Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft
File:                     2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft (raw, json)
Hash identifier:          jILYCEnoGC4Elbj4W7Gkr+pymOnZ3raR2Kr2S1aLmFg=
Subject key identifier:   69:E0:81:3A:50:05:EB:D0:03:D1:21:D4:46:8D:EC:B2:4B:87:EF:EA
Authority key identifier: D9:91:D6:89:0F:91:FB:2C:D7:79:31:B8:09:BD:B1:EB:05:09:13:49
Certificate issuer:       /CN=d991d6890f91fb2cd77931b809bdb1eb05091349
Certificate serial:       019923A062C017695DC3EAD74D7E87F13AEE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft
Manifest number:          110D
Signing time:             Sun 07 Sep 2025 10:02:17 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:17 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:17 +0000
Files and hashes:         1: 2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.crl (hash: 7ukYC8opfaIYA/bUH/R18NB2jScbyZTBAv7LQ7b++J0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:62:c0:17:69:5d:c3:ea:d7:4d:7e:87:f1:3a:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d991d6890f91fb2cd77931b809bdb1eb05091349
        Validity
            Not Before: Sep  7 10:02:17 2025 GMT
            Not After : Sep  8 10:02:17 2025 GMT
        Subject: CN=69e0813a5005ebd003d121d4468decb24b87efea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:d0:9e:35:fb:09:44:42:17:fe:28:eb:5c:8e:
                    0b:79:28:82:da:37:8f:2e:19:44:0f:71:bd:a2:25:
                    85:d0:67:d8:ab:0b:07:ee:e0:69:0e:da:90:ea:02:
                    24:41:ea:d8:b6:ab:84:74:2b:5f:20:7c:af:ca:20:
                    62:2a:43:38:0d:14:09:0b:da:0a:de:6b:c5:4b:9f:
                    b6:71:18:15:d8:7b:82:a7:1b:7f:ce:59:d9:76:33:
                    f2:00:81:3a:0e:1f:c8:50:45:85:4e:5b:20:4b:58:
                    2d:0b:82:2a:37:1f:0b:f9:5b:88:43:ec:c9:80:9d:
                    8e:51:ba:7b:de:0d:b3:e7:43:47:db:aa:d3:d7:c4:
                    78:7a:c6:81:ed:74:38:34:e7:cd:0e:7f:89:ea:39:
                    e3:f5:1a:b5:87:d6:57:10:4d:64:9c:f3:06:02:a4:
                    c3:f1:99:96:9a:af:f6:95:8a:75:10:07:d8:49:3a:
                    50:fc:71:16:0d:12:7e:b0:79:f9:6f:74:f6:c4:75:
                    d0:b6:8a:a9:88:f9:fd:4b:80:54:fc:c0:d8:df:d4:
                    06:cf:3c:3f:18:39:50:c5:c3:a9:26:99:d3:f0:34:
                    b3:b6:3b:92:c6:05:42:f3:e5:5e:0c:74:80:b7:80:
                    1e:dc:09:c7:7e:ff:9d:c0:03:8c:6c:68:a8:ff:5b:
                    b0:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:E0:81:3A:50:05:EB:D0:03:D1:21:D4:46:8D:EC:B2:4B:87:EF:EA
            X509v3 Authority Key Identifier:
                keyid:D9:91:D6:89:0F:91:FB:2C:D7:79:31:B8:09:BD:B1:EB:05:09:13:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:93:fd:7a:50:a1:cd:7b:57:af:b1:3d:61:6e:ab:a3:d6:74:
         7e:7b:d4:e4:7a:7b:94:f2:de:ba:4c:50:bb:e4:ef:23:21:e7:
         f9:95:72:65:6d:8e:9b:6b:5d:15:d8:ef:a2:04:e2:6a:95:37:
         2f:cb:9f:cd:ce:15:20:fd:31:e2:5f:96:91:32:9b:70:82:56:
         99:38:d6:be:8f:26:e0:95:91:63:5d:e2:35:5e:97:70:4c:58:
         22:f1:7e:11:52:8d:12:f4:e2:16:3f:f3:7c:c1:7e:01:3d:b4:
         e9:88:21:3c:19:39:55:c4:58:39:b6:c2:e1:0d:b5:a2:2a:34:
         d4:c2:82:8a:5c:17:12:97:97:c5:23:79:97:aa:54:d0:18:ea:
         e4:9d:d4:b6:10:bd:3c:d3:70:cc:3c:96:ed:73:dc:f2:35:92:
         ac:41:bd:f7:ca:69:51:d5:2e:1e:54:a3:2b:59:ca:5f:a3:a8:
         c6:48:20:4e:e0:6a:58:42:48:3d:bb:43:f2:4c:b0:81:ed:b3:
         8b:a1:c0:16:56:11:a1:75:37:b2:cf:8d:80:96:3b:f0:4c:6a:
         ee:d2:a7:8c:d0:67:6e:4a:9e:e9:ab:f5:dd:da:e0:a1:d4:90:
         e2:1a:62:eb:bd:41:9f:33:72:b9:c1:e6:01:12:c1:a1:66:37:
         59:45:98:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoGLAF2ldw+rXTX6H8TruMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5OTFkNjg5MGY5MWZiMmNkNzc5MzFiODA5YmRiMWViMDUw
OTEzNDkwHhcNMjUwOTA3MTAwMjE3WhcNMjUwOTA4MTAwMjE3WjAzMTEwLwYDVQQD
Eyg2OWUwODEzYTUwMDVlYmQwMDNkMTIxZDQ0NjhkZWNiMjRiODdlZmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgtCeNfsJREIX/ijrXI4LeSiC2jeP
LhlED3G9oiWF0GfYqwsH7uBpDtqQ6gIkQerYtquEdCtfIHyvyiBiKkM4DRQJC9oK
3mvFS5+2cRgV2HuCpxt/zlnZdjPyAIE6Dh/IUEWFTlsgS1gtC4IqNx8L+VuIQ+zJ
gJ2OUbp73g2z50NH26rT18R4esaB7XQ4NOfNDn+J6jnj9Rq1h9ZXEE1knPMGAqTD
8ZmWmq/2lYp1EAfYSTpQ/HEWDRJ+sHn5b3T2xHXQtoqpiPn9S4BU/MDY39QGzzw/
GDlQxcOpJpnT8DSztjuSxgVC8+VeDHSAt4Ae3AnHfv+dwAOMbGio/1uwWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGnggTpQBevQA9Eh1EaN7LJLh+/qMB8GA1UdIwQY
MBaAFNmR1okPkfss13kxuAm9sesFCRNJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlpIV2lRLVIteXpYZVRHNENiMng2d1VKRTBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9jNzc3OTctMGVjNy00YTBlLWE1NDIt
YzQwODU3NjA4OWIxLzEvMlpIV2lRLVIteXpYZVRHNENiMng2d1VKRTBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9jNzc3OTctMGVjNy00YTBlLWE1NDItYzQwODU3NjA4OWIx
LzEvMlpIV2lRLVIteXpYZVRHNENiMng2d1VKRTBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfZP9elCh
zXtXr7E9YW6ro9Z0fnvU5Hp7lPLeukxQu+TvIyHn+ZVyZW2Om2tdFdjvogTiapU3
L8ufzc4VIP0x4l+WkTKbcIJWmTjWvo8m4JWRY13iNV6XcExYIvF+EVKNEvTiFj/z
fMF+AT206YghPBk5VcRYObbC4Q21oio01MKCilwXEpeXxSN5l6pU0Bjq5J3UthC9
PNNwzDyW7XPc8jWSrEG998ppUdUuHlSjK1nKX6OoxkggTuBqWEJIPbtD8kywge2z
i6HAFlYRoXU3ss+NgJY78Exq7tKnjNBnbkqe6av13drgodSQ4hpi671BnzNyucHm
ARLBoWY3WUWY0w==
-----END CERTIFICATE-----