Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/b492ff-3154-4304-b927-d99832657a45/1/l213R7vhqAE1QKcW0lzHh_h9tmo.mft
File:                     l213R7vhqAE1QKcW0lzHh_h9tmo.mft (raw, json)
Hash identifier:          Pbj+surtWdk815KOSkBRWwAjl+NXhyVgOvGiU+6W0Uo=
Subject key identifier:   5B:3E:B2:C2:C0:D6:61:0C:62:F4:AD:97:67:85:D5:98:80:A7:53:96
Authority key identifier: 97:6D:77:47:BB:E1:A8:01:35:40:A7:16:D2:5C:C7:87:F8:7D:B6:6A
Certificate issuer:       /CN=976d7747bbe1a8013540a716d25cc787f87db66a
Certificate serial:       019921B101DBE7B6BA0A9D4ACE13379E5C67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/l213R7vhqAE1QKcW0lzHh_h9tmo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/b492ff-3154-4304-b927-d99832657a45/1/l213R7vhqAE1QKcW0lzHh_h9tmo.mft
Manifest number:          0D1B
Signing time:             Sun 07 Sep 2025 01:01:12 +0000
Manifest this update:     Sun 07 Sep 2025 01:01:12 +0000
Manifest next update:     Mon 08 Sep 2025 01:01:12 +0000
Files and hashes:         1: l213R7vhqAE1QKcW0lzHh_h9tmo.crl (hash: QVu5FyyG1vIUSHn2tNK86Ss5yEyeCiBshFF5vZ7ri6o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/92/b492ff-3154-4304-b927-d99832657a45/1/l213R7vhqAE1QKcW0lzHh_h9tmo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/92/b492ff-3154-4304-b927-d99832657a45/1/l213R7vhqAE1QKcW0lzHh_h9tmo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/l213R7vhqAE1QKcW0lzHh_h9tmo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:01:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b1:01:db:e7:b6:ba:0a:9d:4a:ce:13:37:9e:5c:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=976d7747bbe1a8013540a716d25cc787f87db66a
        Validity
            Not Before: Sep  7 01:01:12 2025 GMT
            Not After : Sep  8 01:01:12 2025 GMT
        Subject: CN=5b3eb2c2c0d6610c62f4ad976785d59880a75396
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:39:3d:f6:3d:bd:61:ba:06:ef:59:0d:24:2e:
                    2b:8f:fc:9c:44:f1:a1:24:83:48:8a:7f:15:cc:d6:
                    62:06:7e:71:e6:e4:42:98:3e:cb:14:9d:9b:6b:7d:
                    bb:d9:d3:9f:8a:c7:18:5f:f4:a3:77:af:71:d6:b3:
                    ca:2a:ef:02:e1:cb:ec:db:74:46:de:a3:99:50:64:
                    7b:70:f7:72:78:eb:ef:18:48:a9:66:c6:60:4d:5a:
                    68:66:72:66:5b:50:0f:29:3c:32:8c:4d:e9:2d:11:
                    50:3d:ba:ad:81:ed:27:0c:d9:34:30:18:d3:4c:d4:
                    92:90:1d:53:8e:ea:56:31:58:89:ee:03:6b:2a:bb:
                    7a:20:b2:81:ef:77:66:42:fc:a9:c6:13:b1:97:50:
                    a9:af:e2:aa:57:66:bd:09:dd:cf:d9:80:e7:3e:a5:
                    bb:a4:2b:0f:36:dd:ce:e8:90:a0:0d:00:15:a4:5e:
                    2e:27:59:43:29:d1:94:36:aa:6f:c5:f2:be:00:df:
                    f7:2d:34:10:b9:0d:ac:2b:a6:2d:1b:db:b0:5f:ef:
                    a0:1d:41:0a:59:5b:a5:d4:20:16:58:c5:54:a7:2f:
                    c4:35:31:54:28:37:23:4d:47:bb:fe:ef:52:b7:b2:
                    23:ad:af:2c:df:81:0e:4b:31:33:f6:94:f4:34:a2:
                    b0:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:3E:B2:C2:C0:D6:61:0C:62:F4:AD:97:67:85:D5:98:80:A7:53:96
            X509v3 Authority Key Identifier:
                keyid:97:6D:77:47:BB:E1:A8:01:35:40:A7:16:D2:5C:C7:87:F8:7D:B6:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l213R7vhqAE1QKcW0lzHh_h9tmo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/b492ff-3154-4304-b927-d99832657a45/1/l213R7vhqAE1QKcW0lzHh_h9tmo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/b492ff-3154-4304-b927-d99832657a45/1/l213R7vhqAE1QKcW0lzHh_h9tmo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:52:e4:d6:a3:2d:15:5d:5e:ed:0c:8a:f9:22:6e:57:a4:b7:
         7a:76:b6:e9:ba:50:ba:6f:da:d5:2c:46:e7:eb:9d:af:8d:48:
         1f:b5:48:32:08:43:b8:58:ca:a2:56:7e:0f:51:91:3a:e6:39:
         32:f1:8d:42:36:38:0f:34:88:f5:2d:4e:fd:41:77:6f:9a:77:
         63:15:9c:ac:99:20:7b:e7:32:59:e6:0a:8e:71:2b:9d:64:ad:
         fd:6e:23:c6:e3:9b:7a:18:35:14:02:b1:d5:24:a1:8c:6f:67:
         8e:f7:d2:b0:15:de:ca:35:6a:4d:19:17:37:f2:8b:59:3c:8b:
         34:1e:13:97:11:8e:b5:a3:0e:0e:20:c6:09:df:17:20:f2:eb:
         a2:bb:68:8b:e6:6b:72:59:45:a2:81:15:f0:43:69:4d:9e:a3:
         40:46:3a:07:e4:10:8a:4e:32:33:0f:32:b0:df:b2:53:47:e3:
         c6:96:7e:03:0c:45:a7:c0:ec:c6:e2:4a:32:cc:76:2b:65:84:
         d3:e9:c5:16:b1:f9:2a:09:a7:c6:d5:cf:53:d3:59:fb:63:87:
         6e:b6:90:57:e4:5f:87:eb:c5:1d:16:c0:f6:21:e5:5b:96:42:
         64:33:e4:30:99:77:df:fb:17:cd:f4:f8:94:a6:61:f9:ae:da:
         53:c8:e5:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsQHb57a6Cp1KzhM3nlxnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NmQ3NzQ3YmJlMWE4MDEzNTQwYTcxNmQyNWNjNzg3Zjg3
ZGI2NmEwHhcNMjUwOTA3MDEwMTEyWhcNMjUwOTA4MDEwMTEyWjAzMTEwLwYDVQQD
Eyg1YjNlYjJjMmMwZDY2MTBjNjJmNGFkOTc2Nzg1ZDU5ODgwYTc1Mzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxjk99j29YboG71kNJC4rj/ycRPGh
JINIin8VzNZiBn5x5uRCmD7LFJ2ba3272dOfiscYX/Sjd69x1rPKKu8C4cvs23RG
3qOZUGR7cPdyeOvvGEipZsZgTVpoZnJmW1APKTwyjE3pLRFQPbqtge0nDNk0MBjT
TNSSkB1TjupWMViJ7gNrKrt6ILKB73dmQvypxhOxl1Cpr+KqV2a9Cd3P2YDnPqW7
pCsPNt3O6JCgDQAVpF4uJ1lDKdGUNqpvxfK+AN/3LTQQuQ2sK6YtG9uwX++gHUEK
WVul1CAWWMVUpy/ENTFUKDcjTUe7/u9St7Ijra8s34EOSzEz9pT0NKKwJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFs+ssLA1mEMYvStl2eF1ZiAp1OWMB8GA1UdIwQY
MBaAFJdtd0e74agBNUCnFtJcx4f4fbZqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDIxM1I3dmhxQUUxUUtjVzBsekhoX2g5dG1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9iNDkyZmYtMzE1NC00MzA0LWI5Mjct
ZDk5ODMyNjU3YTQ1LzEvbDIxM1I3dmhxQUUxUUtjVzBsekhoX2g5dG1vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9iNDkyZmYtMzE1NC00MzA0LWI5MjctZDk5ODMyNjU3YTQ1
LzEvbDIxM1I3dmhxQUUxUUtjVzBsekhoX2g5dG1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi1Lk1qMt
FV1e7QyK+SJuV6S3ena26bpQum/a1SxG5+udr41IH7VIMghDuFjKolZ+D1GROuY5
MvGNQjY4DzSI9S1O/UF3b5p3YxWcrJkge+cyWeYKjnErnWSt/W4jxuObehg1FAKx
1SShjG9njvfSsBXeyjVqTRkXN/KLWTyLNB4TlxGOtaMODiDGCd8XIPLrortoi+Zr
cllFooEV8ENpTZ6jQEY6B+QQik4yMw8ysN+yU0fjxpZ+AwxFp8DsxuJKMsx2K2WE
0+nFFrH5KgmnxtXPU9NZ+2OHbraQV+Rfh+vFHRbA9iHlW5ZCZDPkMJl33/sXzfT4
lKZh+a7aU8jlHQ==
-----END CERTIFICATE-----