Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/735756-8857-424d-9524-20f531122b57/1/SdA41NOnW7-ev-owZGh7Xjs0b-M.mft
File:                     SdA41NOnW7-ev-owZGh7Xjs0b-M.mft (raw, json)
Hash identifier:          kp6mgolTSz3EIYBp7km+9VBUQM376kSvqGSWiiXL1o4=
Subject key identifier:   94:C1:47:42:28:72:38:BC:B5:61:2E:41:B8:D6:59:6B:E6:A6:17:4A
Authority key identifier: 49:D0:38:D4:D3:A7:5B:BF:9E:BF:EA:30:64:68:7B:5E:3B:34:6F:E3
Certificate issuer:       /CN=49d038d4d3a75bbf9ebfea3064687b5e3b346fe3
Certificate serial:       019923A0E04611A33A78BAB1B56E7EEC9CEA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SdA41NOnW7-ev-owZGh7Xjs0b-M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/88/735756-8857-424d-9524-20f531122b57/1/SdA41NOnW7-ev-owZGh7Xjs0b-M.mft
Manifest number:          0C93
Signing time:             Sun 07 Sep 2025 10:02:49 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:49 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:49 +0000
Files and hashes:         1: SdA41NOnW7-ev-owZGh7Xjs0b-M.crl (hash: nT8dbF2w+HX+aWgzWCl6/GUtQES922rJssraiA6Y2Bo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/88/735756-8857-424d-9524-20f531122b57/1/SdA41NOnW7-ev-owZGh7Xjs0b-M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/88/735756-8857-424d-9524-20f531122b57/1/SdA41NOnW7-ev-owZGh7Xjs0b-M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SdA41NOnW7-ev-owZGh7Xjs0b-M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:e0:46:11:a3:3a:78:ba:b1:b5:6e:7e:ec:9c:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49d038d4d3a75bbf9ebfea3064687b5e3b346fe3
        Validity
            Not Before: Sep  7 10:02:49 2025 GMT
            Not After : Sep  8 10:02:49 2025 GMT
        Subject: CN=94c14742287238bcb5612e41b8d6596be6a6174a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:7d:78:c4:68:04:ed:a7:ef:ba:2c:86:4b:00:
                    f1:3b:57:06:76:9e:01:61:38:41:a7:3a:b9:68:8d:
                    20:a2:0e:26:c0:fa:74:de:af:75:6d:aa:43:ac:9a:
                    b7:a7:f2:21:c9:16:4a:e6:28:0f:ea:9b:94:99:c5:
                    31:4e:64:c3:bf:e4:be:56:87:6e:9d:1e:bf:a6:41:
                    c8:b3:4d:66:47:c0:81:13:e7:b5:a2:d5:0f:fa:de:
                    3f:4d:53:f0:66:ac:24:bc:86:3d:e3:27:aa:ca:68:
                    8c:85:3d:cf:33:b4:29:fa:24:7e:0e:b0:14:28:7b:
                    4f:99:8c:14:13:86:be:f0:aa:53:b8:a7:e0:9e:8d:
                    87:72:46:63:3a:2e:0f:96:f4:3d:c5:58:1a:9f:07:
                    c3:9e:20:79:6c:28:d1:7d:d9:9c:e9:f1:1d:69:de:
                    37:4d:7c:df:69:7f:de:03:56:9b:a2:d0:13:7a:0c:
                    43:bb:34:e3:a3:07:19:bb:d9:60:7b:f5:a2:3c:d8:
                    5d:f5:a6:69:d8:19:32:6b:dc:60:ad:49:75:32:b9:
                    fd:df:20:1d:f5:e2:da:ec:80:81:c9:95:23:34:86:
                    1c:2c:bc:f0:3e:4e:d7:83:58:f3:d3:ab:db:ef:af:
                    11:8d:52:ec:9d:d2:59:fb:06:91:f9:c6:43:79:8a:
                    f8:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:C1:47:42:28:72:38:BC:B5:61:2E:41:B8:D6:59:6B:E6:A6:17:4A
            X509v3 Authority Key Identifier:
                keyid:49:D0:38:D4:D3:A7:5B:BF:9E:BF:EA:30:64:68:7B:5E:3B:34:6F:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SdA41NOnW7-ev-owZGh7Xjs0b-M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/735756-8857-424d-9524-20f531122b57/1/SdA41NOnW7-ev-owZGh7Xjs0b-M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/88/735756-8857-424d-9524-20f531122b57/1/SdA41NOnW7-ev-owZGh7Xjs0b-M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:3b:80:58:83:18:a6:48:52:2d:7d:14:6a:9a:3b:bd:6b:ac:
         f3:e9:c8:45:e3:d8:45:6a:5d:a4:9b:3f:0c:97:bd:53:37:14:
         a4:38:a4:6b:8d:2d:e0:21:bd:2b:7e:1d:da:95:22:f1:ff:66:
         79:43:59:48:9f:57:f7:af:fa:80:f6:5c:4e:4c:3b:93:16:fa:
         98:66:01:42:c5:78:5b:9b:6a:3f:97:fb:4f:12:ff:9e:b4:56:
         e6:61:fa:c2:33:39:77:59:c4:2e:9c:04:43:9b:68:f0:8f:af:
         99:51:37:8b:35:c8:91:48:45:f4:ef:6c:77:1c:1b:58:3f:1d:
         46:b6:fe:46:69:d3:5b:f7:24:a2:53:e8:52:39:f6:a3:98:9f:
         7d:69:77:4b:0a:52:a5:99:ee:9e:54:e2:e1:8d:9e:48:b2:bf:
         78:d7:9f:44:7c:b6:29:83:45:42:22:3e:68:29:1e:57:26:b4:
         70:88:bf:cb:dd:13:61:72:b8:be:c6:5f:27:25:10:d0:e6:59:
         dc:04:d5:74:ac:b1:ec:77:c1:d1:d9:1b:ba:11:3f:ad:63:80:
         ca:81:25:4c:6c:47:5e:d0:cf:e7:23:e8:44:1d:5a:e3:9b:d5:
         58:14:4a:40:ca:f2:f5:5b:6d:f7:35:96:98:0e:f9:75:f9:f8:
         dd:04:94:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoOBGEaM6eLqxtW5+7JzqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZDAzOGQ0ZDNhNzViYmY5ZWJmZWEzMDY0Njg3YjVlM2Iz
NDZmZTMwHhcNMjUwOTA3MTAwMjQ5WhcNMjUwOTA4MTAwMjQ5WjAzMTEwLwYDVQQD
Eyg5NGMxNDc0MjI4NzIzOGJjYjU2MTJlNDFiOGQ2NTk2YmU2YTYxNzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5314xGgE7afvuiyGSwDxO1cGdp4B
YThBpzq5aI0gog4mwPp03q91bapDrJq3p/IhyRZK5igP6puUmcUxTmTDv+S+Vodu
nR6/pkHIs01mR8CBE+e1otUP+t4/TVPwZqwkvIY94yeqymiMhT3PM7Qp+iR+DrAU
KHtPmYwUE4a+8KpTuKfgno2HckZjOi4PlvQ9xVganwfDniB5bCjRfdmc6fEdad43
TXzfaX/eA1abotATegxDuzTjowcZu9lge/WiPNhd9aZp2Bkya9xgrUl1Mrn93yAd
9eLa7ICByZUjNIYcLLzwPk7Xg1jz06vb768RjVLsndJZ+waR+cZDeYr4UwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJTBR0Iocji8tWEuQbjWWWvmphdKMB8GA1UdIwQY
MBaAFEnQONTTp1u/nr/qMGRoe147NG/jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2RBNDFOT25XNy1ldi1vd1pHaDdYanMwYi1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC83MzU3NTYtODg1Ny00MjRkLTk1MjQt
MjBmNTMxMTIyYjU3LzEvU2RBNDFOT25XNy1ldi1vd1pHaDdYanMwYi1NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC83MzU3NTYtODg1Ny00MjRkLTk1MjQtMjBmNTMxMTIyYjU3
LzEvU2RBNDFOT25XNy1ldi1vd1pHaDdYanMwYi1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmTuAWIMY
pkhSLX0Uapo7vWus8+nIRePYRWpdpJs/DJe9UzcUpDika40t4CG9K34d2pUi8f9m
eUNZSJ9X96/6gPZcTkw7kxb6mGYBQsV4W5tqP5f7TxL/nrRW5mH6wjM5d1nELpwE
Q5to8I+vmVE3izXIkUhF9O9sdxwbWD8dRrb+RmnTW/ckolPoUjn2o5iffWl3SwpS
pZnunlTi4Y2eSLK/eNefRHy2KYNFQiI+aCkeVya0cIi/y90TYXK4vsZfJyUQ0OZZ
3ATVdKyx7HfB0dkbuhE/rWOAyoElTGxHXtDP5yPoRB1a45vVWBRKQMry9Vtt9zWW
mA75dfn43QSUTw==
-----END CERTIFICATE-----