Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/9af033-234d-4404-8096-c73bedcdca6d/1/_oN5mWfs0ExTYUie5M-gmM5DaHE.mft
File:                     _oN5mWfs0ExTYUie5M-gmM5DaHE.mft (raw, json)
Hash identifier:          2LI+QBRfoXppbLyVj+hsarKSOVJFXklep0Kkcxa8Wdg=
Subject key identifier:   2B:1D:FF:E5:9D:1E:5A:EB:82:9D:D6:81:7C:88:7E:9C:77:31:55:8A
Authority key identifier: FE:83:79:99:67:EC:D0:4C:53:61:48:9E:E4:CF:A0:98:CE:43:68:71
Certificate issuer:       /CN=fe83799967ecd04c5361489ee4cfa098ce436871
Certificate serial:       019923A0E6A6F559D966C77BDEA985EE96F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_oN5mWfs0ExTYUie5M-gmM5DaHE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/9af033-234d-4404-8096-c73bedcdca6d/1/_oN5mWfs0ExTYUie5M-gmM5DaHE.mft
Manifest number:          166E
Signing time:             Sun 07 Sep 2025 10:02:51 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:51 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:51 +0000
Files and hashes:         1: _oN5mWfs0ExTYUie5M-gmM5DaHE.crl (hash: p3I/aiJVnCtHbeLBgVgfgAM7eun3ug/ngr1ARi8tdEk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/34/9af033-234d-4404-8096-c73bedcdca6d/1/_oN5mWfs0ExTYUie5M-gmM5DaHE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/34/9af033-234d-4404-8096-c73bedcdca6d/1/_oN5mWfs0ExTYUie5M-gmM5DaHE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_oN5mWfs0ExTYUie5M-gmM5DaHE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:e6:a6:f5:59:d9:66:c7:7b:de:a9:85:ee:96:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe83799967ecd04c5361489ee4cfa098ce436871
        Validity
            Not Before: Sep  7 10:02:51 2025 GMT
            Not After : Sep  8 10:02:51 2025 GMT
        Subject: CN=2b1dffe59d1e5aeb829dd6817c887e9c7731558a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:84:3f:36:ca:e0:10:22:b1:15:75:4e:1e:9b:
                    ac:ac:5d:04:76:22:f9:05:67:4c:b7:ee:fa:d6:be:
                    39:a9:8d:c4:46:ff:73:e2:5b:7f:e9:d8:fe:cd:b4:
                    14:25:d2:09:8d:07:c4:04:c4:ac:75:f4:a7:a5:0f:
                    2b:bf:6b:3d:ee:95:fd:83:bc:79:ae:d6:6c:36:ed:
                    14:ba:1f:1f:e5:a6:23:4d:1f:37:0a:59:97:86:27:
                    67:bd:7f:7d:c8:1a:9a:b4:39:dc:c6:6d:8d:5c:3d:
                    07:8c:93:1c:49:f0:71:59:bb:d0:83:c8:af:5f:17:
                    66:7f:22:5a:ae:00:8e:c9:01:81:16:a2:f6:b8:d2:
                    5d:df:5c:d7:dc:51:00:c3:46:eb:02:95:a1:86:93:
                    90:d1:20:b4:10:6a:b1:ce:c7:36:2b:93:1e:b8:69:
                    c1:a0:5b:29:74:33:9d:9e:4e:98:53:32:ff:b7:7e:
                    6d:8f:fc:95:68:97:2a:be:bd:3d:42:f5:8f:59:33:
                    23:97:9a:ae:9b:12:03:a5:90:3a:06:a5:09:49:fd:
                    7b:f2:cc:b8:7d:14:31:0a:86:5c:3b:03:d2:d3:19:
                    d4:79:4f:9d:fe:08:3e:ba:0d:39:92:ad:4e:04:8d:
                    c6:ce:86:6f:50:4d:c0:bb:37:d7:73:ac:39:45:c7:
                    9e:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:1D:FF:E5:9D:1E:5A:EB:82:9D:D6:81:7C:88:7E:9C:77:31:55:8A
            X509v3 Authority Key Identifier:
                keyid:FE:83:79:99:67:EC:D0:4C:53:61:48:9E:E4:CF:A0:98:CE:43:68:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_oN5mWfs0ExTYUie5M-gmM5DaHE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9af033-234d-4404-8096-c73bedcdca6d/1/_oN5mWfs0ExTYUie5M-gmM5DaHE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9af033-234d-4404-8096-c73bedcdca6d/1/_oN5mWfs0ExTYUie5M-gmM5DaHE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:a7:90:b1:a4:85:bd:96:24:6a:8a:4a:3e:93:b2:82:e1:81:
         52:24:0e:5e:b4:be:a0:7f:50:0d:b9:15:c4:a9:1d:67:9c:9a:
         b9:44:fa:a3:26:57:68:c1:ab:38:70:07:2c:04:a8:99:c3:43:
         51:e4:55:07:0d:bc:37:02:06:5e:df:8f:05:cc:69:0d:37:b3:
         a1:98:ee:68:6b:32:b2:e6:e4:15:77:90:d2:97:ec:9a:e9:64:
         05:f6:5c:e3:98:67:3b:b8:bf:e5:0c:e8:25:03:52:c6:2b:a7:
         37:aa:7e:10:bb:6a:47:0f:75:57:0f:4a:b0:36:9f:d8:5b:f0:
         ad:35:b7:d3:3c:ca:72:3b:cb:f3:e8:7e:19:33:ef:d4:80:41:
         63:f0:e5:10:42:45:c7:be:ba:3a:68:db:61:a0:e3:45:fa:2a:
         7e:1c:69:35:77:9e:77:00:6d:db:e9:51:68:44:1f:6a:80:d6:
         59:33:a5:56:d2:7f:23:46:e6:96:35:ec:1b:51:a3:6f:e7:70:
         13:2a:81:41:17:93:29:4c:97:94:b7:22:06:c8:f1:2c:7c:5d:
         da:3a:ea:db:13:41:6a:5d:86:7b:a7:4a:d8:38:86:4c:2a:0e:
         60:d8:75:74:ac:a1:57:4b:eb:90:b6:52:aa:75:b6:08:4c:4a:
         3d:0a:e4:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoOam9VnZZsd73qmF7pbzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlODM3OTk5NjdlY2QwNGM1MzYxNDg5ZWU0Y2ZhMDk4Y2U0
MzY4NzEwHhcNMjUwOTA3MTAwMjUxWhcNMjUwOTA4MTAwMjUxWjAzMTEwLwYDVQQD
EygyYjFkZmZlNTlkMWU1YWViODI5ZGQ2ODE3Yzg4N2U5Yzc3MzE1NThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4Q/NsrgECKxFXVOHpusrF0EdiL5
BWdMt+761r45qY3ERv9z4lt/6dj+zbQUJdIJjQfEBMSsdfSnpQ8rv2s97pX9g7x5
rtZsNu0Uuh8f5aYjTR83ClmXhidnvX99yBqatDncxm2NXD0HjJMcSfBxWbvQg8iv
XxdmfyJargCOyQGBFqL2uNJd31zX3FEAw0brApWhhpOQ0SC0EGqxzsc2K5MeuGnB
oFspdDOdnk6YUzL/t35tj/yVaJcqvr09QvWPWTMjl5qumxIDpZA6BqUJSf178sy4
fRQxCoZcOwPS0xnUeU+d/gg+ug05kq1OBI3GzoZvUE3AuzfXc6w5RceeMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCsd/+WdHlrrgp3WgXyIfpx3MVWKMB8GA1UdIwQY
MBaAFP6DeZln7NBMU2FInuTPoJjOQ2hxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX29ONW1XZnMwRXhUWVVpZTVNLWdtTTVEYUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC85YWYwMzMtMjM0ZC00NDA0LTgwOTYt
YzczYmVkY2RjYTZkLzEvX29ONW1XZnMwRXhUWVVpZTVNLWdtTTVEYUhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC85YWYwMzMtMjM0ZC00NDA0LTgwOTYtYzczYmVkY2RjYTZk
LzEvX29ONW1XZnMwRXhUWVVpZTVNLWdtTTVEYUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFaeQsaSF
vZYkaopKPpOyguGBUiQOXrS+oH9QDbkVxKkdZ5yauUT6oyZXaMGrOHAHLASomcND
UeRVBw28NwIGXt+PBcxpDTezoZjuaGsysubkFXeQ0pfsmulkBfZc45hnO7i/5Qzo
JQNSxiunN6p+ELtqRw91Vw9KsDaf2FvwrTW30zzKcjvL8+h+GTPv1IBBY/DlEEJF
x766OmjbYaDjRfoqfhxpNXeedwBt2+lRaEQfaoDWWTOlVtJ/I0bmljXsG1Gjb+dw
EyqBQReTKUyXlLciBsjxLHxd2jrq2xNBal2Ge6dK2DiGTCoOYNh1dKyhV0vrkLZS
qnW2CExKPQrktA==
-----END CERTIFICATE-----