Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft
File:                     d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft (raw, json)
Hash identifier:          s+sJ7bWLI4oyyPWA2Fev6V3wZWYdfVmJnWSmzAl/9oY=
Subject key identifier:   99:53:25:C3:13:3E:4E:A2:8A:D2:B0:76:C0:C9:9A:6F:7B:94:25:EE
Authority key identifier: 77:63:E4:7F:C8:50:AC:C8:FF:DA:06:E3:DA:23:A4:A4:44:C2:D6:FC
Certificate issuer:       /CN=7763e47fc850acc8ffda06e3da23a4a444c2d6fc
Certificate serial:       0198530D9F8355132299A9AFB80D9B3C0DA9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d2Pkf8hQrMj_2gbj2iOkpETC1vw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft
Manifest number:          082F
Signing time:             Mon 28 Jul 2025 22:00:58 +0000
Manifest this update:     Mon 28 Jul 2025 22:00:58 +0000
Manifest next update:     Tue 29 Jul 2025 22:00:58 +0000
Files and hashes:         1: d2Pkf8hQrMj_2gbj2iOkpETC1vw.crl (hash: t/5A1p99pqQ4o3EPuxlgzxHkm212gyiV8pZ+9gM4BYc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/d2Pkf8hQrMj_2gbj2iOkpETC1vw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Jul 2025 22:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:53:0d:9f:83:55:13:22:99:a9:af:b8:0d:9b:3c:0d:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7763e47fc850acc8ffda06e3da23a4a444c2d6fc
        Validity
            Not Before: Jul 28 22:00:58 2025 GMT
            Not After : Jul 29 22:00:58 2025 GMT
        Subject: CN=995325c3133e4ea28ad2b076c0c99a6f7b9425ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:e5:04:66:82:c4:e6:1f:69:4d:0c:48:6f:ac:
                    df:8d:7a:b9:ee:fa:60:b4:45:68:13:39:dc:10:53:
                    d5:49:d7:e1:f8:24:b4:1f:2f:03:5d:d0:6b:be:42:
                    22:a8:8f:9a:dd:e4:a1:46:20:30:85:47:a8:68:89:
                    bf:08:dc:14:28:24:eb:74:10:e5:43:5f:b5:28:e2:
                    3a:4c:4d:66:f3:8b:8d:7b:a1:29:62:0a:16:d2:e3:
                    a0:d8:f2:a6:09:14:cb:a4:59:f5:66:96:91:b3:88:
                    6e:1f:5e:8d:c1:c9:41:20:9d:c3:4c:2a:92:60:dd:
                    65:7f:8c:a7:50:22:4a:28:82:e0:b5:0c:9e:85:24:
                    d2:b5:ac:e4:a9:d0:63:cb:43:0b:ad:e2:e5:43:d1:
                    9f:df:27:bf:77:9e:1b:50:34:4d:06:84:36:1f:cc:
                    aa:cf:ba:2f:43:e4:c5:99:08:d4:ff:c0:b0:dc:a9:
                    bf:27:3b:f7:21:bb:42:39:a5:de:be:56:a5:75:ac:
                    f0:8d:af:f6:d3:f9:ed:94:91:1b:3a:ce:4d:ab:d8:
                    41:02:34:86:b8:86:a1:ed:ee:de:8c:d6:5d:91:73:
                    14:2d:3b:93:85:b0:f7:08:88:e5:54:b3:dd:c5:39:
                    39:47:7f:41:4d:de:70:e9:d7:9c:67:58:8d:3f:30:
                    86:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:53:25:C3:13:3E:4E:A2:8A:D2:B0:76:C0:C9:9A:6F:7B:94:25:EE
            X509v3 Authority Key Identifier:
                keyid:77:63:E4:7F:C8:50:AC:C8:FF:DA:06:E3:DA:23:A4:A4:44:C2:D6:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2Pkf8hQrMj_2gbj2iOkpETC1vw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:8c:a2:d5:e9:4b:cf:1f:bf:0c:c7:8e:93:46:09:bb:cf:91:
         80:b8:94:ec:cf:db:20:0d:82:1e:11:cd:12:89:bc:ff:a6:28:
         fb:fd:35:bb:e6:f2:b4:c4:d9:5d:42:c0:16:d3:36:17:0b:57:
         c6:7c:67:6a:5d:ed:67:16:17:9a:07:36:20:0b:70:e0:1b:81:
         11:0f:df:59:0d:65:22:8a:cb:51:8f:0f:b2:a9:60:55:30:ff:
         25:09:db:4f:a0:06:cb:c6:df:f2:72:35:4f:a9:ef:3f:ad:27:
         21:34:a0:fb:3c:3c:5b:1c:97:74:fc:45:20:79:f3:fe:82:b3:
         94:b2:8b:7d:30:d5:d4:49:a3:f3:22:0d:aa:51:3f:59:5a:ac:
         9e:4f:c9:3d:12:04:ff:2f:c6:fa:c3:27:93:49:fd:5d:50:dd:
         75:6a:a0:64:88:e4:91:38:2b:03:f8:8a:dd:99:bf:39:b8:e3:
         b9:c4:8b:ee:48:d0:6c:46:e1:ae:13:01:92:88:bf:f6:b2:41:
         3f:27:15:b1:fe:a9:d5:4a:a4:70:0b:55:67:e2:31:70:b4:96:
         08:b8:96:e8:94:de:cb:1e:ea:34:17:47:37:1d:69:f9:3c:70:
         6b:65:a2:a6:16:01:72:5d:db:5a:a9:3a:81:da:0a:46:ff:24:
         79:d4:7e:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhTDZ+DVRMimamvuA2bPA2pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3NjNlNDdmYzg1MGFjYzhmZmRhMDZlM2RhMjNhNGE0NDRj
MmQ2ZmMwHhcNMjUwNzI4MjIwMDU4WhcNMjUwNzI5MjIwMDU4WjAzMTEwLwYDVQQD
Eyg5OTUzMjVjMzEzM2U0ZWEyOGFkMmIwNzZjMGM5OWE2ZjdiOTQyNWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwOUEZoLE5h9pTQxIb6zfjXq57vpg
tEVoEzncEFPVSdfh+CS0Hy8DXdBrvkIiqI+a3eShRiAwhUeoaIm/CNwUKCTrdBDl
Q1+1KOI6TE1m84uNe6EpYgoW0uOg2PKmCRTLpFn1ZpaRs4huH16NwclBIJ3DTCqS
YN1lf4ynUCJKKILgtQyehSTStazkqdBjy0MLreLlQ9Gf3ye/d54bUDRNBoQ2H8yq
z7ovQ+TFmQjU/8Cw3Km/Jzv3IbtCOaXevlaldazwja/20/ntlJEbOs5Nq9hBAjSG
uIah7e7ejNZdkXMULTuThbD3CIjlVLPdxTk5R39BTd5w6decZ1iNPzCGbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJlTJcMTPk6iitKwdsDJmm97lCXuMB8GA1UdIwQY
MBaAFHdj5H/IUKzI/9oG49ojpKREwtb8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDJQa2Y4aFFyTWpfMmdiajJpT2twRVRDMXZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9hYWJiNWYtNzJmMi00OTI4LTkyYTkt
MmZmOWQ0MmVlMjEzLzEvZDJQa2Y4aFFyTWpfMmdiajJpT2twRVRDMXZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9hYWJiNWYtNzJmMi00OTI4LTkyYTktMmZmOWQ0MmVlMjEz
LzEvZDJQa2Y4aFFyTWpfMmdiajJpT2twRVRDMXZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVoyi1elL
zx+/DMeOk0YJu8+RgLiU7M/bIA2CHhHNEom8/6Yo+/01u+bytMTZXULAFtM2FwtX
xnxnal3tZxYXmgc2IAtw4BuBEQ/fWQ1lIorLUY8PsqlgVTD/JQnbT6AGy8bf8nI1
T6nvP60nITSg+zw8WxyXdPxFIHnz/oKzlLKLfTDV1Emj8yINqlE/WVqsnk/JPRIE
/y/G+sMnk0n9XVDddWqgZIjkkTgrA/iK3Zm/ObjjucSL7kjQbEbhrhMBkoi/9rJB
PycVsf6p1UqkcAtVZ+IxcLSWCLiW6JTeyx7qNBdHNx1p+Txwa2WiphYBcl3bWqk6
gdoKRv8kedR+zQ==
-----END CERTIFICATE-----