Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/99cfe5-4b35-49c7-9a73-ed07f5cad6d7/1/AaVsQu18uWPyhVA87AYG1g0Ks4c.mft
File:                     AaVsQu18uWPyhVA87AYG1g0Ks4c.mft (raw, json)
Hash identifier:          0vNTeSEPbsv9s0ZjBtDkVasbZ/kHoxL4Rd1+s4iVTvk=
Subject key identifier:   65:B7:7C:94:14:2C:B6:22:25:52:F0:65:28:A7:51:DA:E7:F1:0E:C5
Authority key identifier: 01:A5:6C:42:ED:7C:B9:63:F2:85:50:3C:EC:06:06:D6:0D:0A:B3:87
Certificate issuer:       /CN=01a56c42ed7cb963f285503cec0606d60d0ab387
Certificate serial:       01976F2B99F5B5017A1398158122EAA664E4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AaVsQu18uWPyhVA87AYG1g0Ks4c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/99cfe5-4b35-49c7-9a73-ed07f5cad6d7/1/AaVsQu18uWPyhVA87AYG1g0Ks4c.mft
Manifest number:          0E51
Signing time:             Sat 14 Jun 2025 16:00:17 +0000
Manifest this update:     Sat 14 Jun 2025 16:00:17 +0000
Manifest next update:     Sun 15 Jun 2025 16:00:17 +0000
Files and hashes:         1: AaVsQu18uWPyhVA87AYG1g0Ks4c.crl (hash: s/ZZFVFfftitcsC9ZFZldQ+WjgnAX1cROADFUJdaLYg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/18/99cfe5-4b35-49c7-9a73-ed07f5cad6d7/1/AaVsQu18uWPyhVA87AYG1g0Ks4c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/18/99cfe5-4b35-49c7-9a73-ed07f5cad6d7/1/AaVsQu18uWPyhVA87AYG1g0Ks4c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AaVsQu18uWPyhVA87AYG1g0Ks4c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 10:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:2b:99:f5:b5:01:7a:13:98:15:81:22:ea:a6:64:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01a56c42ed7cb963f285503cec0606d60d0ab387
        Validity
            Not Before: Jun 14 16:00:17 2025 GMT
            Not After : Jun 15 16:00:17 2025 GMT
        Subject: CN=65b77c94142cb6222552f06528a751dae7f10ec5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:f8:bc:38:25:c4:76:da:cf:ed:01:b6:6e:0f:
                    56:cc:43:14:1d:e4:a0:b4:97:60:8e:d2:1c:27:f5:
                    b5:25:e1:8c:72:15:9e:dc:c8:5f:46:97:48:b5:0e:
                    3e:b4:b9:be:b6:fe:f1:1d:36:d2:40:19:29:71:35:
                    5a:e4:9b:b2:46:c1:1c:65:65:2a:8b:1a:41:c0:1c:
                    cd:c7:45:e1:9b:f0:6d:b7:21:5b:3b:6c:1d:e2:aa:
                    0e:04:2e:de:93:ff:38:c6:40:32:c9:cd:5c:a4:86:
                    3f:65:ae:a4:34:b7:ee:f4:10:4c:b3:71:75:66:90:
                    13:10:af:f1:96:4a:3c:be:5f:e9:2f:54:d5:14:70:
                    7b:b6:bf:34:6f:fc:5e:48:53:8c:d2:fc:73:24:7d:
                    59:95:86:65:4b:46:c0:e3:ff:4d:4d:39:e0:a6:4f:
                    6b:f4:40:9e:dc:72:53:37:e5:16:09:b9:20:a2:b5:
                    27:8c:60:14:46:87:8e:33:6a:ec:42:16:67:e4:90:
                    0f:5c:15:11:b9:59:35:ea:50:58:a9:f7:a2:f2:07:
                    e7:2a:0d:c7:f4:18:06:fa:69:cf:1e:84:02:b3:90:
                    34:7b:2e:3e:fd:3c:3b:07:2f:16:d1:5d:2a:5c:47:
                    22:cf:92:8a:b3:44:cb:86:79:1a:78:1d:99:ed:63:
                    0e:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:B7:7C:94:14:2C:B6:22:25:52:F0:65:28:A7:51:DA:E7:F1:0E:C5
            X509v3 Authority Key Identifier:
                keyid:01:A5:6C:42:ED:7C:B9:63:F2:85:50:3C:EC:06:06:D6:0D:0A:B3:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AaVsQu18uWPyhVA87AYG1g0Ks4c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/99cfe5-4b35-49c7-9a73-ed07f5cad6d7/1/AaVsQu18uWPyhVA87AYG1g0Ks4c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/99cfe5-4b35-49c7-9a73-ed07f5cad6d7/1/AaVsQu18uWPyhVA87AYG1g0Ks4c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ce:98:15:92:e1:79:70:25:d1:d1:46:ad:57:ea:d3:b4:9a:0f:
         dc:e5:29:39:65:34:e5:4a:9c:87:6f:e7:8d:7a:55:94:51:9e:
         47:e3:4e:7f:bb:b3:9a:18:47:10:a8:16:78:ed:e4:77:c2:2b:
         f0:cc:27:62:88:4f:c6:ad:72:39:b1:3d:6f:da:e1:8f:d2:56:
         b5:9e:37:0c:00:c0:a3:27:fe:35:f9:35:63:65:73:23:fb:1a:
         a3:87:7f:d3:7e:2a:bf:fe:11:b6:1e:f6:4b:43:c1:fe:e0:4a:
         c9:42:d1:ac:d2:19:ca:83:72:92:18:91:aa:7b:4a:aa:86:72:
         da:bc:dd:26:01:5a:ce:fc:95:6f:3f:40:77:8c:14:68:41:f3:
         8d:c4:81:10:2e:a6:e2:47:1c:8c:7f:35:4d:a9:9d:a6:b3:0f:
         00:67:14:eb:f2:39:67:bc:cd:dc:1a:1f:b9:b2:15:dd:28:8c:
         9d:e4:1c:bf:c9:32:4a:b5:8e:36:ae:27:7b:c1:3d:91:1f:7b:
         94:a4:40:4f:b1:36:c4:dd:e6:c7:2a:4e:aa:93:43:c9:f4:97:
         df:4d:42:16:12:e9:35:4d:37:95:97:c4:2d:0b:67:32:fe:9d:
         e8:0a:4e:4f:e7:1f:e9:5f:3e:3b:1c:60:03:70:48:bb:24:73:
         35:90:3a:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdvK5n1tQF6E5gVgSLqpmTkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxYTU2YzQyZWQ3Y2I5NjNmMjg1NTAzY2VjMDYwNmQ2MGQw
YWIzODcwHhcNMjUwNjE0MTYwMDE3WhcNMjUwNjE1MTYwMDE3WjAzMTEwLwYDVQQD
Eyg2NWI3N2M5NDE0MmNiNjIyMjU1MmYwNjUyOGE3NTFkYWU3ZjEwZWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3vi8OCXEdtrP7QG2bg9WzEMUHeSg
tJdgjtIcJ/W1JeGMchWe3MhfRpdItQ4+tLm+tv7xHTbSQBkpcTVa5JuyRsEcZWUq
ixpBwBzNx0Xhm/BttyFbO2wd4qoOBC7ek/84xkAyyc1cpIY/Za6kNLfu9BBMs3F1
ZpATEK/xlko8vl/pL1TVFHB7tr80b/xeSFOM0vxzJH1ZlYZlS0bA4/9NTTngpk9r
9ECe3HJTN+UWCbkgorUnjGAURoeOM2rsQhZn5JAPXBURuVk16lBYqfei8gfnKg3H
9BgG+mnPHoQCs5A0ey4+/Tw7By8W0V0qXEciz5KKs0TLhnkaeB2Z7WMOQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGW3fJQULLYiJVLwZSinUdrn8Q7FMB8GA1UdIwQY
MBaAFAGlbELtfLlj8oVQPOwGBtYNCrOHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWFWc1F1MTh1V1B5aFZBODdBWUcxZzBLczRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC85OWNmZTUtNGIzNS00OWM3LTlhNzMt
ZWQwN2Y1Y2FkNmQ3LzEvQWFWc1F1MTh1V1B5aFZBODdBWUcxZzBLczRjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC85OWNmZTUtNGIzNS00OWM3LTlhNzMtZWQwN2Y1Y2FkNmQ3
LzEvQWFWc1F1MTh1V1B5aFZBODdBWUcxZzBLczRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzpgVkuF5
cCXR0UatV+rTtJoP3OUpOWU05Uqch2/njXpVlFGeR+NOf7uzmhhHEKgWeO3kd8Ir
8MwnYohPxq1yObE9b9rhj9JWtZ43DADAoyf+Nfk1Y2VzI/sao4d/034qv/4Rth72
S0PB/uBKyULRrNIZyoNykhiRqntKqoZy2rzdJgFazvyVbz9Ad4wUaEHzjcSBEC6m
4kccjH81TamdprMPAGcU6/I5Z7zN3BofubIV3SiMneQcv8kySrWONq4ne8E9kR97
lKRAT7E2xN3mxypOqpNDyfSX301CFhLpNU03lZfELQtnMv6d6ApOT+cf6V8+Oxxg
A3BIuyRzNZA6LA==
-----END CERTIFICATE-----