfXw/T09bG3FmF6
vk7o8Z2hyfGSgYGRMgOiJVOnU/euI9bR8hKZqaK4Li1MLaxFZUqm21km8JmNZwAm
NuS/qvz5moKgYRsc/1SmjjuigVuQBtEewh2kiVT99tc6nMEoi/2xmaKttjc9ZJj8
XdzWRJ5tl8rwEs2duMRlO3X3a7DeBTPqL2UgHeKSfOapFjnWIUzcHA75AHLCAfrX
+10YdMOljsh0sw==
-----END CERTIFICATE-----