Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft
File:                     XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft (raw, json)
Hash identifier:          cvXldq8WWptMhCqSGj7hGodOD8XY3hRM+i+vsZEvudc=
Subject key identifier:   A9:F6:A5:B6:F6:7B:62:83:FB:3E:02:57:B8:A2:6D:84:C1:E9:00:C8
Authority key identifier: 5C:CF:12:89:9F:35:8D:1C:34:1A:20:7F:DE:21:D4:3C:70:A6:94:5E
Certificate issuer:       /CN=5ccf12899f358d1c341a207fde21d43c70a6945e
Certificate serial:       019922C38B1A176F8469A9FC3688F5108842
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XM8SiZ81jRw0GiB_3iHUPHCmlF4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft
Manifest number:          02B9
Signing time:             Sun 07 Sep 2025 06:01:04 +0000
Manifest this update:     Sun 07 Sep 2025 06:01:04 +0000
Manifest next update:     Mon 08 Sep 2025 06:01:04 +0000
Files and hashes:         1: XM8SiZ81jRw0GiB_3iHUPHCmlF4.crl (hash: kGocSCbTs8ScAqS55r2NUnedwOyyyuEC758Nj4qF1D8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XM8SiZ81jRw0GiB_3iHUPHCmlF4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:c3:8b:1a:17:6f:84:69:a9:fc:36:88:f5:10:88:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ccf12899f358d1c341a207fde21d43c70a6945e
        Validity
            Not Before: Sep  7 06:01:04 2025 GMT
            Not After : Sep  8 06:01:04 2025 GMT
        Subject: CN=a9f6a5b6f67b6283fb3e0257b8a26d84c1e900c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:3a:92:25:65:2c:60:ed:fb:e4:ea:b8:82:ef:
                    6f:8d:b6:16:e3:9f:80:72:16:a0:35:15:9d:44:a5:
                    ff:88:61:a7:d8:33:84:6f:4d:a2:2e:dc:98:8a:bc:
                    0e:6c:f2:95:e6:f3:e2:78:9e:0f:88:77:d6:2d:a3:
                    82:aa:a0:78:2f:7a:03:23:52:47:a3:22:2a:e6:e1:
                    2c:31:9c:c5:d3:4a:a9:fe:74:1c:e4:fc:0f:36:e0:
                    87:5a:fb:17:5b:45:a1:e3:83:95:83:77:3c:4e:c5:
                    14:56:0b:67:4e:db:3a:32:4e:4b:e9:49:e7:02:c9:
                    77:8b:20:64:6a:78:7b:3f:20:d9:81:35:08:24:87:
                    b5:44:6a:c6:5b:46:af:03:1f:6f:dc:9e:50:75:1a:
                    93:72:29:d4:00:24:a8:6c:79:01:3d:a6:c1:d1:41:
                    e8:42:8f:c3:22:ed:fa:8f:32:61:28:6b:93:a7:62:
                    0f:db:fe:27:a3:7a:d9:18:db:97:b7:16:0d:95:0d:
                    f3:12:32:53:9a:19:97:62:2a:58:6f:1b:02:27:46:
                    ad:d3:c1:1f:fa:82:97:fc:86:7b:ca:69:ec:d9:2a:
                    63:d6:f8:94:dc:2e:5d:52:4c:52:48:62:16:73:3e:
                    ca:6b:90:34:02:57:3f:d8:83:4b:0f:96:45:04:8e:
                    55:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:F6:A5:B6:F6:7B:62:83:FB:3E:02:57:B8:A2:6D:84:C1:E9:00:C8
            X509v3 Authority Key Identifier:
                keyid:5C:CF:12:89:9F:35:8D:1C:34:1A:20:7F:DE:21:D4:3C:70:A6:94:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XM8SiZ81jRw0GiB_3iHUPHCmlF4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:a5:e1:2d:64:cc:d5:e0:11:df:b6:45:a9:0c:50:6e:d6:14:
         66:11:75:d1:4b:7a:a6:c1:e1:70:0a:64:c9:ec:88:59:6b:1b:
         b4:e3:ec:05:0e:40:3e:ee:d1:54:e9:e1:6b:75:7d:e6:35:64:
         05:a1:76:51:c5:48:46:d0:98:34:ce:2a:d2:9f:e9:d6:5c:99:
         60:92:cd:a2:11:3d:50:72:fd:5c:b1:e0:72:bf:de:53:db:a7:
         c5:ff:a3:92:02:66:ed:9e:3d:29:65:a0:03:84:6f:50:1a:d0:
         2a:20:f3:03:4a:f3:a8:f8:98:4f:c9:c0:c7:5c:ea:a2:bd:01:
         4e:1c:0b:b4:73:95:ca:4c:03:d9:25:69:3a:f8:8f:86:ae:84:
         06:b8:9b:3e:ae:16:1f:d0:de:61:f9:66:a3:3a:9d:10:10:49:
         25:5f:39:b9:8e:51:f0:ae:48:0c:fd:68:b8:97:1c:ac:d8:f5:
         e6:01:d4:13:19:bd:ec:1a:14:92:ab:81:1d:b5:f1:68:44:43:
         85:28:86:3c:e5:4e:bd:6b:98:fa:27:8d:e1:8d:3f:1a:ff:68:
         db:eb:2a:b4:3e:75:dd:b0:57:a3:83:b0:7b:b5:0a:a8:10:ad:
         f9:15:8c:9e:5c:70:19:49:bc:81:aa:10:03:13:ce:72:e0:30:
         14:83:57:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiw4saF2+Eaan8Noj1EIhCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjY2YxMjg5OWYzNThkMWMzNDFhMjA3ZmRlMjFkNDNjNzBh
Njk0NWUwHhcNMjUwOTA3MDYwMTA0WhcNMjUwOTA4MDYwMTA0WjAzMTEwLwYDVQQD
EyhhOWY2YTViNmY2N2I2MjgzZmIzZTAyNTdiOGEyNmQ4NGMxZTkwMGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTqSJWUsYO375Oq4gu9vjbYW45+A
chagNRWdRKX/iGGn2DOEb02iLtyYirwObPKV5vPieJ4PiHfWLaOCqqB4L3oDI1JH
oyIq5uEsMZzF00qp/nQc5PwPNuCHWvsXW0Wh44OVg3c8TsUUVgtnTts6Mk5L6Unn
Asl3iyBkanh7PyDZgTUIJIe1RGrGW0avAx9v3J5QdRqTcinUACSobHkBPabB0UHo
Qo/DIu36jzJhKGuTp2IP2/4no3rZGNuXtxYNlQ3zEjJTmhmXYipYbxsCJ0at08Ef
+oKX/IZ7ymns2Spj1viU3C5dUkxSSGIWcz7Ka5A0Alc/2INLD5ZFBI5VmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKn2pbb2e2KD+z4CV7iibYTB6QDIMB8GA1UdIwQY
MBaAFFzPEomfNY0cNBogf94h1DxwppReMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE04U2laODFqUncwR2lCXzNpSFVQSENtbEY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9jODEyOTctNjJiNy00OWZiLWJhM2Yt
MjU2MGY4NjkwY2QyLzEvWE04U2laODFqUncwR2lCXzNpSFVQSENtbEY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9jODEyOTctNjJiNy00OWZiLWJhM2YtMjU2MGY4NjkwY2Qy
LzEvWE04U2laODFqUncwR2lCXzNpSFVQSENtbEY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG6XhLWTM
1eAR37ZFqQxQbtYUZhF10Ut6psHhcApkyeyIWWsbtOPsBQ5APu7RVOnha3V95jVk
BaF2UcVIRtCYNM4q0p/p1lyZYJLNohE9UHL9XLHgcr/eU9unxf+jkgJm7Z49KWWg
A4RvUBrQKiDzA0rzqPiYT8nAx1zqor0BThwLtHOVykwD2SVpOviPhq6EBribPq4W
H9DeYflmozqdEBBJJV85uY5R8K5IDP1ouJccrNj15gHUExm97BoUkquBHbXxaERD
hSiGPOVOvWuY+ieN4Y0/Gv9o2+sqtD513bBXo4Owe7UKqBCt+RWMnlxwGUm8gaoQ
AxPOcuAwFINXpg==
-----END CERTIFICATE-----