Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/57542a-e1ac-4014-86fe-12e5e8173201/1/St2XYC4ZGOerwfYtz9TaynNJmz4.mft
File:                     St2XYC4ZGOerwfYtz9TaynNJmz4.mft (raw, json)
Hash identifier:          9L5iU3XJLx/Zf4FpzKzfOICgQHhp0sxDNSmFqmTEpxE=
Subject key identifier:   6E:CB:A1:72:30:08:99:AC:22:A7:03:BC:CF:CB:67:D7:85:1E:84:AA
Authority key identifier: 4A:DD:97:60:2E:19:18:E7:AB:C1:F6:2D:CF:D4:DA:CA:73:49:9B:3E
Certificate issuer:       /CN=4add97602e1918e7abc1f62dcfd4daca73499b3e
Certificate serial:       0199240D4FCE9C4B5C9DD5C88326D0FD8FA7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/St2XYC4ZGOerwfYtz9TaynNJmz4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/57542a-e1ac-4014-86fe-12e5e8173201/1/St2XYC4ZGOerwfYtz9TaynNJmz4.mft
Manifest number:          01DE
Signing time:             Sun 07 Sep 2025 12:01:16 +0000
Manifest this update:     Sun 07 Sep 2025 12:01:16 +0000
Manifest next update:     Mon 08 Sep 2025 12:01:16 +0000
Files and hashes:         1: St2XYC4ZGOerwfYtz9TaynNJmz4.crl (hash: dDVQLSPd+8db1aCJmH2FFdCtNV/wg1UqwQ07aZ/E0Bw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/57542a-e1ac-4014-86fe-12e5e8173201/1/St2XYC4ZGOerwfYtz9TaynNJmz4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/57542a-e1ac-4014-86fe-12e5e8173201/1/St2XYC4ZGOerwfYtz9TaynNJmz4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/St2XYC4ZGOerwfYtz9TaynNJmz4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:24:0d:4f:ce:9c:4b:5c:9d:d5:c8:83:26:d0:fd:8f:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4add97602e1918e7abc1f62dcfd4daca73499b3e
        Validity
            Not Before: Sep  7 12:01:16 2025 GMT
            Not After : Sep  8 12:01:16 2025 GMT
        Subject: CN=6ecba172300899ac22a703bccfcb67d7851e84aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:9d:70:57:9f:ac:0a:29:b9:b9:78:65:9e:5f:
                    85:e4:e1:2a:cc:51:75:b8:6b:fd:79:49:fe:e4:4c:
                    e5:a7:c6:bb:e3:b6:8d:0f:82:81:cc:57:01:34:ea:
                    8f:83:58:89:4f:72:74:97:09:70:78:4e:4f:52:ad:
                    12:6b:84:39:48:3f:2d:09:e3:8e:d2:21:38:d5:a9:
                    d5:51:38:3a:3e:18:05:8f:ba:6b:93:6d:e0:3d:76:
                    12:99:94:24:8a:b1:7a:a3:65:65:03:0e:c0:f3:b2:
                    e5:14:fa:b6:e8:b0:5f:ca:ac:6d:4a:9f:93:9f:6e:
                    85:34:67:23:e5:ff:62:d1:44:50:06:77:d3:9d:94:
                    fc:5e:da:1b:34:ba:a7:ca:e4:1a:24:bc:d5:98:28:
                    3d:b7:79:13:be:be:42:04:ca:23:1d:ff:c6:f4:5f:
                    9f:dc:7d:f8:b7:9c:96:0f:5e:f8:47:50:bb:3e:f1:
                    78:64:b5:c2:09:90:b9:33:25:50:40:d0:73:08:2a:
                    33:05:83:7d:26:bf:f4:71:9d:d9:39:06:df:8c:d7:
                    23:f5:43:f0:74:9b:c0:ab:6c:ea:bd:34:cd:26:a7:
                    60:e4:d2:2c:25:05:7c:34:2f:31:67:66:79:74:29:
                    c2:c3:37:6e:63:ff:e2:0b:d7:a2:fa:98:44:3d:2d:
                    9c:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:CB:A1:72:30:08:99:AC:22:A7:03:BC:CF:CB:67:D7:85:1E:84:AA
            X509v3 Authority Key Identifier:
                keyid:4A:DD:97:60:2E:19:18:E7:AB:C1:F6:2D:CF:D4:DA:CA:73:49:9B:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/St2XYC4ZGOerwfYtz9TaynNJmz4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/57542a-e1ac-4014-86fe-12e5e8173201/1/St2XYC4ZGOerwfYtz9TaynNJmz4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/57542a-e1ac-4014-86fe-12e5e8173201/1/St2XYC4ZGOerwfYtz9TaynNJmz4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:ea:5d:56:6c:bb:b1:e6:96:84:a6:68:b6:30:af:b7:ba:a4:
         82:d6:a1:f9:10:ea:8c:84:08:4d:64:29:8f:bc:cd:ea:8a:16:
         cb:35:62:cd:86:57:d2:81:c6:b6:f2:d0:41:6b:3e:94:14:3e:
         0c:44:e0:e4:9c:e5:e3:3e:da:ea:79:26:01:ae:e3:1c:93:e8:
         b4:a0:ae:64:b2:11:64:36:59:e5:3b:a2:56:02:77:57:4e:85:
         41:0c:0c:8d:39:3c:8c:5f:3f:65:aa:84:37:5c:e4:a1:f3:42:
         90:d8:3d:13:68:4e:b6:9c:e0:45:1e:b8:9e:3d:0e:f3:11:c8:
         e5:ef:c3:45:4e:f3:5f:bd:8f:ba:fd:7d:d9:ce:68:b4:17:64:
         e2:e5:32:58:02:73:d0:25:a5:c6:04:8c:eb:43:44:36:7a:c7:
         bf:cc:35:53:88:3b:46:de:88:05:8e:8d:20:8b:b9:06:20:28:
         65:c6:c2:fe:39:8e:dd:00:4f:c8:14:ad:4d:d7:72:d1:19:93:
         e1:2b:9e:f4:46:ce:11:6a:d0:5d:c6:c0:64:95:6d:7e:5c:0e:
         cf:63:cd:a0:83:4c:a4:e6:17:0e:2f:5e:2c:d5:1e:51:0c:2a:
         80:70:cd:ea:52:a4:d5:31:66:d4:d2:50:14:b6:6a:29:61:b5:
         42:3b:76:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkkDU/OnEtcndXIgybQ/Y+nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhZGQ5NzYwMmUxOTE4ZTdhYmMxZjYyZGNmZDRkYWNhNzM0
OTliM2UwHhcNMjUwOTA3MTIwMTE2WhcNMjUwOTA4MTIwMTE2WjAzMTEwLwYDVQQD
Eyg2ZWNiYTE3MjMwMDg5OWFjMjJhNzAzYmNjZmNiNjdkNzg1MWU4NGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJ1wV5+sCim5uXhlnl+F5OEqzFF1
uGv9eUn+5Ezlp8a747aND4KBzFcBNOqPg1iJT3J0lwlweE5PUq0Sa4Q5SD8tCeOO
0iE41anVUTg6PhgFj7prk23gPXYSmZQkirF6o2VlAw7A87LlFPq26LBfyqxtSp+T
n26FNGcj5f9i0URQBnfTnZT8XtobNLqnyuQaJLzVmCg9t3kTvr5CBMojHf/G9F+f
3H34t5yWD174R1C7PvF4ZLXCCZC5MyVQQNBzCCozBYN9Jr/0cZ3ZOQbfjNcj9UPw
dJvAq2zqvTTNJqdg5NIsJQV8NC8xZ2Z5dCnCwzduY//iC9ei+phEPS2cjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG7LoXIwCJmsIqcDvM/LZ9eFHoSqMB8GA1UdIwQY
MBaAFErdl2AuGRjnq8H2Lc/U2spzSZs+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3QyWFlDNFpHT2Vyd2ZZdHo5VGF5bk5KbXo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My81NzU0MmEtZTFhYy00MDE0LTg2ZmUt
MTJlNWU4MTczMjAxLzEvU3QyWFlDNFpHT2Vyd2ZZdHo5VGF5bk5KbXo0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My81NzU0MmEtZTFhYy00MDE0LTg2ZmUtMTJlNWU4MTczMjAx
LzEvU3QyWFlDNFpHT2Vyd2ZZdHo5VGF5bk5KbXo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJOpdVmy7
seaWhKZotjCvt7qkgtah+RDqjIQITWQpj7zN6ooWyzVizYZX0oHGtvLQQWs+lBQ+
DETg5Jzl4z7a6nkmAa7jHJPotKCuZLIRZDZZ5TuiVgJ3V06FQQwMjTk8jF8/ZaqE
N1zkofNCkNg9E2hOtpzgRR64nj0O8xHI5e/DRU7zX72Puv192c5otBdk4uUyWAJz
0CWlxgSM60NENnrHv8w1U4g7Rt6IBY6NIIu5BiAoZcbC/jmO3QBPyBStTddy0RmT
4Sue9EbOEWrQXcbAZJVtflwOz2PNoINMpOYXDi9eLNUeUQwqgHDN6lKk1TFm1NJQ
FLZqKWG1Qjt2Ww==
-----END CERTIFICATE-----