Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/c8961f-d1d7-46ac-9f8d-33ebac095077/1/rlDsNS6NuwzfbgjFfHHKoRpEUAM.mft
File:                     rlDsNS6NuwzfbgjFfHHKoRpEUAM.mft (raw, json)
Hash identifier:          fRM3Cd2Y297LX6GqXU1YioiTdsxkT1ejBN7wUrbTPlo=
Subject key identifier:   02:DF:74:5E:68:09:AA:B4:02:BB:DA:7C:91:71:4C:06:0C:BA:AB:F7
Authority key identifier: AE:50:EC:35:2E:8D:BB:0C:DF:6E:08:C5:7C:71:CA:A1:1A:44:50:03
Certificate issuer:       /CN=ae50ec352e8dbb0cdf6e08c57c71caa11a445003
Certificate serial:       019921B26E5BEC4F37E25330AC98C60043F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rlDsNS6NuwzfbgjFfHHKoRpEUAM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/c8961f-d1d7-46ac-9f8d-33ebac095077/1/rlDsNS6NuwzfbgjFfHHKoRpEUAM.mft
Manifest number:          166E
Signing time:             Sun 07 Sep 2025 01:02:45 +0000
Manifest this update:     Sun 07 Sep 2025 01:02:45 +0000
Manifest next update:     Mon 08 Sep 2025 01:02:45 +0000
Files and hashes:         1: rlDsNS6NuwzfbgjFfHHKoRpEUAM.crl (hash: XYZNxIKK485Ew/6e4X7acAxtBnh/6lnZhJbXrirAE8U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/49/c8961f-d1d7-46ac-9f8d-33ebac095077/1/rlDsNS6NuwzfbgjFfHHKoRpEUAM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/49/c8961f-d1d7-46ac-9f8d-33ebac095077/1/rlDsNS6NuwzfbgjFfHHKoRpEUAM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rlDsNS6NuwzfbgjFfHHKoRpEUAM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:02:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b2:6e:5b:ec:4f:37:e2:53:30:ac:98:c6:00:43:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ae50ec352e8dbb0cdf6e08c57c71caa11a445003
        Validity
            Not Before: Sep  7 01:02:45 2025 GMT
            Not After : Sep  8 01:02:45 2025 GMT
        Subject: CN=02df745e6809aab402bbda7c91714c060cbaabf7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:a4:bf:96:60:28:73:20:73:cf:f0:a4:42:db:
                    c8:a5:99:90:64:39:cb:8a:93:a0:ef:9b:b7:7d:48:
                    6c:1c:a4:47:e2:4c:8e:59:7c:59:b6:3e:17:d5:22:
                    fc:8c:79:ca:1d:88:a4:22:bf:9f:86:c8:29:2e:e7:
                    97:c6:df:ca:60:51:f1:e3:20:03:50:5c:11:c5:3d:
                    9b:d5:16:67:ac:2d:1a:01:45:24:2e:30:04:51:38:
                    33:d4:46:7c:af:13:f7:e7:98:6c:61:0c:5f:d8:e7:
                    e4:49:02:91:f8:84:6d:02:a1:7a:27:86:48:eb:93:
                    32:83:f6:9c:3a:0e:44:f2:4a:d4:0c:87:25:1f:fc:
                    1a:36:89:ce:08:ff:b7:d7:d2:20:3d:dd:42:b6:df:
                    27:03:81:ab:94:16:f7:1e:75:8e:4a:c5:54:3f:ae:
                    d5:13:e3:31:54:42:a2:22:61:8c:98:ba:c4:7a:46:
                    fc:c5:59:d6:97:ba:46:18:0f:18:82:7f:8b:c3:44:
                    74:d4:e5:34:eb:92:90:24:46:c9:c1:c2:82:6c:b2:
                    5a:c8:2f:4a:2d:88:06:b4:92:9d:0a:bb:e4:f4:cd:
                    b6:22:fd:ae:ab:6b:85:3d:c5:65:b6:69:a2:06:84:
                    88:95:6b:25:63:b4:bc:b4:d1:e2:4b:3b:f2:e5:8a:
                    6e:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:DF:74:5E:68:09:AA:B4:02:BB:DA:7C:91:71:4C:06:0C:BA:AB:F7
            X509v3 Authority Key Identifier:
                keyid:AE:50:EC:35:2E:8D:BB:0C:DF:6E:08:C5:7C:71:CA:A1:1A:44:50:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rlDsNS6NuwzfbgjFfHHKoRpEUAM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/c8961f-d1d7-46ac-9f8d-33ebac095077/1/rlDsNS6NuwzfbgjFfHHKoRpEUAM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/c8961f-d1d7-46ac-9f8d-33ebac095077/1/rlDsNS6NuwzfbgjFfHHKoRpEUAM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:e3:33:dd:38:43:fd:9f:e9:b9:48:74:a1:7c:a5:48:4e:6d:
         74:ef:f4:ef:50:22:ce:f8:4e:52:8f:d6:41:b1:60:ab:8e:e1:
         f5:e3:6b:67:87:ba:12:fb:78:35:6a:ad:67:f4:c9:37:39:66:
         27:e8:0d:8e:8d:42:34:b2:bc:e5:21:34:4a:61:18:27:59:8b:
         66:b1:ca:d3:09:2e:e5:f2:9c:0b:58:c1:10:3b:47:8c:c3:05:
         2c:75:2d:3d:16:2b:39:44:14:af:5a:54:b0:e9:a0:83:c4:41:
         a2:c6:1b:f0:3d:6f:42:b5:13:29:e4:99:07:78:92:6f:11:83:
         ca:2e:45:34:52:b4:a1:e9:43:1e:8b:ae:e6:ce:28:5d:eb:0e:
         c6:29:0c:2f:95:c6:42:4b:4f:03:0d:b5:bf:3d:36:ce:87:be:
         8e:74:f4:f6:3c:d4:62:b0:44:5f:31:1d:b2:04:bb:03:88:13:
         97:e9:33:e6:48:2d:23:1a:5f:57:d9:a2:1c:6e:9c:76:fc:04:
         a3:7f:be:eb:5f:64:54:5a:5f:5f:7b:c0:7d:50:12:c1:b1:81:
         6b:10:21:a9:49:44:a6:f9:ec:0a:36:cf:51:2c:f5:58:a1:01:
         13:ff:07:cb:50:5b:e4:69:0b:08:e8:4b:f8:2a:f6:02:9c:2f:
         8b:ff:fc:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsm5b7E834lMwrJjGAEP4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNTBlYzM1MmU4ZGJiMGNkZjZlMDhjNTdjNzFjYWExMWE0
NDUwMDMwHhcNMjUwOTA3MDEwMjQ1WhcNMjUwOTA4MDEwMjQ1WjAzMTEwLwYDVQQD
EygwMmRmNzQ1ZTY4MDlhYWI0MDJiYmRhN2M5MTcxNGMwNjBjYmFhYmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKS/lmAocyBzz/CkQtvIpZmQZDnL
ipOg75u3fUhsHKRH4kyOWXxZtj4X1SL8jHnKHYikIr+fhsgpLueXxt/KYFHx4yAD
UFwRxT2b1RZnrC0aAUUkLjAEUTgz1EZ8rxP355hsYQxf2OfkSQKR+IRtAqF6J4ZI
65Myg/acOg5E8krUDIclH/waNonOCP+319IgPd1Ctt8nA4GrlBb3HnWOSsVUP67V
E+MxVEKiImGMmLrEekb8xVnWl7pGGA8Ygn+Lw0R01OU065KQJEbJwcKCbLJayC9K
LYgGtJKdCrvk9M22Iv2uq2uFPcVltmmiBoSIlWslY7S8tNHiSzvy5YpuFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFALfdF5oCaq0ArvafJFxTAYMuqv3MB8GA1UdIwQY
MBaAFK5Q7DUujbsM324IxXxxyqEaRFADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmxEc05TNk51d3pmYmdqRmZISEtvUnBFVUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9jODk2MWYtZDFkNy00NmFjLTlmOGQt
MzNlYmFjMDk1MDc3LzEvcmxEc05TNk51d3pmYmdqRmZISEtvUnBFVUFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9jODk2MWYtZDFkNy00NmFjLTlmOGQtMzNlYmFjMDk1MDc3
LzEvcmxEc05TNk51d3pmYmdqRmZISEtvUnBFVUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFeMz3ThD
/Z/puUh0oXylSE5tdO/071AizvhOUo/WQbFgq47h9eNrZ4e6Evt4NWqtZ/TJNzlm
J+gNjo1CNLK85SE0SmEYJ1mLZrHK0wku5fKcC1jBEDtHjMMFLHUtPRYrOUQUr1pU
sOmgg8RBosYb8D1vQrUTKeSZB3iSbxGDyi5FNFK0oelDHouu5s4oXesOxikML5XG
QktPAw21vz02zoe+jnT09jzUYrBEXzEdsgS7A4gTl+kz5kgtIxpfV9miHG6cdvwE
o3++619kVFpfX3vAfVASwbGBaxAhqUlEpvnsCjbPUSz1WKEBE/8Hy1Bb5GkLCOhL
+Cr2Apwvi//8og==
-----END CERTIFICATE-----