Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/be1fed-2e86-44a9-8a67-44b78e788deb/1/j_QxWS3s8oXDMtMGJTHA589hAsA.mft
File:                     j_QxWS3s8oXDMtMGJTHA589hAsA.mft (raw, json)
Hash identifier:          mxvwpLgWgtTR/FgHE3LfEcTH0ZBBunQ65tFFBv1BVec=
Subject key identifier:   E6:CC:7F:07:4A:F2:B5:AC:E9:22:C4:46:C3:63:4A:30:62:F0:D3:DA
Authority key identifier: 8F:F4:31:59:2D:EC:F2:85:C3:32:D3:06:25:31:C0:E7:CF:61:02:C0
Certificate issuer:       /CN=8ff431592decf285c332d3062531c0e7cf6102c0
Certificate serial:       01984A77B182CFD3562E24B6A69FE17F0540
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/j_QxWS3s8oXDMtMGJTHA589hAsA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/be1fed-2e86-44a9-8a67-44b78e788deb/1/j_QxWS3s8oXDMtMGJTHA589hAsA.mft
Manifest number:          1600
Signing time:             Sun 27 Jul 2025 06:00:14 +0000
Manifest this update:     Sun 27 Jul 2025 06:00:14 +0000
Manifest next update:     Mon 28 Jul 2025 06:00:14 +0000
Files and hashes:         1: j_QxWS3s8oXDMtMGJTHA589hAsA.crl (hash: Z2nSkHUYzrmxQ3E2vHdhKB8vFS1bCk3mK18oIQZk4HY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fe/be1fed-2e86-44a9-8a67-44b78e788deb/1/j_QxWS3s8oXDMtMGJTHA589hAsA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fe/be1fed-2e86-44a9-8a67-44b78e788deb/1/j_QxWS3s8oXDMtMGJTHA589hAsA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/j_QxWS3s8oXDMtMGJTHA589hAsA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 05:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:4a:77:b1:82:cf:d3:56:2e:24:b6:a6:9f:e1:7f:05:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8ff431592decf285c332d3062531c0e7cf6102c0
        Validity
            Not Before: Jul 27 06:00:14 2025 GMT
            Not After : Jul 28 06:00:14 2025 GMT
        Subject: CN=e6cc7f074af2b5ace922c446c3634a3062f0d3da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:e4:22:61:04:70:c2:e7:2e:54:20:41:50:f8:
                    e8:e5:2c:b9:0e:80:87:a7:6e:09:28:50:46:0d:fe:
                    eb:fe:da:a7:47:d0:7f:c9:03:ad:0b:a7:7e:15:15:
                    7d:30:5d:2c:8f:8f:31:dd:23:ae:74:c9:80:ce:8c:
                    b3:d1:6f:00:0b:88:61:6c:59:78:09:42:55:8b:94:
                    b3:fe:cd:a3:4d:63:36:03:0e:4a:60:60:44:94:eb:
                    66:85:31:3e:f0:30:bf:80:e5:9f:e3:93:bb:23:61:
                    41:8e:7d:54:5f:42:e9:26:03:c4:3f:e0:86:ab:84:
                    43:ef:6a:09:d6:d7:46:27:b3:b9:7c:50:3e:47:cc:
                    11:74:bb:74:67:42:e3:88:dc:79:39:4d:d7:6a:a5:
                    8b:a4:94:36:21:1f:20:15:e2:67:42:c6:49:ae:ed:
                    8c:1a:90:e9:62:07:a8:8f:5a:ac:82:cf:df:28:91:
                    27:49:a1:cf:93:2c:dc:6d:20:69:1f:43:6e:bd:5a:
                    d1:fd:d4:fc:d1:12:14:0d:a6:5f:69:98:53:8f:6c:
                    2d:be:36:ae:ba:56:bd:3a:4b:4e:13:bc:46:c0:39:
                    db:5a:09:15:a6:40:04:29:18:4c:cf:0f:0b:bd:c2:
                    e4:83:8e:70:f2:83:fa:6f:e8:8d:d8:52:76:97:b1:
                    36:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:CC:7F:07:4A:F2:B5:AC:E9:22:C4:46:C3:63:4A:30:62:F0:D3:DA
            X509v3 Authority Key Identifier:
                keyid:8F:F4:31:59:2D:EC:F2:85:C3:32:D3:06:25:31:C0:E7:CF:61:02:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j_QxWS3s8oXDMtMGJTHA589hAsA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/be1fed-2e86-44a9-8a67-44b78e788deb/1/j_QxWS3s8oXDMtMGJTHA589hAsA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/be1fed-2e86-44a9-8a67-44b78e788deb/1/j_QxWS3s8oXDMtMGJTHA589hAsA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:b6:d6:76:05:04:7f:2c:10:16:07:13:42:34:7e:9b:94:18:
         fa:d2:34:be:61:ee:3d:02:e6:a6:38:eb:64:90:1a:47:ca:37:
         61:83:76:ab:7d:d7:72:8a:b1:b9:4f:49:36:d7:f1:ce:ba:98:
         55:8e:ad:87:aa:72:7d:ac:c6:fb:92:cd:40:f7:98:35:93:d6:
         4b:81:eb:34:59:23:2b:fb:a5:16:30:7e:7e:ff:3c:c2:a7:ee:
         7e:35:9f:ac:8d:96:90:82:ab:54:e5:65:31:5e:bb:22:a3:ad:
         32:36:c6:e3:f1:27:64:3b:3e:e0:ad:15:95:2e:ac:ea:26:7f:
         74:f7:95:c4:4f:5f:1f:e0:af:75:f5:2f:f7:fe:fd:ce:81:33:
         22:53:0e:32:b7:fc:73:ea:49:36:6a:c4:16:b5:7d:7e:73:cc:
         a1:d4:76:89:52:41:68:27:07:a1:da:2c:2b:89:e8:d3:89:59:
         09:64:98:81:11:4e:45:86:8e:19:a1:72:a8:a2:cc:32:81:9c:
         6f:42:43:d1:c7:4b:2a:84:34:26:ac:b9:98:ab:dc:b3:00:49:
         0f:5b:7c:a5:4a:52:eb:a2:96:94:24:27:e8:b7:4d:ec:d5:9e:
         05:a9:0f:92:4e:60:15:6c:bd:ae:19:2d:f3:84:08:f8:d1:b6:
         bc:76:38:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhKd7GCz9NWLiS2pp/hfwVAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmZjQzMTU5MmRlY2YyODVjMzMyZDMwNjI1MzFjMGU3Y2Y2
MTAyYzAwHhcNMjUwNzI3MDYwMDE0WhcNMjUwNzI4MDYwMDE0WjAzMTEwLwYDVQQD
EyhlNmNjN2YwNzRhZjJiNWFjZTkyMmM0NDZjMzYzNGEzMDYyZjBkM2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyuQiYQRwwucuVCBBUPjo5Sy5DoCH
p24JKFBGDf7r/tqnR9B/yQOtC6d+FRV9MF0sj48x3SOudMmAzoyz0W8AC4hhbFl4
CUJVi5Sz/s2jTWM2Aw5KYGBElOtmhTE+8DC/gOWf45O7I2FBjn1UX0LpJgPEP+CG
q4RD72oJ1tdGJ7O5fFA+R8wRdLt0Z0LjiNx5OU3XaqWLpJQ2IR8gFeJnQsZJru2M
GpDpYgeoj1qsgs/fKJEnSaHPkyzcbSBpH0NuvVrR/dT80RIUDaZfaZhTj2wtvjau
ula9OktOE7xGwDnbWgkVpkAEKRhMzw8LvcLkg45w8oP6b+iN2FJ2l7E2xQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFObMfwdK8rWs6SLERsNjSjBi8NPaMB8GA1UdIwQY
MBaAFI/0MVkt7PKFwzLTBiUxwOfPYQLAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQval9ReFdTM3M4b1hETXRNR0pUSEE1ODloQXNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9iZTFmZWQtMmU4Ni00NGE5LThhNjct
NDRiNzhlNzg4ZGViLzEval9ReFdTM3M4b1hETXRNR0pUSEE1ODloQXNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9iZTFmZWQtMmU4Ni00NGE5LThhNjctNDRiNzhlNzg4ZGVi
LzEval9ReFdTM3M4b1hETXRNR0pUSEE1ODloQXNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZrbWdgUE
fywQFgcTQjR+m5QY+tI0vmHuPQLmpjjrZJAaR8o3YYN2q33XcoqxuU9JNtfxzrqY
VY6th6pyfazG+5LNQPeYNZPWS4HrNFkjK/ulFjB+fv88wqfufjWfrI2WkIKrVOVl
MV67IqOtMjbG4/EnZDs+4K0VlS6s6iZ/dPeVxE9fH+CvdfUv9/79zoEzIlMOMrf8
c+pJNmrEFrV9fnPModR2iVJBaCcHodosK4no04lZCWSYgRFORYaOGaFyqKLMMoGc
b0JD0cdLKoQ0Jqy5mKvcswBJD1t8pUpS66KWlCQn6LdN7NWeBakPkk5gFWy9rhkt
84QI+NG2vHY4dg==
-----END CERTIFICATE-----