Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft
File:                     hRwTZejd_OV1mPvo3n6oesYD4iw.mft (raw, json)
Hash identifier:          X8ozHiR6cvhft0XyNmeg+WCR0Au69tygirK8WGq8fGE=
Subject key identifier:   AA:2A:98:78:34:55:82:35:6D:B4:87:C2:C6:66:60:FE:46:7D:0B:FB
Authority key identifier: 85:1C:13:65:E8:DD:FC:E5:75:98:FB:E8:DE:7E:A8:7A:C6:03:E2:2C
Certificate issuer:       /CN=851c1365e8ddfce57598fbe8de7ea87ac603e22c
Certificate serial:       019921B18483B08F3515AD823F846AD2644D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hRwTZejd_OV1mPvo3n6oesYD4iw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft
Manifest number:          08C1
Signing time:             Sun 07 Sep 2025 01:01:45 +0000
Manifest this update:     Sun 07 Sep 2025 01:01:45 +0000
Manifest next update:     Mon 08 Sep 2025 01:01:45 +0000
Files and hashes:         1: hRwTZejd_OV1mPvo3n6oesYD4iw.crl (hash: BzHX3d59P/0XUcqL+olcYwtGSu30XYNF8x96BdfSz7U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hRwTZejd_OV1mPvo3n6oesYD4iw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:01:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b1:84:83:b0:8f:35:15:ad:82:3f:84:6a:d2:64:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=851c1365e8ddfce57598fbe8de7ea87ac603e22c
        Validity
            Not Before: Sep  7 01:01:45 2025 GMT
            Not After : Sep  8 01:01:45 2025 GMT
        Subject: CN=aa2a9878345582356db487c2c66660fe467d0bfb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:9f:cc:59:7a:0e:c0:93:e1:f1:08:54:7d:72:
                    d6:e3:47:18:46:a6:d8:71:76:70:26:28:fb:4f:10:
                    78:e6:3b:d2:e6:8f:38:72:cc:27:0b:58:76:52:b4:
                    79:71:71:91:a0:c7:92:38:be:bb:38:fc:2e:cd:3b:
                    31:00:59:eb:7a:41:05:ee:09:83:85:b7:20:63:47:
                    37:10:83:7a:9a:19:ac:ee:0d:50:b4:ab:3f:92:2c:
                    c1:e1:00:00:27:8e:25:da:32:e4:5f:69:02:e9:9e:
                    48:a0:01:39:41:73:a1:07:43:43:43:c4:57:fb:0a:
                    0e:7e:03:6d:b6:88:aa:b2:6e:25:93:9f:4a:2f:82:
                    a3:68:0e:3c:d0:fd:1c:ed:24:b1:95:ce:dc:31:88:
                    e2:1c:dc:82:28:53:98:79:44:1e:45:22:76:8c:4a:
                    fc:87:78:fd:bc:8b:1f:79:1b:cd:3f:70:c6:6f:18:
                    98:7b:3c:c2:fd:18:3b:61:ec:6d:83:35:7b:09:27:
                    c7:95:60:03:2f:2f:de:55:76:00:b1:64:74:8f:39:
                    49:e2:0b:ef:38:5f:90:a4:2a:7d:7b:c7:66:95:de:
                    86:61:9d:a6:36:fb:53:d1:32:d4:65:0e:fc:8b:aa:
                    92:d2:0a:86:d4:11:00:29:80:70:f2:52:63:64:22:
                    e7:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:2A:98:78:34:55:82:35:6D:B4:87:C2:C6:66:60:FE:46:7D:0B:FB
            X509v3 Authority Key Identifier:
                keyid:85:1C:13:65:E8:DD:FC:E5:75:98:FB:E8:DE:7E:A8:7A:C6:03:E2:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hRwTZejd_OV1mPvo3n6oesYD4iw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ae:f2:69:08:15:2a:71:4a:e3:89:d3:c4:e7:be:4c:ce:c9:22:
         4c:ef:5d:26:ee:23:0a:ca:e3:1b:90:4e:37:31:61:c2:59:95:
         35:25:d8:49:d5:1b:8c:3a:7b:0b:da:e1:3f:44:cb:9b:26:73:
         d1:0c:53:b4:5d:ef:e9:66:56:be:63:fc:a6:b9:5d:23:92:d6:
         3a:1e:53:1c:7f:85:5b:fd:28:c3:f1:b7:c6:f8:df:ec:f7:20:
         bc:17:d1:4b:f7:b6:b1:63:b9:ee:13:b5:49:72:4d:78:c0:ac:
         c5:82:6b:b0:48:36:f0:e6:46:21:3d:31:a1:67:ff:d5:6e:6d:
         74:40:7c:b0:fc:ba:40:90:bc:f9:f0:67:55:eb:6e:cf:27:70:
         18:d4:81:df:d9:98:e0:3d:d3:ab:a8:22:98:71:ab:45:c6:69:
         fe:2c:95:4a:98:cf:50:9c:d2:a5:06:1a:a7:00:94:66:70:a1:
         bb:90:94:0d:ed:d9:0a:da:06:7f:6d:6b:fe:ad:bf:f5:a4:79:
         63:b5:70:38:a3:8d:5e:20:84:b6:66:7b:88:71:a4:d9:f7:c8:
         16:09:d9:2c:f4:2e:7f:35:a3:49:df:8f:f8:31:52:f7:fa:7a:
         38:91:6a:d2:76:30:ab:37:6e:82:c8:b8:21:7a:4d:09:aa:bd:
         88:28:bd:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsYSDsI81Fa2CP4Rq0mRNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MWMxMzY1ZThkZGZjZTU3NTk4ZmJlOGRlN2VhODdhYzYw
M2UyMmMwHhcNMjUwOTA3MDEwMTQ1WhcNMjUwOTA4MDEwMTQ1WjAzMTEwLwYDVQQD
EyhhYTJhOTg3ODM0NTU4MjM1NmRiNDg3YzJjNjY2NjBmZTQ2N2QwYmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZ/MWXoOwJPh8QhUfXLW40cYRqbY
cXZwJij7TxB45jvS5o84cswnC1h2UrR5cXGRoMeSOL67OPwuzTsxAFnrekEF7gmD
hbcgY0c3EIN6mhms7g1QtKs/kizB4QAAJ44l2jLkX2kC6Z5IoAE5QXOhB0NDQ8RX
+woOfgNttoiqsm4lk59KL4KjaA480P0c7SSxlc7cMYjiHNyCKFOYeUQeRSJ2jEr8
h3j9vIsfeRvNP3DGbxiYezzC/Rg7YextgzV7CSfHlWADLy/eVXYAsWR0jzlJ4gvv
OF+QpCp9e8dmld6GYZ2mNvtT0TLUZQ78i6qS0gqG1BEAKYBw8lJjZCLnywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKoqmHg0VYI1bbSHwsZmYP5GfQv7MB8GA1UdIwQY
MBaAFIUcE2Xo3fzldZj76N5+qHrGA+IsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFJ3VFplamRfT1YxbVB2bzNuNm9lc1lENGl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8zNTIyZTktODZlMC00YjVhLWEyYzgt
MDBmMDYwMTI1MmM4LzEvaFJ3VFplamRfT1YxbVB2bzNuNm9lc1lENGl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8zNTIyZTktODZlMC00YjVhLWEyYzgtMDBmMDYwMTI1MmM4
LzEvaFJ3VFplamRfT1YxbVB2bzNuNm9lc1lENGl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArvJpCBUq
cUrjidPE575MzskiTO9dJu4jCsrjG5BONzFhwlmVNSXYSdUbjDp7C9rhP0TLmyZz
0QxTtF3v6WZWvmP8prldI5LWOh5THH+FW/0ow/G3xvjf7PcgvBfRS/e2sWO57hO1
SXJNeMCsxYJrsEg28OZGIT0xoWf/1W5tdEB8sPy6QJC8+fBnVetuzydwGNSB39mY
4D3Tq6gimHGrRcZp/iyVSpjPUJzSpQYapwCUZnChu5CUDe3ZCtoGf21r/q2/9aR5
Y7VwOKONXiCEtmZ7iHGk2ffIFgnZLPQufzWjSd+P+DFS9/p6OJFq0nYwqzdugsi4
IXpNCaq9iCi9NA==
-----END CERTIFICATE-----