Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/8273b5-279c-4323-82dc-c257607317f3/1/_stf432FEfZ6YFMW6wlTU4_P6ec.mft
File:                     _stf432FEfZ6YFMW6wlTU4_P6ec.mft (raw, json)
Hash identifier:          OHC3gnmakDizXaDTj17vqTlWJG9yzq+S2yVZflAOS28=
Subject key identifier:   E4:F2:77:8B:31:47:08:DA:BA:54:C3:C7:55:55:A0:99:A5:67:71:29
Authority key identifier: FE:CB:5F:E3:7D:85:11:F6:7A:60:53:16:EB:09:53:53:8F:CF:E9:E7
Certificate issuer:       /CN=fecb5fe37d8511f67a605316eb0953538fcfe9e7
Certificate serial:       01984AAF0A48B3A65F5C1639D4DCA1E583AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_stf432FEfZ6YFMW6wlTU4_P6ec.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/88/8273b5-279c-4323-82dc-c257607317f3/1/_stf432FEfZ6YFMW6wlTU4_P6ec.mft
Manifest number:          0FDC
Signing time:             Sun 27 Jul 2025 07:00:42 +0000
Manifest this update:     Sun 27 Jul 2025 07:00:42 +0000
Manifest next update:     Mon 28 Jul 2025 07:00:42 +0000
Files and hashes:         1: _stf432FEfZ6YFMW6wlTU4_P6ec.crl (hash: U6F15y1clRq26bNIIldtnn1T0x2iujhXXMIKqGCDvrs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/88/8273b5-279c-4323-82dc-c257607317f3/1/_stf432FEfZ6YFMW6wlTU4_P6ec.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/88/8273b5-279c-4323-82dc-c257607317f3/1/_stf432FEfZ6YFMW6wlTU4_P6ec.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_stf432FEfZ6YFMW6wlTU4_P6ec.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 05:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:4a:af:0a:48:b3:a6:5f:5c:16:39:d4:dc:a1:e5:83:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fecb5fe37d8511f67a605316eb0953538fcfe9e7
        Validity
            Not Before: Jul 27 07:00:42 2025 GMT
            Not After : Jul 28 07:00:42 2025 GMT
        Subject: CN=e4f2778b314708daba54c3c75555a099a5677129
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:6f:34:9e:27:61:6d:ac:44:b7:36:72:e9:30:
                    a5:e3:5f:2a:33:4a:de:7f:d0:7e:74:02:e4:6a:87:
                    47:e9:c7:90:be:d2:bd:74:56:5b:20:c3:a2:d0:56:
                    91:28:7d:af:24:bb:fb:e2:b3:8a:85:36:f8:3f:52:
                    12:22:86:f4:91:82:48:7b:9e:b5:1f:48:a6:85:28:
                    48:fc:24:18:15:dc:51:7b:ee:90:6c:5d:0e:b8:d3:
                    aa:18:e6:d2:5d:c8:1c:49:b0:ba:f5:8a:a6:d1:2c:
                    f4:59:8e:ae:f8:74:cc:97:c7:5b:92:b4:1f:b7:ec:
                    60:ed:23:66:09:e0:8b:77:70:9e:c4:9c:b5:ae:56:
                    c3:2d:38:e1:12:18:56:59:9a:67:51:c3:8e:31:31:
                    24:4f:23:a8:6b:ee:7d:e9:57:fc:1a:bc:8a:8c:b3:
                    20:56:40:2a:0a:ab:00:fa:19:fa:a5:9f:74:2e:97:
                    72:e6:2c:77:cc:75:cd:23:48:d9:73:e3:f5:ac:43:
                    ec:73:64:0e:40:41:68:d7:40:1d:c4:61:46:46:1a:
                    20:00:81:f1:c5:b2:e6:df:07:f8:63:af:d1:cc:0d:
                    76:87:f9:af:33:72:f1:88:ca:c5:51:b4:16:eb:9d:
                    21:4e:9f:04:ac:63:e4:c9:9c:7d:80:73:70:31:da:
                    7e:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:F2:77:8B:31:47:08:DA:BA:54:C3:C7:55:55:A0:99:A5:67:71:29
            X509v3 Authority Key Identifier:
                keyid:FE:CB:5F:E3:7D:85:11:F6:7A:60:53:16:EB:09:53:53:8F:CF:E9:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_stf432FEfZ6YFMW6wlTU4_P6ec.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/8273b5-279c-4323-82dc-c257607317f3/1/_stf432FEfZ6YFMW6wlTU4_P6ec.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/88/8273b5-279c-4323-82dc-c257607317f3/1/_stf432FEfZ6YFMW6wlTU4_P6ec.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:5c:66:dd:90:6c:62:16:14:60:89:cc:41:30:c9:d0:f6:67:
         ed:94:07:40:45:9d:78:e2:72:36:34:23:7b:27:77:7a:f4:37:
         06:69:1d:23:e7:11:d5:bb:fa:d6:a4:9f:1d:3c:41:d2:a4:bf:
         e9:05:c5:40:5e:56:23:08:b7:79:a2:20:85:a4:4e:39:82:00:
         0b:54:af:71:ef:53:a2:23:33:da:91:07:d9:a4:cf:dd:b1:72:
         d2:dd:55:52:fe:6e:6c:75:74:25:a4:40:6b:8e:9d:e3:79:62:
         cd:3a:f4:a2:49:f4:8e:ba:cc:92:e8:87:4a:b5:38:05:0f:b4:
         f0:b6:dd:92:7f:18:50:c6:9a:6b:81:99:70:9b:06:24:f8:0f:
         1f:5a:14:ac:bb:d8:8a:3b:1a:34:bb:23:5e:bf:1f:31:92:03:
         da:0c:61:31:b9:ca:ee:70:ad:22:b5:5a:af:cf:b3:25:b9:dd:
         9e:c2:8e:21:f4:9f:21:84:9e:4d:52:2c:8e:1d:75:62:0f:d7:
         05:ed:c9:ab:f4:c3:d5:82:f9:39:24:77:bf:c1:1c:e9:61:69:
         a5:9d:fd:02:e5:22:22:bc:c4:2d:35:a6:a0:5a:83:07:1a:16:
         77:b1:ba:e6:54:51:42:5a:ff:09:5e:e7:cd:c4:82:45:e0:ee:
         9b:9c:42:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhKrwpIs6ZfXBY51Nyh5YOrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlY2I1ZmUzN2Q4NTExZjY3YTYwNTMxNmViMDk1MzUzOGZj
ZmU5ZTcwHhcNMjUwNzI3MDcwMDQyWhcNMjUwNzI4MDcwMDQyWjAzMTEwLwYDVQQD
EyhlNGYyNzc4YjMxNDcwOGRhYmE1NGMzYzc1NTU1YTA5OWE1Njc3MTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmG80nidhbaxEtzZy6TCl418qM0re
f9B+dALkaodH6ceQvtK9dFZbIMOi0FaRKH2vJLv74rOKhTb4P1ISIob0kYJIe561
H0imhShI/CQYFdxRe+6QbF0OuNOqGObSXcgcSbC69Yqm0Sz0WY6u+HTMl8dbkrQf
t+xg7SNmCeCLd3CexJy1rlbDLTjhEhhWWZpnUcOOMTEkTyOoa+596Vf8GryKjLMg
VkAqCqsA+hn6pZ90Lpdy5ix3zHXNI0jZc+P1rEPsc2QOQEFo10AdxGFGRhogAIHx
xbLm3wf4Y6/RzA12h/mvM3LxiMrFUbQW650hTp8ErGPkyZx9gHNwMdp+0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOTyd4sxRwjaulTDx1VVoJmlZ3EpMB8GA1UdIwQY
MBaAFP7LX+N9hRH2emBTFusJU1OPz+nnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3N0ZjQzMkZFZlo2WUZNVzZ3bFRVNF9QNmVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC84MjczYjUtMjc5Yy00MzIzLTgyZGMt
YzI1NzYwNzMxN2YzLzEvX3N0ZjQzMkZFZlo2WUZNVzZ3bFRVNF9QNmVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC84MjczYjUtMjc5Yy00MzIzLTgyZGMtYzI1NzYwNzMxN2Yz
LzEvX3N0ZjQzMkZFZlo2WUZNVzZ3bFRVNF9QNmVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAblxm3ZBs
YhYUYInMQTDJ0PZn7ZQHQEWdeOJyNjQjeyd3evQ3BmkdI+cR1bv61qSfHTxB0qS/
6QXFQF5WIwi3eaIghaROOYIAC1Svce9ToiMz2pEH2aTP3bFy0t1VUv5ubHV0JaRA
a46d43lizTr0okn0jrrMkuiHSrU4BQ+08Lbdkn8YUMaaa4GZcJsGJPgPH1oUrLvY
ijsaNLsjXr8fMZID2gxhMbnK7nCtIrVar8+zJbndnsKOIfSfIYSeTVIsjh11Yg/X
Be3Jq/TD1YL5OSR3v8Ec6WFppZ39AuUiIrzELTWmoFqDBxoWd7G65lRRQlr/CV7n
zcSCReDum5xCAg==
-----END CERTIFICATE-----