Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/c025e5-399a-4ce8-b5f0-acbef018d03a/1/IIP4tbYgnefJQAjzM3vjQ2866-Y.mft
File:                     IIP4tbYgnefJQAjzM3vjQ2866-Y.mft (raw, json)
Hash identifier:          h2qx7iyvPacXmeuwiWfRvwRdtlKbeoLAfBAztAWItjs=
Subject key identifier:   1A:7F:2B:74:61:4D:FC:F1:8A:41:CF:8B:B1:8C:0D:83:EB:DD:57:21
Authority key identifier: 20:83:F8:B5:B6:20:9D:E7:C9:40:08:F3:33:7B:E3:43:6F:3A:EB:E6
Certificate issuer:       /CN=2083f8b5b6209de7c94008f3337be3436f3aebe6
Certificate serial:       019922C354E367744C400CD67B4BDEE029BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IIP4tbYgnefJQAjzM3vjQ2866-Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/c025e5-399a-4ce8-b5f0-acbef018d03a/1/IIP4tbYgnefJQAjzM3vjQ2866-Y.mft
Manifest number:          06C6
Signing time:             Sun 07 Sep 2025 06:00:50 +0000
Manifest this update:     Sun 07 Sep 2025 06:00:50 +0000
Manifest next update:     Mon 08 Sep 2025 06:00:50 +0000
Files and hashes:         1: IIP4tbYgnefJQAjzM3vjQ2866-Y.crl (hash: 3fBQiRgBmivwyc2oLN/ATG18dNK3VIbRlsdyai8lEXE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/c025e5-399a-4ce8-b5f0-acbef018d03a/1/IIP4tbYgnefJQAjzM3vjQ2866-Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/c025e5-399a-4ce8-b5f0-acbef018d03a/1/IIP4tbYgnefJQAjzM3vjQ2866-Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IIP4tbYgnefJQAjzM3vjQ2866-Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:c3:54:e3:67:74:4c:40:0c:d6:7b:4b:de:e0:29:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2083f8b5b6209de7c94008f3337be3436f3aebe6
        Validity
            Not Before: Sep  7 06:00:50 2025 GMT
            Not After : Sep  8 06:00:50 2025 GMT
        Subject: CN=1a7f2b74614dfcf18a41cf8bb18c0d83ebdd5721
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:3f:9a:b5:70:9a:91:78:04:df:c4:6c:71:9a:
                    e6:36:17:3d:44:00:6f:3d:aa:88:63:5a:1c:cd:98:
                    c7:03:d8:f3:41:f0:5f:3b:25:c2:3b:4e:7d:31:41:
                    f3:54:83:55:dd:44:f2:35:bb:e1:5c:53:96:c8:af:
                    2a:8c:a7:0b:d2:be:7e:98:8e:a3:9c:37:f8:13:3d:
                    4e:90:55:2d:77:4c:c7:24:5f:98:8c:51:2c:a7:ba:
                    3e:5a:9a:04:5b:7d:0f:43:72:1f:3e:12:1e:1d:86:
                    11:31:8f:bd:0a:fd:29:be:a2:84:44:88:95:b2:16:
                    ac:66:9c:49:6f:72:9a:5d:c5:4f:ea:99:ee:6b:11:
                    b5:c5:e5:d4:e1:cc:38:27:6a:cc:2d:cb:d0:4f:49:
                    50:7f:24:3e:44:fa:f4:73:00:16:5c:a8:92:9c:09:
                    29:d5:f5:2b:4b:d1:8b:ea:64:4b:5c:b2:90:66:51:
                    f4:98:d2:0d:25:b4:8c:1f:21:b0:44:52:eb:15:08:
                    78:43:12:4c:16:10:26:c8:b5:ed:2c:f6:e1:dc:41:
                    f8:3e:3b:da:a4:8d:17:0b:96:d7:65:6b:11:8b:cb:
                    64:85:72:50:f4:94:27:4c:a5:59:c8:90:f8:7b:a7:
                    a0:56:e0:e3:59:fd:49:0d:c0:6c:6b:3e:76:8b:0c:
                    5c:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:7F:2B:74:61:4D:FC:F1:8A:41:CF:8B:B1:8C:0D:83:EB:DD:57:21
            X509v3 Authority Key Identifier:
                keyid:20:83:F8:B5:B6:20:9D:E7:C9:40:08:F3:33:7B:E3:43:6F:3A:EB:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IIP4tbYgnefJQAjzM3vjQ2866-Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/c025e5-399a-4ce8-b5f0-acbef018d03a/1/IIP4tbYgnefJQAjzM3vjQ2866-Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/c025e5-399a-4ce8-b5f0-acbef018d03a/1/IIP4tbYgnefJQAjzM3vjQ2866-Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:1d:e0:bb:02:3c:af:b0:a6:d8:5d:48:b3:23:a2:cb:20:9a:
         5e:4c:9d:68:b9:8e:4d:be:67:a4:8c:6c:ac:70:a5:c9:fc:bc:
         e4:ad:1b:24:1d:88:60:56:18:79:64:d9:8b:4b:a7:46:ee:b1:
         1e:6d:7f:f3:60:99:ee:af:85:5c:4a:35:de:c1:0c:28:d8:2a:
         49:57:3a:94:19:fc:2c:57:ee:c1:be:70:bd:da:9a:5e:eb:fa:
         f7:f8:60:47:89:46:46:6f:c0:ff:45:0b:d4:82:63:a3:69:d7:
         bc:ee:36:0c:b8:ea:f2:25:e8:7c:96:cc:df:3d:94:a6:61:f4:
         33:4e:1c:7d:80:e2:b6:1f:98:86:e0:d2:86:66:9d:09:3b:76:
         08:6f:50:ea:74:3b:6a:a8:9f:e5:49:57:15:cd:a7:be:a6:82:
         ca:46:48:a7:12:97:9b:16:b5:61:40:69:d5:92:c0:ec:38:c9:
         bd:b3:22:f1:39:a1:fd:0a:5e:6c:97:e1:48:2b:5d:90:61:2d:
         e3:cb:61:d6:3c:00:b3:b9:7f:bc:59:d8:5f:5f:3b:1a:f6:3b:
         bb:7b:79:fa:ca:2c:72:92:fb:30:3d:33:40:39:46:45:fc:e1:
         1c:48:7f:b8:3e:60:72:85:a8:ec:b4:42:b9:36:25:32:5c:f4:
         1b:5a:86:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiw1TjZ3RMQAzWe0ve4Cm+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwODNmOGI1YjYyMDlkZTdjOTQwMDhmMzMzN2JlMzQzNmYz
YWViZTYwHhcNMjUwOTA3MDYwMDUwWhcNMjUwOTA4MDYwMDUwWjAzMTEwLwYDVQQD
EygxYTdmMmI3NDYxNGRmY2YxOGE0MWNmOGJiMThjMGQ4M2ViZGQ1NzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5j+atXCakXgE38RscZrmNhc9RABv
PaqIY1oczZjHA9jzQfBfOyXCO059MUHzVINV3UTyNbvhXFOWyK8qjKcL0r5+mI6j
nDf4Ez1OkFUtd0zHJF+YjFEsp7o+WpoEW30PQ3IfPhIeHYYRMY+9Cv0pvqKERIiV
shasZpxJb3KaXcVP6pnuaxG1xeXU4cw4J2rMLcvQT0lQfyQ+RPr0cwAWXKiSnAkp
1fUrS9GL6mRLXLKQZlH0mNINJbSMHyGwRFLrFQh4QxJMFhAmyLXtLPbh3EH4Pjva
pI0XC5bXZWsRi8tkhXJQ9JQnTKVZyJD4e6egVuDjWf1JDcBsaz52iwxcXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBp/K3RhTfzxikHPi7GMDYPr3VchMB8GA1UdIwQY
MBaAFCCD+LW2IJ3nyUAI8zN740NvOuvmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUlQNHRiWWduZWZKUUFqek0zdmpRMjg2Ni1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9jMDI1ZTUtMzk5YS00Y2U4LWI1ZjAt
YWNiZWYwMThkMDNhLzEvSUlQNHRiWWduZWZKUUFqek0zdmpRMjg2Ni1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9jMDI1ZTUtMzk5YS00Y2U4LWI1ZjAtYWNiZWYwMThkMDNh
LzEvSUlQNHRiWWduZWZKUUFqek0zdmpRMjg2Ni1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATB3guwI8
r7Cm2F1IsyOiyyCaXkydaLmOTb5npIxsrHClyfy85K0bJB2IYFYYeWTZi0unRu6x
Hm1/82CZ7q+FXEo13sEMKNgqSVc6lBn8LFfuwb5wvdqaXuv69/hgR4lGRm/A/0UL
1IJjo2nXvO42DLjq8iXofJbM3z2UpmH0M04cfYDith+YhuDShmadCTt2CG9Q6nQ7
aqif5UlXFc2nvqaCykZIpxKXmxa1YUBp1ZLA7DjJvbMi8Tmh/QpebJfhSCtdkGEt
48th1jwAs7l/vFnYX187GvY7u3t5+soscpL7MD0zQDlGRfzhHEh/uD5gcoWo7LRC
uTYlMlz0G1qG2Q==
-----END CERTIFICATE-----