Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/7fe823-6ed7-4786-97b4-3600d02a6f0e/1/CWnLIVY-Ju22r7INHZLok6jduB0.mft
File:                     CWnLIVY-Ju22r7INHZLok6jduB0.mft (raw, json)
Hash identifier:          YFHXsU+CAGGgItEd27ACvp4nORpi1JimXBihF4KSAoU=
Subject key identifier:   1A:ED:DB:19:BB:34:50:3B:F5:4B:5F:43:94:22:CC:8C:E4:82:12:1C
Authority key identifier: 09:69:CB:21:56:3E:26:ED:B6:AF:B2:0D:1D:92:E8:93:A8:DD:B8:1D
Certificate issuer:       /CN=0969cb21563e26edb6afb20d1d92e893a8ddb81d
Certificate serial:       01987F79FEF508D8321789C8B7919B316B03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CWnLIVY-Ju22r7INHZLok6jduB0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/7fe823-6ed7-4786-97b4-3600d02a6f0e/1/CWnLIVY-Ju22r7INHZLok6jduB0.mft
Manifest number:          01CA
Signing time:             Wed 06 Aug 2025 13:02:38 +0000
Manifest this update:     Wed 06 Aug 2025 13:02:38 +0000
Manifest next update:     Thu 07 Aug 2025 13:02:38 +0000
Files and hashes:         1: CWnLIVY-Ju22r7INHZLok6jduB0.crl (hash: OYno7DlW6dLahqh/AMq3bgLtg3FVO9z9NRz5cWmSMeM=)
                          2: DyBY2wfHB6a4dl33U3SXwgLJDGU.roa (hash: WRQJvvPjJahE1qm/vBTCrYOROs7sZwpvslZhT6hCk+s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/7fe823-6ed7-4786-97b4-3600d02a6f0e/1/CWnLIVY-Ju22r7INHZLok6jduB0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/7fe823-6ed7-4786-97b4-3600d02a6f0e/1/CWnLIVY-Ju22r7INHZLok6jduB0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CWnLIVY-Ju22r7INHZLok6jduB0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 13:02:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7f:79:fe:f5:08:d8:32:17:89:c8:b7:91:9b:31:6b:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0969cb21563e26edb6afb20d1d92e893a8ddb81d
        Validity
            Not Before: Aug  6 13:02:38 2025 GMT
            Not After : Aug  7 13:02:38 2025 GMT
        Subject: CN=1aeddb19bb34503bf54b5f439422cc8ce482121c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:9e:98:81:90:91:d0:08:be:eb:53:83:28:51:
                    52:22:bf:e8:67:dd:7d:4f:35:20:f2:e2:0f:7f:e0:
                    0f:57:18:33:47:4b:78:22:c5:e5:92:d1:54:97:93:
                    76:e9:16:4d:13:be:7a:44:79:ff:2c:43:76:49:aa:
                    f7:8c:73:65:37:a3:22:68:36:21:7b:6b:78:8e:92:
                    2c:80:30:df:09:78:1a:00:a4:34:8d:20:46:fe:55:
                    ae:0b:a9:12:10:85:9f:71:4b:de:39:b1:6e:4b:76:
                    3d:27:e0:fc:41:8d:44:9a:41:db:7b:b9:c8:06:4f:
                    9f:cc:38:4e:43:06:39:d3:44:fe:79:e3:19:6f:53:
                    47:02:a8:f9:59:28:09:ce:dd:1c:a8:a0:bf:b7:19:
                    55:00:83:b0:d2:33:d7:7d:f4:03:6d:98:37:29:0a:
                    56:94:af:7e:c3:07:d5:9c:ff:20:e9:d1:84:dd:90:
                    86:7d:53:94:0e:78:17:9f:f3:26:4c:b2:a2:66:ae:
                    8b:0c:80:03:24:3d:98:68:5e:87:57:3b:19:60:d9:
                    87:33:4c:78:1b:5e:55:b9:60:a4:d3:54:86:6f:eb:
                    a8:ea:0e:7c:81:a6:85:64:14:86:2a:62:7a:ba:c7:
                    df:bd:c6:59:f0:db:79:8b:81:c5:41:25:ec:26:09:
                    c0:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:ED:DB:19:BB:34:50:3B:F5:4B:5F:43:94:22:CC:8C:E4:82:12:1C
            X509v3 Authority Key Identifier:
                keyid:09:69:CB:21:56:3E:26:ED:B6:AF:B2:0D:1D:92:E8:93:A8:DD:B8:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CWnLIVY-Ju22r7INHZLok6jduB0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/7fe823-6ed7-4786-97b4-3600d02a6f0e/1/CWnLIVY-Ju22r7INHZLok6jduB0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/7fe823-6ed7-4786-97b4-3600d02a6f0e/1/CWnLIVY-Ju22r7INHZLok6jduB0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:db:93:63:3a:6a:63:a6:e1:7b:22:06:75:63:5e:ef:cd:41:
         f3:7b:b8:7c:b5:56:51:f7:33:7c:48:f8:f4:da:9d:40:be:c9:
         cd:81:0d:8d:f4:fb:dd:ba:5c:50:4b:5f:c1:7b:47:5d:22:07:
         fc:bf:de:25:0d:0f:d6:04:26:45:4b:cc:fe:8d:ce:4e:ae:8f:
         e7:a9:71:cc:95:eb:ac:63:95:6c:5e:66:6b:28:ef:e3:95:aa:
         4b:fd:5c:a0:51:51:e9:bf:81:37:25:2d:e6:a0:24:c5:57:5f:
         f9:2c:7f:5e:70:08:22:46:b3:49:19:f9:a8:47:6a:af:4b:8d:
         29:89:fb:12:b7:5e:e0:ec:f7:e5:1d:8e:dd:26:78:8f:18:f9:
         32:36:bb:c2:d7:97:77:d7:2c:0c:ee:6a:b7:69:c3:f4:86:3c:
         25:d0:05:de:e6:aa:5f:0e:65:e6:1a:05:ff:4c:7c:1d:9b:35:
         19:40:0d:d2:b1:6d:1c:91:93:83:cd:8b:a2:07:8b:ca:b6:c5:
         41:19:d6:fc:f6:f6:88:fe:8c:22:25:c4:26:2b:49:07:de:a9:
         81:7d:ea:3c:82:5f:77:24:6b:b1:b6:c4:cb:d1:2d:b4:26:e5:
         70:9c:02:6f:29:b3:92:d3:af:f5:9d:2e:c3:d3:dc:21:e7:7b:
         5c:c3:61:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh/ef71CNgyF4nIt5GbMWsDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NjljYjIxNTYzZTI2ZWRiNmFmYjIwZDFkOTJlODkzYThk
ZGI4MWQwHhcNMjUwODA2MTMwMjM4WhcNMjUwODA3MTMwMjM4WjAzMTEwLwYDVQQD
EygxYWVkZGIxOWJiMzQ1MDNiZjU0YjVmNDM5NDIyY2M4Y2U0ODIxMjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZ6YgZCR0Ai+61ODKFFSIr/oZ919
TzUg8uIPf+APVxgzR0t4IsXlktFUl5N26RZNE756RHn/LEN2Sar3jHNlN6MiaDYh
e2t4jpIsgDDfCXgaAKQ0jSBG/lWuC6kSEIWfcUveObFuS3Y9J+D8QY1EmkHbe7nI
Bk+fzDhOQwY500T+eeMZb1NHAqj5WSgJzt0cqKC/txlVAIOw0jPXffQDbZg3KQpW
lK9+wwfVnP8g6dGE3ZCGfVOUDngXn/MmTLKiZq6LDIADJD2YaF6HVzsZYNmHM0x4
G15VuWCk01SGb+uo6g58gaaFZBSGKmJ6usffvcZZ8Nt5i4HFQSXsJgnAcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBrt2xm7NFA79UtfQ5QizIzkghIcMB8GA1UdIwQY
MBaAFAlpyyFWPibttq+yDR2S6JOo3bgdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1duTElWWS1KdTIycjdJTkhaTG9rNmpkdUIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy83ZmU4MjMtNmVkNy00Nzg2LTk3YjQt
MzYwMGQwMmE2ZjBlLzEvQ1duTElWWS1KdTIycjdJTkhaTG9rNmpkdUIwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy83ZmU4MjMtNmVkNy00Nzg2LTk3YjQtMzYwMGQwMmE2ZjBl
LzEvQ1duTElWWS1KdTIycjdJTkhaTG9rNmpkdUIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdtuTYzpq
Y6bheyIGdWNe781B83u4fLVWUfczfEj49NqdQL7JzYENjfT73bpcUEtfwXtHXSIH
/L/eJQ0P1gQmRUvM/o3OTq6P56lxzJXrrGOVbF5mayjv45WqS/1coFFR6b+BNyUt
5qAkxVdf+Sx/XnAIIkazSRn5qEdqr0uNKYn7Erde4Oz35R2O3SZ4jxj5Mja7wteX
d9csDO5qt2nD9IY8JdAF3uaqXw5l5hoF/0x8HZs1GUAN0rFtHJGTg82LogeLyrbF
QRnW/Pb2iP6MIiXEJitJB96pgX3qPIJfdyRrsbbEy9EttCblcJwCbymzktOv9Z0u
w9PcIed7XMNh3g==
-----END CERTIFICATE-----
Generated at Wed Aug 6 16:20:53 2025 by rpki-client