Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/4e5049-856d-4c07-8556-e18184e80258/1/tRm7YH6Ot267nMsgIsxkbDzOC2A.mft
File:                     tRm7YH6Ot267nMsgIsxkbDzOC2A.mft (raw, json)
Hash identifier:          TXWmtkgSkqWdie50x6UkNEUuiqdy3ENLVXNELvQoaG4=
Subject key identifier:   7A:EC:70:5D:8A:68:25:0E:08:3B:87:D9:77:84:4F:57:AF:21:A9:91
Authority key identifier: B5:19:BB:60:7E:8E:B7:6E:BB:9C:CB:20:22:CC:64:6C:3C:CE:0B:60
Certificate issuer:       /CN=b519bb607e8eb76ebb9ccb2022cc646c3cce0b60
Certificate serial:       01976961580F1DECBE87C181E132610605B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tRm7YH6Ot267nMsgIsxkbDzOC2A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/4e5049-856d-4c07-8556-e18184e80258/1/tRm7YH6Ot267nMsgIsxkbDzOC2A.mft
Manifest number:          1589
Signing time:             Fri 13 Jun 2025 13:01:16 +0000
Manifest this update:     Fri 13 Jun 2025 13:01:16 +0000
Manifest next update:     Sat 14 Jun 2025 13:01:16 +0000
Files and hashes:         1: tRm7YH6Ot267nMsgIsxkbDzOC2A.crl (hash: aT433qHkBJNlP+10KUH7htfNv96XHwsCc5oYi5PEN3g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b8/4e5049-856d-4c07-8556-e18184e80258/1/tRm7YH6Ot267nMsgIsxkbDzOC2A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b8/4e5049-856d-4c07-8556-e18184e80258/1/tRm7YH6Ot267nMsgIsxkbDzOC2A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tRm7YH6Ot267nMsgIsxkbDzOC2A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:61:58:0f:1d:ec:be:87:c1:81:e1:32:61:06:05:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b519bb607e8eb76ebb9ccb2022cc646c3cce0b60
        Validity
            Not Before: Jun 13 13:01:16 2025 GMT
            Not After : Jun 14 13:01:16 2025 GMT
        Subject: CN=7aec705d8a68250e083b87d977844f57af21a991
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:dd:eb:bb:69:6d:94:44:e5:a1:76:92:5d:19:
                    a8:e1:59:12:1a:a7:97:6e:d1:c1:93:a5:49:89:9d:
                    9f:3e:4d:f4:23:e6:72:1e:4f:e7:03:93:47:f3:77:
                    12:be:60:b6:bb:46:97:de:ec:0a:fa:59:6a:60:93:
                    f0:5a:80:50:3c:ee:6a:eb:d0:ca:da:7e:76:b6:90:
                    7d:4a:49:d7:e8:46:a4:c5:df:a4:b1:62:75:c4:20:
                    7e:19:8b:92:c6:98:76:41:48:7b:ef:71:06:c6:86:
                    d5:b9:09:54:77:af:a9:9b:0e:f4:ae:6a:b6:68:0a:
                    55:9b:25:50:8e:bc:61:80:a5:8f:a8:fa:56:0c:9e:
                    b6:10:7a:15:c7:d7:03:75:18:0e:f0:45:33:bf:57:
                    58:d0:35:e8:c7:2e:24:46:c8:f1:95:ec:86:b1:ca:
                    a2:aa:45:64:1f:8b:db:52:08:26:02:13:08:ec:98:
                    b3:b7:df:91:66:1c:b6:fc:3f:39:a7:5c:bb:3f:74:
                    ba:a9:9d:9f:07:b0:34:76:32:1a:ba:0e:f2:fe:21:
                    ae:b4:68:7d:95:76:9d:2d:de:35:81:5f:24:51:f9:
                    8c:12:a4:6f:2a:e4:f6:21:dd:07:1a:76:b3:07:d3:
                    7c:09:dd:27:d1:04:f4:a0:b7:9f:df:05:8d:d3:06:
                    9a:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:EC:70:5D:8A:68:25:0E:08:3B:87:D9:77:84:4F:57:AF:21:A9:91
            X509v3 Authority Key Identifier:
                keyid:B5:19:BB:60:7E:8E:B7:6E:BB:9C:CB:20:22:CC:64:6C:3C:CE:0B:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tRm7YH6Ot267nMsgIsxkbDzOC2A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4e5049-856d-4c07-8556-e18184e80258/1/tRm7YH6Ot267nMsgIsxkbDzOC2A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4e5049-856d-4c07-8556-e18184e80258/1/tRm7YH6Ot267nMsgIsxkbDzOC2A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:75:47:bd:4b:15:1f:b1:5a:dc:a8:c5:50:04:f6:e9:e9:7e:
         43:fd:93:c9:63:b6:ae:24:1f:6e:6c:3e:96:2b:8d:c5:dc:a1:
         be:6d:d3:e8:c5:37:f0:5a:2d:9f:ce:66:f2:e1:c4:70:27:37:
         15:8f:15:14:34:1e:cf:15:17:9d:b7:80:63:d8:50:c3:6d:2b:
         cd:28:b5:1c:9d:09:0f:98:bd:8c:e0:86:1b:f9:89:df:71:27:
         3a:65:85:49:3c:74:da:39:e2:81:e0:92:f4:c5:1a:82:12:52:
         50:6b:e7:66:04:f4:40:f0:a7:e9:97:4d:ec:28:ee:fa:79:42:
         e4:6c:28:8b:27:e5:2a:47:e4:d2:81:48:a8:48:f7:8f:dc:2e:
         8f:8b:d1:56:57:a5:4f:a7:07:52:87:1c:ce:70:4f:4f:55:ff:
         7b:a7:f7:78:c7:45:c6:3b:66:72:54:93:cd:f8:30:9a:5c:f2:
         ef:a3:c3:8e:a8:39:37:47:6c:83:03:94:bf:37:70:a4:29:75:
         90:ee:70:98:89:9f:52:d8:4c:7f:56:38:d0:ef:9b:c4:b3:4a:
         b2:c1:7a:2b:ee:a8:15:85:a7:36:17:cd:d7:43:f7:c3:15:6f:
         9e:43:c6:38:6d:ca:28:9a:18:2a:6c:79:14:2d:c1:a4:9b:7c:
         ff:22:39:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpYVgPHey+h8GB4TJhBgWzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MTliYjYwN2U4ZWI3NmViYjljY2IyMDIyY2M2NDZjM2Nj
ZTBiNjAwHhcNMjUwNjEzMTMwMTE2WhcNMjUwNjE0MTMwMTE2WjAzMTEwLwYDVQQD
Eyg3YWVjNzA1ZDhhNjgyNTBlMDgzYjg3ZDk3Nzg0NGY1N2FmMjFhOTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp93ru2ltlETloXaSXRmo4VkSGqeX
btHBk6VJiZ2fPk30I+ZyHk/nA5NH83cSvmC2u0aX3uwK+llqYJPwWoBQPO5q69DK
2n52tpB9SknX6Eakxd+ksWJ1xCB+GYuSxph2QUh773EGxobVuQlUd6+pmw70rmq2
aApVmyVQjrxhgKWPqPpWDJ62EHoVx9cDdRgO8EUzv1dY0DXoxy4kRsjxleyGscqi
qkVkH4vbUggmAhMI7Jizt9+RZhy2/D85p1y7P3S6qZ2fB7A0djIaug7y/iGutGh9
lXadLd41gV8kUfmMEqRvKuT2Id0HGnazB9N8Cd0n0QT0oLef3wWN0waa5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHrscF2KaCUOCDuH2XeET1evIamRMB8GA1UdIwQY
MBaAFLUZu2B+jrduu5zLICLMZGw8zgtgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFJtN1lINk90MjY3bk1zZ0lzeGtiRHpPQzJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80ZTUwNDktODU2ZC00YzA3LTg1NTYt
ZTE4MTg0ZTgwMjU4LzEvdFJtN1lINk90MjY3bk1zZ0lzeGtiRHpPQzJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80ZTUwNDktODU2ZC00YzA3LTg1NTYtZTE4MTg0ZTgwMjU4
LzEvdFJtN1lINk90MjY3bk1zZ0lzeGtiRHpPQzJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAInVHvUsV
H7Fa3KjFUAT26el+Q/2TyWO2riQfbmw+liuNxdyhvm3T6MU38Fotn85m8uHEcCc3
FY8VFDQezxUXnbeAY9hQw20rzSi1HJ0JD5i9jOCGG/mJ33EnOmWFSTx02jnigeCS
9MUaghJSUGvnZgT0QPCn6ZdN7Cju+nlC5GwoiyflKkfk0oFIqEj3j9wuj4vRVlel
T6cHUoccznBPT1X/e6f3eMdFxjtmclSTzfgwmlzy76PDjqg5N0dsgwOUvzdwpCl1
kO5wmImfUthMf1Y40O+bxLNKssF6K+6oFYWnNhfN10P3wxVvnkPGOG3KKJoYKmx5
FC3BpJt8/yI5cw==
-----END CERTIFICATE-----