Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.mft
File:                     GAIUWTANFfrFUHBc9uJYmZ09hro.mft (raw, json)
Hash identifier:          AVXEFiVriUsme7ohxouWwrxYjyVMNBwVkCl4GafnAL0=
Subject key identifier:   67:C1:BC:DF:F1:6A:DB:68:DF:CE:B7:F1:A7:7B:05:1F:77:EE:DD:26
Authority key identifier: 18:02:14:59:30:0D:15:FA:C5:50:70:5C:F6:E2:58:99:9D:3D:86:BA
Certificate issuer:       /CN=18021459300d15fac550705cf6e258999d3d86ba
Certificate serial:       019880C1D4D029415DEAC5E51AEE8E5D6BF9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GAIUWTANFfrFUHBc9uJYmZ09hro.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.mft
Manifest number:          0B00
Signing time:             Wed 06 Aug 2025 19:00:43 +0000
Manifest this update:     Wed 06 Aug 2025 19:00:43 +0000
Manifest next update:     Thu 07 Aug 2025 19:00:43 +0000
Files and hashes:         1: GAIUWTANFfrFUHBc9uJYmZ09hro.crl (hash: 0ojoKfVjyRLj9h3uNHvDrUqu2xng26yGjiILVAAxkkw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GAIUWTANFfrFUHBc9uJYmZ09hro.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 19:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:80:c1:d4:d0:29:41:5d:ea:c5:e5:1a:ee:8e:5d:6b:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18021459300d15fac550705cf6e258999d3d86ba
        Validity
            Not Before: Aug  6 19:00:43 2025 GMT
            Not After : Aug  7 19:00:43 2025 GMT
        Subject: CN=67c1bcdff16adb68dfceb7f1a77b051f77eedd26
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:87:f1:34:42:1f:a5:14:cc:58:74:46:af:a1:
                    ab:90:dc:fe:e8:4d:38:ba:0b:a5:59:58:65:e7:c1:
                    19:2e:ea:64:7a:ec:ef:ea:ef:03:09:48:29:05:2b:
                    48:4e:ca:5c:bf:07:c8:35:aa:90:86:40:a0:ad:dc:
                    f4:85:6a:47:56:76:ff:40:86:34:a6:f9:de:1b:04:
                    7d:7a:36:b4:2f:df:8c:84:5f:9e:c4:5c:48:61:03:
                    46:73:a1:58:73:a6:05:cd:6c:59:3f:76:1b:37:d4:
                    ce:8c:6f:e2:ae:f1:16:1b:4e:d8:c8:41:c8:35:9d:
                    71:53:ff:d0:f7:59:a6:f3:52:59:5e:cf:8f:34:e2:
                    81:46:86:e7:43:db:0d:3b:97:c5:60:b8:33:49:09:
                    20:18:73:dd:e6:54:00:4b:74:2d:b1:aa:61:26:45:
                    b0:2b:96:fe:aa:78:8f:82:93:ce:8a:c8:6c:44:d6:
                    5d:6c:c7:59:67:d7:e2:47:cd:85:35:fe:e6:49:e2:
                    10:79:e6:2d:04:0d:8c:89:85:b9:91:6d:a7:1a:9c:
                    41:2c:27:1a:48:c7:f5:ae:65:33:e0:54:fb:eb:8c:
                    5b:69:75:02:88:20:b0:7b:88:cd:69:5c:5b:71:94:
                    09:9f:b9:75:73:90:3b:a8:09:29:1b:fb:99:d4:b8:
                    aa:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:C1:BC:DF:F1:6A:DB:68:DF:CE:B7:F1:A7:7B:05:1F:77:EE:DD:26
            X509v3 Authority Key Identifier:
                keyid:18:02:14:59:30:0D:15:FA:C5:50:70:5C:F6:E2:58:99:9D:3D:86:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GAIUWTANFfrFUHBc9uJYmZ09hro.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:73:dc:95:4a:b6:0b:71:76:99:96:89:84:dc:e3:fa:05:9b:
         b9:b7:9a:1a:1a:fe:06:07:cc:4e:4f:18:df:0f:8c:e2:9f:6d:
         cf:0b:0c:be:31:4c:ef:06:78:47:8a:8c:e3:3c:fe:d7:a5:b1:
         94:cd:83:73:10:5c:15:23:b2:1a:e0:d1:fc:2a:33:a1:0c:79:
         14:2f:e3:50:8b:72:9c:c9:ff:bb:c4:90:78:7d:9b:65:85:55:
         49:b9:0b:36:8d:2c:db:64:da:1f:66:56:1d:4c:a3:f4:e9:3b:
         5a:4b:44:2a:8c:ac:85:43:4b:0f:87:49:f8:22:99:39:c0:3c:
         13:d8:2e:57:a0:0d:9c:91:b2:64:dc:a4:38:36:73:1f:be:86:
         23:9a:ca:a0:83:f7:35:0c:d8:88:45:5a:23:c1:6b:f6:90:dd:
         fe:fc:e0:8d:a2:e5:32:60:60:a0:86:67:0f:e6:23:66:ae:48:
         31:f7:0e:6d:17:54:2d:cc:bf:10:dc:e6:2d:02:eb:f7:e8:a6:
         1b:46:f2:f1:a7:d0:0a:95:9c:ad:90:1e:91:23:7b:da:f0:56:
         a8:78:fd:63:c8:26:ea:7c:b3:eb:8c:98:ad:79:7a:1c:f5:93:
         ea:3d:09:ea:51:0f:8c:89:ec:2b:c0:90:22:8e:85:75:e8:72:
         21:12:eb:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiAwdTQKUFd6sXlGu6OXWv5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MDIxNDU5MzAwZDE1ZmFjNTUwNzA1Y2Y2ZTI1ODk5OWQz
ZDg2YmEwHhcNMjUwODA2MTkwMDQzWhcNMjUwODA3MTkwMDQzWjAzMTEwLwYDVQQD
Eyg2N2MxYmNkZmYxNmFkYjY4ZGZjZWI3ZjFhNzdiMDUxZjc3ZWVkZDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqofxNEIfpRTMWHRGr6GrkNz+6E04
ugulWVhl58EZLupkeuzv6u8DCUgpBStITspcvwfINaqQhkCgrdz0hWpHVnb/QIY0
pvneGwR9eja0L9+MhF+exFxIYQNGc6FYc6YFzWxZP3YbN9TOjG/irvEWG07YyEHI
NZ1xU//Q91mm81JZXs+PNOKBRobnQ9sNO5fFYLgzSQkgGHPd5lQAS3QtsaphJkWw
K5b+qniPgpPOishsRNZdbMdZZ9fiR82FNf7mSeIQeeYtBA2MiYW5kW2nGpxBLCca
SMf1rmUz4FT764xbaXUCiCCwe4jNaVxbcZQJn7l1c5A7qAkpG/uZ1LiqJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGfBvN/xatto38638ad7BR937t0mMB8GA1UdIwQY
MBaAFBgCFFkwDRX6xVBwXPbiWJmdPYa6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0FJVVdUQU5GZnJGVUhCYzl1SlltWjA5aHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83ZDMzMjctNzA4NC00Y2VkLTk5Njct
OTIyNGNlMmU5NjVhLzEvR0FJVVdUQU5GZnJGVUhCYzl1SlltWjA5aHJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83ZDMzMjctNzA4NC00Y2VkLTk5NjctOTIyNGNlMmU5NjVh
LzEvR0FJVVdUQU5GZnJGVUhCYzl1SlltWjA5aHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdnPclUq2
C3F2mZaJhNzj+gWbubeaGhr+BgfMTk8Y3w+M4p9tzwsMvjFM7wZ4R4qM4zz+16Wx
lM2DcxBcFSOyGuDR/CozoQx5FC/jUItynMn/u8SQeH2bZYVVSbkLNo0s22TaH2ZW
HUyj9Ok7WktEKoyshUNLD4dJ+CKZOcA8E9guV6ANnJGyZNykODZzH76GI5rKoIP3
NQzYiEVaI8Fr9pDd/vzgjaLlMmBgoIZnD+YjZq5IMfcObRdULcy/ENzmLQLr9+im
G0by8afQCpWcrZAekSN72vBWqHj9Y8gm6nyz64yYrXl6HPWT6j0J6lEPjInsK8CQ
Io6FdehyIRLrfQ==
-----END CERTIFICATE-----