Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.mft
File:                     aEdQ3w66d01LTWROyOM1CPj1OP4.mft (raw, json)
Hash identifier:          9bvDvvi7DPEOa4Qdx0wzlJr6W/WE1ngAlHynv1xpLJ0=
Subject key identifier:   2F:28:E5:28:12:7B:39:A7:CA:D6:05:D9:82:37:AC:50:03:4F:83:12
Authority key identifier: 68:47:50:DF:0E:BA:77:4D:4B:4D:64:4E:C8:E3:35:08:F8:F5:38:FE
Certificate issuer:       /CN=684750df0eba774d4b4d644ec8e33508f8f538fe
Certificate serial:       01987E2E9CBA9D8B14F9BEF12AED38BDDDA7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aEdQ3w66d01LTWROyOM1CPj1OP4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.mft
Manifest number:          06C5
Signing time:             Wed 06 Aug 2025 07:00:40 +0000
Manifest this update:     Wed 06 Aug 2025 07:00:40 +0000
Manifest next update:     Thu 07 Aug 2025 07:00:40 +0000
Files and hashes:         1: aEdQ3w66d01LTWROyOM1CPj1OP4.crl (hash: dlo2qKJg0q+cWBfZw48bNw8lWfeAeSA75lKr0bl2Zp8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aEdQ3w66d01LTWROyOM1CPj1OP4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 07:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7e:2e:9c:ba:9d:8b:14:f9:be:f1:2a:ed:38:bd:dd:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=684750df0eba774d4b4d644ec8e33508f8f538fe
        Validity
            Not Before: Aug  6 07:00:40 2025 GMT
            Not After : Aug  7 07:00:40 2025 GMT
        Subject: CN=2f28e528127b39a7cad605d98237ac50034f8312
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:50:76:81:75:fe:04:58:d3:75:fd:7f:34:7f:
                    e6:82:53:54:e1:e8:76:2f:60:3d:bc:9d:9c:53:3c:
                    c1:42:d6:54:99:5c:8f:53:83:ec:84:92:ec:15:f0:
                    51:eb:30:88:a3:f2:51:b7:13:e0:ca:28:49:29:58:
                    f3:04:ba:c3:8a:46:f2:2b:7e:96:dd:4b:06:ce:35:
                    05:63:62:69:30:48:97:8e:ca:06:99:fa:9b:e5:e3:
                    51:66:fb:0d:1c:39:86:88:5f:80:d2:4c:51:b0:d4:
                    61:a3:d1:f9:71:1e:0e:a5:25:5d:00:ae:9c:71:78:
                    75:c6:af:61:04:db:dd:83:55:5c:b8:60:3c:a5:bf:
                    de:e8:cb:85:92:6f:1c:f7:e2:9f:aa:df:24:2e:cd:
                    4a:83:34:c7:7a:9a:c7:24:72:31:a9:b0:f0:04:c4:
                    40:44:c5:6a:20:0d:cf:79:29:05:65:d9:f3:b3:3e:
                    cf:cd:c2:e1:7e:29:df:5a:06:d1:e2:0b:58:81:53:
                    01:9e:90:94:62:b7:af:99:1a:0a:3b:f6:0e:e0:66:
                    17:d4:a6:d6:ea:74:3e:50:1a:38:09:5a:dc:3e:a3:
                    6d:c4:13:5d:aa:fd:c6:23:e1:92:33:94:83:d6:bf:
                    e7:6e:64:08:f7:7f:c2:68:2a:a7:9b:05:9d:22:89:
                    ba:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:28:E5:28:12:7B:39:A7:CA:D6:05:D9:82:37:AC:50:03:4F:83:12
            X509v3 Authority Key Identifier:
                keyid:68:47:50:DF:0E:BA:77:4D:4B:4D:64:4E:C8:E3:35:08:F8:F5:38:FE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aEdQ3w66d01LTWROyOM1CPj1OP4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6b:dc:ca:c0:db:36:62:40:a1:80:2f:db:7a:d5:78:47:53:6a:
         c4:12:59:72:38:bd:f6:52:ab:fa:01:36:54:59:3c:e9:e2:6f:
         38:73:f1:30:77:15:74:75:ed:4f:07:c1:ad:e5:45:54:fc:03:
         1b:ce:aa:3b:ee:d4:91:72:dd:02:1e:81:d9:b8:86:ab:12:ba:
         e9:7c:85:06:26:90:96:89:4f:b4:06:dd:3a:93:34:e8:76:8c:
         8e:b1:c1:e7:51:d9:b2:97:4d:de:bb:71:17:8a:1c:01:26:0a:
         e8:91:b9:77:2b:51:19:41:2e:2c:1b:85:f7:c7:76:01:74:40:
         2f:29:b1:51:e1:a9:db:dd:e4:bc:cf:fc:88:b6:72:74:c6:35:
         c1:b7:b7:85:6a:09:78:f4:15:1f:2c:d9:1d:90:c3:c0:c7:92:
         05:26:2d:79:93:a1:45:73:e2:a7:3e:7b:ed:08:f1:0c:ac:9f:
         8d:e8:16:02:bd:7f:3e:87:85:19:34:09:11:b8:09:02:8c:83:
         52:c9:92:c8:e3:f1:85:a9:de:5e:14:90:19:36:ed:71:18:86:
         23:01:74:84:eb:d2:de:3c:4d:d2:23:56:d4:95:ee:74:70:7f:
         e6:83:b0:48:d4:64:4c:e4:fe:e2:e3:db:35:51:7e:c0:17:74:
         2b:9b:9a:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh+Lpy6nYsU+b7xKu04vd2nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NDc1MGRmMGViYTc3NGQ0YjRkNjQ0ZWM4ZTMzNTA4Zjhm
NTM4ZmUwHhcNMjUwODA2MDcwMDQwWhcNMjUwODA3MDcwMDQwWjAzMTEwLwYDVQQD
EygyZjI4ZTUyODEyN2IzOWE3Y2FkNjA1ZDk4MjM3YWM1MDAzNGY4MzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjVB2gXX+BFjTdf1/NH/mglNU4eh2
L2A9vJ2cUzzBQtZUmVyPU4PshJLsFfBR6zCIo/JRtxPgyihJKVjzBLrDikbyK36W
3UsGzjUFY2JpMEiXjsoGmfqb5eNRZvsNHDmGiF+A0kxRsNRho9H5cR4OpSVdAK6c
cXh1xq9hBNvdg1VcuGA8pb/e6MuFkm8c9+Kfqt8kLs1KgzTHeprHJHIxqbDwBMRA
RMVqIA3PeSkFZdnzsz7PzcLhfinfWgbR4gtYgVMBnpCUYrevmRoKO/YO4GYX1KbW
6nQ+UBo4CVrcPqNtxBNdqv3GI+GSM5SD1r/nbmQI93/CaCqnmwWdIom68QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC8o5SgSezmnytYF2YI3rFADT4MSMB8GA1UdIwQY
MBaAFGhHUN8OundNS01kTsjjNQj49Tj+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUVkUTN3NjZkMDFMVFdST3lPTTFDUGoxT1A0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi85OTAxZmUtNTJjMS00ZDViLTllMGYt
ZDMyNWY2ODYzMzQzLzEvYUVkUTN3NjZkMDFMVFdST3lPTTFDUGoxT1A0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi85OTAxZmUtNTJjMS00ZDViLTllMGYtZDMyNWY2ODYzMzQz
LzEvYUVkUTN3NjZkMDFMVFdST3lPTTFDUGoxT1A0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa9zKwNs2
YkChgC/betV4R1NqxBJZcji99lKr+gE2VFk86eJvOHPxMHcVdHXtTwfBreVFVPwD
G86qO+7UkXLdAh6B2biGqxK66XyFBiaQlolPtAbdOpM06HaMjrHB51HZspdN3rtx
F4ocASYK6JG5dytRGUEuLBuF98d2AXRALymxUeGp293kvM/8iLZydMY1wbe3hWoJ
ePQVHyzZHZDDwMeSBSYteZOhRXPipz577QjxDKyfjegWAr1/PoeFGTQJEbgJAoyD
UsmSyOPxhaneXhSQGTbtcRiGIwF0hOvS3jxN0iNW1JXudHB/5oOwSNRkTOT+4uPb
NVF+wBd0K5uaxA==
-----END CERTIFICATE-----