Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.mft
File:                     RLFLGzBp9QxuJciiSvxhcR1ZhYM.mft (raw, json)
Hash identifier:          n8D8Pw4xmOe5NXwDKB4bnP9lCCnuQWwBjp2BtmXmTQE=
Subject key identifier:   E5:7A:52:07:F1:8F:01:BA:BD:D9:BB:26:CD:08:C8:7F:03:D4:45:46
Authority key identifier: 44:B1:4B:1B:30:69:F5:0C:6E:25:C8:A2:4A:FC:61:71:1D:59:85:83
Certificate issuer:       /CN=44b14b1b3069f50c6e25c8a24afc61711d598583
Certificate serial:       0199240D212C2773CB5DE33FB94E70B6FCF1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RLFLGzBp9QxuJciiSvxhcR1ZhYM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.mft
Manifest number:          0131
Signing time:             Sun 07 Sep 2025 12:01:04 +0000
Manifest this update:     Sun 07 Sep 2025 12:01:04 +0000
Manifest next update:     Mon 08 Sep 2025 12:01:04 +0000
Files and hashes:         1: RLFLGzBp9QxuJciiSvxhcR1ZhYM.crl (hash: +foljVG91+GT39RB5lFKU4tNwx8l33MN3jb7AKO/CTo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RLFLGzBp9QxuJciiSvxhcR1ZhYM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:24:0d:21:2c:27:73:cb:5d:e3:3f:b9:4e:70:b6:fc:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44b14b1b3069f50c6e25c8a24afc61711d598583
        Validity
            Not Before: Sep  7 12:01:04 2025 GMT
            Not After : Sep  8 12:01:04 2025 GMT
        Subject: CN=e57a5207f18f01babdd9bb26cd08c87f03d44546
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:19:6f:93:f6:ec:33:8c:bd:da:cf:65:58:d4:
                    43:51:1a:d2:89:19:d0:44:e2:5e:75:0a:39:d8:13:
                    0f:12:14:67:a5:7f:1c:e0:2a:61:9f:48:e0:90:19:
                    71:21:c7:3c:1e:70:82:88:67:70:17:31:01:8f:6d:
                    65:c7:90:61:79:68:33:09:d9:c1:52:c8:7e:9f:e3:
                    f4:43:e3:02:45:a8:03:39:e9:c6:f1:d8:08:b3:36:
                    af:56:02:87:e4:18:c1:8c:27:ea:b3:51:ce:3d:ce:
                    85:68:11:85:7b:d3:0a:d2:31:fc:65:e9:d7:01:b1:
                    ad:be:cc:8e:92:6f:11:de:81:92:6c:0f:2e:d2:dc:
                    8c:9f:c6:fc:52:b9:85:90:dd:c6:95:4b:3b:15:73:
                    4f:b1:e9:0c:36:74:a1:74:a6:ed:d5:b4:88:5f:7f:
                    0c:81:ee:ae:04:e2:e5:f3:57:ac:72:c3:13:87:3c:
                    a9:59:ca:1d:43:69:15:06:9e:1a:7a:21:ef:97:6b:
                    25:1b:96:7f:f6:bc:e4:3c:76:3b:9f:16:96:17:ad:
                    bb:2d:d7:8b:d8:5e:f4:b2:ad:6f:28:31:66:5d:cb:
                    80:21:eb:ac:af:d8:f1:45:16:39:9c:3d:6f:92:0f:
                    91:ad:ac:53:6e:79:15:2d:2d:51:10:e2:75:d4:b3:
                    0a:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:7A:52:07:F1:8F:01:BA:BD:D9:BB:26:CD:08:C8:7F:03:D4:45:46
            X509v3 Authority Key Identifier:
                keyid:44:B1:4B:1B:30:69:F5:0C:6E:25:C8:A2:4A:FC:61:71:1D:59:85:83

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RLFLGzBp9QxuJciiSvxhcR1ZhYM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:8e:04:c8:85:cc:22:57:20:78:f2:11:bc:93:7c:a1:c7:a5:
         19:5c:51:f1:65:fd:9a:48:8c:9e:cd:c5:c1:db:32:14:8d:c1:
         53:82:3b:c7:f8:c8:0a:5d:0e:96:fa:f4:fd:b3:14:66:5c:b8:
         b6:d3:bb:db:51:2b:35:e5:06:2e:4b:c2:13:da:5b:a4:48:7f:
         6f:8f:ca:1c:55:06:5f:6b:ff:2f:b8:1d:3f:e3:58:9c:0f:59:
         76:41:f9:a7:56:f0:c5:6c:98:e7:09:3a:3d:9e:9f:59:9a:3a:
         da:9f:b6:36:55:31:1c:af:b5:9a:c1:c9:42:d9:cd:4d:5e:49:
         d2:79:78:cd:fb:8a:4b:ab:04:d5:48:6c:79:ef:78:81:84:0f:
         f7:90:a5:ef:4e:f3:eb:40:e3:60:5b:95:25:95:09:40:e8:db:
         30:e9:30:04:a3:99:7d:38:1b:cd:c9:b4:15:32:88:a8:f4:98:
         94:4d:4a:69:1d:d9:b1:b8:39:6c:88:c0:ca:15:21:31:ae:27:
         e5:db:fa:5d:a2:45:1c:bb:94:8c:9f:3f:e8:c9:de:2b:1c:71:
         0a:2e:f1:5b:df:ae:2f:a8:95:33:56:7e:71:81:83:5e:77:3c:
         67:49:ea:56:34:ee:92:fe:6d:74:f9:34:4f:4d:eb:b8:e4:bc:
         08:cb:d0:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkkDSEsJ3PLXeM/uU5wtvzxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0YjE0YjFiMzA2OWY1MGM2ZTI1YzhhMjRhZmM2MTcxMWQ1
OTg1ODMwHhcNMjUwOTA3MTIwMTA0WhcNMjUwOTA4MTIwMTA0WjAzMTEwLwYDVQQD
EyhlNTdhNTIwN2YxOGYwMWJhYmRkOWJiMjZjZDA4Yzg3ZjAzZDQ0NTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Rlvk/bsM4y92s9lWNRDURrSiRnQ
ROJedQo52BMPEhRnpX8c4Cphn0jgkBlxIcc8HnCCiGdwFzEBj21lx5BheWgzCdnB
Ush+n+P0Q+MCRagDOenG8dgIszavVgKH5BjBjCfqs1HOPc6FaBGFe9MK0jH8ZenX
AbGtvsyOkm8R3oGSbA8u0tyMn8b8UrmFkN3GlUs7FXNPsekMNnShdKbt1bSIX38M
ge6uBOLl81escsMThzypWcodQ2kVBp4aeiHvl2slG5Z/9rzkPHY7nxaWF627LdeL
2F70sq1vKDFmXcuAIeusr9jxRRY5nD1vkg+RraxTbnkVLS1REOJ11LMKSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOV6UgfxjwG6vdm7Js0IyH8D1EVGMB8GA1UdIwQY
MBaAFESxSxswafUMbiXIokr8YXEdWYWDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkxGTEd6QnA5UXh1SmNpaVN2eGhjUjFaaFlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni9jZmNhYzAtNjljMC00MGYzLTk3ZmYt
YWNkNDM0NTZhZDkyLzEvUkxGTEd6QnA5UXh1SmNpaVN2eGhjUjFaaFlNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni9jZmNhYzAtNjljMC00MGYzLTk3ZmYtYWNkNDM0NTZhZDky
LzEvUkxGTEd6QnA5UXh1SmNpaVN2eGhjUjFaaFlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADY4EyIXM
IlcgePIRvJN8ocelGVxR8WX9mkiMns3FwdsyFI3BU4I7x/jICl0Olvr0/bMUZly4
ttO721ErNeUGLkvCE9pbpEh/b4/KHFUGX2v/L7gdP+NYnA9ZdkH5p1bwxWyY5wk6
PZ6fWZo62p+2NlUxHK+1msHJQtnNTV5J0nl4zfuKS6sE1Uhsee94gYQP95Cl707z
60DjYFuVJZUJQOjbMOkwBKOZfTgbzcm0FTKIqPSYlE1KaR3Zsbg5bIjAyhUhMa4n
5dv6XaJFHLuUjJ8/6MneKxxxCi7xW9+uL6iVM1Z+cYGDXnc8Z0nqVjTukv5tdPk0
T03ruOS8CMvQyQ==
-----END CERTIFICATE-----