Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/b711d7-ea06-4e42-98f7-63a4caedb38e/1/FAd8W3ds23z3vDXWtELjZ3arDG4.mft
File:                     FAd8W3ds23z3vDXWtELjZ3arDG4.mft (raw, json)
Hash identifier:          WGN+FJ8WuF4EDLUCgCyZlzTcs4bs0NB+vt6UPog7c5s=
Subject key identifier:   11:6B:51:8B:7C:CA:5C:A7:3B:C6:B3:5A:02:72:CF:25:96:07:DB:7D
Authority key identifier: 14:07:7C:5B:77:6C:DB:7C:F7:BC:35:D6:B4:42:E3:67:76:AB:0C:6E
Certificate issuer:       /CN=14077c5b776cdb7cf7bc35d6b442e36776ab0c6e
Certificate serial:       019873E226408EE75A5C86F05D1C9FCF373B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FAd8W3ds23z3vDXWtELjZ3arDG4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/b711d7-ea06-4e42-98f7-63a4caedb38e/1/FAd8W3ds23z3vDXWtELjZ3arDG4.mft
Manifest number:          1614
Signing time:             Mon 04 Aug 2025 07:00:57 +0000
Manifest this update:     Mon 04 Aug 2025 07:00:57 +0000
Manifest next update:     Tue 05 Aug 2025 07:00:57 +0000
Files and hashes:         1: FAd8W3ds23z3vDXWtELjZ3arDG4.crl (hash: Q41gWAwUiCLjQOscrqtZgZ6y6pJ89XdOKxfy07pHa9E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/b711d7-ea06-4e42-98f7-63a4caedb38e/1/FAd8W3ds23z3vDXWtELjZ3arDG4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/b711d7-ea06-4e42-98f7-63a4caedb38e/1/FAd8W3ds23z3vDXWtELjZ3arDG4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FAd8W3ds23z3vDXWtELjZ3arDG4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:e2:26:40:8e:e7:5a:5c:86:f0:5d:1c:9f:cf:37:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=14077c5b776cdb7cf7bc35d6b442e36776ab0c6e
        Validity
            Not Before: Aug  4 07:00:57 2025 GMT
            Not After : Aug  5 07:00:57 2025 GMT
        Subject: CN=116b518b7cca5ca73bc6b35a0272cf259607db7d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:61:8e:81:bf:c7:13:f9:e2:64:d0:8b:84:f2:
                    7d:06:74:0d:f5:d6:98:6e:e2:39:9a:1e:14:98:db:
                    ee:8f:97:89:58:9e:d8:b6:29:a3:4d:c7:40:b2:ee:
                    87:ac:b2:7d:c0:75:63:3d:28:5f:29:75:a8:50:78:
                    ec:77:7b:0f:ad:15:e2:62:25:ee:fc:a7:06:b4:40:
                    9d:fd:2f:f1:c4:93:d1:e1:1c:2f:f2:a0:81:ad:82:
                    23:5d:a0:71:cf:d6:da:bc:86:53:a2:ef:21:ed:26:
                    13:f5:a6:f8:3a:27:72:01:cf:9f:f1:35:ad:87:e6:
                    a6:1a:de:75:6c:08:37:f5:9f:7f:e4:e4:49:f0:4c:
                    15:53:de:d6:c1:49:17:8e:49:ec:b0:a0:db:fb:19:
                    3d:15:6e:17:b8:53:d6:52:c6:b3:30:0a:da:09:55:
                    e1:6e:94:c4:41:34:19:4a:ec:4b:c2:bf:0a:36:b9:
                    62:6e:f7:6a:8b:e0:11:15:8f:6f:71:46:1f:63:da:
                    a7:c9:04:55:36:63:b1:8b:f0:e6:10:76:ce:d1:74:
                    c1:a1:a5:2a:5e:94:3a:1e:6f:03:ac:fb:a2:5f:37:
                    49:7e:00:a3:ce:9d:a4:a6:06:39:2d:e8:af:67:33:
                    fc:c5:3f:08:93:cf:13:0e:be:06:03:88:f9:62:23:
                    3f:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:6B:51:8B:7C:CA:5C:A7:3B:C6:B3:5A:02:72:CF:25:96:07:DB:7D
            X509v3 Authority Key Identifier:
                keyid:14:07:7C:5B:77:6C:DB:7C:F7:BC:35:D6:B4:42:E3:67:76:AB:0C:6E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FAd8W3ds23z3vDXWtELjZ3arDG4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/b711d7-ea06-4e42-98f7-63a4caedb38e/1/FAd8W3ds23z3vDXWtELjZ3arDG4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/b711d7-ea06-4e42-98f7-63a4caedb38e/1/FAd8W3ds23z3vDXWtELjZ3arDG4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:dc:39:b9:74:8c:ba:3a:f9:1b:0f:da:c2:10:c1:78:a9:4f:
         31:cb:32:21:6d:9e:5c:26:84:b1:e4:be:24:a9:f8:ca:a2:19:
         de:41:9e:eb:0e:73:f8:ae:15:21:a1:25:57:47:ba:f8:24:8b:
         90:14:03:bb:02:39:f2:e6:07:d9:91:57:63:68:0c:8e:06:d5:
         67:f4:e9:51:40:b9:56:e2:6a:53:c4:f6:1f:cf:4d:d8:41:b9:
         33:34:24:ad:ff:b0:55:a4:90:b2:03:b8:95:b6:95:1d:b7:00:
         ce:31:ab:cd:03:ba:2c:fb:8b:09:dc:5c:8e:92:fc:fc:18:5d:
         3b:9c:67:cc:2e:4e:30:0f:3b:32:d2:f9:cd:eb:c3:a0:f1:8e:
         ab:b0:f6:ec:7f:39:a2:76:f3:fc:a1:cf:8d:a3:9d:75:ff:b9:
         9f:c8:a6:6c:bc:26:6b:55:70:dd:50:cd:43:f7:e0:17:22:32:
         ef:bf:84:31:71:aa:65:98:83:e3:5c:c9:c1:e4:c5:cf:e0:f5:
         d3:8d:f9:99:05:2b:20:f2:5a:86:bd:b8:86:36:1a:05:c6:6b:
         f7:d3:e3:2e:d3:57:13:ea:9e:c4:68:50:cf:b4:08:44:d4:5e:
         5c:b2:15:ee:60:dd:e4:46:5a:bb:74:3f:9f:e3:20:fc:51:1c:
         90:54:3f:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz4iZAjudaXIbwXRyfzzc7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0MDc3YzViNzc2Y2RiN2NmN2JjMzVkNmI0NDJlMzY3NzZh
YjBjNmUwHhcNMjUwODA0MDcwMDU3WhcNMjUwODA1MDcwMDU3WjAzMTEwLwYDVQQD
EygxMTZiNTE4YjdjY2E1Y2E3M2JjNmIzNWEwMjcyY2YyNTk2MDdkYjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0mGOgb/HE/niZNCLhPJ9BnQN9daY
buI5mh4UmNvuj5eJWJ7YtimjTcdAsu6HrLJ9wHVjPShfKXWoUHjsd3sPrRXiYiXu
/KcGtECd/S/xxJPR4Rwv8qCBrYIjXaBxz9bavIZTou8h7SYT9ab4OidyAc+f8TWt
h+amGt51bAg39Z9/5ORJ8EwVU97WwUkXjknssKDb+xk9FW4XuFPWUsazMAraCVXh
bpTEQTQZSuxLwr8KNrlibvdqi+ARFY9vcUYfY9qnyQRVNmOxi/DmEHbO0XTBoaUq
XpQ6Hm8DrPuiXzdJfgCjzp2kpgY5LeivZzP8xT8Ik88TDr4GA4j5YiM/xwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBFrUYt8ylynO8azWgJyzyWWB9t9MB8GA1UdIwQY
MBaAFBQHfFt3bNt897w11rRC42d2qwxuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkFkOFczZHMyM3ozdkRYV3RFTGpaM2FyREc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9iNzExZDctZWEwNi00ZTQyLTk4Zjct
NjNhNGNhZWRiMzhlLzEvRkFkOFczZHMyM3ozdkRYV3RFTGpaM2FyREc0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9iNzExZDctZWEwNi00ZTQyLTk4ZjctNjNhNGNhZWRiMzhl
LzEvRkFkOFczZHMyM3ozdkRYV3RFTGpaM2FyREc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB9w5uXSM
ujr5Gw/awhDBeKlPMcsyIW2eXCaEseS+JKn4yqIZ3kGe6w5z+K4VIaElV0e6+CSL
kBQDuwI58uYH2ZFXY2gMjgbVZ/TpUUC5VuJqU8T2H89N2EG5MzQkrf+wVaSQsgO4
lbaVHbcAzjGrzQO6LPuLCdxcjpL8/BhdO5xnzC5OMA87MtL5zevDoPGOq7D27H85
onbz/KHPjaOddf+5n8imbLwma1Vw3VDNQ/fgFyIy77+EMXGqZZiD41zJweTFz+D1
0435mQUrIPJahr24hjYaBcZr99PjLtNXE+qexGhQz7QIRNReXLIV7mDd5EZau3Q/
n+Mg/FEckFQ/0w==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:04:34 2025 by rpki-client