Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.mft
File:                     U3YJ5EhhINufF7bT10v4VfJxV18.mft (raw, json)
Hash identifier:          n1HjIK+Ey8wXzLMaXlZfN38J20usplt2glG9WXyIspk=
Subject key identifier:   42:D2:78:EA:EE:AD:B2:7E:E9:68:95:76:B9:25:D5:8B:B9:7A:1B:BB
Authority key identifier: 53:76:09:E4:48:61:20:DB:9F:17:B6:D3:D7:4B:F8:55:F2:71:57:5F
Certificate issuer:       /CN=537609e4486120db9f17b6d3d74bf855f271575f
Certificate serial:       0198D472FC086762456F65C65919C4D6BB53
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U3YJ5EhhINufF7bT10v4VfJxV18.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.mft
Manifest number:          0CC7
Signing time:             Sat 23 Aug 2025 01:02:41 +0000
Manifest this update:     Sat 23 Aug 2025 01:02:41 +0000
Manifest next update:     Sun 24 Aug 2025 01:02:41 +0000
Files and hashes:         1: U3YJ5EhhINufF7bT10v4VfJxV18.crl (hash: V+dCfS9LX+VI1XfsXOC9LE3e4R04ns0ELPaUwyWj3tA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U3YJ5EhhINufF7bT10v4VfJxV18.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 01:02:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:72:fc:08:67:62:45:6f:65:c6:59:19:c4:d6:bb:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=537609e4486120db9f17b6d3d74bf855f271575f
        Validity
            Not Before: Aug 23 01:02:41 2025 GMT
            Not After : Aug 24 01:02:41 2025 GMT
        Subject: CN=42d278eaeeadb27ee9689576b925d58bb97a1bbb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:40:85:cb:0e:5c:6b:86:14:fd:8d:ff:ce:1c:
                    72:b2:37:29:65:1e:0c:41:dd:4b:84:c2:36:c5:08:
                    db:ae:44:a3:e9:f6:14:9a:2c:f8:6b:b7:20:b2:17:
                    1b:5c:b5:57:7b:b1:a0:fc:d0:ca:17:56:35:46:e0:
                    32:9a:ef:e6:35:69:bd:b5:5d:5f:02:81:b9:fa:6d:
                    40:0c:57:f2:dd:18:79:80:2e:e2:6f:86:32:5f:8c:
                    13:57:7c:32:ac:25:4f:80:b9:00:42:39:2a:a8:cd:
                    14:49:e9:f6:e0:f2:9a:ac:a5:b3:a3:52:b3:c3:40:
                    39:c2:98:1b:04:d3:5b:f7:c4:c3:89:07:78:7d:1c:
                    01:64:97:ff:19:14:36:9f:2c:8f:d3:f5:d1:dc:39:
                    b6:b6:f0:c2:49:a0:97:d4:68:48:80:18:d2:61:f6:
                    18:16:9f:7e:0a:cc:f4:6e:97:57:4f:95:7e:c5:60:
                    ca:67:64:2d:51:b3:86:d8:6f:fd:9e:b1:a0:36:c6:
                    62:49:16:10:3a:74:0c:73:06:af:fd:30:45:e5:8f:
                    45:a1:b0:f3:fa:25:f5:c7:53:4f:6c:63:16:44:12:
                    68:c6:91:2b:e9:b3:f7:ee:5a:01:c1:05:34:a3:e9:
                    e7:ab:45:d2:91:08:84:31:dc:81:c7:ca:80:25:2f:
                    b5:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:D2:78:EA:EE:AD:B2:7E:E9:68:95:76:B9:25:D5:8B:B9:7A:1B:BB
            X509v3 Authority Key Identifier:
                keyid:53:76:09:E4:48:61:20:DB:9F:17:B6:D3:D7:4B:F8:55:F2:71:57:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U3YJ5EhhINufF7bT10v4VfJxV18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bd:c6:c2:9a:04:be:5c:d3:72:07:ba:82:52:84:0a:bf:68:b7:
         c0:2c:d0:2b:6a:14:fa:9b:5d:cb:3b:33:71:b8:1e:24:0d:4a:
         c4:ad:00:cd:bc:8e:77:ac:bf:fe:4d:6c:53:2b:53:75:95:84:
         27:d8:19:24:31:c9:1e:5e:4a:b8:16:25:01:48:58:c9:f4:a0:
         a3:41:7e:90:ef:f5:6b:08:fc:58:28:97:d8:ec:79:95:56:73:
         61:8e:28:65:e4:ae:ac:49:3f:91:8d:dc:a0:63:ee:b0:08:d4:
         39:18:82:5b:a7:f4:83:28:c9:d2:f8:90:b6:35:a1:93:f8:8e:
         a7:08:84:5d:88:d0:b1:0c:99:57:e3:0d:5d:37:7e:a5:9d:88:
         b8:8d:7d:71:1d:f5:a1:04:5e:9e:20:83:7b:0c:3f:ff:1a:c4:
         95:4b:30:a6:90:98:25:b9:2b:f0:75:ec:a1:25:f4:f0:e1:c5:
         f3:ed:f9:b1:4c:87:69:05:c9:5b:5d:3d:33:c0:40:3d:3f:91:
         78:4f:29:ee:74:db:df:73:d7:05:da:b2:7b:50:36:cc:4b:e6:
         b7:92:a6:dd:45:20:45:9a:0d:a1:ca:71:a0:99:7a:5c:ce:4b:
         98:53:a4:31:29:26:f5:28:33:fc:c2:45:fe:b4:10:bd:2d:b3:
         b1:81:03:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUcvwIZ2JFb2XGWRnE1rtTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNzYwOWU0NDg2MTIwZGI5ZjE3YjZkM2Q3NGJmODU1ZjI3
MTU3NWYwHhcNMjUwODIzMDEwMjQxWhcNMjUwODI0MDEwMjQxWjAzMTEwLwYDVQQD
Eyg0MmQyNzhlYWVlYWRiMjdlZTk2ODk1NzZiOTI1ZDU4YmI5N2ExYmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUCFyw5ca4YU/Y3/zhxysjcpZR4M
Qd1LhMI2xQjbrkSj6fYUmiz4a7cgshcbXLVXe7Gg/NDKF1Y1RuAymu/mNWm9tV1f
AoG5+m1ADFfy3Rh5gC7ib4YyX4wTV3wyrCVPgLkAQjkqqM0USen24PKarKWzo1Kz
w0A5wpgbBNNb98TDiQd4fRwBZJf/GRQ2nyyP0/XR3Dm2tvDCSaCX1GhIgBjSYfYY
Fp9+Csz0bpdXT5V+xWDKZ2QtUbOG2G/9nrGgNsZiSRYQOnQMcwav/TBF5Y9FobDz
+iX1x1NPbGMWRBJoxpEr6bP37loBwQU0o+nnq0XSkQiEMdyBx8qAJS+1ZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFELSeOrurbJ+6WiVdrkl1Yu5ehu7MB8GA1UdIwQY
MBaAFFN2CeRIYSDbnxe209dL+FXycVdfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTNZSjVFaGhJTnVmRjdiVDEwdjRWZkp4VjE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8wNWRiODAtMWJhZi00MzdhLWE0OGYt
ZDRkNDRiZDkxYWZlLzEvVTNZSjVFaGhJTnVmRjdiVDEwdjRWZkp4VjE4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8wNWRiODAtMWJhZi00MzdhLWE0OGYtZDRkNDRiZDkxYWZl
LzEvVTNZSjVFaGhJTnVmRjdiVDEwdjRWZkp4VjE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvcbCmgS+
XNNyB7qCUoQKv2i3wCzQK2oU+ptdyzszcbgeJA1KxK0AzbyOd6y//k1sUytTdZWE
J9gZJDHJHl5KuBYlAUhYyfSgo0F+kO/1awj8WCiX2Ox5lVZzYY4oZeSurEk/kY3c
oGPusAjUORiCW6f0gyjJ0viQtjWhk/iOpwiEXYjQsQyZV+MNXTd+pZ2IuI19cR31
oQReniCDeww//xrElUswppCYJbkr8HXsoSX08OHF8+35sUyHaQXJW109M8BAPT+R
eE8p7nTb33PXBdqye1A2zEvmt5Km3UUgRZoNocpxoJl6XM5LmFOkMSkm9Sgz/MJF
/rQQvS2zsYEDZA==
-----END CERTIFICATE-----