Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/20cfa4-e08b-4b70-9362-97dc7b535b1d/1/JfgKOI5PDiZBTOq-q036hBkdgUA.mft
File:                     JfgKOI5PDiZBTOq-q036hBkdgUA.mft (raw, json)
Hash identifier:          jnCTIXLUtFsb4RtevVIgX8cTagYmZG+ew3e59IaczZI=
Subject key identifier:   E2:E3:A3:1A:82:7A:77:F3:13:BB:6D:DE:56:17:94:CC:C3:09:64:98
Authority key identifier: 25:F8:0A:38:8E:4F:0E:26:41:4C:EA:BE:AB:4D:FA:84:19:1D:81:40
Certificate issuer:       /CN=25f80a388e4f0e26414ceabeab4dfa84191d8140
Certificate serial:       01987C09C5FA6865FDCB3C039B3B1DFA4F7D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JfgKOI5PDiZBTOq-q036hBkdgUA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/20cfa4-e08b-4b70-9362-97dc7b535b1d/1/JfgKOI5PDiZBTOq-q036hBkdgUA.mft
Manifest number:          1523
Signing time:             Tue 05 Aug 2025 21:01:11 +0000
Manifest this update:     Tue 05 Aug 2025 21:01:11 +0000
Manifest next update:     Wed 06 Aug 2025 21:01:11 +0000
Files and hashes:         1: JfgKOI5PDiZBTOq-q036hBkdgUA.crl (hash: Y6TpVVo6QNOEQz0/6bevsnuNS/8sPCt0djqxZSlliJs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/20cfa4-e08b-4b70-9362-97dc7b535b1d/1/JfgKOI5PDiZBTOq-q036hBkdgUA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/20cfa4-e08b-4b70-9362-97dc7b535b1d/1/JfgKOI5PDiZBTOq-q036hBkdgUA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JfgKOI5PDiZBTOq-q036hBkdgUA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 06 Aug 2025 14:37:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7c:09:c5:fa:68:65:fd:cb:3c:03:9b:3b:1d:fa:4f:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25f80a388e4f0e26414ceabeab4dfa84191d8140
        Validity
            Not Before: Aug  5 21:01:11 2025 GMT
            Not After : Aug  6 21:01:11 2025 GMT
        Subject: CN=e2e3a31a827a77f313bb6dde561794ccc3096498
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:19:05:4d:5f:3b:c9:58:74:6c:d7:11:f7:8d:
                    ca:ba:8b:66:94:4a:5e:49:81:93:2a:62:b0:77:8c:
                    72:a9:27:42:25:92:64:a4:98:9e:2f:19:ff:ec:bf:
                    47:70:63:c3:09:59:95:8e:ef:c8:6c:14:b8:a8:ff:
                    4c:e1:d7:7f:ad:47:c2:7a:70:fc:8d:f6:8b:5c:fa:
                    1e:ec:bb:73:7b:7a:f3:d3:67:72:fd:45:50:2b:3d:
                    6d:30:8f:e1:42:ad:18:2f:6a:c3:53:98:44:c2:17:
                    ba:c0:79:c1:70:86:6d:cf:e9:78:82:24:95:8e:5c:
                    84:3e:aa:21:c1:fd:e3:63:81:b0:b1:7c:5d:d0:d1:
                    e0:49:91:a1:2e:e8:73:49:56:90:11:03:bd:a4:91:
                    cd:17:a6:5b:ad:af:f2:8e:d0:08:fb:f2:24:d5:b9:
                    f6:75:cc:a9:e4:2e:86:b3:af:63:47:06:92:24:7c:
                    f3:4a:b1:6d:b4:76:b6:3d:c5:a6:04:d2:a5:d3:81:
                    e3:8d:1f:8e:8a:46:7e:d2:ef:42:e7:25:14:03:a9:
                    ab:bc:05:0b:74:c9:0d:cd:40:f5:4e:89:11:cf:a3:
                    34:18:c7:3b:ba:56:3b:6d:51:96:04:16:10:cc:b7:
                    7a:91:8a:31:99:16:fc:12:fe:80:91:55:cb:25:1d:
                    57:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:E3:A3:1A:82:7A:77:F3:13:BB:6D:DE:56:17:94:CC:C3:09:64:98
            X509v3 Authority Key Identifier:
                keyid:25:F8:0A:38:8E:4F:0E:26:41:4C:EA:BE:AB:4D:FA:84:19:1D:81:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JfgKOI5PDiZBTOq-q036hBkdgUA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/20cfa4-e08b-4b70-9362-97dc7b535b1d/1/JfgKOI5PDiZBTOq-q036hBkdgUA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/20cfa4-e08b-4b70-9362-97dc7b535b1d/1/JfgKOI5PDiZBTOq-q036hBkdgUA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:f6:0b:8f:24:64:a4:ca:5f:81:51:32:08:d1:12:9b:89:ac:
         3b:04:0a:5f:61:f5:d9:a0:68:a2:c3:f9:79:a2:cf:b9:8a:62:
         de:89:74:f2:6b:ff:95:73:71:e4:a8:c3:2a:a6:c3:84:7d:7c:
         c6:8e:67:76:89:c5:1a:0c:5a:2a:fa:da:bd:1b:a1:9f:c0:d0:
         df:74:c4:17:07:a2:96:38:78:b4:ec:06:9f:33:2c:73:0b:6e:
         12:9b:86:b1:e9:e1:3d:bd:87:48:66:3f:84:e5:14:2e:da:68:
         cd:6b:9c:cb:34:fa:df:4a:ac:9f:0d:9e:38:7f:bf:31:e2:8d:
         b8:f8:ed:99:c0:10:4a:a9:aa:35:bf:74:56:35:87:8a:1d:8f:
         19:17:aa:20:d5:53:29:fb:a6:84:ef:ea:a5:ee:2d:66:91:bb:
         66:34:a4:50:f0:ca:6e:31:a7:24:de:bb:ad:89:c6:8a:77:42:
         19:09:c8:86:16:1c:f3:49:af:eb:be:4b:b1:e4:fa:e2:0b:39:
         56:94:06:9d:d4:8a:9f:f7:7e:02:48:db:81:4d:5e:d5:b6:27:
         e7:62:5e:12:dc:1a:f1:c2:5c:ce:ca:ad:ed:b3:71:37:40:91:
         2f:ba:d4:ab:9f:20:77:15:2b:86:bb:74:06:cd:cd:4f:9b:4e:
         d7:97:04:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh8CcX6aGX9yzwDmzsd+k99MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZjgwYTM4OGU0ZjBlMjY0MTRjZWFiZWFiNGRmYTg0MTkx
ZDgxNDAwHhcNMjUwODA1MjEwMTExWhcNMjUwODA2MjEwMTExWjAzMTEwLwYDVQQD
EyhlMmUzYTMxYTgyN2E3N2YzMTNiYjZkZGU1NjE3OTRjY2MzMDk2NDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBkFTV87yVh0bNcR943KuotmlEpe
SYGTKmKwd4xyqSdCJZJkpJieLxn/7L9HcGPDCVmVju/IbBS4qP9M4dd/rUfCenD8
jfaLXPoe7Ltze3rz02dy/UVQKz1tMI/hQq0YL2rDU5hEwhe6wHnBcIZtz+l4giSV
jlyEPqohwf3jY4GwsXxd0NHgSZGhLuhzSVaQEQO9pJHNF6Zbra/yjtAI+/Ik1bn2
dcyp5C6Gs69jRwaSJHzzSrFttHa2PcWmBNKl04HjjR+OikZ+0u9C5yUUA6mrvAUL
dMkNzUD1TokRz6M0GMc7ulY7bVGWBBYQzLd6kYoxmRb8Ev6AkVXLJR1X0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOLjoxqCenfzE7tt3lYXlMzDCWSYMB8GA1UdIwQY
MBaAFCX4CjiOTw4mQUzqvqtN+oQZHYFAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmZnS09JNVBEaVpCVE9xLXEwMzZoQmtkZ1VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8yMGNmYTQtZTA4Yi00YjcwLTkzNjIt
OTdkYzdiNTM1YjFkLzEvSmZnS09JNVBEaVpCVE9xLXEwMzZoQmtkZ1VBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8yMGNmYTQtZTA4Yi00YjcwLTkzNjItOTdkYzdiNTM1YjFk
LzEvSmZnS09JNVBEaVpCVE9xLXEwMzZoQmtkZ1VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcPYLjyRk
pMpfgVEyCNESm4msOwQKX2H12aBoosP5eaLPuYpi3ol08mv/lXNx5KjDKqbDhH18
xo5ndonFGgxaKvravRuhn8DQ33TEFweiljh4tOwGnzMscwtuEpuGsenhPb2HSGY/
hOUULtpozWucyzT630qsnw2eOH+/MeKNuPjtmcAQSqmqNb90VjWHih2PGReqINVT
KfumhO/qpe4tZpG7ZjSkUPDKbjGnJN67rYnGindCGQnIhhYc80mv675LseT64gs5
VpQGndSKn/d+AkjbgU1e1bYn52JeEtwa8cJczsqt7bNxN0CRL7rUq58gdxUrhrt0
Bs3NT5tO15cEkw==
-----END CERTIFICATE-----