Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/02240f-e080-4be9-93c4-396fcda6490c/1/lW4xbJg4BMJQHsxavqU6KoO1cyQ.mft
File:                     lW4xbJg4BMJQHsxavqU6KoO1cyQ.mft (raw, json)
Hash identifier:          J8TnWGnZW8BSRJ/eotvySSI6jj5gFmQ3ktrADx1h08g=
Subject key identifier:   49:6A:12:19:6B:7D:D3:E7:44:39:1C:2E:55:7C:2D:F6:71:25:C6:08
Authority key identifier: 95:6E:31:6C:98:38:04:C2:50:1E:CC:5A:BE:A5:3A:2A:83:B5:73:24
Certificate issuer:       /CN=956e316c983804c2501ecc5abea53a2a83b57324
Certificate serial:       0199239FEF85DF2F2CB29C5524B5D1641BB1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lW4xbJg4BMJQHsxavqU6KoO1cyQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/02240f-e080-4be9-93c4-396fcda6490c/1/lW4xbJg4BMJQHsxavqU6KoO1cyQ.mft
Manifest number:          1642
Signing time:             Sun 07 Sep 2025 10:01:47 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:47 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:47 +0000
Files and hashes:         1: lW4xbJg4BMJQHsxavqU6KoO1cyQ.crl (hash: WF7qyoKMB5EwjTiosZ7fCrIJXnF+6EZQRfFui5tZC58=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1f/02240f-e080-4be9-93c4-396fcda6490c/1/lW4xbJg4BMJQHsxavqU6KoO1cyQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1f/02240f-e080-4be9-93c4-396fcda6490c/1/lW4xbJg4BMJQHsxavqU6KoO1cyQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lW4xbJg4BMJQHsxavqU6KoO1cyQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:ef:85:df:2f:2c:b2:9c:55:24:b5:d1:64:1b:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=956e316c983804c2501ecc5abea53a2a83b57324
        Validity
            Not Before: Sep  7 10:01:47 2025 GMT
            Not After : Sep  8 10:01:47 2025 GMT
        Subject: CN=496a12196b7dd3e744391c2e557c2df67125c608
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:bd:0e:08:fb:06:7f:08:86:a3:25:52:54:fd:
                    e5:17:c7:29:f1:13:ac:99:aa:da:c5:93:1d:2b:dc:
                    e1:8e:2f:ae:96:ee:36:04:ec:20:4f:b0:9f:cb:01:
                    68:ff:d3:0f:1c:71:4c:0c:db:24:6a:6d:68:67:7f:
                    2c:30:6f:47:2f:d7:94:b8:aa:fd:47:4e:17:7f:b6:
                    e7:e2:6e:6b:20:aa:3b:bf:7b:c2:7c:6a:e0:54:62:
                    14:52:45:e7:a0:b2:28:4f:c4:c5:67:83:32:6d:d4:
                    7e:f9:59:03:ad:f5:43:00:ea:8a:16:b9:d1:33:59:
                    32:64:56:bf:8a:a7:70:03:f0:93:e1:0c:fb:a8:58:
                    7b:8b:0e:da:5a:17:3d:a2:fd:a5:fd:0f:33:f3:78:
                    a8:6d:d5:d9:11:0c:28:05:4c:23:22:c3:05:f4:96:
                    01:e8:18:d1:83:ed:b5:3b:1f:01:ea:20:8b:b7:46:
                    38:bd:09:6f:11:78:05:1e:55:29:cb:f2:ec:a8:78:
                    88:da:58:f5:53:49:d3:ef:d1:69:22:a2:d9:c6:0c:
                    68:3d:05:e6:0f:cb:66:ac:20:30:d9:cc:e8:a3:06:
                    b8:b1:26:e6:fa:5a:73:51:fa:a3:ea:f4:8e:c8:f5:
                    fc:26:7f:7c:f1:f0:93:cf:9f:35:f6:36:48:40:32:
                    87:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:6A:12:19:6B:7D:D3:E7:44:39:1C:2E:55:7C:2D:F6:71:25:C6:08
            X509v3 Authority Key Identifier:
                keyid:95:6E:31:6C:98:38:04:C2:50:1E:CC:5A:BE:A5:3A:2A:83:B5:73:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lW4xbJg4BMJQHsxavqU6KoO1cyQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/02240f-e080-4be9-93c4-396fcda6490c/1/lW4xbJg4BMJQHsxavqU6KoO1cyQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/02240f-e080-4be9-93c4-396fcda6490c/1/lW4xbJg4BMJQHsxavqU6KoO1cyQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:69:ac:87:42:eb:b0:34:a8:08:cc:2a:a3:31:e2:ee:c1:c9:
         27:61:95:09:22:11:ba:15:1b:91:c8:1f:d5:9c:b4:bb:11:9c:
         07:8c:59:11:04:83:de:8a:c8:33:c6:85:34:55:df:90:19:ea:
         9f:06:94:ff:ff:aa:0a:3f:b7:6e:8e:cc:b0:07:ee:ed:cc:db:
         2b:a8:24:a3:4b:97:e0:53:42:aa:fd:a8:bc:cb:97:c3:db:97:
         5a:36:35:64:ca:19:21:22:cb:24:b9:1a:ef:8c:3a:68:b4:7c:
         02:9e:a5:0f:b4:79:77:da:b5:a4:fe:8a:0e:bc:e7:24:8c:c6:
         9a:8e:e2:ae:c8:42:c6:79:03:4c:7a:ac:0a:7f:73:52:0c:8a:
         0c:5b:2b:e8:7c:b8:0f:e1:ce:56:da:d3:46:97:cd:81:cc:d8:
         c4:eb:05:67:b0:e7:31:f3:c4:22:20:08:97:12:44:2a:b7:73:
         e5:77:81:f1:bb:52:9d:51:a3:9c:ec:40:2c:08:95:6d:bc:eb:
         39:cc:34:45:87:03:2f:da:49:01:ea:d4:1b:63:07:75:c8:42:
         4e:4d:8b:02:15:24:a8:27:b8:dc:3a:da:ea:43:a0:f0:dc:36:
         0d:9c:d9:f1:e0:87:9a:bf:b7:b8:fe:9c:8a:c1:9d:04:44:52:
         95:ab:78:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn++F3y8sspxVJLXRZBuxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1NmUzMTZjOTgzODA0YzI1MDFlY2M1YWJlYTUzYTJhODNi
NTczMjQwHhcNMjUwOTA3MTAwMTQ3WhcNMjUwOTA4MTAwMTQ3WjAzMTEwLwYDVQQD
Eyg0OTZhMTIxOTZiN2RkM2U3NDQzOTFjMmU1NTdjMmRmNjcxMjVjNjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuL0OCPsGfwiGoyVSVP3lF8cp8ROs
maraxZMdK9zhji+ulu42BOwgT7CfywFo/9MPHHFMDNskam1oZ38sMG9HL9eUuKr9
R04Xf7bn4m5rIKo7v3vCfGrgVGIUUkXnoLIoT8TFZ4MybdR++VkDrfVDAOqKFrnR
M1kyZFa/iqdwA/CT4Qz7qFh7iw7aWhc9ov2l/Q8z83iobdXZEQwoBUwjIsMF9JYB
6BjRg+21Ox8B6iCLt0Y4vQlvEXgFHlUpy/LsqHiI2lj1U0nT79FpIqLZxgxoPQXm
D8tmrCAw2czoowa4sSbm+lpzUfqj6vSOyPX8Jn988fCTz5819jZIQDKH+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFElqEhlrfdPnRDkcLlV8LfZxJcYIMB8GA1UdIwQY
MBaAFJVuMWyYOATCUB7MWr6lOiqDtXMkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFc0eGJKZzRCTUpRSHN4YXZxVTZLb08xY3lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8wMjI0MGYtZTA4MC00YmU5LTkzYzQt
Mzk2ZmNkYTY0OTBjLzEvbFc0eGJKZzRCTUpRSHN4YXZxVTZLb08xY3lRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi8wMjI0MGYtZTA4MC00YmU5LTkzYzQtMzk2ZmNkYTY0OTBj
LzEvbFc0eGJKZzRCTUpRSHN4YXZxVTZLb08xY3lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAImmsh0Lr
sDSoCMwqozHi7sHJJ2GVCSIRuhUbkcgf1Zy0uxGcB4xZEQSD3orIM8aFNFXfkBnq
nwaU//+qCj+3bo7MsAfu7czbK6gko0uX4FNCqv2ovMuXw9uXWjY1ZMoZISLLJLka
74w6aLR8Ap6lD7R5d9q1pP6KDrznJIzGmo7irshCxnkDTHqsCn9zUgyKDFsr6Hy4
D+HOVtrTRpfNgczYxOsFZ7DnMfPEIiAIlxJEKrdz5XeB8btSnVGjnOxALAiVbbzr
Ocw0RYcDL9pJAerUG2MHdchCTk2LAhUkqCe43Dra6kOg8Nw2DZzZ8eCHmr+3uP6c
isGdBERSlat4bw==
-----END CERTIFICATE-----