Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/9fa815-b5fc-4387-8771-18f0a50c8e26/1/bHwktnELOtfXKCoMlH9rlTHVjsU.mft
File:                     bHwktnELOtfXKCoMlH9rlTHVjsU.mft (raw, json)
Hash identifier:          dhTyGtFUC57cOVjAwfw3iik6DPA+UzvjRChHWf9Ujb8=
Subject key identifier:   46:40:7F:54:2D:79:97:71:22:52:52:80:A8:E3:78:25:27:1A:B5:18
Authority key identifier: 6C:7C:24:B6:71:0B:3A:D7:D7:28:2A:0C:94:7F:6B:95:31:D5:8E:C5
Certificate issuer:       /CN=6c7c24b6710b3ad7d7282a0c947f6b9531d58ec5
Certificate serial:       019849D378826DD2D3007DBFD0431884E89E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bHwktnELOtfXKCoMlH9rlTHVjsU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/9fa815-b5fc-4387-8771-18f0a50c8e26/1/bHwktnELOtfXKCoMlH9rlTHVjsU.mft
Manifest number:          15FD
Signing time:             Sun 27 Jul 2025 03:00:52 +0000
Manifest this update:     Sun 27 Jul 2025 03:00:52 +0000
Manifest next update:     Mon 28 Jul 2025 03:00:52 +0000
Files and hashes:         1: bHwktnELOtfXKCoMlH9rlTHVjsU.crl (hash: 5NZWjMYfyUpwCd65EpDk/V7+YiL22lI+Ie70cEWuuhM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8f/9fa815-b5fc-4387-8771-18f0a50c8e26/1/bHwktnELOtfXKCoMlH9rlTHVjsU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8f/9fa815-b5fc-4387-8771-18f0a50c8e26/1/bHwktnELOtfXKCoMlH9rlTHVjsU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bHwktnELOtfXKCoMlH9rlTHVjsU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Jul 2025 20:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:49:d3:78:82:6d:d2:d3:00:7d:bf:d0:43:18:84:e8:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c7c24b6710b3ad7d7282a0c947f6b9531d58ec5
        Validity
            Not Before: Jul 27 03:00:52 2025 GMT
            Not After : Jul 28 03:00:52 2025 GMT
        Subject: CN=46407f542d79977122525280a8e37825271ab518
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:18:86:50:26:40:ed:93:4d:76:1f:e0:b5:a6:
                    fd:72:7e:5a:19:0e:4e:9e:37:4c:d0:fc:26:6d:90:
                    53:38:5b:c9:d3:85:2f:16:ed:14:05:8e:fe:ef:67:
                    b4:ea:29:b7:4f:ab:4d:d2:9f:19:c6:2d:a4:7f:44:
                    18:0d:60:4b:e3:eb:13:5d:45:0f:77:c0:be:cc:2d:
                    29:0d:d7:2b:ef:74:08:ad:9c:3d:c2:2c:1b:af:9e:
                    a4:c5:24:29:97:df:29:5e:0e:f7:2f:9d:c4:84:44:
                    42:68:e4:eb:52:97:31:12:e5:79:09:cf:b6:c1:25:
                    3a:fe:3a:8b:d2:99:20:f3:a4:d5:7e:82:cc:ae:c4:
                    ec:ac:15:d2:8f:4f:6c:d3:5b:dd:c8:04:d6:14:93:
                    2d:4a:16:e0:df:9c:6a:fc:42:d2:04:f3:9b:40:26:
                    b2:07:21:da:c2:9e:17:ef:1c:f9:cd:8b:e4:e6:f6:
                    af:ab:07:06:fa:cb:e0:15:97:37:b2:34:aa:f8:6d:
                    53:77:a2:bc:36:93:8d:3f:40:d5:96:5d:9f:27:86:
                    11:59:c8:b7:b1:60:81:bd:4d:41:e6:e3:18:03:42:
                    ac:37:99:2a:0a:3a:fd:f6:0f:ba:4f:a2:90:02:2e:
                    5f:53:1e:c8:cf:1d:80:b6:a5:31:b9:a4:35:a9:57:
                    16:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:40:7F:54:2D:79:97:71:22:52:52:80:A8:E3:78:25:27:1A:B5:18
            X509v3 Authority Key Identifier:
                keyid:6C:7C:24:B6:71:0B:3A:D7:D7:28:2A:0C:94:7F:6B:95:31:D5:8E:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bHwktnELOtfXKCoMlH9rlTHVjsU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/9fa815-b5fc-4387-8771-18f0a50c8e26/1/bHwktnELOtfXKCoMlH9rlTHVjsU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/9fa815-b5fc-4387-8771-18f0a50c8e26/1/bHwktnELOtfXKCoMlH9rlTHVjsU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:66:48:58:31:2a:e3:29:56:4d:50:a0:a3:61:97:af:12:8e:
         80:af:a6:70:f4:ea:e0:86:d2:26:38:3c:dc:5f:9e:d9:a0:aa:
         75:38:83:5d:d6:3c:f0:5a:0b:46:5f:41:7c:da:f8:48:c7:c4:
         b9:ae:f8:8e:19:9c:6c:b1:42:e2:77:8a:02:a9:ce:96:ba:f7:
         f6:27:af:59:b0:e2:5f:74:0a:78:0e:81:f5:8a:17:78:e5:83:
         fc:52:43:4d:0c:79:ff:f6:6b:09:50:82:07:12:11:91:31:22:
         d5:d6:63:6d:99:a3:ef:f1:a7:ae:b2:fb:90:87:b5:a6:a7:e3:
         57:27:2d:17:16:b1:21:8c:16:21:c8:5c:8c:f6:bf:3f:ed:71:
         6f:9e:a7:dc:99:cb:23:5a:69:8d:20:73:5b:a0:f0:ce:b9:80:
         3e:b9:08:92:f9:49:84:a2:fa:46:eb:c0:1d:50:e1:1c:51:3f:
         b6:f0:19:80:95:a4:fb:74:6a:2b:8f:ef:e7:44:d4:1e:20:a6:
         10:e4:46:56:a9:33:10:dc:d5:40:f9:4b:55:29:d5:d8:48:25:
         96:0b:81:ec:d5:ee:14:3d:92:e6:fc:4b:ea:3d:e9:3a:a6:b1:
         9a:91:5b:df:12:ff:f6:b7:1f:1c:13:d3:a8:18:9a:8e:22:5b:
         c4:2e:b8:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhJ03iCbdLTAH2/0EMYhOieMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjN2MyNGI2NzEwYjNhZDdkNzI4MmEwYzk0N2Y2Yjk1MzFk
NThlYzUwHhcNMjUwNzI3MDMwMDUyWhcNMjUwNzI4MDMwMDUyWjAzMTEwLwYDVQQD
Eyg0NjQwN2Y1NDJkNzk5NzcxMjI1MjUyODBhOGUzNzgyNTI3MWFiNTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRiGUCZA7ZNNdh/gtab9cn5aGQ5O
njdM0PwmbZBTOFvJ04UvFu0UBY7+72e06im3T6tN0p8Zxi2kf0QYDWBL4+sTXUUP
d8C+zC0pDdcr73QIrZw9wiwbr56kxSQpl98pXg73L53EhERCaOTrUpcxEuV5Cc+2
wSU6/jqL0pkg86TVfoLMrsTsrBXSj09s01vdyATWFJMtShbg35xq/ELSBPObQCay
ByHawp4X7xz5zYvk5vavqwcG+svgFZc3sjSq+G1Td6K8NpONP0DVll2fJ4YRWci3
sWCBvU1B5uMYA0KsN5kqCjr99g+6T6KQAi5fUx7Izx2AtqUxuaQ1qVcWkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEZAf1QteZdxIlJSgKjjeCUnGrUYMB8GA1UdIwQY
MBaAFGx8JLZxCzrX1ygqDJR/a5Ux1Y7FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkh3a3RuRUxPdGZYS0NvTWxIOXJsVEhWanNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi85ZmE4MTUtYjVmYy00Mzg3LTg3NzEt
MThmMGE1MGM4ZTI2LzEvYkh3a3RuRUxPdGZYS0NvTWxIOXJsVEhWanNVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi85ZmE4MTUtYjVmYy00Mzg3LTg3NzEtMThmMGE1MGM4ZTI2
LzEvYkh3a3RuRUxPdGZYS0NvTWxIOXJsVEhWanNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdmZIWDEq
4ylWTVCgo2GXrxKOgK+mcPTq4IbSJjg83F+e2aCqdTiDXdY88FoLRl9BfNr4SMfE
ua74jhmcbLFC4neKAqnOlrr39ievWbDiX3QKeA6B9YoXeOWD/FJDTQx5//ZrCVCC
BxIRkTEi1dZjbZmj7/GnrrL7kIe1pqfjVyctFxaxIYwWIchcjPa/P+1xb56n3JnL
I1ppjSBzW6DwzrmAPrkIkvlJhKL6RuvAHVDhHFE/tvAZgJWk+3RqK4/v50TUHiCm
EORGVqkzENzVQPlLVSnV2EgllguB7NXuFD2S5vxL6j3pOqaxmpFb3xL/9rcfHBPT
qBiajiJbxC64cQ==
-----END CERTIFICATE-----