Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.mft
File:                     iYDaJ6VQ15vmUa15rnGcz8vFo28.mft (raw, json)
Hash identifier:          g67H4oIiHANt3JJUb5bdD5TBlIUVQCaH4UY2Bf03Bno=
Subject key identifier:   D4:F8:ED:1B:9B:04:A7:14:F5:21:A6:51:37:63:FB:A2:F2:25:DF:E1
Authority key identifier: 89:80:DA:27:A5:50:D7:9B:E6:51:AD:79:AE:71:9C:CF:CB:C5:A3:6F
Certificate issuer:       /CN=8980da27a550d79be651ad79ae719ccfcbc5a36f
Certificate serial:       019784D824E1DFD85433E0EAA3592B06AB30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iYDaJ6VQ15vmUa15rnGcz8vFo28.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.mft
Manifest number:          0305
Signing time:             Wed 18 Jun 2025 21:00:46 +0000
Manifest this update:     Wed 18 Jun 2025 21:00:46 +0000
Manifest next update:     Thu 19 Jun 2025 21:00:46 +0000
Files and hashes:         1: iYDaJ6VQ15vmUa15rnGcz8vFo28.crl (hash: eDm5+vr0wAh0rxbzh4aiXgUPZ+BM2v+0uV4By3m32cI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iYDaJ6VQ15vmUa15rnGcz8vFo28.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 19 Jun 2025 21:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:84:d8:24:e1:df:d8:54:33:e0:ea:a3:59:2b:06:ab:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8980da27a550d79be651ad79ae719ccfcbc5a36f
        Validity
            Not Before: Jun 18 21:00:46 2025 GMT
            Not After : Jun 19 21:00:46 2025 GMT
        Subject: CN=d4f8ed1b9b04a714f521a6513763fba2f225dfe1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:94:33:ad:de:44:66:70:03:42:27:58:7c:01:
                    6e:f0:80:a4:a2:3c:2e:4b:62:32:39:79:8c:42:b7:
                    48:4b:4d:d5:44:be:0b:df:8d:41:8d:5b:aa:33:42:
                    2c:e4:0c:e6:25:07:aa:f7:00:ad:cd:11:4b:4a:6d:
                    48:5b:18:89:93:89:64:41:eb:3f:f4:5e:7a:7b:81:
                    4c:87:3b:4d:8d:01:a6:85:58:90:12:90:ef:bc:49:
                    29:e1:20:b1:75:91:4f:e2:d6:7e:70:ff:58:95:2a:
                    1a:0f:b5:5f:3d:dd:5f:47:cc:05:f2:fc:0b:9b:9e:
                    c3:3a:e8:d9:dd:f7:46:96:52:05:e5:ac:65:1f:74:
                    40:04:93:a0:55:8b:c7:17:bf:e1:40:e1:58:cd:73:
                    0d:31:0e:3a:46:00:52:3b:a4:2c:28:d6:9a:af:08:
                    11:09:3e:b9:bf:3d:e6:29:fb:e3:b7:ae:c3:48:71:
                    20:07:4d:42:13:95:76:10:16:f1:95:70:d6:1b:87:
                    e9:cc:1f:17:1e:af:17:71:49:dd:7e:9c:e4:07:26:
                    dd:8c:8a:2b:ed:d6:76:ed:bb:8e:1b:94:03:2d:56:
                    be:4d:76:0e:fd:3d:62:35:89:a9:e4:90:e9:d2:4c:
                    c8:7c:f9:56:76:2c:47:13:4e:c8:17:f6:3f:53:81:
                    c4:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:F8:ED:1B:9B:04:A7:14:F5:21:A6:51:37:63:FB:A2:F2:25:DF:E1
            X509v3 Authority Key Identifier:
                keyid:89:80:DA:27:A5:50:D7:9B:E6:51:AD:79:AE:71:9C:CF:CB:C5:A3:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iYDaJ6VQ15vmUa15rnGcz8vFo28.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:06:8a:57:e8:3d:e2:4c:60:8b:20:4f:e1:7f:14:93:8c:dd:
         19:af:41:5d:81:9e:9f:ff:97:48:29:46:ec:50:a4:75:4a:d9:
         3d:59:5e:0e:4e:13:1c:f0:c5:a4:da:c2:7e:02:10:2b:b2:9e:
         18:53:74:8c:23:65:49:5c:da:40:9a:b7:05:92:10:3f:1d:76:
         05:05:07:ab:8a:b7:a6:c9:11:2c:dc:10:4e:59:98:da:e7:e9:
         53:27:88:6b:c1:0f:db:9d:c1:e2:ce:a1:e4:ca:3e:02:c3:53:
         3a:b5:c3:a2:3e:0c:b5:b7:05:b7:d6:13:a0:22:39:fd:45:f8:
         c3:7e:17:48:1d:07:2e:26:dd:75:8c:4b:09:d6:e8:69:15:ed:
         ea:a6:22:a1:0e:1c:ba:fd:47:55:94:28:0a:6b:1d:bc:a1:cf:
         c5:8d:34:b3:b2:24:47:0c:fc:ce:c0:bb:47:65:22:6a:ec:9e:
         66:81:a9:46:61:ab:2e:14:41:60:bb:89:e2:82:2c:30:63:10:
         fa:43:0a:0f:7a:ed:3d:96:a2:a6:9a:97:76:9d:43:be:d3:40:
         50:88:6d:3b:3f:13:ba:4d:9c:d2:97:d2:e7:d0:03:22:8c:8b:
         2a:90:c3:4b:78:19:65:49:21:e2:d6:00:a4:fa:01:6d:29:60:
         b8:9b:3b:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZeE2CTh39hUM+Dqo1krBqswMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ODBkYTI3YTU1MGQ3OWJlNjUxYWQ3OWFlNzE5Y2NmY2Jj
NWEzNmYwHhcNMjUwNjE4MjEwMDQ2WhcNMjUwNjE5MjEwMDQ2WjAzMTEwLwYDVQQD
EyhkNGY4ZWQxYjliMDRhNzE0ZjUyMWE2NTEzNzYzZmJhMmYyMjVkZmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5Qzrd5EZnADQidYfAFu8ICkojwu
S2IyOXmMQrdIS03VRL4L341BjVuqM0Is5AzmJQeq9wCtzRFLSm1IWxiJk4lkQes/
9F56e4FMhztNjQGmhViQEpDvvEkp4SCxdZFP4tZ+cP9YlSoaD7VfPd1fR8wF8vwL
m57DOujZ3fdGllIF5axlH3RABJOgVYvHF7/hQOFYzXMNMQ46RgBSO6QsKNaarwgR
CT65vz3mKfvjt67DSHEgB01CE5V2EBbxlXDWG4fpzB8XHq8XcUndfpzkBybdjIor
7dZ27buOG5QDLVa+TXYO/T1iNYmp5JDp0kzIfPlWdixHE07IF/Y/U4HEzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNT47RubBKcU9SGmUTdj+6LyJd/hMB8GA1UdIwQY
MBaAFImA2ielUNeb5lGtea5xnM/LxaNvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVlEYUo2VlExNXZtVWExNXJuR2N6OHZGbzI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9iZjRmNDEtMjc5Ny00MWI5LWJhZjYt
Mjk3NjJjMWFhZjY1LzEvaVlEYUo2VlExNXZtVWExNXJuR2N6OHZGbzI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9iZjRmNDEtMjc5Ny00MWI5LWJhZjYtMjk3NjJjMWFhZjY1
LzEvaVlEYUo2VlExNXZtVWExNXJuR2N6OHZGbzI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKgaKV+g9
4kxgiyBP4X8Uk4zdGa9BXYGen/+XSClG7FCkdUrZPVleDk4THPDFpNrCfgIQK7Ke
GFN0jCNlSVzaQJq3BZIQPx12BQUHq4q3pskRLNwQTlmY2ufpUyeIa8EP253B4s6h
5Mo+AsNTOrXDoj4MtbcFt9YToCI5/UX4w34XSB0HLibddYxLCdboaRXt6qYioQ4c
uv1HVZQoCmsdvKHPxY00s7IkRwz8zsC7R2UiauyeZoGpRmGrLhRBYLuJ4oIsMGMQ
+kMKD3rtPZaippqXdp1DvtNAUIhtOz8Tuk2c0pfS59ADIoyLKpDDS3gZZUkh4tYA
pPoBbSlguJs7ew==
-----END CERTIFICATE-----