Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/63d28b-d152-44cd-b504-5d8fce0a0bb2/1/FhQcZCnqr_caNR-yVz32A7uV8nA.mft
File:                     FhQcZCnqr_caNR-yVz32A7uV8nA.mft (raw, json)
Hash identifier:          /0kE/HzvGR7coEYoRPS6Yhi0R6QEezMNqStxHXrGgXs=
Subject key identifier:   89:4A:C1:18:D6:18:43:E4:83:2B:43:78:8D:DB:FD:10:21:5E:BE:F4
Authority key identifier: 16:14:1C:64:29:EA:AF:F7:1A:35:1F:B2:57:3D:F6:03:BB:95:F2:70
Certificate issuer:       /CN=16141c6429eaaff71a351fb2573df603bb95f270
Certificate serial:       0199239F7B7EFA343C384ECDBE335E5FB1AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FhQcZCnqr_caNR-yVz32A7uV8nA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/63d28b-d152-44cd-b504-5d8fce0a0bb2/1/FhQcZCnqr_caNR-yVz32A7uV8nA.mft
Manifest number:          0126
Signing time:             Sun 07 Sep 2025 10:01:18 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:18 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:18 +0000
Files and hashes:         1: FhQcZCnqr_caNR-yVz32A7uV8nA.crl (hash: LTGOGwDgmgqV7D3O/0hM5Tt3TZCu/4XG9MT7q2jPS10=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/63d28b-d152-44cd-b504-5d8fce0a0bb2/1/FhQcZCnqr_caNR-yVz32A7uV8nA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/63d28b-d152-44cd-b504-5d8fce0a0bb2/1/FhQcZCnqr_caNR-yVz32A7uV8nA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FhQcZCnqr_caNR-yVz32A7uV8nA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:7b:7e:fa:34:3c:38:4e:cd:be:33:5e:5f:b1:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=16141c6429eaaff71a351fb2573df603bb95f270
        Validity
            Not Before: Sep  7 10:01:18 2025 GMT
            Not After : Sep  8 10:01:18 2025 GMT
        Subject: CN=894ac118d61843e4832b43788ddbfd10215ebef4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:e6:cd:89:e2:41:9e:bd:32:a1:1f:3c:70:e2:
                    9d:fc:ed:bf:6a:df:33:c4:7f:fc:c3:39:87:3e:50:
                    81:1a:50:9d:f9:93:e6:3c:34:b9:3d:9c:8d:ef:67:
                    2b:d1:86:9e:20:2a:b0:53:11:ca:2b:03:95:50:25:
                    86:6d:7d:59:e3:61:7b:a6:b7:20:98:81:d8:b8:df:
                    9f:4e:81:48:a9:7d:5d:fa:92:6d:fb:a6:7b:c9:b2:
                    5b:92:91:52:ff:8c:c7:41:0b:ac:5e:65:ad:68:be:
                    9d:53:e4:6c:12:5d:01:81:09:41:c9:14:76:96:44:
                    fe:63:29:9f:df:54:ee:a7:01:14:81:90:05:79:9f:
                    92:44:08:02:d6:2c:ab:ea:04:67:39:e5:6b:0e:5e:
                    7f:66:a6:75:52:58:f1:76:42:11:c9:80:b9:9a:e1:
                    b3:35:6e:43:71:66:9b:7b:fa:c2:35:19:33:fd:d6:
                    77:d0:1e:b6:ca:b2:16:ce:53:d9:00:01:ba:ab:ee:
                    e3:4e:9e:df:ed:cb:a3:6d:91:3f:b8:fe:96:1b:66:
                    1d:4f:d8:45:8a:52:ac:a6:b9:7a:24:d2:fe:ab:e4:
                    83:66:ca:4d:2c:33:46:67:8e:17:42:26:65:5d:13:
                    ca:10:28:78:cf:13:2b:38:67:f7:6f:15:d4:ad:2d:
                    ce:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:4A:C1:18:D6:18:43:E4:83:2B:43:78:8D:DB:FD:10:21:5E:BE:F4
            X509v3 Authority Key Identifier:
                keyid:16:14:1C:64:29:EA:AF:F7:1A:35:1F:B2:57:3D:F6:03:BB:95:F2:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FhQcZCnqr_caNR-yVz32A7uV8nA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/63d28b-d152-44cd-b504-5d8fce0a0bb2/1/FhQcZCnqr_caNR-yVz32A7uV8nA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/63d28b-d152-44cd-b504-5d8fce0a0bb2/1/FhQcZCnqr_caNR-yVz32A7uV8nA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:e0:16:52:ef:9f:a3:0d:2f:a4:5b:6b:16:e0:7d:6b:10:b0:
         38:e5:99:73:d6:0e:43:84:50:13:ee:3a:9b:73:1a:fd:d5:76:
         bf:88:41:ac:f0:b4:7e:01:be:25:f1:74:f5:2c:80:23:af:98:
         44:0e:d6:04:71:06:db:46:4d:98:ef:c7:8d:17:a2:74:61:71:
         c4:67:1f:bb:4d:e5:20:f4:58:6f:1a:97:19:6b:71:64:f2:c4:
         10:ea:a6:f0:68:30:43:c0:2a:f0:d0:57:3d:36:6a:38:3e:b0:
         66:b8:ce:d7:0b:99:4a:56:a7:88:92:bb:92:ef:75:98:80:49:
         ad:90:2e:91:72:1c:58:99:cb:f1:c0:73:ef:78:9b:fb:af:04:
         61:75:e6:36:75:ed:03:c8:c1:bb:db:da:a8:05:c9:42:f9:7b:
         63:27:80:14:f6:3d:b5:46:29:d5:c5:49:f9:fa:2d:d7:53:0b:
         b4:6d:c9:f2:0b:13:61:ed:d2:0a:3d:92:47:aa:03:22:62:88:
         5b:c5:c9:ad:97:6c:83:7d:e4:79:34:ac:0a:e4:8a:dc:cc:87:
         8e:f0:dc:c4:1b:8c:cd:ff:34:f0:e7:90:44:b6:e3:4f:94:50:
         cc:bf:27:45:8e:b4:ae:93:dc:27:ac:1c:ab:ad:cb:25:e1:21:
         28:ee:68:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn3t++jQ8OE7NvjNeX7GqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MTQxYzY0MjllYWFmZjcxYTM1MWZiMjU3M2RmNjAzYmI5
NWYyNzAwHhcNMjUwOTA3MTAwMTE4WhcNMjUwOTA4MTAwMTE4WjAzMTEwLwYDVQQD
Eyg4OTRhYzExOGQ2MTg0M2U0ODMyYjQzNzg4ZGRiZmQxMDIxNWViZWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlubNieJBnr0yoR88cOKd/O2/at8z
xH/8wzmHPlCBGlCd+ZPmPDS5PZyN72cr0YaeICqwUxHKKwOVUCWGbX1Z42F7prcg
mIHYuN+fToFIqX1d+pJt+6Z7ybJbkpFS/4zHQQusXmWtaL6dU+RsEl0BgQlByRR2
lkT+Yymf31TupwEUgZAFeZ+SRAgC1iyr6gRnOeVrDl5/ZqZ1UljxdkIRyYC5muGz
NW5DcWabe/rCNRkz/dZ30B62yrIWzlPZAAG6q+7jTp7f7cujbZE/uP6WG2YdT9hF
ilKsprl6JNL+q+SDZspNLDNGZ44XQiZlXRPKECh4zxMrOGf3bxXUrS3OnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIlKwRjWGEPkgytDeI3b/RAhXr70MB8GA1UdIwQY
MBaAFBYUHGQp6q/3GjUfslc99gO7lfJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmhRY1pDbnFyX2NhTlIteVZ6MzJBN3VWOG5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82M2QyOGItZDE1Mi00NGNkLWI1MDQt
NWQ4ZmNlMGEwYmIyLzEvRmhRY1pDbnFyX2NhTlIteVZ6MzJBN3VWOG5BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82M2QyOGItZDE1Mi00NGNkLWI1MDQtNWQ4ZmNlMGEwYmIy
LzEvRmhRY1pDbnFyX2NhTlIteVZ6MzJBN3VWOG5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcOAWUu+f
ow0vpFtrFuB9axCwOOWZc9YOQ4RQE+46m3Ma/dV2v4hBrPC0fgG+JfF09SyAI6+Y
RA7WBHEG20ZNmO/HjReidGFxxGcfu03lIPRYbxqXGWtxZPLEEOqm8GgwQ8Aq8NBX
PTZqOD6wZrjO1wuZSlaniJK7ku91mIBJrZAukXIcWJnL8cBz73ib+68EYXXmNnXt
A8jBu9vaqAXJQvl7YyeAFPY9tUYp1cVJ+fot11MLtG3J8gsTYe3SCj2SR6oDImKI
W8XJrZdsg33keTSsCuSK3MyHjvDcxBuMzf808OeQRLbjT5RQzL8nRY60rpPcJ6wc
q63LJeEhKO5ouQ==
-----END CERTIFICATE-----