Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.mft
File:                     ciTW8HJSGtbrPQKbGJ9C0kCpFTA.mft (raw, json)
Hash identifier:          YKY5Tn+XAYBt/KrW/ll2/ZD354e+U8x/uQ26qKVK/tU=
Subject key identifier:   19:DB:91:E0:71:8D:FA:5A:8D:58:64:BB:4C:1E:9E:B2:37:B0:1D:7B
Authority key identifier: 72:24:D6:F0:72:52:1A:D6:EB:3D:02:9B:18:9F:42:D2:40:A9:15:30
Certificate issuer:       /CN=7224d6f072521ad6eb3d029b189f42d240a91530
Certificate serial:       0198443F3651065F342BF647B3698FD55B55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.mft
Manifest number:          15FA
Signing time:             Sat 26 Jul 2025 01:00:50 +0000
Manifest this update:     Sat 26 Jul 2025 01:00:50 +0000
Manifest next update:     Sun 27 Jul 2025 01:00:50 +0000
Files and hashes:         1: ciTW8HJSGtbrPQKbGJ9C0kCpFTA.crl (hash: yfhC6iv40DbdMEuzzMksNO57CtuD+3JYxnsQXG11XFI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 26 Jul 2025 21:50:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:44:3f:36:51:06:5f:34:2b:f6:47:b3:69:8f:d5:5b:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7224d6f072521ad6eb3d029b189f42d240a91530
        Validity
            Not Before: Jul 26 01:00:50 2025 GMT
            Not After : Jul 27 01:00:50 2025 GMT
        Subject: CN=19db91e0718dfa5a8d5864bb4c1e9eb237b01d7b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:e2:11:fe:3e:9d:d3:9b:b5:be:ab:24:d9:f4:
                    09:e8:1a:14:ad:77:95:ae:79:da:83:20:a4:3f:f6:
                    13:57:6d:ac:d7:7e:ad:53:a7:ad:eb:6f:84:eb:fb:
                    bb:f0:2f:a3:24:eb:72:07:5f:61:09:99:64:0c:ac:
                    2b:61:8f:89:ef:89:da:55:13:e8:6d:c0:f2:93:75:
                    c5:5d:7e:14:13:96:8e:dc:ce:9e:a9:b5:df:60:ca:
                    25:8b:75:6f:1c:83:c2:db:a0:62:43:d2:83:76:71:
                    9c:63:58:47:a7:dd:b5:48:d7:3a:8b:4a:db:0b:d2:
                    9d:64:05:92:d6:35:91:7d:b3:3b:66:80:d3:6c:3b:
                    ab:5b:27:3d:a8:bc:d1:ae:7f:f0:58:39:6c:82:5a:
                    06:df:89:aa:a4:38:0a:31:1e:ff:bf:60:f5:78:67:
                    a8:8f:42:23:c8:32:0a:5a:4f:62:cf:16:38:9b:8e:
                    47:31:aa:5a:94:ae:74:76:b7:69:e2:b0:4b:a3:a0:
                    f4:f3:a2:04:01:91:fc:f6:de:8e:79:43:8b:f7:96:
                    a6:b0:62:ee:1c:55:de:00:74:cd:ef:f9:dd:9f:94:
                    cd:9b:a8:00:ec:38:10:d5:93:b8:b3:5e:3f:2c:82:
                    9b:ec:d5:1e:78:98:64:11:df:d0:a2:9c:9c:08:f5:
                    7f:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:DB:91:E0:71:8D:FA:5A:8D:58:64:BB:4C:1E:9E:B2:37:B0:1D:7B
            X509v3 Authority Key Identifier:
                keyid:72:24:D6:F0:72:52:1A:D6:EB:3D:02:9B:18:9F:42:D2:40:A9:15:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:44:f8:3f:84:7a:d4:3f:c7:9d:b0:25:ca:af:84:f8:e5:99:
         9e:9b:8f:a6:78:e4:f1:c3:27:3e:d4:3c:91:0e:56:28:1f:bc:
         33:9d:0f:e4:d7:c3:d3:9f:7a:5a:46:36:6b:b4:d9:92:25:39:
         5c:99:d8:81:d8:c3:03:9f:13:41:cf:c2:25:4f:a3:cd:c4:77:
         c0:60:92:17:93:e9:0d:32:b8:41:de:e9:dd:09:e1:c8:7a:66:
         29:eb:d0:f2:27:46:50:e7:92:c7:55:22:84:22:a7:63:fd:1f:
         c1:60:69:d3:55:72:74:28:42:6a:a5:88:eb:38:68:8d:b4:46:
         ab:38:4a:ab:61:29:86:bd:b6:9d:8d:d7:18:78:9e:3b:b2:36:
         ad:4d:c5:22:b3:df:96:85:c4:0b:1b:15:18:5c:e0:b8:a9:3a:
         25:5c:67:ab:1d:48:05:b9:e0:12:96:66:b1:37:b6:f5:8a:c6:
         73:10:75:ef:14:a3:f4:9c:f9:ed:e4:87:df:a4:e2:7f:49:1b:
         a4:54:3a:9c:4f:49:93:6d:9d:a0:89:b6:33:79:fc:5c:39:c6:
         80:db:5b:9c:80:a5:23:4e:3d:a6:d7:be:85:da:94:57:5d:05:
         78:ca:d5:c6:cd:4f:9b:42:0d:ea:bf:1a:79:9f:b0:46:92:ad:
         f4:ed:7f:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhEPzZRBl80K/ZHs2mP1VtVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMjRkNmYwNzI1MjFhZDZlYjNkMDI5YjE4OWY0MmQyNDBh
OTE1MzAwHhcNMjUwNzI2MDEwMDUwWhcNMjUwNzI3MDEwMDUwWjAzMTEwLwYDVQQD
EygxOWRiOTFlMDcxOGRmYTVhOGQ1ODY0YmI0YzFlOWViMjM3YjAxZDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAteIR/j6d05u1vqsk2fQJ6BoUrXeV
rnnagyCkP/YTV22s136tU6et62+E6/u78C+jJOtyB19hCZlkDKwrYY+J74naVRPo
bcDyk3XFXX4UE5aO3M6eqbXfYMoli3VvHIPC26BiQ9KDdnGcY1hHp921SNc6i0rb
C9KdZAWS1jWRfbM7ZoDTbDurWyc9qLzRrn/wWDlsgloG34mqpDgKMR7/v2D1eGeo
j0IjyDIKWk9izxY4m45HMapalK50drdp4rBLo6D086IEAZH89t6OeUOL95amsGLu
HFXeAHTN7/ndn5TNm6gA7DgQ1ZO4s14/LIKb7NUeeJhkEd/QopycCPV/+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBnbkeBxjfpajVhku0wenrI3sB17MB8GA1UdIwQY
MBaAFHIk1vByUhrW6z0CmxifQtJAqRUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lUVzhISlNHdGJyUFFLYkdKOUMwa0NwRlRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS80M2YyZDAtNTFlYi00NWM1LWJiYmUt
OWMxMzcwZGE5MzllLzEvY2lUVzhISlNHdGJyUFFLYkdKOUMwa0NwRlRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS80M2YyZDAtNTFlYi00NWM1LWJiYmUtOWMxMzcwZGE5Mzll
LzEvY2lUVzhISlNHdGJyUFFLYkdKOUMwa0NwRlRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgET4P4R6
1D/HnbAlyq+E+OWZnpuPpnjk8cMnPtQ8kQ5WKB+8M50P5NfD0596WkY2a7TZkiU5
XJnYgdjDA58TQc/CJU+jzcR3wGCSF5PpDTK4Qd7p3QnhyHpmKevQ8idGUOeSx1Ui
hCKnY/0fwWBp01VydChCaqWI6zhojbRGqzhKq2Ephr22nY3XGHieO7I2rU3FIrPf
loXECxsVGFzguKk6JVxnqx1IBbngEpZmsTe29YrGcxB17xSj9Jz57eSH36Tif0kb
pFQ6nE9Jk22doIm2M3n8XDnGgNtbnIClI049pte+hdqUV10FeMrVxs1Pm0IN6r8a
eZ+wRpKt9O1/fg==
-----END CERTIFICATE-----