Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/dcf32f-326d-4e40-85a3-ccc877b5a375/1/sxU2q-49e1S4MDubxpqKq76XAOQ.mft
File:                     sxU2q-49e1S4MDubxpqKq76XAOQ.mft (raw, json)
Hash identifier:          Q8u6y3PIBFN/Ov+ARz0OgyBQC1UKL8M2qGTjLFjWoj8=
Subject key identifier:   52:FE:45:39:03:3D:24:44:B6:21:FA:C0:A8:07:CA:07:F3:A7:80:98
Authority key identifier: B3:15:36:AB:EE:3D:7B:54:B8:30:3B:9B:C6:9A:8A:AB:BE:97:00:E4
Certificate issuer:       /CN=b31536abee3d7b54b8303b9bc69a8aabbe9700e4
Certificate serial:       0197711A97929C27CD1CE879DC9114CE2FC1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sxU2q-49e1S4MDubxpqKq76XAOQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/38/dcf32f-326d-4e40-85a3-ccc877b5a375/1/sxU2q-49e1S4MDubxpqKq76XAOQ.mft
Manifest number:          07A6
Signing time:             Sun 15 Jun 2025 01:00:57 +0000
Manifest this update:     Sun 15 Jun 2025 01:00:57 +0000
Manifest next update:     Mon 16 Jun 2025 01:00:57 +0000
Files and hashes:         1: sxU2q-49e1S4MDubxpqKq76XAOQ.crl (hash: OFzhsmLoht2TJkqCsXGGRkSk/tSedqgggp3sVeLvYTc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/38/dcf32f-326d-4e40-85a3-ccc877b5a375/1/sxU2q-49e1S4MDubxpqKq76XAOQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/38/dcf32f-326d-4e40-85a3-ccc877b5a375/1/sxU2q-49e1S4MDubxpqKq76XAOQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sxU2q-49e1S4MDubxpqKq76XAOQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 22:19:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:71:1a:97:92:9c:27:cd:1c:e8:79:dc:91:14:ce:2f:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b31536abee3d7b54b8303b9bc69a8aabbe9700e4
        Validity
            Not Before: Jun 15 01:00:57 2025 GMT
            Not After : Jun 16 01:00:57 2025 GMT
        Subject: CN=52fe4539033d2444b621fac0a807ca07f3a78098
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:81:cb:67:37:7b:aa:69:a1:44:ea:f4:34:5e:
                    6c:a6:07:4a:df:30:7b:0b:c7:4e:49:b9:4f:a5:34:
                    d7:c8:1e:db:4a:34:26:f1:69:2e:05:7b:b0:3f:6c:
                    ca:61:71:d0:d8:5d:0b:49:5f:08:e7:ce:31:05:fd:
                    78:71:9e:09:8c:fd:29:d6:a3:fc:1d:2c:48:2d:a1:
                    2b:3d:13:f0:56:72:c2:eb:06:ea:04:dc:51:52:92:
                    a0:fd:ea:88:51:8c:38:7e:ed:39:ff:ce:7f:f1:fd:
                    bf:5e:47:95:b5:77:7b:d6:1a:b3:0f:76:04:92:e2:
                    c7:cb:25:a8:d6:f1:2a:0d:3a:97:b8:44:f7:b1:e7:
                    f7:33:88:ff:98:1d:ab:f9:14:2c:27:12:61:e2:fb:
                    4c:1c:03:3e:52:37:11:37:1e:2f:9e:3a:d1:a3:fa:
                    9e:02:3d:93:7c:c3:c1:2b:59:f6:ac:ca:88:cf:bf:
                    b8:ac:ce:a8:aa:56:98:17:92:d6:6e:4f:4d:cc:99:
                    d0:c0:c1:00:9f:3e:6b:72:6f:2f:77:0d:18:e7:9c:
                    f8:ab:e5:88:2f:4f:59:71:b5:53:a1:2a:bb:4e:7d:
                    e8:6c:56:fb:13:bc:e5:57:00:ee:5b:18:43:1b:50:
                    25:8a:1e:87:52:23:2a:ea:a1:98:42:bd:32:81:fe:
                    47:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:FE:45:39:03:3D:24:44:B6:21:FA:C0:A8:07:CA:07:F3:A7:80:98
            X509v3 Authority Key Identifier:
                keyid:B3:15:36:AB:EE:3D:7B:54:B8:30:3B:9B:C6:9A:8A:AB:BE:97:00:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sxU2q-49e1S4MDubxpqKq76XAOQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/dcf32f-326d-4e40-85a3-ccc877b5a375/1/sxU2q-49e1S4MDubxpqKq76XAOQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/38/dcf32f-326d-4e40-85a3-ccc877b5a375/1/sxU2q-49e1S4MDubxpqKq76XAOQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:5b:0e:e0:fa:eb:4f:82:d1:e6:4c:46:97:6a:e1:73:00:af:
         83:93:1a:9b:01:b8:5b:1c:50:bb:7d:ee:5f:48:85:32:cd:27:
         11:35:6a:a6:a4:f6:7b:cd:57:f7:fd:22:e8:8b:3a:4e:85:63:
         02:46:ce:2b:70:37:21:1d:ed:8a:9b:7f:ec:21:84:71:b6:e1:
         b7:34:32:0d:fc:d2:f9:2f:46:ce:85:2e:b2:d4:a9:8e:fd:1a:
         d3:99:51:3b:ea:2f:5d:46:f9:05:11:ab:57:7d:1b:d4:e9:e9:
         af:f4:2e:37:9d:75:49:40:2a:61:9b:5e:46:20:0b:c3:f0:6c:
         2b:d8:e6:96:8c:ef:73:8b:e9:ed:10:a0:71:57:9d:41:3b:2e:
         87:9a:59:fd:6b:f6:bc:81:37:2e:f4:1c:d7:9f:d7:8b:36:eb:
         6e:bd:7c:76:12:f0:df:31:76:a6:30:14:99:33:50:b1:ad:ac:
         ae:86:8d:74:58:e2:0d:96:cb:4c:65:3d:7e:aa:73:73:8f:08:
         46:bd:d1:07:22:d5:0c:7f:37:1a:f8:fe:39:8d:85:69:66:c9:
         71:e5:71:0a:5f:c7:15:4c:a5:db:62:9b:f8:9b:c8:28:a8:f5:
         9a:ea:35:99:51:f9:dd:27:eb:0d:ed:bd:ce:d6:77:a0:f5:3f:
         42:e4:75:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdxGpeSnCfNHOh53JEUzi/BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMTUzNmFiZWUzZDdiNTRiODMwM2I5YmM2OWE4YWFiYmU5
NzAwZTQwHhcNMjUwNjE1MDEwMDU3WhcNMjUwNjE2MDEwMDU3WjAzMTEwLwYDVQQD
Eyg1MmZlNDUzOTAzM2QyNDQ0YjYyMWZhYzBhODA3Y2EwN2YzYTc4MDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4HLZzd7qmmhROr0NF5spgdK3zB7
C8dOSblPpTTXyB7bSjQm8WkuBXuwP2zKYXHQ2F0LSV8I584xBf14cZ4JjP0p1qP8
HSxILaErPRPwVnLC6wbqBNxRUpKg/eqIUYw4fu05/85/8f2/XkeVtXd71hqzD3YE
kuLHyyWo1vEqDTqXuET3sef3M4j/mB2r+RQsJxJh4vtMHAM+UjcRNx4vnjrRo/qe
Aj2TfMPBK1n2rMqIz7+4rM6oqlaYF5LWbk9NzJnQwMEAnz5rcm8vdw0Y55z4q+WI
L09ZcbVToSq7Tn3obFb7E7zlVwDuWxhDG1Alih6HUiMq6qGYQr0ygf5HRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFL+RTkDPSREtiH6wKgHygfzp4CYMB8GA1UdIwQY
MBaAFLMVNqvuPXtUuDA7m8aaiqu+lwDkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3hVMnEtNDllMVM0TUR1YnhwcUtxNzZYQU9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9kY2YzMmYtMzI2ZC00ZTQwLTg1YTMt
Y2NjODc3YjVhMzc1LzEvc3hVMnEtNDllMVM0TUR1YnhwcUtxNzZYQU9RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9kY2YzMmYtMzI2ZC00ZTQwLTg1YTMtY2NjODc3YjVhMzc1
LzEvc3hVMnEtNDllMVM0TUR1YnhwcUtxNzZYQU9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOFsO4Prr
T4LR5kxGl2rhcwCvg5MamwG4WxxQu33uX0iFMs0nETVqpqT2e81X9/0i6Is6ToVj
AkbOK3A3IR3tipt/7CGEcbbhtzQyDfzS+S9GzoUustSpjv0a05lRO+ovXUb5BRGr
V30b1Onpr/QuN511SUAqYZteRiALw/BsK9jmlozvc4vp7RCgcVedQTsuh5pZ/Wv2
vIE3LvQc15/Xizbrbr18dhLw3zF2pjAUmTNQsa2sroaNdFjiDZbLTGU9fqpzc48I
Rr3RByLVDH83Gvj+OY2FaWbJceVxCl/HFUyl22Kb+JvIKKj1muo1mVH53SfrDe29
ztZ3oPU/QuR1sA==
-----END CERTIFICATE-----