Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.mft
File:                     jRHN6i8zL8ztMzil3x-y30Uh-OI.mft (raw, json)
Hash identifier:          /lJg0k+W+fl9JK5YTz+VTbnfs2mgJVnKcoqFCXciZko=
Subject key identifier:   89:89:77:CC:C7:9F:FF:D9:EE:43:AE:7F:05:9A:07:45:2D:1D:D5:AE
Authority key identifier: 8D:11:CD:EA:2F:33:2F:CC:ED:33:38:A5:DF:1F:B2:DF:45:21:F8:E2
Certificate issuer:       /CN=8d11cdea2f332fcced3338a5df1fb2df4521f8e2
Certificate serial:       01977CB0DB21854353E109D470699CDB1D69
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jRHN6i8zL8ztMzil3x-y30Uh-OI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.mft
Manifest number:          10AB
Signing time:             Tue 17 Jun 2025 07:00:54 +0000
Manifest this update:     Tue 17 Jun 2025 07:00:54 +0000
Manifest next update:     Wed 18 Jun 2025 07:00:54 +0000
Files and hashes:         1: jRHN6i8zL8ztMzil3x-y30Uh-OI.crl (hash: qq3LSTBKEMY+iwsMFRw1OF8sQM+BLMypDl+aEgcrWa0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jRHN6i8zL8ztMzil3x-y30Uh-OI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 18 Jun 2025 07:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:7c:b0:db:21:85:43:53:e1:09:d4:70:69:9c:db:1d:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d11cdea2f332fcced3338a5df1fb2df4521f8e2
        Validity
            Not Before: Jun 17 07:00:54 2025 GMT
            Not After : Jun 18 07:00:54 2025 GMT
        Subject: CN=898977ccc79fffd9ee43ae7f059a07452d1dd5ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:10:3e:6a:a7:e7:64:7c:8b:86:9b:b7:b0:da:
                    d5:bf:df:93:68:89:3a:cc:6b:94:d1:92:3d:35:86:
                    58:af:82:bf:c3:e8:8d:50:fd:21:c5:af:ac:da:3a:
                    36:3d:70:f0:89:21:a5:df:f0:d7:3d:39:18:e0:19:
                    20:37:d3:0f:da:14:ff:2c:aa:51:5c:93:1e:c8:16:
                    b1:16:14:4b:ee:7e:20:2d:2b:34:5b:cc:9b:54:9c:
                    f8:f9:d2:24:37:0c:ef:ce:0e:e8:1f:73:f7:9e:5e:
                    d4:12:b8:f9:1e:82:7c:48:b8:3e:ea:cb:6a:2f:46:
                    ea:05:6e:34:c5:fe:0c:9b:5d:78:7c:4f:02:a8:23:
                    49:19:61:0c:a2:a6:98:42:c9:0e:cc:5a:14:6d:c6:
                    63:67:6f:82:e6:98:1c:89:cb:9a:53:77:73:c8:31:
                    17:51:76:f1:9d:f0:63:9e:7b:bd:1e:44:66:6d:58:
                    87:e0:1b:ab:36:fd:a1:45:95:0b:38:af:59:17:51:
                    85:d8:26:eb:69:bf:87:87:30:9a:b3:e5:67:77:69:
                    bf:5a:37:7f:17:cc:57:02:73:13:10:3a:c6:c0:53:
                    4b:93:41:38:1d:dd:48:a5:3c:d0:30:88:41:a9:df:
                    f5:dc:ad:84:c6:15:ac:65:73:31:1b:be:4a:86:7c:
                    f6:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:89:77:CC:C7:9F:FF:D9:EE:43:AE:7F:05:9A:07:45:2D:1D:D5:AE
            X509v3 Authority Key Identifier:
                keyid:8D:11:CD:EA:2F:33:2F:CC:ED:33:38:A5:DF:1F:B2:DF:45:21:F8:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHN6i8zL8ztMzil3x-y30Uh-OI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:5d:4e:ac:8b:25:de:58:db:ed:10:ad:09:92:23:4b:4c:21:
         b6:97:3e:da:23:5d:47:8c:e0:81:f3:7c:56:97:9f:07:d0:61:
         f5:39:f4:a0:8a:a4:d7:ad:d1:af:13:2e:b2:91:4b:1f:31:10:
         76:64:7b:a8:3e:16:7b:bf:2b:b0:28:68:8c:58:27:37:11:1a:
         5b:10:77:d4:4e:92:ac:68:4d:a9:2f:2e:26:b7:ea:8c:6d:f5:
         68:a2:10:99:d4:01:72:18:11:d7:5d:fc:92:ba:77:11:a4:29:
         de:fa:98:ee:b7:ba:88:10:92:5c:37:08:e8:b5:ee:d2:78:8a:
         bc:e3:62:97:40:e2:61:dd:b0:98:79:a0:bd:70:b5:fd:40:b7:
         7c:ee:80:33:66:45:ca:12:a2:61:ee:a9:df:96:f7:04:b4:e5:
         cf:06:90:fa:42:79:19:a9:50:c1:d5:5c:51:66:bf:0e:5f:08:
         a8:31:63:54:54:26:36:2f:a7:d3:74:3d:ee:be:31:67:4f:4f:
         39:41:f7:79:cb:ed:e5:20:59:27:ad:37:d7:f9:85:86:69:cd:
         36:ef:06:8f:35:b8:f5:0c:bc:b0:4b:f6:5f:98:a6:a1:2d:cb:
         77:56:ce:30:9b:3b:9b:4b:38:99:3c:c3:d1:a7:3a:95:1b:68:
         f0:63:ea:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd8sNshhUNT4QnUcGmc2x1pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMTFjZGVhMmYzMzJmY2NlZDMzMzhhNWRmMWZiMmRmNDUy
MWY4ZTIwHhcNMjUwNjE3MDcwMDU0WhcNMjUwNjE4MDcwMDU0WjAzMTEwLwYDVQQD
Eyg4OTg5NzdjY2M3OWZmZmQ5ZWU0M2FlN2YwNTlhMDc0NTJkMWRkNWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyhA+aqfnZHyLhpu3sNrVv9+TaIk6
zGuU0ZI9NYZYr4K/w+iNUP0hxa+s2jo2PXDwiSGl3/DXPTkY4BkgN9MP2hT/LKpR
XJMeyBaxFhRL7n4gLSs0W8ybVJz4+dIkNwzvzg7oH3P3nl7UErj5HoJ8SLg+6stq
L0bqBW40xf4Mm114fE8CqCNJGWEMoqaYQskOzFoUbcZjZ2+C5pgcicuaU3dzyDEX
UXbxnfBjnnu9HkRmbViH4BurNv2hRZULOK9ZF1GF2Cbrab+HhzCas+Vnd2m/Wjd/
F8xXAnMTEDrGwFNLk0E4Hd1IpTzQMIhBqd/13K2ExhWsZXMxG75Khnz2TQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFImJd8zHn//Z7kOufwWaB0UtHdWuMB8GA1UdIwQY
MBaAFI0RzeovMy/M7TM4pd8fst9FIfjiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJITjZpOHpMOHp0TXppbDN4LXkzMFVoLU9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC83ZGFkZDMtM2U1NS00NmJlLTk0ZTEt
YzkwNjU4ZWJkNjk3LzEvalJITjZpOHpMOHp0TXppbDN4LXkzMFVoLU9JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC83ZGFkZDMtM2U1NS00NmJlLTk0ZTEtYzkwNjU4ZWJkNjk3
LzEvalJITjZpOHpMOHp0TXppbDN4LXkzMFVoLU9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeF1OrIsl
3ljb7RCtCZIjS0whtpc+2iNdR4zggfN8VpefB9Bh9Tn0oIqk163RrxMuspFLHzEQ
dmR7qD4We78rsChojFgnNxEaWxB31E6SrGhNqS8uJrfqjG31aKIQmdQBchgR1138
krp3EaQp3vqY7re6iBCSXDcI6LXu0niKvONil0DiYd2wmHmgvXC1/UC3fO6AM2ZF
yhKiYe6p35b3BLTlzwaQ+kJ5GalQwdVcUWa/Dl8IqDFjVFQmNi+n03Q97r4xZ09P
OUH3ecvt5SBZJ6031/mFhmnNNu8GjzW49Qy8sEv2X5imoS3Ld1bOMJs7m0s4mTzD
0ac6lRto8GPqPQ==
-----END CERTIFICATE-----