Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/e21b69-9df9-48a3-a1e1-70342a2e7533/1/AZYrnNLlVrWW_HJDVlgHueLchoo.mft
File:                     AZYrnNLlVrWW_HJDVlgHueLchoo.mft (raw, json)
Hash identifier:          PiMcJvTxXncRHpsmFSOg58sv7mltC7Ht+HeTGniAcyo=
Subject key identifier:   FF:95:F0:82:EB:9B:AA:3D:E4:C1:76:E6:E2:0A:86:B9:9F:F4:A3:B2
Authority key identifier: 01:96:2B:9C:D2:E5:56:B5:96:FC:72:43:56:58:07:B9:E2:DC:86:8A
Certificate issuer:       /CN=01962b9cd2e556b596fc7243565807b9e2dc868a
Certificate serial:       019921B0600F30219A3E59AD688D8E1FF91E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AZYrnNLlVrWW_HJDVlgHueLchoo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/e21b69-9df9-48a3-a1e1-70342a2e7533/1/AZYrnNLlVrWW_HJDVlgHueLchoo.mft
Manifest number:          077A
Signing time:             Sun 07 Sep 2025 01:00:31 +0000
Manifest this update:     Sun 07 Sep 2025 01:00:31 +0000
Manifest next update:     Mon 08 Sep 2025 01:00:31 +0000
Files and hashes:         1: AZYrnNLlVrWW_HJDVlgHueLchoo.crl (hash: S4v5Glv8BkOKTGVRCmaxbHI45dHdao2ciYoWgoYoCOE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/e21b69-9df9-48a3-a1e1-70342a2e7533/1/AZYrnNLlVrWW_HJDVlgHueLchoo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/e21b69-9df9-48a3-a1e1-70342a2e7533/1/AZYrnNLlVrWW_HJDVlgHueLchoo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AZYrnNLlVrWW_HJDVlgHueLchoo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b0:60:0f:30:21:9a:3e:59:ad:68:8d:8e:1f:f9:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01962b9cd2e556b596fc7243565807b9e2dc868a
        Validity
            Not Before: Sep  7 01:00:31 2025 GMT
            Not After : Sep  8 01:00:31 2025 GMT
        Subject: CN=ff95f082eb9baa3de4c176e6e20a86b99ff4a3b2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:76:16:ee:23:ba:38:84:f7:1a:95:45:7a:2b:
                    50:60:f2:63:4c:57:5a:fd:82:6a:fb:94:ad:0f:e8:
                    a8:39:48:43:f5:62:38:9f:53:fb:95:18:df:99:1b:
                    48:dd:0e:c3:04:ec:98:97:66:69:7b:b4:a5:7e:b1:
                    58:cd:68:c2:e7:ef:89:d8:2a:ca:25:7d:d7:54:6a:
                    ae:21:02:97:3d:3b:35:bb:68:c8:d6:6a:d9:bd:a0:
                    3b:08:1c:a1:d1:a4:75:b5:16:4e:d7:08:6b:76:e5:
                    68:3d:11:68:21:05:02:52:b1:02:c9:73:29:0c:bc:
                    c5:05:4e:f2:87:e7:be:91:b0:17:ea:58:cb:71:e4:
                    d9:78:d2:92:ee:d2:1c:87:b2:fc:8d:71:0e:41:bf:
                    55:1c:93:7b:c8:55:0f:fd:c4:f6:34:7b:5b:8b:45:
                    94:df:4f:bc:8b:fc:ed:59:70:fe:55:f7:e2:76:69:
                    0f:2d:3c:f3:4d:61:fd:10:d3:f6:d5:be:38:68:51:
                    9e:65:e2:8c:09:a0:38:70:ba:ee:bd:24:b2:59:1b:
                    d3:ed:7a:88:97:d4:de:c9:99:63:89:ff:7f:0a:0e:
                    dd:1e:4d:e5:d0:87:37:24:3b:fd:05:83:f6:68:bd:
                    ea:92:83:63:5e:f5:b0:14:9f:ab:1c:fb:fc:d0:27:
                    81:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:95:F0:82:EB:9B:AA:3D:E4:C1:76:E6:E2:0A:86:B9:9F:F4:A3:B2
            X509v3 Authority Key Identifier:
                keyid:01:96:2B:9C:D2:E5:56:B5:96:FC:72:43:56:58:07:B9:E2:DC:86:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AZYrnNLlVrWW_HJDVlgHueLchoo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/e21b69-9df9-48a3-a1e1-70342a2e7533/1/AZYrnNLlVrWW_HJDVlgHueLchoo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/e21b69-9df9-48a3-a1e1-70342a2e7533/1/AZYrnNLlVrWW_HJDVlgHueLchoo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         49:91:bd:60:d5:02:74:4b:98:34:6e:1c:fe:06:b5:bd:c2:56:
         32:04:58:1b:a4:99:47:a1:d1:a5:7f:61:a7:d7:57:dd:a7:4d:
         89:64:01:ef:71:27:49:b4:91:3b:58:26:e7:44:b1:dd:0f:d9:
         ce:5e:15:99:30:ad:a1:a1:18:da:78:fc:f7:a1:81:89:ae:13:
         95:e6:c7:00:53:4d:61:0a:64:52:7b:66:62:7b:f2:1e:77:5e:
         6e:d6:17:16:38:79:1a:2e:99:23:d4:f7:1f:66:ef:a0:a7:2f:
         ad:8d:d3:7e:b5:f3:f1:dd:e4:bf:16:87:46:eb:bf:17:ee:ff:
         c6:48:54:0f:19:b3:0f:d4:8d:51:e2:04:66:18:15:d4:a2:97:
         1d:0e:5b:30:f1:15:04:9f:04:42:49:12:d9:25:f3:3e:6c:1d:
         71:bf:61:88:b9:4f:8f:b2:f5:fa:47:f8:25:b0:86:25:ae:ef:
         a2:8f:02:3a:b1:be:17:c9:42:ee:df:fb:25:c1:c5:5d:b2:1f:
         9e:48:a1:56:7c:60:31:48:6a:e8:43:22:6c:ed:05:bd:23:5b:
         f9:46:7f:04:5e:ac:d5:fa:5a:39:27:ee:37:a7:39:16:a9:c1:
         03:18:ed:62:8c:ad:04:c5:40:cd:c9:b9:b6:42:b4:b4:b1:d2:
         bd:9d:3e:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsGAPMCGaPlmtaI2OH/keMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxOTYyYjljZDJlNTU2YjU5NmZjNzI0MzU2NTgwN2I5ZTJk
Yzg2OGEwHhcNMjUwOTA3MDEwMDMxWhcNMjUwOTA4MDEwMDMxWjAzMTEwLwYDVQQD
EyhmZjk1ZjA4MmViOWJhYTNkZTRjMTc2ZTZlMjBhODZiOTlmZjRhM2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6HYW7iO6OIT3GpVFeitQYPJjTFda
/YJq+5StD+ioOUhD9WI4n1P7lRjfmRtI3Q7DBOyYl2Zpe7SlfrFYzWjC5++J2CrK
JX3XVGquIQKXPTs1u2jI1mrZvaA7CByh0aR1tRZO1whrduVoPRFoIQUCUrECyXMp
DLzFBU7yh+e+kbAX6ljLceTZeNKS7tIch7L8jXEOQb9VHJN7yFUP/cT2NHtbi0WU
30+8i/ztWXD+VffidmkPLTzzTWH9ENP21b44aFGeZeKMCaA4cLruvSSyWRvT7XqI
l9TeyZljif9/Cg7dHk3l0Ic3JDv9BYP2aL3qkoNjXvWwFJ+rHPv80CeB6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP+V8ILrm6o95MF25uIKhrmf9KOyMB8GA1UdIwQY
MBaAFAGWK5zS5Va1lvxyQ1ZYB7ni3IaKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVpZcm5OTGxWcldXX0hKRFZsZ0h1ZUxjaG9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9lMjFiNjktOWRmOS00OGEzLWExZTEt
NzAzNDJhMmU3NTMzLzEvQVpZcm5OTGxWcldXX0hKRFZsZ0h1ZUxjaG9vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9lMjFiNjktOWRmOS00OGEzLWExZTEtNzAzNDJhMmU3NTMz
LzEvQVpZcm5OTGxWcldXX0hKRFZsZ0h1ZUxjaG9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASZG9YNUC
dEuYNG4c/ga1vcJWMgRYG6SZR6HRpX9hp9dX3adNiWQB73EnSbSRO1gm50Sx3Q/Z
zl4VmTCtoaEY2nj896GBia4TlebHAFNNYQpkUntmYnvyHndebtYXFjh5Gi6ZI9T3
H2bvoKcvrY3TfrXz8d3kvxaHRuu/F+7/xkhUDxmzD9SNUeIEZhgV1KKXHQ5bMPEV
BJ8EQkkS2SXzPmwdcb9hiLlPj7L1+kf4JbCGJa7voo8COrG+F8lC7t/7JcHFXbIf
nkihVnxgMUhq6EMibO0FvSNb+UZ/BF6s1fpaOSfuN6c5FqnBAxjtYoytBMVAzcm5
tkK0tLHSvZ0+Zw==
-----END CERTIFICATE-----