Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.mft
File:                     vNgzeodIrlhibqk9my9YmNAY3fE.mft (raw, json)
Hash identifier:          y6uMecsW/JNIupPCQdQ8pEwXmd9Iav/vqO8sMN/L4eI=
Subject key identifier:   1F:04:34:B5:92:DF:13:34:AA:9A:CE:27:DA:CB:0D:99:1F:16:86:25
Authority key identifier: BC:D8:33:7A:87:48:AE:58:62:6E:A9:3D:9B:2F:58:98:D0:18:DD:F1
Certificate issuer:       /CN=bcd8337a8748ae58626ea93d9b2f5898d018ddf1
Certificate serial:       0199228D28815F0B60EA19482D8BE69082EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vNgzeodIrlhibqk9my9YmNAY3fE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.mft
Manifest number:          15FF
Signing time:             Sun 07 Sep 2025 05:01:40 +0000
Manifest this update:     Sun 07 Sep 2025 05:01:40 +0000
Manifest next update:     Mon 08 Sep 2025 05:01:40 +0000
Files and hashes:         1: vNgzeodIrlhibqk9my9YmNAY3fE.crl (hash: l1/i2NvqCR9/LhWvcRrt+0I0QoqMvu1GCFF3H2QVtR0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vNgzeodIrlhibqk9my9YmNAY3fE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:8d:28:81:5f:0b:60:ea:19:48:2d:8b:e6:90:82:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bcd8337a8748ae58626ea93d9b2f5898d018ddf1
        Validity
            Not Before: Sep  7 05:01:40 2025 GMT
            Not After : Sep  8 05:01:40 2025 GMT
        Subject: CN=1f0434b592df1334aa9ace27dacb0d991f168625
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:95:8c:2d:9f:c7:0d:40:75:d3:c0:f5:cf:db:
                    fd:5f:06:ac:a9:9b:f7:77:63:1f:34:c2:51:c7:0d:
                    6a:52:b5:a4:aa:cf:21:1a:45:5d:66:a4:bd:f1:df:
                    9d:cf:ca:a9:8d:20:c9:70:f0:ab:15:83:69:ae:d0:
                    0b:9c:92:99:e2:b4:6c:fa:3e:f4:a1:a2:f0:ef:06:
                    53:e0:dc:ae:ed:05:87:15:54:fb:e0:f1:50:75:88:
                    4c:80:19:ec:93:8c:fd:d0:9e:d5:b2:9c:09:e8:7c:
                    50:4b:cf:e3:60:05:a0:96:ac:a5:46:3b:df:4c:87:
                    4e:4e:b5:dc:91:f3:cd:ba:67:e7:db:b6:77:e4:69:
                    5c:85:15:d6:49:26:eb:fb:10:37:1c:9d:ae:39:2e:
                    f5:b8:cd:b0:01:bc:95:b7:de:95:0c:dd:3b:5e:f9:
                    cd:0f:18:be:b2:c5:ad:56:41:5f:2d:d8:ff:10:0d:
                    2c:a4:24:69:dd:d5:7b:1b:fb:3f:02:dd:32:49:1b:
                    4c:26:84:0b:36:ad:a5:09:b0:72:f4:8b:84:a5:49:
                    5a:5a:8c:f7:05:ad:32:05:7c:1a:27:78:ce:df:cb:
                    30:16:6a:a9:84:02:fe:06:32:af:af:16:7d:06:04:
                    e8:1d:f5:84:2c:05:5a:5b:9c:f8:0a:72:25:c9:5d:
                    39:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:04:34:B5:92:DF:13:34:AA:9A:CE:27:DA:CB:0D:99:1F:16:86:25
            X509v3 Authority Key Identifier:
                keyid:BC:D8:33:7A:87:48:AE:58:62:6E:A9:3D:9B:2F:58:98:D0:18:DD:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vNgzeodIrlhibqk9my9YmNAY3fE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:b9:aa:1a:9f:88:aa:8e:b9:ca:5b:8d:f5:ac:22:3a:0d:34:
         45:b0:cc:92:14:ce:7a:21:fc:cb:05:63:1c:f7:e5:43:f2:57:
         b7:dd:c6:92:c4:46:cb:31:9f:f3:ad:dd:11:bc:03:63:82:91:
         32:13:28:0f:c3:5e:14:b3:c8:a7:f3:6d:b1:51:16:89:a8:3e:
         19:61:d2:34:34:cf:16:e4:80:23:b1:9b:54:50:a7:95:80:f8:
         1c:a8:d6:24:c6:3c:2f:70:c3:45:17:28:95:85:b9:6c:0e:4d:
         eb:ed:fa:aa:47:51:89:1a:5f:54:b6:c7:d2:99:17:e1:d5:e4:
         4a:82:7f:86:af:56:79:85:83:c9:e5:06:63:07:09:5d:56:65:
         31:d3:73:eb:3d:6f:21:75:64:4e:e6:41:d0:04:4f:dd:b9:8b:
         c3:5d:53:1c:70:3e:ef:60:1f:08:a6:15:79:65:4b:6a:34:12:
         1a:ed:d1:70:84:9c:7b:10:54:fd:a6:cd:01:d7:aa:85:45:89:
         38:b5:31:0a:39:ee:a4:61:8d:b6:79:17:fe:1f:3f:49:b2:be:
         6b:b9:8d:ca:18:fa:88:98:c0:ce:da:a8:6d:a8:56:f9:48:7f:
         ea:64:e1:fa:24:3f:bc:92:99:6e:fd:3d:05:d2:5c:48:3f:d8:
         0b:72:ed:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkijSiBXwtg6hlILYvmkILqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZDgzMzdhODc0OGFlNTg2MjZlYTkzZDliMmY1ODk4ZDAx
OGRkZjEwHhcNMjUwOTA3MDUwMTQwWhcNMjUwOTA4MDUwMTQwWjAzMTEwLwYDVQQD
EygxZjA0MzRiNTkyZGYxMzM0YWE5YWNlMjdkYWNiMGQ5OTFmMTY4NjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5WMLZ/HDUB108D1z9v9XwasqZv3
d2MfNMJRxw1qUrWkqs8hGkVdZqS98d+dz8qpjSDJcPCrFYNprtALnJKZ4rRs+j70
oaLw7wZT4Nyu7QWHFVT74PFQdYhMgBnsk4z90J7VspwJ6HxQS8/jYAWglqylRjvf
TIdOTrXckfPNumfn27Z35GlchRXWSSbr+xA3HJ2uOS71uM2wAbyVt96VDN07XvnN
Dxi+ssWtVkFfLdj/EA0spCRp3dV7G/s/At0ySRtMJoQLNq2lCbBy9IuEpUlaWoz3
Ba0yBXwaJ3jO38swFmqphAL+BjKvrxZ9BgToHfWELAVaW5z4CnIlyV05TwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB8ENLWS3xM0qprOJ9rLDZkfFoYlMB8GA1UdIwQY
MBaAFLzYM3qHSK5YYm6pPZsvWJjQGN3xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdk5nemVvZElybGhpYnFrOW15OVltTkFZM2ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni84ZDYwNjgtYWNjYS00Nzc3LTk0NDgt
YjdjZjZhN2IyYTI5LzEvdk5nemVvZElybGhpYnFrOW15OVltTkFZM2ZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni84ZDYwNjgtYWNjYS00Nzc3LTk0NDgtYjdjZjZhN2IyYTI5
LzEvdk5nemVvZElybGhpYnFrOW15OVltTkFZM2ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmrmqGp+I
qo65yluN9awiOg00RbDMkhTOeiH8ywVjHPflQ/JXt93GksRGyzGf863dEbwDY4KR
MhMoD8NeFLPIp/NtsVEWiag+GWHSNDTPFuSAI7GbVFCnlYD4HKjWJMY8L3DDRRco
lYW5bA5N6+36qkdRiRpfVLbH0pkX4dXkSoJ/hq9WeYWDyeUGYwcJXVZlMdNz6z1v
IXVkTuZB0ARP3bmLw11THHA+72AfCKYVeWVLajQSGu3RcIScexBU/abNAdeqhUWJ
OLUxCjnupGGNtnkX/h8/SbK+a7mNyhj6iJjAztqobahW+Uh/6mTh+iQ/vJKZbv09
BdJcSD/YC3LtCw==
-----END CERTIFICATE-----