Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/3fa711-06b0-41e3-9c72-3cb9e102afe0/1/EXFkHxV8tXtTJiY1nnFYJ0LC3Ms.mft
File:                     EXFkHxV8tXtTJiY1nnFYJ0LC3Ms.mft (raw, json)
Hash identifier:          8K70vFIQen87kSq1NFbv81One2/suRyPagVeifsefZc=
Subject key identifier:   33:B5:77:02:69:C3:5C:A7:A8:3D:AD:E0:B9:C0:9F:64:8D:07:6B:BF
Authority key identifier: 11:71:64:1F:15:7C:B5:7B:53:26:26:35:9E:71:58:27:42:C2:DC:CB
Certificate issuer:       /CN=1171641f157cb57b532626359e71582742c2dccb
Certificate serial:       0197B7EA82B0F5348E16D36A83B9CD1E4585
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EXFkHxV8tXtTJiY1nnFYJ0LC3Ms.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/3fa711-06b0-41e3-9c72-3cb9e102afe0/1/EXFkHxV8tXtTJiY1nnFYJ0LC3Ms.mft
Manifest number:          1487
Signing time:             Sat 28 Jun 2025 19:01:28 +0000
Manifest this update:     Sat 28 Jun 2025 19:01:28 +0000
Manifest next update:     Sun 29 Jun 2025 19:01:28 +0000
Files and hashes:         1: EXFkHxV8tXtTJiY1nnFYJ0LC3Ms.crl (hash: s+H039QgLd3RBUwuZ3W6ppJ6Y/UgbJYKSiLln9WYszc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/3fa711-06b0-41e3-9c72-3cb9e102afe0/1/EXFkHxV8tXtTJiY1nnFYJ0LC3Ms.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/3fa711-06b0-41e3-9c72-3cb9e102afe0/1/EXFkHxV8tXtTJiY1nnFYJ0LC3Ms.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EXFkHxV8tXtTJiY1nnFYJ0LC3Ms.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:ea:82:b0:f5:34:8e:16:d3:6a:83:b9:cd:1e:45:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1171641f157cb57b532626359e71582742c2dccb
        Validity
            Not Before: Jun 28 19:01:28 2025 GMT
            Not After : Jun 29 19:01:28 2025 GMT
        Subject: CN=33b5770269c35ca7a83dade0b9c09f648d076bbf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:90:ae:74:78:3a:37:fb:37:19:ce:7e:a0:cb:
                    2c:b1:0e:03:22:62:6b:67:aa:9e:b4:db:a0:2b:15:
                    64:fd:87:96:01:c8:2e:5b:2b:26:77:e2:bf:3c:8b:
                    67:d0:a0:6c:4f:c7:a4:df:32:b7:d3:69:4d:62:fb:
                    40:97:6d:18:42:bb:33:4f:da:13:59:70:8b:72:d9:
                    c6:98:37:47:f8:e6:54:1d:e7:01:e2:7c:92:5d:4c:
                    ca:28:78:79:c7:f9:3e:aa:2e:42:fe:d1:3f:a7:b7:
                    9b:45:97:1c:77:04:ef:0e:5e:8c:85:af:8f:3f:5d:
                    63:bb:0c:25:6d:ec:53:27:03:9a:a1:e7:9a:b6:dd:
                    f5:8f:6c:d2:98:cc:5e:7a:87:8b:a4:48:3b:0d:d8:
                    79:3d:ea:d9:84:b9:33:a7:8f:f7:96:44:e9:cf:01:
                    15:5d:7f:4f:a6:a5:3f:ab:83:1e:c5:92:d4:eb:d0:
                    e3:36:8b:22:0b:bc:bd:03:24:5b:ce:e4:38:ee:5d:
                    13:b0:89:79:cd:71:d4:4a:0d:08:35:48:31:3c:28:
                    78:6b:2e:d0:26:5f:bb:b2:e2:a6:d0:80:1f:a3:36:
                    90:6e:4a:aa:3f:84:6c:8c:50:11:f6:1d:06:37:95:
                    05:57:16:85:69:db:af:90:0d:01:e1:b2:77:f9:26:
                    c9:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:B5:77:02:69:C3:5C:A7:A8:3D:AD:E0:B9:C0:9F:64:8D:07:6B:BF
            X509v3 Authority Key Identifier:
                keyid:11:71:64:1F:15:7C:B5:7B:53:26:26:35:9E:71:58:27:42:C2:DC:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EXFkHxV8tXtTJiY1nnFYJ0LC3Ms.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/3fa711-06b0-41e3-9c72-3cb9e102afe0/1/EXFkHxV8tXtTJiY1nnFYJ0LC3Ms.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/3fa711-06b0-41e3-9c72-3cb9e102afe0/1/EXFkHxV8tXtTJiY1nnFYJ0LC3Ms.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ad:f9:19:e4:cd:01:d4:13:c1:c6:46:58:d4:90:09:c8:f3:c1:
         21:4c:ea:3e:46:48:6c:d8:32:4f:dc:fc:07:34:f7:33:35:3f:
         a3:fa:08:f0:c7:27:18:41:20:72:91:91:2c:c3:bd:60:10:0b:
         e3:1c:b3:78:6c:3c:36:65:5c:94:38:dd:e5:9a:c0:3a:02:60:
         c5:33:19:67:96:cc:db:a6:ce:d9:0a:9c:10:1f:da:af:bf:f2:
         20:34:bc:ac:36:9a:f8:41:2d:f8:d0:a1:fc:aa:0c:0b:55:03:
         15:f2:3d:18:7c:62:b0:5a:61:7e:a5:08:0b:9e:e3:37:ea:a4:
         70:00:84:c3:8d:b0:60:ff:ce:c9:1c:8c:d9:fc:f3:6c:bf:49:
         55:77:26:27:53:90:e0:a4:67:f1:0a:f7:9b:c9:7f:9a:42:00:
         eb:c5:05:f5:8b:ba:9a:92:63:61:61:51:70:8e:46:c8:77:cd:
         ce:51:91:83:a8:55:73:9e:e5:65:67:42:da:00:62:ea:6e:42:
         32:a8:82:75:dd:73:3a:a9:ac:df:1f:ee:e9:e9:94:96:50:c0:
         3a:86:7e:20:82:85:0a:c6:2a:0b:98:a2:95:7c:bb:d7:76:5c:
         66:af:fe:56:b1:e3:05:59:da:e4:e9:b6:19:b4:8d:da:39:0a:
         4e:55:27:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36oKw9TSOFtNqg7nNHkWFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExNzE2NDFmMTU3Y2I1N2I1MzI2MjYzNTllNzE1ODI3NDJj
MmRjY2IwHhcNMjUwNjI4MTkwMTI4WhcNMjUwNjI5MTkwMTI4WjAzMTEwLwYDVQQD
EygzM2I1NzcwMjY5YzM1Y2E3YTgzZGFkZTBiOWMwOWY2NDhkMDc2YmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4pCudHg6N/s3Gc5+oMsssQ4DImJr
Z6qetNugKxVk/YeWAcguWysmd+K/PItn0KBsT8ek3zK302lNYvtAl20YQrszT9oT
WXCLctnGmDdH+OZUHecB4nySXUzKKHh5x/k+qi5C/tE/p7ebRZccdwTvDl6Mha+P
P11juwwlbexTJwOaoeeatt31j2zSmMxeeoeLpEg7Ddh5PerZhLkzp4/3lkTpzwEV
XX9PpqU/q4MexZLU69DjNosiC7y9AyRbzuQ47l0TsIl5zXHUSg0INUgxPCh4ay7Q
Jl+7suKm0IAfozaQbkqqP4RsjFAR9h0GN5UFVxaFaduvkA0B4bJ3+SbJzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDO1dwJpw1ynqD2t4LnAn2SNB2u/MB8GA1UdIwQY
MBaAFBFxZB8VfLV7UyYmNZ5xWCdCwtzLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVhGa0h4Vjh0WHRUSmlZMW5uRllKMExDM01zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8zZmE3MTEtMDZiMC00MWUzLTljNzIt
M2NiOWUxMDJhZmUwLzEvRVhGa0h4Vjh0WHRUSmlZMW5uRllKMExDM01zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy8zZmE3MTEtMDZiMC00MWUzLTljNzItM2NiOWUxMDJhZmUw
LzEvRVhGa0h4Vjh0WHRUSmlZMW5uRllKMExDM01zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArfkZ5M0B
1BPBxkZY1JAJyPPBIUzqPkZIbNgyT9z8BzT3MzU/o/oI8McnGEEgcpGRLMO9YBAL
4xyzeGw8NmVclDjd5ZrAOgJgxTMZZ5bM26bO2QqcEB/ar7/yIDS8rDaa+EEt+NCh
/KoMC1UDFfI9GHxisFphfqUIC57jN+qkcACEw42wYP/OyRyM2fzzbL9JVXcmJ1OQ
4KRn8Qr3m8l/mkIA68UF9Yu6mpJjYWFRcI5GyHfNzlGRg6hVc57lZWdC2gBi6m5C
MqiCdd1zOqms3x/u6emUllDAOoZ+IIKFCsYqC5iilXy713ZcZq/+VrHjBVna5Om2
GbSN2jkKTlUn9w==
-----END CERTIFICATE-----