Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft
File:                     Igmk3BOlMEp6okvhwXi6QuF5L4U.mft (raw, json)
Hash identifier:          WDm+HE8hVE/UU76a4bqC6t5Crsz5bSaun8Yx7Je3NCI=
Subject key identifier:   62:77:70:D9:35:96:78:F0:B8:81:0C:4D:87:7B:27:EA:EA:47:36:A4
Authority key identifier: 22:09:A4:DC:13:A5:30:4A:7A:A2:4B:E1:C1:78:BA:42:E1:79:2F:85
Certificate issuer:       /CN=2209a4dc13a5304a7aa24be1c178ba42e1792f85
Certificate serial:       019922C336D57F3F71E4F67FBBFB12E73AB4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Igmk3BOlMEp6okvhwXi6QuF5L4U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft
Manifest number:          0256
Signing time:             Sun 07 Sep 2025 06:00:42 +0000
Manifest this update:     Sun 07 Sep 2025 06:00:42 +0000
Manifest next update:     Mon 08 Sep 2025 06:00:42 +0000
Files and hashes:         1: Igmk3BOlMEp6okvhwXi6QuF5L4U.crl (hash: jsOgSaNkH0qk0UeOPWH42BKdFarGPeSYMwtin+gMOi4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Igmk3BOlMEp6okvhwXi6QuF5L4U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 06:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:c3:36:d5:7f:3f:71:e4:f6:7f:bb:fb:12:e7:3a:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2209a4dc13a5304a7aa24be1c178ba42e1792f85
        Validity
            Not Before: Sep  7 06:00:42 2025 GMT
            Not After : Sep  8 06:00:42 2025 GMT
        Subject: CN=627770d9359678f0b8810c4d877b27eaea4736a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:45:b8:23:c3:93:2c:3f:06:09:72:cc:cb:33:
                    78:2b:5b:e1:b9:54:cd:0a:2e:34:36:f0:c1:ff:84:
                    7e:e4:85:c5:29:bc:90:5a:ff:b4:a6:97:9c:7c:38:
                    9a:70:11:ca:3c:cf:0a:55:05:b1:89:98:36:a9:08:
                    89:16:b8:91:2f:b6:ea:b9:d3:c2:11:c5:54:55:45:
                    18:56:2a:31:62:28:29:6f:35:cb:e0:c0:f0:5f:a2:
                    83:bf:a4:a4:bc:9a:fe:8c:2a:8b:ee:8c:52:fb:46:
                    73:15:14:a2:9a:fa:e6:7c:91:9d:a7:42:dd:08:df:
                    e1:26:ca:a3:32:12:c8:c1:1c:bb:93:54:44:22:15:
                    cc:e5:d1:39:39:3f:f6:74:f8:f0:97:7c:47:c3:15:
                    8c:20:f9:f4:d7:6a:05:44:bc:75:e2:16:6e:16:1f:
                    a5:d8:4b:6e:8a:4e:66:7c:82:66:16:16:e3:28:4b:
                    b2:6d:5a:95:85:5e:ea:c5:84:ad:52:e6:9f:d5:41:
                    ff:cd:e3:77:9c:a0:c2:d3:6f:6f:7c:a5:1e:66:d8:
                    8e:28:13:5f:a1:33:e6:d4:3b:e3:1e:39:f9:c8:97:
                    39:b9:e7:1b:5f:5f:7a:8e:a7:94:63:37:22:6d:7c:
                    d0:ed:00:dc:28:90:6f:01:a9:d7:dc:3a:df:d3:8f:
                    a1:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:77:70:D9:35:96:78:F0:B8:81:0C:4D:87:7B:27:EA:EA:47:36:A4
            X509v3 Authority Key Identifier:
                keyid:22:09:A4:DC:13:A5:30:4A:7A:A2:4B:E1:C1:78:BA:42:E1:79:2F:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Igmk3BOlMEp6okvhwXi6QuF5L4U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:27:45:55:74:0b:e7:dd:0a:8a:83:ba:2d:a2:af:ce:bc:ce:
         77:44:8d:ea:07:83:ad:5a:64:89:02:0e:45:40:41:dd:0c:68:
         c2:11:50:5b:a7:39:06:15:84:04:2f:0c:8d:2f:49:28:a0:a3:
         a4:dc:c3:03:a3:a6:da:15:6f:19:78:69:34:9e:e2:2a:3f:48:
         48:a1:a2:31:b1:6a:f2:a6:7d:48:18:af:8a:b7:ea:db:95:80:
         52:46:e3:40:ae:47:3e:0d:85:cb:71:39:cb:f7:7d:57:be:56:
         c9:d7:64:de:96:be:9c:bc:b2:9d:37:d9:2d:00:6a:f9:01:50:
         45:a8:f3:02:3b:40:03:75:51:83:7b:d7:58:ad:a7:f0:87:b7:
         88:06:f6:3c:b3:5a:91:e6:54:71:75:3e:da:ef:73:b2:14:57:
         2a:5e:a2:5b:ef:90:2f:cc:3c:5f:a9:9b:61:5e:93:8c:ce:0e:
         4f:87:57:2a:9b:43:5e:b5:57:8e:a8:44:33:fb:4d:bb:40:59:
         87:73:df:8e:82:9f:a2:04:4c:ed:c3:93:90:36:e0:21:4d:0b:
         59:63:72:a4:20:c5:39:02:19:de:b8:c4:1e:1e:57:56:4d:2c:
         10:b2:d6:b0:6c:f7:9f:1d:a5:79:60:cc:30:e1:93:fa:fe:6e:
         31:ae:3d:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiwzbVfz9x5PZ/u/sS5zq0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMDlhNGRjMTNhNTMwNGE3YWEyNGJlMWMxNzhiYTQyZTE3
OTJmODUwHhcNMjUwOTA3MDYwMDQyWhcNMjUwOTA4MDYwMDQyWjAzMTEwLwYDVQQD
Eyg2Mjc3NzBkOTM1OTY3OGYwYjg4MTBjNGQ4NzdiMjdlYWVhNDczNmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAikW4I8OTLD8GCXLMyzN4K1vhuVTN
Ci40NvDB/4R+5IXFKbyQWv+0ppecfDiacBHKPM8KVQWxiZg2qQiJFriRL7bqudPC
EcVUVUUYVioxYigpbzXL4MDwX6KDv6SkvJr+jCqL7oxS+0ZzFRSimvrmfJGdp0Ld
CN/hJsqjMhLIwRy7k1REIhXM5dE5OT/2dPjwl3xHwxWMIPn012oFRLx14hZuFh+l
2Etuik5mfIJmFhbjKEuybVqVhV7qxYStUuaf1UH/zeN3nKDC029vfKUeZtiOKBNf
oTPm1DvjHjn5yJc5uecbX196jqeUYzcibXzQ7QDcKJBvAanX3Drf04+h0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGJ3cNk1lnjwuIEMTYd7J+rqRzakMB8GA1UdIwQY
MBaAFCIJpNwTpTBKeqJL4cF4ukLheS+FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWdtazNCT2xNRXA2b2t2aHdYaTZRdUY1TDRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9lNDg2MmEtNTExZS00YzBjLTk1MWYt
NjhhZmQ0NzQ1MTQ5LzEvSWdtazNCT2xNRXA2b2t2aHdYaTZRdUY1TDRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9lNDg2MmEtNTExZS00YzBjLTk1MWYtNjhhZmQ0NzQ1MTQ5
LzEvSWdtazNCT2xNRXA2b2t2aHdYaTZRdUY1TDRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWidFVXQL
590KioO6LaKvzrzOd0SN6geDrVpkiQIORUBB3QxowhFQW6c5BhWEBC8MjS9JKKCj
pNzDA6Om2hVvGXhpNJ7iKj9ISKGiMbFq8qZ9SBivirfq25WAUkbjQK5HPg2Fy3E5
y/d9V75Wyddk3pa+nLyynTfZLQBq+QFQRajzAjtAA3VRg3vXWK2n8Ie3iAb2PLNa
keZUcXU+2u9zshRXKl6iW++QL8w8X6mbYV6TjM4OT4dXKptDXrVXjqhEM/tNu0BZ
h3PfjoKfogRM7cOTkDbgIU0LWWNypCDFOQIZ3rjEHh5XVk0sELLWsGz3nx2leWDM
MOGT+v5uMa49/Q==
-----END CERTIFICATE-----