Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft
File:                     861SH4OIdIPIybDG895f1e1Whck.mft (raw, json)
Hash identifier:          /eXX2Z0JbjZep4E45my2qPSQMOjzjN16zoRV51p8NZc=
Subject key identifier:   BA:0B:B8:1E:91:93:7B:07:0C:0A:CD:CB:3F:D8:6E:A4:FE:09:66:87
Authority key identifier: F3:AD:52:1F:83:88:74:83:C8:C9:B0:C6:F3:DE:5F:D5:ED:56:85:C9
Certificate issuer:       /CN=f3ad521f83887483c8c9b0c6f3de5fd5ed5685c9
Certificate serial:       019921B0E2B6270218BDE3CC8AC166A1BA78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/861SH4OIdIPIybDG895f1e1Whck.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft
Manifest number:          0BFB
Signing time:             Sun 07 Sep 2025 01:01:04 +0000
Manifest this update:     Sun 07 Sep 2025 01:01:04 +0000
Manifest next update:     Mon 08 Sep 2025 01:01:04 +0000
Files and hashes:         1: 861SH4OIdIPIybDG895f1e1Whck.crl (hash: +7t5gW5nQegBiqq2o9gOEfZnkNoOznLC94hfMsX4sms=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/861SH4OIdIPIybDG895f1e1Whck.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b0:e2:b6:27:02:18:bd:e3:cc:8a:c1:66:a1:ba:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f3ad521f83887483c8c9b0c6f3de5fd5ed5685c9
        Validity
            Not Before: Sep  7 01:01:04 2025 GMT
            Not After : Sep  8 01:01:04 2025 GMT
        Subject: CN=ba0bb81e91937b070c0acdcb3fd86ea4fe096687
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:56:ee:e4:c2:fc:57:65:6c:d8:51:cb:48:81:
                    cf:b1:d3:d9:35:7f:3a:f5:7e:b0:01:27:f8:da:0a:
                    a8:30:88:bd:8b:f8:d5:2b:04:22:e8:db:97:8e:64:
                    5a:6b:09:d5:71:cf:29:ab:e9:6c:93:84:58:a6:6d:
                    58:66:9c:3b:6c:ac:46:6f:36:fc:d2:f4:1f:5a:74:
                    ce:00:d8:71:c7:22:22:8a:f8:43:b8:55:b3:57:47:
                    44:5f:f6:4d:ed:50:54:15:5a:b7:e3:37:54:dd:ac:
                    a0:00:18:82:43:fe:91:0b:e7:03:2c:d6:8e:45:40:
                    c5:4e:d4:e8:6f:6c:1d:da:6e:bd:a4:dd:e5:27:b5:
                    6f:ca:e2:d7:e8:7b:40:23:92:37:e9:aa:50:7a:d0:
                    ec:d0:16:06:38:6b:a5:90:ce:9a:3b:a1:4a:98:ae:
                    d5:5e:11:5d:d8:c5:75:9c:a6:72:96:12:29:12:fe:
                    9e:2f:91:8e:44:fe:44:ad:43:a4:78:88:94:2b:4a:
                    81:cf:82:85:bc:5b:30:86:0e:28:91:55:65:f1:82:
                    12:be:ca:1e:b5:75:96:ba:ef:23:9f:97:89:a6:25:
                    2b:4d:f0:9d:2a:b8:48:c9:7f:6d:e0:2e:f7:9c:c6:
                    6b:b5:ce:6d:81:b8:3a:60:18:61:df:26:ad:eb:af:
                    42:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:0B:B8:1E:91:93:7B:07:0C:0A:CD:CB:3F:D8:6E:A4:FE:09:66:87
            X509v3 Authority Key Identifier:
                keyid:F3:AD:52:1F:83:88:74:83:C8:C9:B0:C6:F3:DE:5F:D5:ED:56:85:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/861SH4OIdIPIybDG895f1e1Whck.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:f6:16:ab:98:63:63:e2:eb:d9:93:29:f5:5e:b5:ae:e9:df:
         aa:10:b7:39:ff:af:1e:7b:e8:44:cd:9c:75:b7:ad:0e:ff:e2:
         a9:66:3d:bd:6c:aa:d1:36:88:99:34:6a:0f:f5:0c:26:8c:67:
         5e:53:07:ae:ca:1f:89:9e:24:9f:84:67:ff:3b:24:4b:65:e7:
         a0:cc:a5:61:85:2b:8e:65:23:84:59:cb:c4:5d:d9:43:14:cc:
         f0:a4:5c:e7:d1:bb:c4:9d:de:97:2d:51:82:ad:9d:4f:67:1c:
         b3:23:eb:1c:35:27:3b:7c:6a:8e:83:46:5d:23:28:7e:8c:ea:
         b6:19:39:29:d4:f1:e8:14:28:3a:da:84:b6:71:76:59:1d:14:
         88:23:d2:59:9f:38:6a:67:3f:36:1a:30:47:2e:ae:14:c4:e3:
         dc:72:75:2a:fa:5d:50:22:a2:2b:13:1c:7a:f9:6f:c6:56:6f:
         ac:21:77:12:d3:3a:32:0a:d6:ce:86:97:76:c8:66:50:09:64:
         56:10:45:98:fc:32:39:97:47:e4:9d:94:95:27:b8:b9:21:20:
         21:45:d5:33:e2:e8:8d:9f:11:86:c4:ca:7d:cb:0e:c3:0f:6e:
         af:a5:fe:27:fe:7b:b2:45:4f:e8:fc:57:87:11:bb:12:b3:14:
         33:6b:82:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsOK2JwIYvePMisFmobp4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYWQ1MjFmODM4ODc0ODNjOGM5YjBjNmYzZGU1ZmQ1ZWQ1
Njg1YzkwHhcNMjUwOTA3MDEwMTA0WhcNMjUwOTA4MDEwMTA0WjAzMTEwLwYDVQQD
EyhiYTBiYjgxZTkxOTM3YjA3MGMwYWNkY2IzZmQ4NmVhNGZlMDk2Njg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlbu5ML8V2Vs2FHLSIHPsdPZNX86
9X6wASf42gqoMIi9i/jVKwQi6NuXjmRaawnVcc8pq+lsk4RYpm1YZpw7bKxGbzb8
0vQfWnTOANhxxyIiivhDuFWzV0dEX/ZN7VBUFVq34zdU3aygABiCQ/6RC+cDLNaO
RUDFTtTob2wd2m69pN3lJ7VvyuLX6HtAI5I36apQetDs0BYGOGulkM6aO6FKmK7V
XhFd2MV1nKZylhIpEv6eL5GORP5ErUOkeIiUK0qBz4KFvFswhg4okVVl8YISvsoe
tXWWuu8jn5eJpiUrTfCdKrhIyX9t4C73nMZrtc5tgbg6YBhh3yat669CUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLoLuB6Rk3sHDArNyz/YbqT+CWaHMB8GA1UdIwQY
MBaAFPOtUh+DiHSDyMmwxvPeX9XtVoXJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODYxU0g0T0lkSVBJeWJERzg5NWYxZTFXaGNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jZGQ5ODUtMzM0Yy00YTBkLWE3YTgt
NzVjMGNjZWRmOTc2LzEvODYxU0g0T0lkSVBJeWJERzg5NWYxZTFXaGNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jZGQ5ODUtMzM0Yy00YTBkLWE3YTgtNzVjMGNjZWRmOTc2
LzEvODYxU0g0T0lkSVBJeWJERzg5NWYxZTFXaGNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE/YWq5hj
Y+Lr2ZMp9V61runfqhC3Of+vHnvoRM2cdbetDv/iqWY9vWyq0TaImTRqD/UMJoxn
XlMHrsofiZ4kn4Rn/zskS2XnoMylYYUrjmUjhFnLxF3ZQxTM8KRc59G7xJ3ely1R
gq2dT2ccsyPrHDUnO3xqjoNGXSMofozqthk5KdTx6BQoOtqEtnF2WR0UiCPSWZ84
amc/NhowRy6uFMTj3HJ1KvpdUCKiKxMcevlvxlZvrCF3EtM6MgrWzoaXdshmUAlk
VhBFmPwyOZdH5J2UlSe4uSEgIUXVM+LojZ8RhsTKfcsOww9ur6X+J/57skVP6PxX
hxG7ErMUM2uCsQ==
-----END CERTIFICATE-----