Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/d980d1-92c8-44b4-a5ab-757f99927571/1/vhhoIFs9E3NVqnHyRnKVzYcZUsg.mft
File:                     vhhoIFs9E3NVqnHyRnKVzYcZUsg.mft (raw, json)
Hash identifier:          33PHEM4LdFqEMmMTRX80Uttswjwl9iqG4EI26t3smIU=
Subject key identifier:   FC:0D:59:97:13:A3:0E:51:92:9F:55:EB:45:B1:D8:04:47:6E:B5:56
Authority key identifier: BE:18:68:20:5B:3D:13:73:55:AA:71:F2:46:72:95:CD:87:19:52:C8
Certificate issuer:       /CN=be1868205b3d137355aa71f2467295cd871952c8
Certificate serial:       0199228D2B5581510D45EC98451413F6E091
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vhhoIFs9E3NVqnHyRnKVzYcZUsg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/d980d1-92c8-44b4-a5ab-757f99927571/1/vhhoIFs9E3NVqnHyRnKVzYcZUsg.mft
Manifest number:          0C72
Signing time:             Sun 07 Sep 2025 05:01:40 +0000
Manifest this update:     Sun 07 Sep 2025 05:01:40 +0000
Manifest next update:     Mon 08 Sep 2025 05:01:40 +0000
Files and hashes:         1: vhhoIFs9E3NVqnHyRnKVzYcZUsg.crl (hash: aZoEL9a+YUa2bPcMdlLCy2bs68414kdogyS8YE/FZeI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/d980d1-92c8-44b4-a5ab-757f99927571/1/vhhoIFs9E3NVqnHyRnKVzYcZUsg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/d980d1-92c8-44b4-a5ab-757f99927571/1/vhhoIFs9E3NVqnHyRnKVzYcZUsg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vhhoIFs9E3NVqnHyRnKVzYcZUsg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:8d:2b:55:81:51:0d:45:ec:98:45:14:13:f6:e0:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=be1868205b3d137355aa71f2467295cd871952c8
        Validity
            Not Before: Sep  7 05:01:40 2025 GMT
            Not After : Sep  8 05:01:40 2025 GMT
        Subject: CN=fc0d599713a30e51929f55eb45b1d804476eb556
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:72:26:42:d0:ae:80:f9:b0:93:64:bc:bb:ca:
                    23:94:b1:72:0f:e2:12:f8:e6:22:85:38:2b:43:4e:
                    f1:a1:76:2f:9c:ab:ee:2e:60:86:90:32:94:87:a1:
                    47:77:73:b4:8a:93:aa:13:74:1a:01:0b:fb:a5:08:
                    b6:a9:58:0b:25:8f:19:79:07:78:ff:bc:d5:1f:27:
                    b8:8b:be:a3:33:a8:63:e0:5f:0f:8e:70:b5:1e:7e:
                    9d:d2:b0:1e:da:fd:a0:1c:d6:71:58:7f:f6:2b:90:
                    e8:cf:e3:bc:95:ee:5d:2b:46:40:23:29:f4:b7:9e:
                    c6:3f:fe:10:4f:06:ba:17:7e:51:18:e9:47:73:60:
                    cc:c4:84:bb:3c:b5:88:59:e8:24:fc:aa:b1:cb:62:
                    e3:e4:51:d3:8f:b2:a0:2a:fb:a6:a4:88:f4:78:db:
                    c5:66:43:d4:65:b4:fc:a5:d0:cb:82:f0:af:6a:ed:
                    bc:46:dd:d7:49:86:da:f6:71:62:36:4e:5c:be:a1:
                    6e:88:1f:54:ef:d7:b2:16:57:51:0a:04:6c:c5:21:
                    0b:1e:7b:ea:f0:f2:3a:7c:c8:e4:31:f1:0c:1a:b8:
                    20:21:7f:3c:16:6c:a1:c9:17:c2:f2:6d:45:45:80:
                    63:6f:6a:ac:f7:65:e7:1e:29:b2:9e:c9:2c:f6:ea:
                    a0:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:0D:59:97:13:A3:0E:51:92:9F:55:EB:45:B1:D8:04:47:6E:B5:56
            X509v3 Authority Key Identifier:
                keyid:BE:18:68:20:5B:3D:13:73:55:AA:71:F2:46:72:95:CD:87:19:52:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vhhoIFs9E3NVqnHyRnKVzYcZUsg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/d980d1-92c8-44b4-a5ab-757f99927571/1/vhhoIFs9E3NVqnHyRnKVzYcZUsg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/d980d1-92c8-44b4-a5ab-757f99927571/1/vhhoIFs9E3NVqnHyRnKVzYcZUsg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:b2:45:18:9c:31:57:5d:c7:ec:5f:a3:d4:95:fe:79:f4:8b:
         c0:eb:ce:95:26:57:d1:d4:d0:c2:fb:64:06:fe:48:c9:d7:aa:
         66:4e:c9:2b:21:ae:3a:26:eb:ca:29:78:4c:d9:7d:44:03:9b:
         2a:07:0a:19:91:42:57:bc:af:a3:04:c6:15:e3:4b:1f:e1:f1:
         6f:b2:c5:43:0d:b1:ea:d1:20:76:96:4f:28:0a:fa:0c:50:2b:
         09:41:95:49:27:d2:60:59:5d:e3:86:b6:68:d8:04:01:7a:8d:
         07:07:64:70:32:aa:1c:76:ee:bd:cd:f0:0a:5f:52:f7:b7:da:
         4a:50:c9:3a:af:27:bf:f7:a9:48:1e:0e:5d:18:50:7a:28:ee:
         6e:56:d6:d0:e5:4f:d0:f3:9d:0f:3d:bf:d8:62:92:9c:b5:6a:
         d7:59:a6:95:6b:d2:ac:08:20:29:1e:0e:51:d5:98:0b:91:37:
         c6:6f:75:c9:f9:f4:6a:3c:e0:47:38:7f:eb:2c:2f:c6:7c:f7:
         22:ea:72:c4:62:26:c6:41:8a:22:db:00:12:48:d4:68:57:00:
         64:39:39:4d:78:4a:ed:56:10:09:3d:b4:36:40:ae:65:65:9e:
         1e:1f:b5:4e:eb:bb:eb:58:e5:2a:e7:6d:46:d3:8a:ca:26:88:
         37:5d:1c:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkijStVgVENReyYRRQT9uCRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlMTg2ODIwNWIzZDEzNzM1NWFhNzFmMjQ2NzI5NWNkODcx
OTUyYzgwHhcNMjUwOTA3MDUwMTQwWhcNMjUwOTA4MDUwMTQwWjAzMTEwLwYDVQQD
EyhmYzBkNTk5NzEzYTMwZTUxOTI5ZjU1ZWI0NWIxZDgwNDQ3NmViNTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA13ImQtCugPmwk2S8u8ojlLFyD+IS
+OYihTgrQ07xoXYvnKvuLmCGkDKUh6FHd3O0ipOqE3QaAQv7pQi2qVgLJY8ZeQd4
/7zVHye4i76jM6hj4F8PjnC1Hn6d0rAe2v2gHNZxWH/2K5Doz+O8le5dK0ZAIyn0
t57GP/4QTwa6F35RGOlHc2DMxIS7PLWIWegk/Kqxy2Lj5FHTj7KgKvumpIj0eNvF
ZkPUZbT8pdDLgvCvau28Rt3XSYba9nFiNk5cvqFuiB9U79eyFldRCgRsxSELHnvq
8PI6fMjkMfEMGrggIX88FmyhyRfC8m1FRYBjb2qs92XnHimynsks9uqgNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPwNWZcTow5Rkp9V60Wx2ARHbrVWMB8GA1UdIwQY
MBaAFL4YaCBbPRNzVapx8kZylc2HGVLIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmhob0lGczlFM05WcW5IeVJuS1Z6WWNaVXNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9kOTgwZDEtOTJjOC00NGI0LWE1YWIt
NzU3Zjk5OTI3NTcxLzEvdmhob0lGczlFM05WcW5IeVJuS1Z6WWNaVXNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9kOTgwZDEtOTJjOC00NGI0LWE1YWItNzU3Zjk5OTI3NTcx
LzEvdmhob0lGczlFM05WcW5IeVJuS1Z6WWNaVXNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGLJFGJwx
V13H7F+j1JX+efSLwOvOlSZX0dTQwvtkBv5IydeqZk7JKyGuOibryil4TNl9RAOb
KgcKGZFCV7yvowTGFeNLH+Hxb7LFQw2x6tEgdpZPKAr6DFArCUGVSSfSYFld44a2
aNgEAXqNBwdkcDKqHHbuvc3wCl9S97faSlDJOq8nv/epSB4OXRhQeijublbW0OVP
0POdDz2/2GKSnLVq11mmlWvSrAggKR4OUdWYC5E3xm91yfn0ajzgRzh/6ywvxnz3
IupyxGImxkGKItsAEkjUaFcAZDk5TXhK7VYQCT20NkCuZWWeHh+1Tuu761jlKudt
RtOKyiaIN10clA==
-----END CERTIFICATE-----