Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/4bdfcb-4385-47cc-b081-95b1d71bcc89/1/6Md5F2XIhNCFX-0_-MPycJmpoBo.mft
File:                     6Md5F2XIhNCFX-0_-MPycJmpoBo.mft (raw, json)
Hash identifier:          3kUP1FQuuv/1Pde/WFihIkee9LZpGxnbPaaFstR6czM=
Subject key identifier:   1D:1C:B1:29:CF:92:EE:89:21:7D:08:DE:23:4D:50:D8:34:09:B1:52
Authority key identifier: E8:C7:79:17:65:C8:84:D0:85:5F:ED:3F:F8:C3:F2:70:99:A9:A0:1A
Certificate issuer:       /CN=e8c7791765c884d0855fed3ff8c3f27099a9a01a
Certificate serial:       0199221E21B9F46540C2FAF7A83FD903ECC4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6Md5F2XIhNCFX-0_-MPycJmpoBo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/4bdfcb-4385-47cc-b081-95b1d71bcc89/1/6Md5F2XIhNCFX-0_-MPycJmpoBo.mft
Manifest number:          166E
Signing time:             Sun 07 Sep 2025 03:00:23 +0000
Manifest this update:     Sun 07 Sep 2025 03:00:23 +0000
Manifest next update:     Mon 08 Sep 2025 03:00:23 +0000
Files and hashes:         1: 6Md5F2XIhNCFX-0_-MPycJmpoBo.crl (hash: uaagjkJ7vQ8R4DwvB4yTHRar0Y6J8/2XAUaUIi15g1s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/4bdfcb-4385-47cc-b081-95b1d71bcc89/1/6Md5F2XIhNCFX-0_-MPycJmpoBo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/4bdfcb-4385-47cc-b081-95b1d71bcc89/1/6Md5F2XIhNCFX-0_-MPycJmpoBo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6Md5F2XIhNCFX-0_-MPycJmpoBo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1e:21:b9:f4:65:40:c2:fa:f7:a8:3f:d9:03:ec:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e8c7791765c884d0855fed3ff8c3f27099a9a01a
        Validity
            Not Before: Sep  7 03:00:23 2025 GMT
            Not After : Sep  8 03:00:23 2025 GMT
        Subject: CN=1d1cb129cf92ee89217d08de234d50d83409b152
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:66:d9:b3:73:1d:f6:cc:d9:9f:45:48:b6:9a:
                    ef:f1:7b:a0:cd:72:3b:8f:d8:58:70:5a:a1:fe:4b:
                    12:97:2e:06:59:02:42:29:14:6e:80:bb:92:cf:af:
                    c0:0b:0b:56:85:63:ae:16:e7:52:a7:80:69:0b:fc:
                    d6:fa:cd:e6:3d:c3:34:f5:2a:f2:20:79:e4:df:1b:
                    ff:3c:82:fc:f0:02:1b:64:d2:14:76:85:aa:f3:79:
                    b1:b6:12:e8:d4:38:0a:46:b8:04:39:c8:61:ff:36:
                    41:3d:9f:7f:07:cb:6b:25:13:65:10:6f:b2:98:34:
                    d3:de:91:34:ea:32:b1:b5:e5:f8:25:90:f9:18:43:
                    78:a6:4f:95:96:a9:c7:4b:19:b2:77:96:29:69:2c:
                    19:97:3b:46:8c:50:82:fe:f0:46:da:56:22:63:99:
                    30:be:77:d5:1e:62:09:4d:04:f5:c6:ad:75:2f:06:
                    33:67:ea:ca:63:e4:97:11:10:8a:83:65:17:f7:7d:
                    37:22:ab:79:8d:94:b2:0c:93:b5:c7:e8:ba:25:27:
                    79:c9:fe:34:1c:62:00:e7:f4:3a:cd:7c:03:09:e4:
                    c8:e5:6f:b8:9f:49:4e:7c:9c:07:86:85:d1:f9:7c:
                    d6:9f:8f:cf:5e:c3:de:c7:c9:16:a9:da:19:25:65:
                    17:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:1C:B1:29:CF:92:EE:89:21:7D:08:DE:23:4D:50:D8:34:09:B1:52
            X509v3 Authority Key Identifier:
                keyid:E8:C7:79:17:65:C8:84:D0:85:5F:ED:3F:F8:C3:F2:70:99:A9:A0:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6Md5F2XIhNCFX-0_-MPycJmpoBo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/4bdfcb-4385-47cc-b081-95b1d71bcc89/1/6Md5F2XIhNCFX-0_-MPycJmpoBo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/4bdfcb-4385-47cc-b081-95b1d71bcc89/1/6Md5F2XIhNCFX-0_-MPycJmpoBo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:4d:9b:3e:34:52:81:82:bf:e2:d6:0e:7a:33:bf:a0:27:74:
         79:49:2b:b3:93:e9:4a:42:21:35:5a:42:fd:05:b9:41:a4:6b:
         3f:07:7a:7e:11:79:76:c3:e7:fb:ad:89:c9:85:48:17:47:f4:
         0c:65:6b:ca:55:d1:0e:10:7b:8d:dc:38:f7:3f:6c:30:4a:4b:
         7c:15:74:2b:a5:ab:bb:c9:f8:89:5f:cd:1c:c3:4d:a8:34:d3:
         57:86:1f:59:b3:7c:a5:93:ab:b7:dc:43:40:45:88:1b:ad:03:
         db:55:57:a6:6e:5a:b0:55:70:ad:0b:10:c3:9e:6e:e2:11:fc:
         c8:91:93:9b:bc:65:11:af:30:eb:2c:99:dd:84:19:32:3b:1d:
         e8:87:03:a3:1c:0d:39:1f:8a:d6:d7:5c:f5:39:cc:c7:16:d2:
         e4:15:5a:4a:aa:e7:e8:c7:05:d3:15:a3:8e:e1:58:e1:90:45:
         ff:90:60:6b:ab:f2:bd:1b:03:d7:2d:5f:46:33:3b:76:82:47:
         a9:45:f2:fb:59:3c:44:44:e5:14:64:66:df:62:54:b8:19:36:
         89:f8:e3:40:59:ef:dc:e4:e5:d8:32:75:17:2d:68:98:17:1a:
         9f:f2:c0:32:d9:04:46:44:30:78:05:ce:ac:f2:0a:3c:76:3f:
         1f:54:9b:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHiG59GVAwvr3qD/ZA+zEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4Yzc3OTE3NjVjODg0ZDA4NTVmZWQzZmY4YzNmMjcwOTlh
OWEwMWEwHhcNMjUwOTA3MDMwMDIzWhcNMjUwOTA4MDMwMDIzWjAzMTEwLwYDVQQD
EygxZDFjYjEyOWNmOTJlZTg5MjE3ZDA4ZGUyMzRkNTBkODM0MDliMTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWbZs3Md9szZn0VItprv8XugzXI7
j9hYcFqh/ksSly4GWQJCKRRugLuSz6/ACwtWhWOuFudSp4BpC/zW+s3mPcM09Sry
IHnk3xv/PIL88AIbZNIUdoWq83mxthLo1DgKRrgEOchh/zZBPZ9/B8trJRNlEG+y
mDTT3pE06jKxteX4JZD5GEN4pk+VlqnHSxmyd5YpaSwZlztGjFCC/vBG2lYiY5kw
vnfVHmIJTQT1xq11LwYzZ+rKY+SXERCKg2UX9303Iqt5jZSyDJO1x+i6JSd5yf40
HGIA5/Q6zXwDCeTI5W+4n0lOfJwHhoXR+XzWn4/PXsPex8kWqdoZJWUXaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB0csSnPku6JIX0I3iNNUNg0CbFSMB8GA1UdIwQY
MBaAFOjHeRdlyITQhV/tP/jD8nCZqaAaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNk1kNUYyWEloTkNGWC0wXy1NUHljSm1wb0JvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi80YmRmY2ItNDM4NS00N2NjLWIwODEt
OTViMWQ3MWJjYzg5LzEvNk1kNUYyWEloTkNGWC0wXy1NUHljSm1wb0JvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi80YmRmY2ItNDM4NS00N2NjLWIwODEtOTViMWQ3MWJjYzg5
LzEvNk1kNUYyWEloTkNGWC0wXy1NUHljSm1wb0JvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF02bPjRS
gYK/4tYOejO/oCd0eUkrs5PpSkIhNVpC/QW5QaRrPwd6fhF5dsPn+62JyYVIF0f0
DGVrylXRDhB7jdw49z9sMEpLfBV0K6Wru8n4iV/NHMNNqDTTV4YfWbN8pZOrt9xD
QEWIG60D21VXpm5asFVwrQsQw55u4hH8yJGTm7xlEa8w6yyZ3YQZMjsd6IcDoxwN
OR+K1tdc9TnMxxbS5BVaSqrn6McF0xWjjuFY4ZBF/5Bga6vyvRsD1y1fRjM7doJH
qUXy+1k8RETlFGRm32JUuBk2ifjjQFnv3OTl2DJ1Fy1omBcan/LAMtkERkQweAXO
rPIKPHY/H1SbyQ==
-----END CERTIFICATE-----