Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/e25b63-7b94-4759-9195-20fad94cab14/1/j7phV8tS0RaPUIRsXlB5IkDt8-A.mft
File:                     j7phV8tS0RaPUIRsXlB5IkDt8-A.mft (raw, json)
Hash identifier:          0XuI+H8Dr6VssLPW40Z2BT31qdLBKtEyjQq0xJ6YDks=
Subject key identifier:   5F:24:75:FA:D8:8D:39:C8:00:22:F8:9E:DE:95:C3:A9:0F:61:E9:9C
Authority key identifier: 8F:BA:61:57:CB:52:D1:16:8F:50:84:6C:5E:50:79:22:40:ED:F3:E0
Certificate issuer:       /CN=8fba6157cb52d1168f50846c5e50792240edf3e0
Certificate serial:       0199221ED7880F46C014101513D8238CFF35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/j7phV8tS0RaPUIRsXlB5IkDt8-A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/e25b63-7b94-4759-9195-20fad94cab14/1/j7phV8tS0RaPUIRsXlB5IkDt8-A.mft
Manifest number:          09A1
Signing time:             Sun 07 Sep 2025 03:01:10 +0000
Manifest this update:     Sun 07 Sep 2025 03:01:10 +0000
Manifest next update:     Mon 08 Sep 2025 03:01:10 +0000
Files and hashes:         1: j7phV8tS0RaPUIRsXlB5IkDt8-A.crl (hash: 4cjF8clkjErsn2ecHAiR+a8YeWnKnBZ5Z9BzFiXGgKs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/55/e25b63-7b94-4759-9195-20fad94cab14/1/j7phV8tS0RaPUIRsXlB5IkDt8-A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/55/e25b63-7b94-4759-9195-20fad94cab14/1/j7phV8tS0RaPUIRsXlB5IkDt8-A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/j7phV8tS0RaPUIRsXlB5IkDt8-A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1e:d7:88:0f:46:c0:14:10:15:13:d8:23:8c:ff:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8fba6157cb52d1168f50846c5e50792240edf3e0
        Validity
            Not Before: Sep  7 03:01:10 2025 GMT
            Not After : Sep  8 03:01:10 2025 GMT
        Subject: CN=5f2475fad88d39c80022f89ede95c3a90f61e99c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:e8:35:e6:bd:0e:50:5c:48:0a:5d:21:be:57:
                    f8:26:09:04:52:74:60:32:4a:d6:37:f5:f3:2d:7e:
                    fe:e1:4f:cf:42:0a:1a:b0:ca:19:51:0f:d0:93:93:
                    03:36:c1:27:f5:a3:49:27:36:8b:21:a6:e3:11:40:
                    19:99:8a:55:df:c4:c8:e9:b3:39:bc:51:21:7c:ae:
                    3b:42:44:85:80:b3:3c:2d:e1:fd:47:4e:c9:bf:e5:
                    5c:55:3c:3b:15:3d:86:aa:6d:20:83:ce:52:97:0b:
                    6b:f0:a7:47:05:c7:1d:c3:d6:fb:97:f1:0e:a7:b9:
                    ab:14:04:b6:43:1a:4d:56:a4:09:af:e9:b4:3b:16:
                    5c:12:b0:31:e9:c1:6b:d4:61:53:2b:08:83:19:ca:
                    bf:e2:4e:42:57:5a:e6:77:0a:9c:db:64:d8:fc:85:
                    a3:8b:5b:45:78:ef:ed:f1:74:ff:f6:c0:84:12:ba:
                    5c:0f:2d:b6:0a:25:10:70:03:a9:fc:cf:72:01:d5:
                    7c:7d:41:8b:6b:71:ec:40:14:e1:38:5d:18:8b:5d:
                    01:c0:e3:a0:74:f5:fe:fe:b5:e2:f9:9e:cd:4e:71:
                    70:d3:56:11:fb:6a:75:32:f5:44:74:bd:61:aa:7c:
                    16:ec:29:29:4e:fa:6f:b4:e7:89:96:46:23:41:7c:
                    aa:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:24:75:FA:D8:8D:39:C8:00:22:F8:9E:DE:95:C3:A9:0F:61:E9:9C
            X509v3 Authority Key Identifier:
                keyid:8F:BA:61:57:CB:52:D1:16:8F:50:84:6C:5E:50:79:22:40:ED:F3:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j7phV8tS0RaPUIRsXlB5IkDt8-A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/e25b63-7b94-4759-9195-20fad94cab14/1/j7phV8tS0RaPUIRsXlB5IkDt8-A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/e25b63-7b94-4759-9195-20fad94cab14/1/j7phV8tS0RaPUIRsXlB5IkDt8-A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:49:33:3e:fc:87:dc:24:1a:dd:51:f4:b0:87:f3:e5:98:d3:
         2d:db:0c:0a:f9:5b:a9:11:e5:66:98:b6:28:be:55:26:3b:f4:
         ae:96:5a:c6:2a:60:e8:62:56:75:5e:0a:7b:33:ac:04:77:66:
         ce:04:64:f9:50:b3:79:37:65:6e:64:7e:9e:14:34:17:7b:0f:
         f9:f8:fa:3d:bf:86:cf:d9:16:6f:b3:0e:40:43:8a:60:82:33:
         04:82:d7:7d:c2:00:43:13:0c:b4:bd:cb:41:13:f3:06:33:1d:
         b4:36:9a:b9:43:b0:0f:bc:9b:16:9c:52:74:d2:0c:ba:c3:25:
         7f:95:6c:25:fd:02:09:24:fe:c9:32:8c:17:91:f1:75:b0:49:
         ac:d3:23:8a:0a:7a:aa:93:a9:1c:e2:2c:ec:06:2d:6f:3d:13:
         d6:f8:e2:bb:51:16:21:d1:e1:43:5e:83:b6:cc:72:a5:78:d7:
         7d:58:eb:65:40:53:23:c1:fb:13:35:b9:71:db:96:93:2a:b0:
         ec:09:e6:3f:2b:0b:81:09:b0:b2:6a:c7:27:39:da:e1:f7:30:
         3e:7f:ca:3b:e2:8d:9d:fd:b3:f6:19:18:80:8d:ed:29:01:0d:
         83:f6:8c:d1:3d:85:7f:95:2d:58:bd:6c:49:4b:a6:81:91:f6:
         11:48:23:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHteID0bAFBAVE9gjjP81MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmYmE2MTU3Y2I1MmQxMTY4ZjUwODQ2YzVlNTA3OTIyNDBl
ZGYzZTAwHhcNMjUwOTA3MDMwMTEwWhcNMjUwOTA4MDMwMTEwWjAzMTEwLwYDVQQD
Eyg1ZjI0NzVmYWQ4OGQzOWM4MDAyMmY4OWVkZTk1YzNhOTBmNjFlOTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOg15r0OUFxICl0hvlf4JgkEUnRg
MkrWN/XzLX7+4U/PQgoasMoZUQ/Qk5MDNsEn9aNJJzaLIabjEUAZmYpV38TI6bM5
vFEhfK47QkSFgLM8LeH9R07Jv+VcVTw7FT2Gqm0gg85Slwtr8KdHBccdw9b7l/EO
p7mrFAS2QxpNVqQJr+m0OxZcErAx6cFr1GFTKwiDGcq/4k5CV1rmdwqc22TY/IWj
i1tFeO/t8XT/9sCEErpcDy22CiUQcAOp/M9yAdV8fUGLa3HsQBThOF0Yi10BwOOg
dPX+/rXi+Z7NTnFw01YR+2p1MvVEdL1hqnwW7CkpTvpvtOeJlkYjQXyqcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF8kdfrYjTnIACL4nt6Vw6kPYemcMB8GA1UdIwQY
MBaAFI+6YVfLUtEWj1CEbF5QeSJA7fPgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajdwaFY4dFMwUmFQVUlSc1hsQjVJa0R0OC1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9lMjViNjMtN2I5NC00NzU5LTkxOTUt
MjBmYWQ5NGNhYjE0LzEvajdwaFY4dFMwUmFQVUlSc1hsQjVJa0R0OC1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9lMjViNjMtN2I5NC00NzU5LTkxOTUtMjBmYWQ5NGNhYjE0
LzEvajdwaFY4dFMwUmFQVUlSc1hsQjVJa0R0OC1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATUkzPvyH
3CQa3VH0sIfz5ZjTLdsMCvlbqRHlZpi2KL5VJjv0rpZaxipg6GJWdV4KezOsBHdm
zgRk+VCzeTdlbmR+nhQ0F3sP+fj6Pb+Gz9kWb7MOQEOKYIIzBILXfcIAQxMMtL3L
QRPzBjMdtDaauUOwD7ybFpxSdNIMusMlf5VsJf0CCST+yTKMF5HxdbBJrNMjigp6
qpOpHOIs7AYtbz0T1vjiu1EWIdHhQ16DtsxypXjXfVjrZUBTI8H7EzW5cduWkyqw
7AnmPysLgQmwsmrHJzna4fcwPn/KO+KNnf2z9hkYgI3tKQENg/aM0T2Ff5UtWL1s
SUumgZH2EUgj5g==
-----END CERTIFICATE-----