Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/cd0169-ffc1-401a-abbd-ba033f907d91/1/BYfISQs3IEVmn0Xxgxk-7Ub5kfU.mft
File:                     BYfISQs3IEVmn0Xxgxk-7Ub5kfU.mft (raw, json)
Hash identifier:          7orQGETvA1EA0IpFXbs89fTVk49GKnJW5Sp/UQUF1pE=
Subject key identifier:   12:30:77:C4:BD:2B:F7:B3:6E:45:5D:48:E9:9A:BD:CB:E3:E3:84:27
Authority key identifier: 05:87:C8:49:0B:37:20:45:66:9F:45:F1:83:19:3E:ED:46:F9:91:F5
Certificate issuer:       /CN=0587c8490b372045669f45f183193eed46f991f5
Certificate serial:       0199239F86155E146773CB7499EF90740DB3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BYfISQs3IEVmn0Xxgxk-7Ub5kfU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/cd0169-ffc1-401a-abbd-ba033f907d91/1/BYfISQs3IEVmn0Xxgxk-7Ub5kfU.mft
Manifest number:          09D1
Signing time:             Sun 07 Sep 2025 10:01:21 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:21 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:21 +0000
Files and hashes:         1: BYfISQs3IEVmn0Xxgxk-7Ub5kfU.crl (hash: FouR4s5Bn+atIAwzuvYQthdX4AH0sdv+qmo6wc6Eke0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/84/cd0169-ffc1-401a-abbd-ba033f907d91/1/BYfISQs3IEVmn0Xxgxk-7Ub5kfU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/84/cd0169-ffc1-401a-abbd-ba033f907d91/1/BYfISQs3IEVmn0Xxgxk-7Ub5kfU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BYfISQs3IEVmn0Xxgxk-7Ub5kfU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:86:15:5e:14:67:73:cb:74:99:ef:90:74:0d:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0587c8490b372045669f45f183193eed46f991f5
        Validity
            Not Before: Sep  7 10:01:21 2025 GMT
            Not After : Sep  8 10:01:21 2025 GMT
        Subject: CN=123077c4bd2bf7b36e455d48e99abdcbe3e38427
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:ec:f6:ea:1b:d4:0b:00:e1:9d:b5:6b:aa:3f:
                    c2:b9:ac:29:83:34:77:17:a7:ff:c5:db:4a:27:f6:
                    4c:4e:a3:2d:92:57:ce:4e:e4:8a:d2:b5:8c:b9:bc:
                    98:4c:cd:3f:e8:14:14:c5:57:30:60:ff:1e:0c:bb:
                    72:b0:7a:01:66:17:9c:97:0f:28:ea:d2:d1:65:09:
                    21:2d:36:ae:a9:14:79:01:81:ac:42:ed:46:12:bc:
                    01:50:04:6e:c8:b4:71:ef:05:ff:2f:a0:cd:6a:32:
                    94:cd:95:86:4e:35:72:a0:0c:fa:a5:3b:37:96:df:
                    3b:59:a8:a8:01:95:cf:66:4f:a3:d9:5c:6e:77:b3:
                    c0:c8:3f:76:1d:1a:80:6f:c4:df:1d:8b:d8:12:45:
                    08:a0:ff:73:86:ea:69:9d:f5:50:37:d1:c8:b0:35:
                    67:58:71:44:1d:9d:0b:3a:3a:3c:25:a0:e6:58:b2:
                    e4:9e:d6:e7:f7:25:99:36:73:85:77:24:48:ac:57:
                    2b:98:4e:4d:c3:d5:c9:c6:28:20:2b:c6:9a:5f:f3:
                    b8:02:54:da:6a:ec:d2:3c:9f:a3:6c:40:a3:05:e5:
                    ff:f2:33:2d:cc:a6:4b:7e:5a:3a:f3:50:91:12:37:
                    dd:69:b1:81:21:f6:54:71:79:31:8f:63:72:b3:65:
                    7b:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:30:77:C4:BD:2B:F7:B3:6E:45:5D:48:E9:9A:BD:CB:E3:E3:84:27
            X509v3 Authority Key Identifier:
                keyid:05:87:C8:49:0B:37:20:45:66:9F:45:F1:83:19:3E:ED:46:F9:91:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BYfISQs3IEVmn0Xxgxk-7Ub5kfU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/cd0169-ffc1-401a-abbd-ba033f907d91/1/BYfISQs3IEVmn0Xxgxk-7Ub5kfU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/cd0169-ffc1-401a-abbd-ba033f907d91/1/BYfISQs3IEVmn0Xxgxk-7Ub5kfU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:af:47:d2:c0:14:97:4c:4a:85:c0:8e:e3:86:05:41:40:3a:
         4a:5f:f5:1e:cd:cd:96:52:1f:b6:4f:bd:62:9f:cc:70:cf:da:
         99:72:f4:b0:57:37:7d:de:90:0a:41:86:85:1c:9a:53:95:75:
         1d:34:0f:ce:b8:e3:80:86:92:ec:09:a8:aa:f8:59:77:6c:6e:
         ed:8b:36:bd:e0:7f:e4:f2:9c:ae:d5:d3:ab:aa:44:26:c1:39:
         0f:e1:3c:13:80:ef:0f:68:ed:49:d3:28:ed:c3:bb:b6:a1:79:
         b8:ef:af:6e:8d:71:0e:96:12:9e:f7:e7:5e:c7:55:4b:4f:93:
         1f:28:d5:ef:21:30:6f:71:74:4b:b5:93:c5:7d:88:74:b6:69:
         ea:be:6c:bd:04:19:af:7f:ed:c0:ea:a2:6e:da:72:97:68:96:
         9f:e1:0f:39:f6:4c:f2:a6:5f:17:07:dd:5b:ae:53:a6:b4:c3:
         3e:25:7e:09:cf:dd:8a:ea:96:88:3f:bf:99:10:5e:c0:a9:a3:
         45:19:89:67:7d:6c:fc:00:08:10:36:54:01:5c:41:6c:0e:a8:
         6e:47:8a:c4:ac:f2:53:bd:20:6f:70:94:99:f7:ad:b3:33:49:
         d4:0c:95:ef:77:19:ce:c3:b3:8d:c0:3c:52:0c:a9:c7:50:a1:
         fe:a2:b4:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn4YVXhRnc8t0me+QdA2zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ODdjODQ5MGIzNzIwNDU2NjlmNDVmMTgzMTkzZWVkNDZm
OTkxZjUwHhcNMjUwOTA3MTAwMTIxWhcNMjUwOTA4MTAwMTIxWjAzMTEwLwYDVQQD
EygxMjMwNzdjNGJkMmJmN2IzNmU0NTVkNDhlOTlhYmRjYmUzZTM4NDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOz26hvUCwDhnbVrqj/CuawpgzR3
F6f/xdtKJ/ZMTqMtklfOTuSK0rWMubyYTM0/6BQUxVcwYP8eDLtysHoBZheclw8o
6tLRZQkhLTauqRR5AYGsQu1GErwBUARuyLRx7wX/L6DNajKUzZWGTjVyoAz6pTs3
lt87WaioAZXPZk+j2Vxud7PAyD92HRqAb8TfHYvYEkUIoP9zhuppnfVQN9HIsDVn
WHFEHZ0LOjo8JaDmWLLkntbn9yWZNnOFdyRIrFcrmE5Nw9XJxiggK8aaX/O4AlTa
auzSPJ+jbECjBeX/8jMtzKZLflo681CREjfdabGBIfZUcXkxj2Nys2V7CwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBIwd8S9K/ezbkVdSOmavcvj44QnMB8GA1UdIwQY
MBaAFAWHyEkLNyBFZp9F8YMZPu1G+ZH1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQllmSVNRczNJRVZtbjBYeGd4ay03VWI1a2ZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9jZDAxNjktZmZjMS00MDFhLWFiYmQt
YmEwMzNmOTA3ZDkxLzEvQllmSVNRczNJRVZtbjBYeGd4ay03VWI1a2ZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9jZDAxNjktZmZjMS00MDFhLWFiYmQtYmEwMzNmOTA3ZDkx
LzEvQllmSVNRczNJRVZtbjBYeGd4ay03VWI1a2ZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR69H0sAU
l0xKhcCO44YFQUA6Sl/1Hs3NllIftk+9Yp/McM/amXL0sFc3fd6QCkGGhRyaU5V1
HTQPzrjjgIaS7AmoqvhZd2xu7Ys2veB/5PKcrtXTq6pEJsE5D+E8E4DvD2jtSdMo
7cO7tqF5uO+vbo1xDpYSnvfnXsdVS0+THyjV7yEwb3F0S7WTxX2IdLZp6r5svQQZ
r3/twOqibtpyl2iWn+EPOfZM8qZfFwfdW65TprTDPiV+Cc/diuqWiD+/mRBewKmj
RRmJZ31s/AAIEDZUAVxBbA6obkeKxKzyU70gb3CUmfetszNJ1AyV73cZzsOzjcA8
Ugypx1Ch/qK0sg==
-----END CERTIFICATE-----