Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.mft
File:                     1lcpIU0Paz-lGho4A32rjeSOBVg.mft (raw, json)
Hash identifier:          v5u2KighwB+VUNZYrwjS6BoEWpRxzChmwq99LVk1yaE=
Subject key identifier:   CD:73:BA:17:15:FC:FE:2F:82:F7:27:CC:BC:15:3B:A2:A1:71:CB:9F
Authority key identifier: D6:57:29:21:4D:0F:6B:3F:A5:1A:1A:38:03:7D:AB:8D:E4:8E:05:58
Certificate issuer:       /CN=d65729214d0f6b3fa51a1a38037dab8de48e0558
Certificate serial:       01992255BE5EDDE397BC33683AC7CC94243D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1lcpIU0Paz-lGho4A32rjeSOBVg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.mft
Manifest number:          06D2
Signing time:             Sun 07 Sep 2025 04:01:08 +0000
Manifest this update:     Sun 07 Sep 2025 04:01:08 +0000
Manifest next update:     Mon 08 Sep 2025 04:01:08 +0000
Files and hashes:         1: 1lcpIU0Paz-lGho4A32rjeSOBVg.crl (hash: B9lUIvSextBAf2LoPHNzzr8+fsujjc0F8D+qRDhA4cw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1lcpIU0Paz-lGho4A32rjeSOBVg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 04:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:55:be:5e:dd:e3:97:bc:33:68:3a:c7:cc:94:24:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d65729214d0f6b3fa51a1a38037dab8de48e0558
        Validity
            Not Before: Sep  7 04:01:08 2025 GMT
            Not After : Sep  8 04:01:08 2025 GMT
        Subject: CN=cd73ba1715fcfe2f82f727ccbc153ba2a171cb9f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:4a:d8:16:93:a6:54:35:18:0b:a2:ec:58:d3:
                    73:13:b1:c7:1c:30:c7:bc:93:ea:7f:0a:be:30:f1:
                    2c:cc:52:f4:82:d0:34:0e:fa:3d:59:28:f4:1b:69:
                    20:65:ac:be:91:85:8a:4a:c2:29:24:87:b5:02:cf:
                    fc:68:55:7b:41:9a:3e:d5:f9:e3:e1:71:bc:61:66:
                    61:6f:2d:19:8b:84:f5:dd:cc:94:9a:62:2f:35:32:
                    5b:ed:38:73:0e:af:40:fe:e4:ba:92:14:b3:0d:81:
                    ae:18:71:8a:91:d3:4b:91:3c:a3:71:89:05:01:41:
                    c3:37:a3:2f:e1:72:8b:ac:da:61:dd:6a:8e:31:f8:
                    c8:03:9e:b7:5c:88:04:9c:0c:ad:e0:af:e5:08:9b:
                    ca:fb:4c:ef:4a:ed:a7:9a:95:4d:15:68:91:c6:14:
                    6b:07:6c:86:fe:1c:be:b4:5a:9b:90:a5:2c:b2:d8:
                    70:1e:22:72:73:a6:b0:0d:7c:82:e7:64:9a:75:2d:
                    33:1d:0c:cb:8d:b9:2d:a4:55:f2:60:3b:ff:7e:fa:
                    60:29:07:50:0e:9e:e9:a7:2c:4e:dd:37:ef:29:20:
                    79:23:3e:80:ad:ea:39:39:6f:28:8c:98:b5:ca:c4:
                    91:a0:98:45:b0:a3:75:e9:ff:e6:3b:90:5e:49:70:
                    11:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:73:BA:17:15:FC:FE:2F:82:F7:27:CC:BC:15:3B:A2:A1:71:CB:9F
            X509v3 Authority Key Identifier:
                keyid:D6:57:29:21:4D:0F:6B:3F:A5:1A:1A:38:03:7D:AB:8D:E4:8E:05:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1lcpIU0Paz-lGho4A32rjeSOBVg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6b:a4:9c:1f:d6:75:5b:ff:74:39:82:67:51:09:a9:99:61:9c:
         6c:72:cb:f1:e5:9e:02:d1:9a:5e:8c:22:03:f0:3f:22:58:57:
         58:47:a7:6a:eb:2e:73:66:bf:a6:10:69:54:5a:74:87:5d:be:
         cc:44:81:af:33:0c:4f:0e:83:20:ef:88:07:29:a9:40:1a:e2:
         ba:75:b3:12:cc:52:3c:15:03:47:31:08:b6:31:fe:9c:dd:9d:
         b9:29:a9:65:8d:2f:28:e5:4d:f9:a8:46:49:d5:87:84:6f:f9:
         c9:a2:fe:f1:b5:b5:69:55:ac:6f:9a:f4:79:3a:ce:5b:54:1d:
         92:ea:62:e6:a3:a6:87:4a:58:63:3c:ad:b1:83:dd:d7:25:74:
         87:e8:a8:95:cb:6c:c8:02:13:19:7b:14:a0:af:ff:ee:fc:06:
         2a:e2:eb:68:62:f9:fa:a2:b9:f5:18:28:18:5c:e3:6e:04:78:
         0d:f7:a7:45:3b:21:92:07:84:1e:39:28:4c:ce:95:df:06:0a:
         48:c5:2b:35:c6:22:97:21:a5:86:3a:f3:f0:50:47:a3:8a:c7:
         69:d2:2c:29:50:f9:4c:6f:81:0d:f7:ac:aa:b6:76:6f:42:6d:
         9d:67:42:8b:9f:86:66:1c:a2:4b:5b:e7:17:45:9d:4c:5f:c4:
         0f:1b:44:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVb5e3eOXvDNoOsfMlCQ9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2NTcyOTIxNGQwZjZiM2ZhNTFhMWEzODAzN2RhYjhkZTQ4
ZTA1NTgwHhcNMjUwOTA3MDQwMTA4WhcNMjUwOTA4MDQwMTA4WjAzMTEwLwYDVQQD
EyhjZDczYmExNzE1ZmNmZTJmODJmNzI3Y2NiYzE1M2JhMmExNzFjYjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA30rYFpOmVDUYC6LsWNNzE7HHHDDH
vJPqfwq+MPEszFL0gtA0Dvo9WSj0G2kgZay+kYWKSsIpJIe1As/8aFV7QZo+1fnj
4XG8YWZhby0Zi4T13cyUmmIvNTJb7ThzDq9A/uS6khSzDYGuGHGKkdNLkTyjcYkF
AUHDN6Mv4XKLrNph3WqOMfjIA563XIgEnAyt4K/lCJvK+0zvSu2nmpVNFWiRxhRr
B2yG/hy+tFqbkKUssthwHiJyc6awDXyC52SadS0zHQzLjbktpFXyYDv/fvpgKQdQ
Dp7ppyxO3TfvKSB5Iz6Areo5OW8ojJi1ysSRoJhFsKN16f/mO5BeSXARdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM1zuhcV/P4vgvcnzLwVO6KhccufMB8GA1UdIwQY
MBaAFNZXKSFND2s/pRoaOAN9q43kjgVYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWxjcElVMFBhei1sR2hvNEEzMnJqZVNPQlZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8wODViZDMtYzM0Zi00OGNmLTlhNzMt
ZWM0M2ZkNmMyMjdhLzEvMWxjcElVMFBhei1sR2hvNEEzMnJqZVNPQlZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8wODViZDMtYzM0Zi00OGNmLTlhNzMtZWM0M2ZkNmMyMjdh
LzEvMWxjcElVMFBhei1sR2hvNEEzMnJqZVNPQlZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa6ScH9Z1
W/90OYJnUQmpmWGcbHLL8eWeAtGaXowiA/A/IlhXWEenausuc2a/phBpVFp0h12+
zESBrzMMTw6DIO+IBympQBriunWzEsxSPBUDRzEItjH+nN2duSmpZY0vKOVN+ahG
SdWHhG/5yaL+8bW1aVWsb5r0eTrOW1Qdkupi5qOmh0pYYzytsYPd1yV0h+iolcts
yAITGXsUoK//7vwGKuLraGL5+qK59RgoGFzjbgR4DfenRTshkgeEHjkoTM6V3wYK
SMUrNcYilyGlhjrz8FBHo4rHadIsKVD5TG+BDfesqrZ2b0JtnWdCi5+GZhyiS1vn
F0WdTF/EDxtEWA==
-----END CERTIFICATE-----