Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/cdc148-5703-4e91-9a8e-284036a81d90/1/itYGdkMvaHI2YskyV5qEk1IBS5U.mft
File:                     itYGdkMvaHI2YskyV5qEk1IBS5U.mft (raw, json)
Hash identifier:          GYeJIWT+uQVW/Ga6eg6USE9fEZzxsyr4q/sZ71Jm6cI=
Subject key identifier:   33:38:42:15:9A:C4:E1:34:04:EA:19:61:28:F4:B7:40:48:25:2F:D5
Authority key identifier: 8A:D6:06:76:43:2F:68:72:36:62:C9:32:57:9A:84:93:52:01:4B:95
Certificate issuer:       /CN=8ad60676432f68723662c932579a849352014b95
Certificate serial:       019880C299DA0CFB6FADC02E69CF9FB7D26B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/itYGdkMvaHI2YskyV5qEk1IBS5U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/cdc148-5703-4e91-9a8e-284036a81d90/1/itYGdkMvaHI2YskyV5qEk1IBS5U.mft
Manifest number:          07E4
Signing time:             Wed 06 Aug 2025 19:01:33 +0000
Manifest this update:     Wed 06 Aug 2025 19:01:33 +0000
Manifest next update:     Thu 07 Aug 2025 19:01:33 +0000
Files and hashes:         1: itYGdkMvaHI2YskyV5qEk1IBS5U.crl (hash: sS4PUraWzn91CRuo7OND6pXJ24nElKQiBM+16ZZ/kdI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/cdc148-5703-4e91-9a8e-284036a81d90/1/itYGdkMvaHI2YskyV5qEk1IBS5U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/cdc148-5703-4e91-9a8e-284036a81d90/1/itYGdkMvaHI2YskyV5qEk1IBS5U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/itYGdkMvaHI2YskyV5qEk1IBS5U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 19:01:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:80:c2:99:da:0c:fb:6f:ad:c0:2e:69:cf:9f:b7:d2:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8ad60676432f68723662c932579a849352014b95
        Validity
            Not Before: Aug  6 19:01:33 2025 GMT
            Not After : Aug  7 19:01:33 2025 GMT
        Subject: CN=333842159ac4e13404ea196128f4b74048252fd5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:ba:fa:60:3c:ac:b1:36:96:92:7e:88:d5:4c:
                    11:c5:f9:93:dc:7b:23:b9:8f:19:53:bd:b4:87:2e:
                    34:d2:79:db:d0:85:14:b4:79:0b:fb:fa:a7:35:64:
                    c1:02:16:ce:48:bc:e8:e6:cf:ec:64:4e:19:75:a3:
                    38:97:9a:59:3e:64:7f:03:07:1c:80:8c:92:c1:48:
                    80:97:97:2e:16:51:12:f6:19:09:e3:ae:39:69:2a:
                    9a:b3:08:29:ab:77:cb:5f:f6:28:54:b8:24:28:91:
                    54:1f:e0:cc:75:e8:05:17:8f:60:30:91:49:3d:de:
                    bb:44:67:6c:8e:91:f2:0a:6d:7a:0e:40:a9:b1:08:
                    d5:25:5a:a7:7e:4e:ea:1b:f4:4e:ce:a2:6e:a9:08:
                    32:46:4b:00:36:19:c4:4f:b6:51:cb:e0:f7:cb:74:
                    f3:6e:f2:55:a1:b9:6d:79:ef:bf:cf:3a:9e:21:a3:
                    b2:1c:e9:56:f2:97:f3:f1:fc:26:2f:02:0e:40:8d:
                    83:e5:bd:ec:66:01:34:c7:09:47:96:bb:c6:d8:4e:
                    e1:c7:43:c5:7f:ea:b4:d3:ca:3b:28:b8:19:94:a1:
                    dc:ea:e0:a0:d5:72:76:00:76:54:7c:8b:40:9b:87:
                    19:60:62:25:ad:b6:da:48:31:81:87:1d:50:0f:c4:
                    5a:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:38:42:15:9A:C4:E1:34:04:EA:19:61:28:F4:B7:40:48:25:2F:D5
            X509v3 Authority Key Identifier:
                keyid:8A:D6:06:76:43:2F:68:72:36:62:C9:32:57:9A:84:93:52:01:4B:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itYGdkMvaHI2YskyV5qEk1IBS5U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/cdc148-5703-4e91-9a8e-284036a81d90/1/itYGdkMvaHI2YskyV5qEk1IBS5U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/cdc148-5703-4e91-9a8e-284036a81d90/1/itYGdkMvaHI2YskyV5qEk1IBS5U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:c4:63:c3:16:41:b7:be:d9:c8:e0:9f:15:68:b9:6d:fb:64:
         c1:8b:99:78:29:d8:8d:e3:90:94:6c:99:aa:4a:17:90:c0:87:
         cb:2c:2d:1d:a0:98:95:42:8c:c7:1f:d5:20:11:35:9b:9f:15:
         31:ee:bc:4a:41:c2:10:9a:bc:34:cd:1b:21:1b:6d:29:fe:a4:
         8d:71:f9:bb:96:ef:e2:03:ee:30:84:87:af:54:36:28:14:07:
         83:33:a0:f8:62:31:a1:af:fd:0a:17:2f:80:13:65:71:40:80:
         15:66:f6:b3:cc:9a:8f:4b:84:49:cb:63:fe:09:09:c0:29:8a:
         63:a8:14:cc:98:ce:56:7c:96:72:4b:b7:ac:59:fd:bc:4e:bb:
         84:cb:2d:6d:85:32:cb:0f:cd:b8:6c:23:58:32:7c:82:3c:8c:
         af:b1:d9:37:9f:a4:11:ed:9f:07:07:1b:59:38:05:4b:e7:d0:
         13:20:df:1a:23:f3:af:6c:92:0d:28:e3:8f:ac:7c:07:30:b9:
         85:a7:3f:40:6a:9a:76:d5:71:6f:15:54:cc:50:4e:b6:20:17:
         1e:9c:08:70:29:16:6c:b0:8e:14:01:43:70:ae:2d:58:92:a8:
         f9:e2:43:09:5c:81:fa:fc:07:75:6c:9a:b9:38:02:99:51:f3:
         aa:dd:89:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiAwpnaDPtvrcAuac+ft9JrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZDYwNjc2NDMyZjY4NzIzNjYyYzkzMjU3OWE4NDkzNTIw
MTRiOTUwHhcNMjUwODA2MTkwMTMzWhcNMjUwODA3MTkwMTMzWjAzMTEwLwYDVQQD
EygzMzM4NDIxNTlhYzRlMTM0MDRlYTE5NjEyOGY0Yjc0MDQ4MjUyZmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurr6YDyssTaWkn6I1UwRxfmT3Hsj
uY8ZU720hy400nnb0IUUtHkL+/qnNWTBAhbOSLzo5s/sZE4ZdaM4l5pZPmR/Awcc
gIySwUiAl5cuFlES9hkJ4645aSqaswgpq3fLX/YoVLgkKJFUH+DMdegFF49gMJFJ
Pd67RGdsjpHyCm16DkCpsQjVJVqnfk7qG/ROzqJuqQgyRksANhnET7ZRy+D3y3Tz
bvJVobltee+/zzqeIaOyHOlW8pfz8fwmLwIOQI2D5b3sZgE0xwlHlrvG2E7hx0PF
f+q008o7KLgZlKHc6uCg1XJ2AHZUfItAm4cZYGIlrbbaSDGBhx1QD8Ra0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDM4QhWaxOE0BOoZYSj0t0BIJS/VMB8GA1UdIwQY
MBaAFIrWBnZDL2hyNmLJMleahJNSAUuVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXRZR2RrTXZhSEkyWXNreVY1cUVrMUlCUzVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9jZGMxNDgtNTcwMy00ZTkxLTlhOGUt
Mjg0MDM2YTgxZDkwLzEvaXRZR2RrTXZhSEkyWXNreVY1cUVrMUlCUzVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9jZGMxNDgtNTcwMy00ZTkxLTlhOGUtMjg0MDM2YTgxZDkw
LzEvaXRZR2RrTXZhSEkyWXNreVY1cUVrMUlCUzVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQMRjwxZB
t77ZyOCfFWi5bftkwYuZeCnYjeOQlGyZqkoXkMCHyywtHaCYlUKMxx/VIBE1m58V
Me68SkHCEJq8NM0bIRttKf6kjXH5u5bv4gPuMISHr1Q2KBQHgzOg+GIxoa/9Chcv
gBNlcUCAFWb2s8yaj0uESctj/gkJwCmKY6gUzJjOVnyWcku3rFn9vE67hMstbYUy
yw/NuGwjWDJ8gjyMr7HZN5+kEe2fBwcbWTgFS+fQEyDfGiPzr2ySDSjjj6x8BzC5
hac/QGqadtVxbxVUzFBOtiAXHpwIcCkWbLCOFAFDcK4tWJKo+eJDCVyB+vwHdWya
uTgCmVHzqt2JvQ==
-----END CERTIFICATE-----
Generated at Thu Aug 7 04:29:47 2025 by rpki-client