Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
File:                     2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft (raw, json)
Hash identifier:          lA/DYCiqo4UnmQ3UK4nN0YcCiwaRbTbtu+Ul9rGWrjE=
Subject key identifier:   25:DF:63:00:83:10:A6:E9:D6:34:1A:EB:36:40:8D:64:FE:EF:F7:08
Authority key identifier: D9:A2:34:85:FE:D8:C8:50:74:52:32:E3:DC:51:CC:EA:D4:72:54:A4
Certificate issuer:       /CN=d9a23485fed8c850745232e3dc51ccead47254a4
Certificate serial:       01991809E70CE28F51EC9A2D253E19DEFE56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
Manifest number:          0A7A
Signing time:             Fri 05 Sep 2025 04:02:06 +0000
Manifest this update:     Fri 05 Sep 2025 04:02:06 +0000
Manifest next update:     Sat 06 Sep 2025 04:02:06 +0000
Files and hashes:         1: 2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl (hash: KlGbWe/MWgaeruz43rMQXuWp2DOiUQa0DhsM2FR8nYk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 06 Sep 2025 01:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:18:09:e7:0c:e2:8f:51:ec:9a:2d:25:3e:19:de:fe:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9a23485fed8c850745232e3dc51ccead47254a4
        Validity
            Not Before: Sep  5 04:02:06 2025 GMT
            Not After : Sep  6 04:02:06 2025 GMT
        Subject: CN=25df63008310a6e9d6341aeb36408d64feeff708
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:29:bb:1f:91:2c:19:f4:fc:75:49:e6:28:e3:
                    de:15:8b:a9:84:7e:60:04:55:f1:71:24:4e:bb:9a:
                    d3:fb:88:45:59:40:75:8b:1c:e5:af:a9:b7:cf:46:
                    7f:97:90:f3:88:fa:4c:71:0d:79:1c:7b:eb:8c:8a:
                    01:78:70:b1:1f:1b:97:10:00:75:8e:0d:7e:ec:12:
                    57:35:db:80:37:fd:7c:f6:9d:35:c0:1e:d4:6f:6e:
                    6b:d8:57:92:72:45:63:e4:51:62:0a:db:fb:9c:f9:
                    d7:ac:29:d8:20:f3:2f:88:65:54:60:11:1d:3a:49:
                    4d:6d:2b:ec:c4:d4:b6:85:bb:01:e0:40:67:14:ff:
                    22:35:46:d7:03:78:66:68:3d:bc:0a:1a:4d:8d:53:
                    08:3f:ea:97:09:de:9a:68:e5:11:11:d6:e5:b3:0d:
                    cc:7e:79:5e:f0:82:11:d9:53:cf:7b:ab:3a:68:43:
                    1a:ea:e8:61:92:f1:45:09:d6:3b:0b:bd:0e:e0:b8:
                    8e:69:92:cc:c7:ca:7a:5f:dc:6a:a4:cc:65:26:6e:
                    93:8b:e0:39:3b:d6:29:d3:89:0c:2b:93:cf:44:ac:
                    11:e4:b3:ed:08:86:9b:aa:1f:2a:b1:f1:26:d8:13:
                    3b:b5:43:24:e1:c5:c2:03:65:29:90:60:2f:d1:a8:
                    40:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:DF:63:00:83:10:A6:E9:D6:34:1A:EB:36:40:8D:64:FE:EF:F7:08
            X509v3 Authority Key Identifier:
                keyid:D9:A2:34:85:FE:D8:C8:50:74:52:32:E3:DC:51:CC:EA:D4:72:54:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:90:f2:c0:cd:f5:70:fe:53:9c:f8:b6:71:75:ab:f5:4d:7f:
         54:45:b8:65:e1:88:d1:64:ea:43:68:32:55:a1:2b:3f:99:ae:
         4a:fa:3d:11:27:0a:49:07:62:65:f1:1d:18:3d:c0:dc:a4:b2:
         8c:00:46:d8:d3:5b:5b:d2:f8:8c:5c:6a:1b:e7:b0:c0:6a:ee:
         61:d5:98:23:fd:b2:58:9c:6a:6a:bb:5b:d1:e4:16:55:30:d5:
         c0:9c:df:f7:df:e8:0a:a1:7b:c8:7d:ec:78:6c:94:3f:20:ba:
         13:8e:d8:72:2b:3e:e4:e5:f1:e1:93:2e:ec:89:10:10:65:5f:
         67:f2:e7:e1:ad:f2:4a:c3:97:6a:35:ad:3c:b0:66:98:94:8c:
         d4:64:3e:18:cd:a1:77:b8:43:83:61:79:36:80:7c:09:d3:f6:
         37:29:df:b8:c6:d5:40:50:1b:a8:a6:a6:5c:1f:3e:50:7b:49:
         b4:f0:6b:2e:8e:bc:b1:80:06:0a:21:3b:21:2e:03:8c:fa:d6:
         a2:2e:18:0f:0f:8f:6d:a1:7e:cd:32:2e:3d:d7:28:d0:55:b6:
         5e:9f:01:31:d0:3d:27:59:aa:25:c8:c3:99:a2:58:02:95:61:
         dd:42:3b:f7:0a:4e:b3:25:70:04:d7:d4:12:73:f4:c4:a3:af:
         db:9a:fe:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkYCecM4o9R7JotJT4Z3v5WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YTIzNDg1ZmVkOGM4NTA3NDUyMzJlM2RjNTFjY2VhZDQ3
MjU0YTQwHhcNMjUwOTA1MDQwMjA2WhcNMjUwOTA2MDQwMjA2WjAzMTEwLwYDVQQD
EygyNWRmNjMwMDgzMTBhNmU5ZDYzNDFhZWIzNjQwOGQ2NGZlZWZmNzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSm7H5EsGfT8dUnmKOPeFYuphH5g
BFXxcSROu5rT+4hFWUB1ixzlr6m3z0Z/l5DziPpMcQ15HHvrjIoBeHCxHxuXEAB1
jg1+7BJXNduAN/189p01wB7Ub25r2FeSckVj5FFiCtv7nPnXrCnYIPMviGVUYBEd
OklNbSvsxNS2hbsB4EBnFP8iNUbXA3hmaD28ChpNjVMIP+qXCd6aaOUREdblsw3M
fnle8IIR2VPPe6s6aEMa6uhhkvFFCdY7C70O4LiOaZLMx8p6X9xqpMxlJm6Ti+A5
O9Yp04kMK5PPRKwR5LPtCIabqh8qsfEm2BM7tUMk4cXCA2UpkGAv0ahAOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCXfYwCDEKbp1jQa6zZAjWT+7/cIMB8GA1UdIwQY
MBaAFNmiNIX+2MhQdFIy49xRzOrUclSkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9lZGEzZWYtY2RhNi00M2ZhLWI4YTYt
YTI0NjFlNDMxYzQ0LzEvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9lZGEzZWYtY2RhNi00M2ZhLWI4YTYtYTI0NjFlNDMxYzQ0
LzEvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT5DywM31
cP5TnPi2cXWr9U1/VEW4ZeGI0WTqQ2gyVaErP5muSvo9EScKSQdiZfEdGD3A3KSy
jABG2NNbW9L4jFxqG+ewwGruYdWYI/2yWJxqartb0eQWVTDVwJzf99/oCqF7yH3s
eGyUPyC6E47Ycis+5OXx4ZMu7IkQEGVfZ/Ln4a3ySsOXajWtPLBmmJSM1GQ+GM2h
d7hDg2F5NoB8CdP2NynfuMbVQFAbqKamXB8+UHtJtPBrLo68sYAGCiE7IS4DjPrW
oi4YDw+PbaF+zTIuPdco0FW2Xp8BMdA9J1mqJcjDmaJYApVh3UI79wpOsyVwBNfU
EnP0xKOv25r+kQ==
-----END CERTIFICATE-----