Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.mft
File:                     _tPwXKP9-ef5nGXMagpnJPWTGnA.mft (raw, json)
Hash identifier:          rbFWPbjzB7aengR5ZeLxV9SdPObHdOwi5YyDl5TE2pM=
Subject key identifier:   B4:31:82:30:E2:ED:13:2F:BE:70:01:23:9E:15:78:AA:63:75:B9:1B
Authority key identifier: FE:D3:F0:5C:A3:FD:F9:E7:F9:9C:65:CC:6A:0A:67:24:F5:93:1A:70
Certificate issuer:       /CN=fed3f05ca3fdf9e7f99c65cc6a0a6724f5931a70
Certificate serial:       019923A0C80D9FF825C4C9CE1F8FE3C7CBBF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_tPwXKP9-ef5nGXMagpnJPWTGnA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.mft
Manifest number:          166D
Signing time:             Sun 07 Sep 2025 10:02:43 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:43 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:43 +0000
Files and hashes:         1: _tPwXKP9-ef5nGXMagpnJPWTGnA.crl (hash: 4dhk/j7ppx/n+UxDszw8X1Gg09Sl2EgRRYyYJ6wqI58=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_tPwXKP9-ef5nGXMagpnJPWTGnA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:c8:0d:9f:f8:25:c4:c9:ce:1f:8f:e3:c7:cb:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fed3f05ca3fdf9e7f99c65cc6a0a6724f5931a70
        Validity
            Not Before: Sep  7 10:02:43 2025 GMT
            Not After : Sep  8 10:02:43 2025 GMT
        Subject: CN=b4318230e2ed132fbe7001239e1578aa6375b91b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:4b:22:ef:39:ad:08:89:f6:d3:28:0c:2a:e6:
                    8e:b2:d1:70:f8:2f:ca:3e:62:17:86:33:71:58:ce:
                    1d:7d:45:a8:95:17:b7:97:fc:07:5c:28:04:0d:0d:
                    c8:ee:94:91:a4:80:f6:96:04:35:77:00:71:80:05:
                    58:da:da:1b:9a:71:66:e5:77:a8:d1:c6:ed:98:42:
                    9e:14:58:40:e4:87:5a:52:ce:6d:e9:09:2e:ed:1d:
                    ab:50:d1:0a:0d:82:f0:1c:e5:a1:ec:97:f1:38:58:
                    14:82:10:ed:de:86:c6:52:5a:b3:ed:66:0f:f4:96:
                    50:0b:06:37:7d:af:57:b8:e2:1e:dd:96:d3:2b:d1:
                    2c:da:76:a1:aa:3c:30:86:33:0a:f1:1a:39:3f:da:
                    0d:a7:be:0b:5f:fd:82:a2:c5:61:ef:1c:58:5d:51:
                    ef:ca:85:fa:76:71:c4:c9:0a:24:53:e0:b1:cb:1d:
                    89:52:4d:23:bf:5a:69:fd:4a:75:61:31:e9:b5:f8:
                    0c:27:f7:dc:a4:e7:04:0a:6e:4e:df:1a:bd:7f:d4:
                    4b:f9:08:46:f8:07:8a:36:a1:ed:eb:1d:7c:66:a7:
                    9b:f0:e3:d4:54:08:84:50:b4:fc:d8:c1:50:c4:74:
                    4b:ed:aa:11:4b:a4:55:c9:0a:09:ca:ca:db:df:61:
                    fd:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:31:82:30:E2:ED:13:2F:BE:70:01:23:9E:15:78:AA:63:75:B9:1B
            X509v3 Authority Key Identifier:
                keyid:FE:D3:F0:5C:A3:FD:F9:E7:F9:9C:65:CC:6A:0A:67:24:F5:93:1A:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_tPwXKP9-ef5nGXMagpnJPWTGnA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:ae:98:54:c5:88:8e:f5:b3:aa:c7:af:0f:4a:d3:53:5d:a0:
         e6:be:9e:8b:f2:7a:4a:96:16:84:6d:7b:72:4e:7d:7e:34:ed:
         03:b4:5d:28:47:ee:97:29:a1:80:35:6a:9f:25:ed:98:69:5d:
         c2:aa:b2:85:5f:6c:e7:0b:60:da:83:a7:db:1d:63:38:24:e0:
         09:db:50:69:50:e8:d8:37:28:06:27:d9:c0:f6:16:50:4a:d2:
         a1:5e:6f:92:2e:d9:c4:a2:41:3b:7d:96:d7:52:b8:f6:63:d7:
         ee:27:c5:1e:e2:6a:f7:0f:25:29:76:8f:5d:87:7f:2d:bb:5c:
         22:41:55:80:e8:26:fa:b8:36:d8:07:2a:dc:71:91:a6:ca:bc:
         9e:9d:3d:34:08:fb:7c:ac:ca:b4:c2:12:9c:4b:ae:dd:e4:be:
         23:e5:32:bc:3e:c8:a7:4e:c7:65:d2:dd:62:5a:92:e4:22:dc:
         0d:a9:3d:bd:ff:79:13:76:2d:63:7c:77:98:55:42:de:f2:1f:
         e5:c5:73:56:db:d1:32:8b:4c:eb:d1:97:5c:54:83:c4:f6:4c:
         ab:70:87:36:88:90:be:76:55:55:a0:d4:ad:0a:79:44:bb:6c:
         ab:50:a3:8e:a3:93:d5:27:97:12:38:c9:39:e3:ba:75:72:0f:
         8a:ac:b0:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoMgNn/glxMnOH4/jx8u/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlZDNmMDVjYTNmZGY5ZTdmOTljNjVjYzZhMGE2NzI0ZjU5
MzFhNzAwHhcNMjUwOTA3MTAwMjQzWhcNMjUwOTA4MTAwMjQzWjAzMTEwLwYDVQQD
EyhiNDMxODIzMGUyZWQxMzJmYmU3MDAxMjM5ZTE1NzhhYTYzNzViOTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA30si7zmtCIn20ygMKuaOstFw+C/K
PmIXhjNxWM4dfUWolRe3l/wHXCgEDQ3I7pSRpID2lgQ1dwBxgAVY2tobmnFm5Xeo
0cbtmEKeFFhA5IdaUs5t6Qku7R2rUNEKDYLwHOWh7JfxOFgUghDt3obGUlqz7WYP
9JZQCwY3fa9XuOIe3ZbTK9Es2nahqjwwhjMK8Ro5P9oNp74LX/2CosVh7xxYXVHv
yoX6dnHEyQokU+Cxyx2JUk0jv1pp/Up1YTHptfgMJ/fcpOcECm5O3xq9f9RL+QhG
+AeKNqHt6x18Zqeb8OPUVAiEULT82MFQxHRL7aoRS6RVyQoJysrb32H9rQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLQxgjDi7RMvvnABI54VeKpjdbkbMB8GA1UdIwQY
MBaAFP7T8Fyj/fnn+ZxlzGoKZyT1kxpwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3RQd1hLUDktZWY1bkdYTWFncG5KUFdUR25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9jOTU2MzktNzIyYS00MDIxLWJlZWIt
YWM1ZWU2MjViYWJjLzEvX3RQd1hLUDktZWY1bkdYTWFncG5KUFdUR25BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9jOTU2MzktNzIyYS00MDIxLWJlZWItYWM1ZWU2MjViYWJj
LzEvX3RQd1hLUDktZWY1bkdYTWFncG5KUFdUR25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfa6YVMWI
jvWzqsevD0rTU12g5r6ei/J6SpYWhG17ck59fjTtA7RdKEfulymhgDVqnyXtmGld
wqqyhV9s5wtg2oOn2x1jOCTgCdtQaVDo2DcoBifZwPYWUErSoV5vki7ZxKJBO32W
11K49mPX7ifFHuJq9w8lKXaPXYd/LbtcIkFVgOgm+rg22Acq3HGRpsq8np09NAj7
fKzKtMISnEuu3eS+I+UyvD7Ip07HZdLdYlqS5CLcDak9vf95E3YtY3x3mFVC3vIf
5cVzVtvRMotM69GXXFSDxPZMq3CHNoiQvnZVVaDUrQp5RLtsq1CjjqOT1SeXEjjJ
OeO6dXIPiqywrQ==
-----END CERTIFICATE-----