Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft
File:                     gY1FuJShqq5kDmhOV8_bUw36umk.mft (raw, json)
Hash identifier:          tLR5ak6cEvMU+YIkc3qvqpHrh68EKk/50ruk3+/+dOs=
Subject key identifier:   B7:33:FB:AB:7F:22:13:78:D0:F9:4E:B2:72:AB:3A:EE:4F:DE:A4:31
Authority key identifier: 81:8D:45:B8:94:A1:AA:AE:64:0E:68:4E:57:CF:DB:53:0D:FA:BA:69
Certificate issuer:       /CN=818d45b894a1aaae640e684e57cfdb530dfaba69
Certificate serial:       01989336973BA6650657596861707FA4B89C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gY1FuJShqq5kDmhOV8_bUw36umk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft
Manifest number:          0AB5
Signing time:             Sun 10 Aug 2025 09:01:25 +0000
Manifest this update:     Sun 10 Aug 2025 09:01:25 +0000
Manifest next update:     Mon 11 Aug 2025 09:01:25 +0000
Files and hashes:         1: gY1FuJShqq5kDmhOV8_bUw36umk.crl (hash: 5IF9o22lJG/qTzIq0pvwnNuVwSTn4r0p3YeUatxoAro=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gY1FuJShqq5kDmhOV8_bUw36umk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 09:01:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:93:36:97:3b:a6:65:06:57:59:68:61:70:7f:a4:b8:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=818d45b894a1aaae640e684e57cfdb530dfaba69
        Validity
            Not Before: Aug 10 09:01:25 2025 GMT
            Not After : Aug 11 09:01:25 2025 GMT
        Subject: CN=b733fbab7f221378d0f94eb272ab3aee4fdea431
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:88:10:51:8d:9f:1c:7f:7a:db:22:0f:22:f4:
                    3e:1d:e1:cd:f1:e0:da:3f:ee:f8:a5:35:bb:34:2f:
                    87:3c:6c:a3:38:d4:63:b3:16:42:9a:ac:6e:86:a0:
                    0f:52:1b:43:ff:05:d8:ce:53:15:2e:70:e1:4b:52:
                    4d:4e:97:fe:f0:c8:5b:a0:14:e1:c0:e5:ec:8c:d7:
                    b3:56:66:8d:ed:50:b5:1f:c4:14:0f:d9:28:2f:60:
                    81:92:15:27:97:de:54:c1:47:8f:a6:36:ac:6b:1d:
                    f8:03:3c:cc:0f:37:e5:18:6e:05:6f:89:d6:b2:98:
                    33:fc:39:de:bf:1f:e5:52:3e:5e:b3:c3:ec:98:61:
                    23:a3:15:3b:5d:21:d8:6a:e7:6f:20:c8:85:94:81:
                    fb:9d:cc:38:68:36:2e:0a:55:2b:59:ad:9e:11:91:
                    10:f0:aa:35:83:55:fb:2c:bd:93:aa:08:fa:cb:33:
                    97:51:7d:b8:e5:a3:24:df:58:b7:ef:fa:2f:49:6a:
                    6d:98:25:8f:c6:9e:92:8d:75:45:fa:30:f2:b8:dd:
                    83:bb:f4:8c:fc:3d:7a:82:e4:80:e4:28:96:09:22:
                    2a:48:92:7a:e6:4f:f1:d0:7d:a9:95:71:01:33:46:
                    05:2d:9c:2b:1a:f8:56:d6:ca:8b:7c:5c:58:c8:26:
                    a6:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:33:FB:AB:7F:22:13:78:D0:F9:4E:B2:72:AB:3A:EE:4F:DE:A4:31
            X509v3 Authority Key Identifier:
                keyid:81:8D:45:B8:94:A1:AA:AE:64:0E:68:4E:57:CF:DB:53:0D:FA:BA:69

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gY1FuJShqq5kDmhOV8_bUw36umk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:be:fc:c0:26:7b:f0:4e:4f:50:9a:11:79:e9:18:ff:8f:c6:
         e1:b3:9b:fc:ec:76:1d:f4:58:ff:5e:d8:1c:09:d2:df:3e:60:
         fd:0a:51:69:93:5e:9d:c4:ae:b7:06:f2:46:d7:af:00:3c:0a:
         d1:95:2c:1b:08:34:6a:3f:0f:73:cd:7d:a5:23:f6:31:5a:bb:
         fb:16:73:76:51:6b:67:bb:80:d7:fb:c4:14:ec:75:fe:5a:e2:
         59:6c:3d:a9:0f:0e:ee:7c:ac:7d:ba:e6:7f:6f:2e:5d:33:0b:
         a3:74:06:04:13:8e:eb:78:3a:12:c1:f8:92:34:10:7e:44:f7:
         59:81:fc:a6:55:bb:76:69:34:ce:4e:54:f9:5e:11:a5:9e:92:
         15:96:03:fd:e1:5a:8e:8d:d9:14:e5:1b:c1:1f:ec:55:32:6b:
         c1:d4:94:1a:e5:4b:2a:a7:26:24:73:7e:19:bf:26:6e:7b:2e:
         c8:70:57:b0:84:2c:18:13:e0:cc:7a:71:c3:1c:54:90:5f:b3:
         fe:ff:c7:19:21:4d:94:f2:76:5b:3f:9b:8a:98:ac:8e:18:2a:
         7d:96:8d:5c:83:6d:86:6a:9f:cf:6d:87:37:c6:62:72:f6:0f:
         0c:4b:8d:7a:ec:e4:37:3f:80:44:c9:4a:24:ee:09:36:ed:fb:
         a2:99:44:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiTNpc7pmUGV1loYXB/pLicMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOGQ0NWI4OTRhMWFhYWU2NDBlNjg0ZTU3Y2ZkYjUzMGRm
YWJhNjkwHhcNMjUwODEwMDkwMTI1WhcNMjUwODExMDkwMTI1WjAzMTEwLwYDVQQD
EyhiNzMzZmJhYjdmMjIxMzc4ZDBmOTRlYjI3MmFiM2FlZTRmZGVhNDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIgQUY2fHH962yIPIvQ+HeHN8eDa
P+74pTW7NC+HPGyjONRjsxZCmqxuhqAPUhtD/wXYzlMVLnDhS1JNTpf+8MhboBTh
wOXsjNezVmaN7VC1H8QUD9koL2CBkhUnl95UwUePpjasax34AzzMDzflGG4Fb4nW
spgz/Dnevx/lUj5es8PsmGEjoxU7XSHYaudvIMiFlIH7ncw4aDYuClUrWa2eEZEQ
8Ko1g1X7LL2Tqgj6yzOXUX245aMk31i37/ovSWptmCWPxp6SjXVF+jDyuN2Du/SM
/D16guSA5CiWCSIqSJJ65k/x0H2plXEBM0YFLZwrGvhW1sqLfFxYyCamoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLcz+6t/IhN40PlOsnKrOu5P3qQxMB8GA1UdIwQY
MBaAFIGNRbiUoaquZA5oTlfP21MN+rppMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1kxRnVKU2hxcTVrRG1oT1Y4X2JVdzM2dW1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC83MDMzNTgtYjY5Yi00ODkzLWFiNGUt
ZTA2OTlkMzA0OTE5LzEvZ1kxRnVKU2hxcTVrRG1oT1Y4X2JVdzM2dW1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC83MDMzNTgtYjY5Yi00ODkzLWFiNGUtZTA2OTlkMzA0OTE5
LzEvZ1kxRnVKU2hxcTVrRG1oT1Y4X2JVdzM2dW1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANL78wCZ7
8E5PUJoReekY/4/G4bOb/Ox2HfRY/17YHAnS3z5g/QpRaZNencSutwbyRtevADwK
0ZUsGwg0aj8Pc819pSP2MVq7+xZzdlFrZ7uA1/vEFOx1/lriWWw9qQ8O7nysfbrm
f28uXTMLo3QGBBOO63g6EsH4kjQQfkT3WYH8plW7dmk0zk5U+V4RpZ6SFZYD/eFa
jo3ZFOUbwR/sVTJrwdSUGuVLKqcmJHN+Gb8mbnsuyHBXsIQsGBPgzHpxwxxUkF+z
/v/HGSFNlPJ2Wz+bipisjhgqfZaNXINthmqfz22HN8ZicvYPDEuNeuzkNz+ARMlK
JO4JNu37oplETw==
-----END CERTIFICATE-----