Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/96a928-819c-476c-bae1-50c9f5b3c3e4/1/UoUm3npC8eCAkWhA7r85A4uJPRY.mft
File:                     UoUm3npC8eCAkWhA7r85A4uJPRY.mft (raw, json)
Hash identifier:          6V2U+kwBxWE3gZXNrHgonuxEnanJUMyWXB6Iag6n+cU=
Subject key identifier:   B6:2B:D2:36:B1:A6:68:14:18:E6:3C:CA:0D:77:AB:E1:AD:1A:DA:B6
Authority key identifier: 52:85:26:DE:7A:42:F1:E0:80:91:68:40:EE:BF:39:03:8B:89:3D:16
Certificate issuer:       /CN=528526de7a42f1e080916840eebf39038b893d16
Certificate serial:       0199239FC92CE7177797AD27E7F5CCD658D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UoUm3npC8eCAkWhA7r85A4uJPRY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/96a928-819c-476c-bae1-50c9f5b3c3e4/1/UoUm3npC8eCAkWhA7r85A4uJPRY.mft
Manifest number:          09F7
Signing time:             Sun 07 Sep 2025 10:01:37 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:37 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:37 +0000
Files and hashes:         1: UoUm3npC8eCAkWhA7r85A4uJPRY.crl (hash: dQKAYP4KH0JQfKd0pjpNtdwFZQsnaTMPJN+QBRH2l8k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/07/96a928-819c-476c-bae1-50c9f5b3c3e4/1/UoUm3npC8eCAkWhA7r85A4uJPRY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/07/96a928-819c-476c-bae1-50c9f5b3c3e4/1/UoUm3npC8eCAkWhA7r85A4uJPRY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UoUm3npC8eCAkWhA7r85A4uJPRY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:c9:2c:e7:17:77:97:ad:27:e7:f5:cc:d6:58:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=528526de7a42f1e080916840eebf39038b893d16
        Validity
            Not Before: Sep  7 10:01:37 2025 GMT
            Not After : Sep  8 10:01:37 2025 GMT
        Subject: CN=b62bd236b1a6681418e63cca0d77abe1ad1adab6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:1b:b7:28:81:45:22:65:f7:22:ee:7b:d1:3a:
                    6f:3e:5e:18:0a:8f:4b:75:92:af:aa:db:ba:38:c2:
                    7d:fe:51:df:ba:66:c4:92:a2:ca:5f:9c:83:5f:9d:
                    ab:57:51:89:82:ff:d9:cf:7a:37:66:19:f6:2e:1d:
                    7a:f0:25:13:26:e2:a6:b9:c8:37:94:5b:38:cf:dd:
                    01:14:d6:8d:5a:ef:41:34:15:79:b2:67:be:1f:72:
                    ea:35:93:86:54:e5:30:9d:99:12:f5:18:2d:31:30:
                    47:7f:88:94:e5:59:96:62:26:29:4a:7c:41:d4:3f:
                    68:ea:9c:ea:ee:df:3d:34:1b:a2:c6:09:15:2e:fb:
                    2b:9c:5c:c3:ee:60:13:1f:5b:0c:00:10:ab:83:ec:
                    e9:76:65:c5:b6:93:cf:47:66:67:40:ac:06:52:2e:
                    68:4a:8b:ee:1a:a0:26:18:09:bc:0f:30:e4:29:7e:
                    5d:3d:39:68:ce:15:e0:e0:56:63:df:4d:c9:6a:05:
                    cf:82:b0:3a:48:45:f4:18:0d:11:a8:55:11:03:23:
                    be:bb:5b:80:cf:23:3f:28:52:1e:c2:0d:92:02:a6:
                    a2:cb:03:48:95:ed:b2:a0:c9:c9:b7:32:71:4c:82:
                    8b:5d:d2:89:1a:a8:28:2f:35:5a:9c:61:7c:2a:c9:
                    cb:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:2B:D2:36:B1:A6:68:14:18:E6:3C:CA:0D:77:AB:E1:AD:1A:DA:B6
            X509v3 Authority Key Identifier:
                keyid:52:85:26:DE:7A:42:F1:E0:80:91:68:40:EE:BF:39:03:8B:89:3D:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UoUm3npC8eCAkWhA7r85A4uJPRY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/96a928-819c-476c-bae1-50c9f5b3c3e4/1/UoUm3npC8eCAkWhA7r85A4uJPRY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/96a928-819c-476c-bae1-50c9f5b3c3e4/1/UoUm3npC8eCAkWhA7r85A4uJPRY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:5d:84:21:f2:42:3a:ec:5b:36:f5:b1:de:b9:f3:ce:c9:f8:
         22:07:c2:5b:02:fa:56:5d:17:98:4b:b9:2a:b9:a5:f9:78:f2:
         d5:7f:a5:96:bd:f2:ac:d6:a0:d0:91:9f:d6:f7:7d:c6:98:25:
         a4:21:ef:df:da:6a:c0:5f:6d:3e:f6:9a:db:a8:c7:cb:e9:37:
         06:5c:07:c0:a9:47:e3:15:fb:c6:27:4e:35:29:37:08:9f:e1:
         22:62:b0:ca:e9:fb:34:32:4f:f8:58:76:7f:e8:d3:45:79:fc:
         df:68:37:d8:fd:93:4a:1c:95:bc:7f:d0:e2:83:70:c2:c9:b6:
         b6:86:36:14:86:a5:4c:ff:26:24:89:43:9b:75:67:28:55:2d:
         6e:09:0a:1c:2a:f8:f1:8e:c5:c5:13:60:00:9b:b1:c5:06:6a:
         7a:2a:de:2f:6b:cb:21:ba:42:c9:c2:66:36:7b:e4:d9:e8:fb:
         6c:c4:1b:6b:7c:38:4f:83:3d:3d:d9:df:d0:2d:64:82:b4:3d:
         e5:3e:96:3c:27:2c:8b:c2:7f:e9:db:50:88:bf:78:96:20:ab:
         c3:a3:d6:2e:5d:29:05:0d:86:ca:62:45:c5:da:5b:83:f8:83:
         99:41:dc:40:38:3f:87:d8:87:11:ee:89:b5:4f:3f:ed:fe:2b:
         af:3b:92:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn8ks5xd3l60n5/XM1ljRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyODUyNmRlN2E0MmYxZTA4MDkxNjg0MGVlYmYzOTAzOGI4
OTNkMTYwHhcNMjUwOTA3MTAwMTM3WhcNMjUwOTA4MTAwMTM3WjAzMTEwLwYDVQQD
EyhiNjJiZDIzNmIxYTY2ODE0MThlNjNjY2EwZDc3YWJlMWFkMWFkYWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6xu3KIFFImX3Iu570TpvPl4YCo9L
dZKvqtu6OMJ9/lHfumbEkqLKX5yDX52rV1GJgv/Zz3o3Zhn2Lh168CUTJuKmucg3
lFs4z90BFNaNWu9BNBV5sme+H3LqNZOGVOUwnZkS9RgtMTBHf4iU5VmWYiYpSnxB
1D9o6pzq7t89NBuixgkVLvsrnFzD7mATH1sMABCrg+zpdmXFtpPPR2ZnQKwGUi5o
SovuGqAmGAm8DzDkKX5dPTlozhXg4FZj303JagXPgrA6SEX0GA0RqFURAyO+u1uA
zyM/KFIewg2SAqaiywNIle2yoMnJtzJxTIKLXdKJGqgoLzVanGF8KsnLqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLYr0jaxpmgUGOY8yg13q+GtGtq2MB8GA1UdIwQY
MBaAFFKFJt56QvHggJFoQO6/OQOLiT0WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW9VbTNucEM4ZUNBa1doQTdyODVBNHVKUFJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy85NmE5MjgtODE5Yy00NzZjLWJhZTEt
NTBjOWY1YjNjM2U0LzEvVW9VbTNucEM4ZUNBa1doQTdyODVBNHVKUFJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy85NmE5MjgtODE5Yy00NzZjLWJhZTEtNTBjOWY1YjNjM2U0
LzEvVW9VbTNucEM4ZUNBa1doQTdyODVBNHVKUFJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdV2EIfJC
OuxbNvWx3rnzzsn4IgfCWwL6Vl0XmEu5Krml+Xjy1X+llr3yrNag0JGf1vd9xpgl
pCHv39pqwF9tPvaa26jHy+k3BlwHwKlH4xX7xidONSk3CJ/hImKwyun7NDJP+Fh2
f+jTRXn832g32P2TShyVvH/Q4oNwwsm2toY2FIalTP8mJIlDm3VnKFUtbgkKHCr4
8Y7FxRNgAJuxxQZqeireL2vLIbpCycJmNnvk2ej7bMQba3w4T4M9Pdnf0C1kgrQ9
5T6WPCcsi8J/6dtQiL94liCrw6PWLl0pBQ2GymJFxdpbg/iDmUHcQDg/h9iHEe6J
tU8/7f4rrzuSCg==
-----END CERTIFICATE-----