Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
File:                     5LDTY6ChegaEUahRRc5PpGTX-hs.mft (raw, json)
Hash identifier:          cUNB0ymCiOHLG1gs2GRqNRaTy2dDzPUnrNw4G5tumUA=
Subject key identifier:   38:75:A6:DA:37:65:A0:2E:E1:66:A4:A7:DC:E5:45:3F:32:C0:7C:52
Authority key identifier: E4:B0:D3:63:A0:A1:7A:06:84:51:A8:51:45:CE:4F:A4:64:D7:FA:1B
Certificate issuer:       /CN=e4b0d363a0a17a068451a85145ce4fa464d7fa1b
Certificate serial:       01987D8A2F5B2CF588FCDA55C391A9F97B9A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
Manifest number:          0F4D
Signing time:             Wed 06 Aug 2025 04:01:04 +0000
Manifest this update:     Wed 06 Aug 2025 04:01:04 +0000
Manifest next update:     Thu 07 Aug 2025 04:01:04 +0000
Files and hashes:         1: 5LDTY6ChegaEUahRRc5PpGTX-hs.crl (hash: MLbQapsZVpsWWYRP9mhHAGlf41cu+f0jpN0LtCWVDOI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 04:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7d:8a:2f:5b:2c:f5:88:fc:da:55:c3:91:a9:f9:7b:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e4b0d363a0a17a068451a85145ce4fa464d7fa1b
        Validity
            Not Before: Aug  6 04:01:04 2025 GMT
            Not After : Aug  7 04:01:04 2025 GMT
        Subject: CN=3875a6da3765a02ee166a4a7dce5453f32c07c52
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:c8:e4:51:88:5c:9a:a7:55:f7:d7:90:ae:f7:
                    83:09:2c:c1:76:e4:98:04:2b:f3:9e:c6:59:62:ac:
                    4f:4e:25:6a:9f:25:93:e4:c7:85:79:ef:20:98:74:
                    44:34:8f:f8:19:96:e2:e7:ef:9b:34:28:83:3d:b5:
                    a9:62:fc:6e:5c:5f:7d:85:af:c5:7f:a5:31:f7:b7:
                    cb:e0:f0:cb:43:f8:cd:43:c9:69:4c:8a:c2:ff:8a:
                    f4:c6:9c:12:d5:10:0b:c5:88:6b:1a:6f:db:56:94:
                    85:b2:b6:3e:24:f5:a5:b8:e3:04:e4:dc:20:2a:fb:
                    86:5a:78:48:0a:04:c8:5c:26:7c:7b:a1:ba:52:6f:
                    26:db:a4:89:85:0c:16:98:c1:75:24:b3:09:09:94:
                    0c:aa:b3:c9:3f:75:60:0f:e5:2f:aa:0e:25:ac:eb:
                    06:67:f3:98:49:ca:e9:81:5c:79:be:7a:da:83:c5:
                    02:cf:dc:e1:8f:2e:5b:2c:91:e5:ba:62:f5:56:35:
                    2b:0b:cc:07:3b:fa:04:9c:1a:cb:23:fa:96:5a:fd:
                    67:fc:f4:0e:68:e4:3f:cf:cc:4b:16:6a:6b:5b:ea:
                    83:15:4e:70:5a:d7:6c:18:87:03:28:1f:83:3d:70:
                    7b:a3:f1:1c:b5:df:9c:ce:7b:8e:be:f4:2b:31:cc:
                    f2:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:75:A6:DA:37:65:A0:2E:E1:66:A4:A7:DC:E5:45:3F:32:C0:7C:52
            X509v3 Authority Key Identifier:
                keyid:E4:B0:D3:63:A0:A1:7A:06:84:51:A8:51:45:CE:4F:A4:64:D7:FA:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:42:0b:07:77:ca:4a:1d:f6:4b:ec:76:94:39:dd:01:e3:f6:
         c1:27:18:d5:60:fe:77:39:dd:3d:76:7e:53:1b:d3:44:ca:c7:
         d3:05:33:fa:c8:26:3b:f0:90:74:76:29:ff:df:f0:88:be:0e:
         c8:76:0b:3e:19:87:10:60:5f:e9:87:13:17:d1:9a:fd:3b:f4:
         bd:12:c6:fc:6f:5c:d9:22:12:62:7c:89:cc:06:41:66:f2:7b:
         91:cb:1c:79:dc:2b:a9:52:79:18:13:dc:7c:b9:3a:98:8c:e1:
         37:28:24:7a:f9:7f:39:e7:f2:2d:55:53:f5:6b:72:ca:e2:a4:
         06:c5:9e:6a:b8:fe:2f:3f:e9:80:a5:92:f1:68:36:1f:ef:dd:
         9c:40:5c:52:53:ad:0c:87:8e:09:6e:3e:66:72:1b:8a:6e:a1:
         89:07:19:cf:e1:bf:1a:2e:43:6e:06:51:f2:56:99:37:7e:03:
         6a:6d:2e:78:69:22:02:e9:a8:67:10:6d:4a:93:fc:16:03:b1:
         bd:a1:f3:7f:1c:40:fe:2f:16:b4:3b:6e:ac:29:b6:74:53:1b:
         9e:a4:6b:3f:6d:e7:d9:2c:4e:12:84:f7:0e:6f:af:3f:44:3b:
         23:8e:fa:5d:57:68:51:5c:3a:73:fe:cf:b2:f7:70:4b:f4:08:
         e4:a5:9f:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh9ii9bLPWI/NpVw5Gp+XuaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YjBkMzYzYTBhMTdhMDY4NDUxYTg1MTQ1Y2U0ZmE0NjRk
N2ZhMWIwHhcNMjUwODA2MDQwMTA0WhcNMjUwODA3MDQwMTA0WjAzMTEwLwYDVQQD
EygzODc1YTZkYTM3NjVhMDJlZTE2NmE0YTdkY2U1NDUzZjMyYzA3YzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6MjkUYhcmqdV99eQrveDCSzBduSY
BCvznsZZYqxPTiVqnyWT5MeFee8gmHRENI/4GZbi5++bNCiDPbWpYvxuXF99ha/F
f6Ux97fL4PDLQ/jNQ8lpTIrC/4r0xpwS1RALxYhrGm/bVpSFsrY+JPWluOME5Nwg
KvuGWnhICgTIXCZ8e6G6Um8m26SJhQwWmMF1JLMJCZQMqrPJP3VgD+Uvqg4lrOsG
Z/OYScrpgVx5vnrag8UCz9zhjy5bLJHlumL1VjUrC8wHO/oEnBrLI/qWWv1n/PQO
aOQ/z8xLFmprW+qDFU5wWtdsGIcDKB+DPXB7o/Ectd+cznuOvvQrMczydwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDh1pto3ZaAu4Wakp9zlRT8ywHxSMB8GA1UdIwQY
MBaAFOSw02OgoXoGhFGoUUXOT6Rk1/obMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS80NzUzZDMtYTFlOS00ZmQ1LWFlZmUt
N2M3ZDhhNzhhOTYzLzEvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS80NzUzZDMtYTFlOS00ZmQ1LWFlZmUtN2M3ZDhhNzhhOTYz
LzEvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcUILB3fK
Sh32S+x2lDndAeP2wScY1WD+dzndPXZ+UxvTRMrH0wUz+sgmO/CQdHYp/9/wiL4O
yHYLPhmHEGBf6YcTF9Ga/Tv0vRLG/G9c2SISYnyJzAZBZvJ7kcscedwrqVJ5GBPc
fLk6mIzhNygkevl/OefyLVVT9WtyyuKkBsWearj+Lz/pgKWS8Wg2H+/dnEBcUlOt
DIeOCW4+ZnIbim6hiQcZz+G/Gi5DbgZR8laZN34Dam0ueGkiAumoZxBtSpP8FgOx
vaHzfxxA/i8WtDturCm2dFMbnqRrP23n2SxOEoT3Dm+vP0Q7I476XVdoUVw6c/7P
svdwS/QI5KWfTg==
-----END CERTIFICATE-----