Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/7bdd71-1553-47e4-aa00-faa6becdaf05/1/JUIq59QSPce_KI8TeeQ39uHLKpo.mft
File:                     JUIq59QSPce_KI8TeeQ39uHLKpo.mft (raw, json)
Hash identifier:          qrJb4M6NIzq5NsNSYZcGamUctOCs7Vgr+82YNgWzUlE=
Subject key identifier:   A2:D1:C8:B1:D5:65:01:08:EF:DF:98:D7:68:21:29:20:B7:46:6D:DA
Authority key identifier: 25:42:2A:E7:D4:12:3D:C7:BF:28:8F:13:79:E4:37:F6:E1:CB:2A:9A
Certificate issuer:       /CN=25422ae7d4123dc7bf288f1379e437f6e1cb2a9a
Certificate serial:       01987C4095231F6F8EF8B8FA780B5BC69C09
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JUIq59QSPce_KI8TeeQ39uHLKpo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/7bdd71-1553-47e4-aa00-faa6becdaf05/1/JUIq59QSPce_KI8TeeQ39uHLKpo.mft
Manifest number:          0F97
Signing time:             Tue 05 Aug 2025 22:01:03 +0000
Manifest this update:     Tue 05 Aug 2025 22:01:03 +0000
Manifest next update:     Wed 06 Aug 2025 22:01:03 +0000
Files and hashes:         1: JUIq59QSPce_KI8TeeQ39uHLKpo.crl (hash: FaHKIPX8hZTzvfnWF1+RoMIGJR2Noc7AZweaDVMv8ZM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/75/7bdd71-1553-47e4-aa00-faa6becdaf05/1/JUIq59QSPce_KI8TeeQ39uHLKpo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/75/7bdd71-1553-47e4-aa00-faa6becdaf05/1/JUIq59QSPce_KI8TeeQ39uHLKpo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JUIq59QSPce_KI8TeeQ39uHLKpo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 06 Aug 2025 22:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7c:40:95:23:1f:6f:8e:f8:b8:fa:78:0b:5b:c6:9c:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25422ae7d4123dc7bf288f1379e437f6e1cb2a9a
        Validity
            Not Before: Aug  5 22:01:03 2025 GMT
            Not After : Aug  6 22:01:03 2025 GMT
        Subject: CN=a2d1c8b1d5650108efdf98d768212920b7466dda
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:40:4e:31:7f:e9:cd:89:bb:7a:64:97:75:e9:
                    9c:13:00:cf:ba:88:90:9a:d3:86:b9:82:78:00:ba:
                    35:d3:53:5c:f1:b5:f5:57:e4:2f:c6:4f:ae:69:ab:
                    46:b7:b7:a6:33:85:37:2f:c7:db:96:e1:46:8d:34:
                    20:64:0e:58:0d:e0:73:37:bc:f3:29:d2:4e:98:db:
                    30:d5:cd:7e:87:30:e0:a2:d3:c1:5e:2e:71:71:ac:
                    1d:be:b5:bd:25:e3:8d:f3:2e:db:17:70:af:20:a5:
                    c8:b9:e7:06:bc:8e:b2:cc:d4:7e:a4:12:f0:47:c2:
                    20:70:98:44:db:1d:84:93:71:0c:92:53:0b:b3:db:
                    83:7d:6c:96:1f:23:56:42:05:f7:4a:6c:c9:3c:39:
                    1e:22:80:c3:ae:f8:b8:cb:ce:32:fd:4b:9c:33:84:
                    09:96:f3:a9:40:6b:ec:38:76:89:75:5f:d7:a0:67:
                    63:c2:e9:42:82:2c:bb:1c:54:0b:de:65:a2:84:2e:
                    bb:50:c9:eb:8c:54:1f:c5:5a:a1:3a:25:cf:fc:38:
                    af:20:f2:7c:3e:a6:2c:f3:68:2c:5b:ae:df:44:f2:
                    a9:0b:f1:76:56:97:7e:57:60:4b:cb:8c:ee:ad:ae:
                    9d:f1:53:39:98:a8:d5:bc:1c:e9:f0:8b:06:96:37:
                    bb:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:D1:C8:B1:D5:65:01:08:EF:DF:98:D7:68:21:29:20:B7:46:6D:DA
            X509v3 Authority Key Identifier:
                keyid:25:42:2A:E7:D4:12:3D:C7:BF:28:8F:13:79:E4:37:F6:E1:CB:2A:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JUIq59QSPce_KI8TeeQ39uHLKpo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/7bdd71-1553-47e4-aa00-faa6becdaf05/1/JUIq59QSPce_KI8TeeQ39uHLKpo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/7bdd71-1553-47e4-aa00-faa6becdaf05/1/JUIq59QSPce_KI8TeeQ39uHLKpo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:5b:8e:62:a6:4b:32:46:69:2c:14:41:23:bd:d2:c1:6a:8c:
         69:b2:aa:40:2e:9e:47:d9:e3:50:01:fd:eb:71:dd:6b:cb:ae:
         c3:f8:bc:96:79:ad:28:ad:2b:59:ef:96:c4:f9:7c:20:92:21:
         5e:46:0a:c3:b9:a7:fd:6c:62:92:0f:82:37:25:c2:78:70:11:
         17:c7:93:e0:36:b8:ee:14:95:c3:f2:4f:dd:ea:59:bf:fa:fa:
         89:72:7d:ae:ee:82:7c:cf:49:3e:be:d9:92:33:ef:b8:5a:e3:
         5a:29:57:b3:af:ed:a0:ce:87:04:67:83:da:28:ca:81:04:42:
         d2:37:d1:df:4d:6d:d1:f0:14:30:09:82:ed:19:dd:81:0f:76:
         83:3c:66:14:07:32:4e:30:85:e5:1b:a5:db:67:9a:5c:ce:b2:
         31:ef:e5:7c:a0:1b:99:64:2a:91:17:40:00:bc:97:1d:3c:e3:
         ee:95:69:4d:55:32:c6:48:b3:8d:88:32:3e:d8:d1:5d:d9:86:
         b9:df:d5:8a:8b:bb:10:dd:a1:f2:7a:30:81:82:28:be:4a:23:
         37:45:ac:cf:f5:e1:12:3e:43:21:ae:61:55:f1:86:a6:87:21:
         81:21:36:8b:da:eb:01:6d:59:92:9e:d8:31:80:f7:8d:1c:16:
         57:1b:99:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh8QJUjH2+O+Lj6eAtbxpwJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1NDIyYWU3ZDQxMjNkYzdiZjI4OGYxMzc5ZTQzN2Y2ZTFj
YjJhOWEwHhcNMjUwODA1MjIwMTAzWhcNMjUwODA2MjIwMTAzWjAzMTEwLwYDVQQD
EyhhMmQxYzhiMWQ1NjUwMTA4ZWZkZjk4ZDc2ODIxMjkyMGI3NDY2ZGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUBOMX/pzYm7emSXdemcEwDPuoiQ
mtOGuYJ4ALo101Nc8bX1V+Qvxk+uaatGt7emM4U3L8fbluFGjTQgZA5YDeBzN7zz
KdJOmNsw1c1+hzDgotPBXi5xcawdvrW9JeON8y7bF3CvIKXIuecGvI6yzNR+pBLw
R8IgcJhE2x2Ek3EMklMLs9uDfWyWHyNWQgX3SmzJPDkeIoDDrvi4y84y/UucM4QJ
lvOpQGvsOHaJdV/XoGdjwulCgiy7HFQL3mWihC67UMnrjFQfxVqhOiXP/DivIPJ8
PqYs82gsW67fRPKpC/F2Vpd+V2BLy4zura6d8VM5mKjVvBzp8IsGlje74QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKLRyLHVZQEI79+Y12ghKSC3Rm3aMB8GA1UdIwQY
MBaAFCVCKufUEj3HvyiPE3nkN/bhyyqaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlVJcTU5UVNQY2VfS0k4VGVlUTM5dUhMS3BvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS83YmRkNzEtMTU1My00N2U0LWFhMDAt
ZmFhNmJlY2RhZjA1LzEvSlVJcTU5UVNQY2VfS0k4VGVlUTM5dUhMS3BvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS83YmRkNzEtMTU1My00N2U0LWFhMDAtZmFhNmJlY2RhZjA1
LzEvSlVJcTU5UVNQY2VfS0k4VGVlUTM5dUhMS3BvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFluOYqZL
MkZpLBRBI73SwWqMabKqQC6eR9njUAH963Hda8uuw/i8lnmtKK0rWe+WxPl8IJIh
XkYKw7mn/Wxikg+CNyXCeHARF8eT4Da47hSVw/JP3epZv/r6iXJ9ru6CfM9JPr7Z
kjPvuFrjWilXs6/toM6HBGeD2ijKgQRC0jfR301t0fAUMAmC7RndgQ92gzxmFAcy
TjCF5Rul22eaXM6yMe/lfKAbmWQqkRdAALyXHTzj7pVpTVUyxkizjYgyPtjRXdmG
ud/Viou7EN2h8nowgYIovkojN0Wsz/XhEj5DIa5hVfGGpochgSE2i9rrAW1Zkp7Y
MYD3jRwWVxuZaQ==
-----END CERTIFICATE-----