Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/373874-34fd-4e64-b6a9-18006b6643af/1/MU0IhXjsDimwS0PpAUk1hnJjZP0.mft
File:                     MU0IhXjsDimwS0PpAUk1hnJjZP0.mft (raw, json)
Hash identifier:          IjN2USri4mQxIqJIoTsLEF+szqaBAP2pUGXHhkRCIa8=
Subject key identifier:   5B:DF:60:44:B4:E4:DD:6E:A4:64:A5:7E:53:D5:64:03:F5:15:C9:1E
Authority key identifier: 31:4D:08:85:78:EC:0E:29:B0:4B:43:E9:01:49:35:86:72:63:64:FD
Certificate issuer:       /CN=314d088578ec0e29b04b43e901493586726364fd
Certificate serial:       01988921244228382765DAB0CD6F50AFCD52
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MU0IhXjsDimwS0PpAUk1hnJjZP0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/373874-34fd-4e64-b6a9-18006b6643af/1/MU0IhXjsDimwS0PpAUk1hnJjZP0.mft
Manifest number:          135A
Signing time:             Fri 08 Aug 2025 10:01:47 +0000
Manifest this update:     Fri 08 Aug 2025 10:01:47 +0000
Manifest next update:     Sat 09 Aug 2025 10:01:47 +0000
Files and hashes:         1: MU0IhXjsDimwS0PpAUk1hnJjZP0.crl (hash: rAfMCm9RXHxjV062Il9JFDaJUXbG+l8nxzqNwAS88M4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1f/373874-34fd-4e64-b6a9-18006b6643af/1/MU0IhXjsDimwS0PpAUk1hnJjZP0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1f/373874-34fd-4e64-b6a9-18006b6643af/1/MU0IhXjsDimwS0PpAUk1hnJjZP0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MU0IhXjsDimwS0PpAUk1hnJjZP0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 10:01:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:89:21:24:42:28:38:27:65:da:b0:cd:6f:50:af:cd:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=314d088578ec0e29b04b43e901493586726364fd
        Validity
            Not Before: Aug  8 10:01:47 2025 GMT
            Not After : Aug  9 10:01:47 2025 GMT
        Subject: CN=5bdf6044b4e4dd6ea464a57e53d56403f515c91e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:cd:de:f5:86:ff:4b:12:3f:3e:b6:be:34:83:
                    a3:31:56:33:0b:ec:62:cc:67:58:ea:54:6c:cc:f5:
                    1a:2d:68:74:e5:0f:2d:2c:57:f3:b9:ac:98:3d:55:
                    16:1f:5d:89:cb:a8:7e:2e:6c:42:55:fc:e7:79:00:
                    7e:fa:4d:42:ed:a5:2d:ca:a6:a8:4c:d4:7a:71:5e:
                    90:fa:42:4f:59:38:be:b7:53:36:58:95:e6:c2:3d:
                    ec:27:f8:90:fa:de:87:54:6d:40:7a:b6:c6:49:85:
                    82:77:fe:f0:83:17:65:6c:1a:9f:35:5b:a1:17:d0:
                    98:0e:3d:ab:66:dd:66:04:0f:59:c6:01:b9:14:bb:
                    76:64:3b:a5:63:0a:82:9a:d6:e0:23:86:e9:eb:e1:
                    72:4f:76:67:a0:c8:f0:2d:81:d8:45:76:78:c9:f9:
                    9c:9e:28:84:96:a8:32:06:4a:83:f2:8e:b0:b5:a1:
                    e5:f0:83:13:79:c0:fb:d3:24:26:ab:01:b8:c5:b8:
                    21:9a:f8:f0:42:03:d9:68:1d:93:42:86:3b:e8:e2:
                    9d:3a:53:20:e5:b2:82:95:4c:98:c4:53:cd:76:24:
                    f9:ee:11:1b:89:c1:7a:82:aa:ab:c4:6b:0e:d4:45:
                    8e:d2:73:21:24:7c:95:c7:9a:99:a1:5d:86:05:d9:
                    e7:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:DF:60:44:B4:E4:DD:6E:A4:64:A5:7E:53:D5:64:03:F5:15:C9:1E
            X509v3 Authority Key Identifier:
                keyid:31:4D:08:85:78:EC:0E:29:B0:4B:43:E9:01:49:35:86:72:63:64:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MU0IhXjsDimwS0PpAUk1hnJjZP0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/373874-34fd-4e64-b6a9-18006b6643af/1/MU0IhXjsDimwS0PpAUk1hnJjZP0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/373874-34fd-4e64-b6a9-18006b6643af/1/MU0IhXjsDimwS0PpAUk1hnJjZP0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:e7:4c:5a:22:10:25:3f:c4:70:a8:4b:13:69:9f:04:cb:af:
         2e:d1:68:55:66:91:fd:ad:f9:1f:39:e1:cb:4a:ef:ef:f5:67:
         a3:1a:f6:e1:9f:65:c3:45:0f:1d:39:d4:01:29:32:fd:c2:ff:
         5a:3d:b2:7d:fe:23:a3:b3:2d:a5:1e:7d:c9:fb:b6:47:28:c6:
         06:fe:c2:83:ec:32:ab:c6:82:8b:43:9e:c8:68:a3:8b:d9:4d:
         b8:c1:76:13:dc:2b:2b:d2:05:8e:5f:33:0d:7b:11:51:a1:6a:
         2a:80:f4:69:1d:a4:fb:73:11:9e:f5:8a:e0:cd:98:dd:b6:5f:
         72:44:9c:8a:4b:67:48:00:c3:a6:4c:af:88:9d:30:23:69:a2:
         6c:87:db:86:64:21:17:12:e9:13:ac:59:94:fe:17:86:4f:84:
         46:ae:c9:73:f1:d2:b7:15:7e:0b:14:15:a5:d4:b4:b5:dd:bd:
         af:c2:50:98:64:32:fa:27:3c:6e:08:39:dd:ef:fd:51:3b:cb:
         db:27:21:e7:74:c4:52:22:5a:b8:b4:c0:0f:a5:61:db:27:d3:
         ad:c7:d9:cc:1f:df:b8:01:ca:bd:c6:5c:2b:9d:29:db:a0:8a:
         52:3d:82:1c:0d:b0:f9:16:60:4b:ff:1c:fa:dd:86:7e:19:57:
         73:77:52:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiJISRCKDgnZdqwzW9Qr81SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxNGQwODg1NzhlYzBlMjliMDRiNDNlOTAxNDkzNTg2NzI2
MzY0ZmQwHhcNMjUwODA4MTAwMTQ3WhcNMjUwODA5MTAwMTQ3WjAzMTEwLwYDVQQD
Eyg1YmRmNjA0NGI0ZTRkZDZlYTQ2NGE1N2U1M2Q1NjQwM2Y1MTVjOTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu83e9Yb/SxI/Pra+NIOjMVYzC+xi
zGdY6lRszPUaLWh05Q8tLFfzuayYPVUWH12Jy6h+LmxCVfzneQB++k1C7aUtyqao
TNR6cV6Q+kJPWTi+t1M2WJXmwj3sJ/iQ+t6HVG1AerbGSYWCd/7wgxdlbBqfNVuh
F9CYDj2rZt1mBA9ZxgG5FLt2ZDulYwqCmtbgI4bp6+FyT3ZnoMjwLYHYRXZ4yfmc
niiElqgyBkqD8o6wtaHl8IMTecD70yQmqwG4xbghmvjwQgPZaB2TQoY76OKdOlMg
5bKClUyYxFPNdiT57hEbicF6gqqrxGsO1EWO0nMhJHyVx5qZoV2GBdnngQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFvfYES05N1upGSlflPVZAP1FckeMB8GA1UdIwQY
MBaAFDFNCIV47A4psEtD6QFJNYZyY2T9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVUwSWhYanNEaW13UzBQcEFVazFobkpqWlAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8zNzM4NzQtMzRmZC00ZTY0LWI2YTkt
MTgwMDZiNjY0M2FmLzEvTVUwSWhYanNEaW13UzBQcEFVazFobkpqWlAwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi8zNzM4NzQtMzRmZC00ZTY0LWI2YTktMTgwMDZiNjY0M2Fm
LzEvTVUwSWhYanNEaW13UzBQcEFVazFobkpqWlAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATedMWiIQ
JT/EcKhLE2mfBMuvLtFoVWaR/a35Hznhy0rv7/Vnoxr24Z9lw0UPHTnUASky/cL/
Wj2yff4jo7MtpR59yfu2RyjGBv7Cg+wyq8aCi0OeyGiji9lNuMF2E9wrK9IFjl8z
DXsRUaFqKoD0aR2k+3MRnvWK4M2Y3bZfckSciktnSADDpkyviJ0wI2mibIfbhmQh
FxLpE6xZlP4Xhk+ERq7Jc/HStxV+CxQVpdS0td29r8JQmGQy+ic8bgg53e/9UTvL
2ych53TEUiJauLTAD6Vh2yfTrcfZzB/fuAHKvcZcK50p26CKUj2CHA2w+RZgS/8c
+t2GfhlXc3dSzA==
-----END CERTIFICATE-----