Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/d96b82-58dd-4dda-bfd3-da05b37c8e24/1/rkyfGKFH6zVjDiNFxUAOFop8icE.mft
File:                     rkyfGKFH6zVjDiNFxUAOFop8icE.mft (raw, json)
Hash identifier:          rd7tgwXk8Wn70INl/9T6hFNccUZfpydZS9KO5DO0Bvw=
Subject key identifier:   67:03:9F:2D:3C:43:6C:FA:29:50:FE:E9:3A:F8:9A:FC:62:C7:F3:C7
Authority key identifier: AE:4C:9F:18:A1:47:EB:35:63:0E:23:45:C5:40:0E:16:8A:7C:89:C1
Certificate issuer:       /CN=ae4c9f18a147eb35630e2345c5400e168a7c89c1
Certificate serial:       0199239EA92F89E7D659AD5CB514933B67D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rkyfGKFH6zVjDiNFxUAOFop8icE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/d96b82-58dd-4dda-bfd3-da05b37c8e24/1/rkyfGKFH6zVjDiNFxUAOFop8icE.mft
Manifest number:          0BB9
Signing time:             Sun 07 Sep 2025 10:00:24 +0000
Manifest this update:     Sun 07 Sep 2025 10:00:24 +0000
Manifest next update:     Mon 08 Sep 2025 10:00:24 +0000
Files and hashes:         1: rkyfGKFH6zVjDiNFxUAOFop8icE.crl (hash: 4UZLkI/bjTegdVqv/rU8qwCACNeaELEA5Ioi1CLqnGk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6c/d96b82-58dd-4dda-bfd3-da05b37c8e24/1/rkyfGKFH6zVjDiNFxUAOFop8icE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6c/d96b82-58dd-4dda-bfd3-da05b37c8e24/1/rkyfGKFH6zVjDiNFxUAOFop8icE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rkyfGKFH6zVjDiNFxUAOFop8icE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9e:a9:2f:89:e7:d6:59:ad:5c:b5:14:93:3b:67:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ae4c9f18a147eb35630e2345c5400e168a7c89c1
        Validity
            Not Before: Sep  7 10:00:24 2025 GMT
            Not After : Sep  8 10:00:24 2025 GMT
        Subject: CN=67039f2d3c436cfa2950fee93af89afc62c7f3c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:8b:ba:d6:8b:7c:1f:3b:a4:42:70:26:81:8f:
                    9f:a7:53:a0:6b:d7:b5:1c:2a:10:53:6d:5e:14:d1:
                    0f:55:e7:a9:c0:07:58:56:2e:f1:26:b9:2b:46:bc:
                    9c:0f:0c:44:c2:4f:d3:08:ed:d9:91:46:db:0a:f9:
                    13:59:d5:16:af:d1:a2:80:c8:c8:84:ac:67:56:fa:
                    5e:fa:aa:1a:9f:75:dc:1c:b0:9c:37:14:93:dc:dd:
                    dc:7f:a4:e0:eb:7d:be:15:b6:8a:a2:b3:81:b9:2c:
                    d7:ad:6b:92:98:3d:3b:91:fa:f5:c6:b9:a8:16:f0:
                    9d:bb:ae:c4:8d:d1:6a:1a:3f:67:ea:48:e1:dd:35:
                    cf:d6:a4:bc:fc:b3:17:17:0e:62:b4:49:3a:24:c2:
                    43:8e:d5:7f:47:be:27:19:57:67:fc:a0:ae:09:15:
                    15:6c:08:90:a3:0d:57:ec:5d:84:51:37:3d:69:28:
                    95:ac:ef:5b:4e:84:c2:c5:1b:71:d9:e3:99:07:aa:
                    a1:10:d4:67:37:73:26:47:a2:02:7d:a8:7d:a0:fe:
                    4e:78:6b:aa:45:84:42:48:a1:55:d7:22:ee:67:ee:
                    ca:87:e1:18:c0:35:39:f8:32:40:f2:75:28:4c:87:
                    74:3e:ef:f3:02:7a:01:94:d7:cc:94:eb:08:b2:d2:
                    4f:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:03:9F:2D:3C:43:6C:FA:29:50:FE:E9:3A:F8:9A:FC:62:C7:F3:C7
            X509v3 Authority Key Identifier:
                keyid:AE:4C:9F:18:A1:47:EB:35:63:0E:23:45:C5:40:0E:16:8A:7C:89:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rkyfGKFH6zVjDiNFxUAOFop8icE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/d96b82-58dd-4dda-bfd3-da05b37c8e24/1/rkyfGKFH6zVjDiNFxUAOFop8icE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/d96b82-58dd-4dda-bfd3-da05b37c8e24/1/rkyfGKFH6zVjDiNFxUAOFop8icE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b6:8d:70:c0:c5:6e:11:3a:04:c4:15:53:2d:dd:95:6c:92:b4:
         bf:85:c5:58:74:31:fe:d8:84:7d:59:65:ec:7b:6b:61:4f:75:
         b4:ea:1d:db:70:43:d2:5b:7c:00:29:41:f6:75:26:25:f6:81:
         11:2f:72:4b:8a:3c:b3:ab:7b:c9:29:28:76:e1:33:6d:d5:68:
         4c:c3:8b:77:2b:af:40:e4:dc:bf:4a:59:cf:10:9f:7f:a0:6c:
         83:ae:6a:9b:93:f5:e5:5d:5f:74:bb:80:5f:47:81:0b:d3:dc:
         a7:f4:de:89:3b:82:f3:1a:b5:73:f4:b0:42:42:c7:11:07:4f:
         07:14:10:ae:ff:70:a7:59:2f:2e:e4:ee:e7:13:54:2e:16:d0:
         5e:28:05:a3:6e:28:64:5b:25:2c:64:7d:93:ee:36:55:2d:d6:
         e2:74:ea:ba:33:c6:cb:79:49:0a:60:1d:1e:97:ab:5b:8a:b0:
         ff:a6:a2:e4:20:b6:02:c6:77:98:94:0e:21:23:85:44:fd:3d:
         30:7d:c0:53:60:77:a1:0e:ad:96:c9:ef:ce:7d:81:90:e1:fd:
         53:40:c8:19:fd:78:d5:98:f6:f4:3b:4c:8e:c9:15:04:9b:df:
         6f:9c:86:9a:b0:9d:c3:a4:15:01:f8:02:47:8a:39:ed:3d:a3:
         8e:03:20:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjnqkviefWWa1ctRSTO2fTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNGM5ZjE4YTE0N2ViMzU2MzBlMjM0NWM1NDAwZTE2OGE3
Yzg5YzEwHhcNMjUwOTA3MTAwMDI0WhcNMjUwOTA4MTAwMDI0WjAzMTEwLwYDVQQD
Eyg2NzAzOWYyZDNjNDM2Y2ZhMjk1MGZlZTkzYWY4OWFmYzYyYzdmM2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqou61ot8HzukQnAmgY+fp1Oga9e1
HCoQU21eFNEPVeepwAdYVi7xJrkrRrycDwxEwk/TCO3ZkUbbCvkTWdUWr9GigMjI
hKxnVvpe+qoan3XcHLCcNxST3N3cf6Tg632+FbaKorOBuSzXrWuSmD07kfr1xrmo
FvCdu67EjdFqGj9n6kjh3TXP1qS8/LMXFw5itEk6JMJDjtV/R74nGVdn/KCuCRUV
bAiQow1X7F2EUTc9aSiVrO9bToTCxRtx2eOZB6qhENRnN3MmR6ICfah9oP5OeGuq
RYRCSKFV1yLuZ+7Kh+EYwDU5+DJA8nUoTId0Pu/zAnoBlNfMlOsIstJPJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGcDny08Q2z6KVD+6Tr4mvxix/PHMB8GA1UdIwQY
MBaAFK5MnxihR+s1Yw4jRcVADhaKfInBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmt5ZkdLRkg2elZqRGlORnhVQU9Gb3A4aWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9kOTZiODItNThkZC00ZGRhLWJmZDMt
ZGEwNWIzN2M4ZTI0LzEvcmt5ZkdLRkg2elZqRGlORnhVQU9Gb3A4aWNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9kOTZiODItNThkZC00ZGRhLWJmZDMtZGEwNWIzN2M4ZTI0
LzEvcmt5ZkdLRkg2elZqRGlORnhVQU9Gb3A4aWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAto1wwMVu
EToExBVTLd2VbJK0v4XFWHQx/tiEfVll7HtrYU91tOod23BD0lt8AClB9nUmJfaB
ES9yS4o8s6t7ySkoduEzbdVoTMOLdyuvQOTcv0pZzxCff6Bsg65qm5P15V1fdLuA
X0eBC9Pcp/TeiTuC8xq1c/SwQkLHEQdPBxQQrv9wp1kvLuTu5xNULhbQXigFo24o
ZFslLGR9k+42VS3W4nTqujPGy3lJCmAdHperW4qw/6ai5CC2AsZ3mJQOISOFRP09
MH3AU2B3oQ6tlsnvzn2BkOH9U0DIGf141Zj29DtMjskVBJvfb5yGmrCdw6QVAfgC
R4o57T2jjgMgyA==
-----END CERTIFICATE-----