Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.mft
File:                     IPdQab1W78UXA4PtMcrSJGT98DA.mft (raw, json)
Hash identifier:          89/K/VXht9H/CMhbSk2kYPIndAiXZ1MaNmO5uS5BENs=
Subject key identifier:   59:28:3D:48:DF:35:E2:4A:3A:07:26:A6:AA:79:83:26:3D:D0:01:B4
Authority key identifier: 20:F7:50:69:BD:56:EF:C5:17:03:83:ED:31:CA:D2:24:64:FD:F0:30
Certificate issuer:       /CN=20f75069bd56efc5170383ed31cad22464fdf030
Certificate serial:       01992255AFD44CA81BA534FFA4DD3F411A22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IPdQab1W78UXA4PtMcrSJGT98DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.mft
Manifest number:          0420
Signing time:             Sun 07 Sep 2025 04:01:04 +0000
Manifest this update:     Sun 07 Sep 2025 04:01:04 +0000
Manifest next update:     Mon 08 Sep 2025 04:01:04 +0000
Files and hashes:         1: IPdQab1W78UXA4PtMcrSJGT98DA.crl (hash: 45FG6JcVlwqyKy3vXGp9q5wtI1JsF9luwmaoiJDsPvo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IPdQab1W78UXA4PtMcrSJGT98DA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 04:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:55:af:d4:4c:a8:1b:a5:34:ff:a4:dd:3f:41:1a:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20f75069bd56efc5170383ed31cad22464fdf030
        Validity
            Not Before: Sep  7 04:01:04 2025 GMT
            Not After : Sep  8 04:01:04 2025 GMT
        Subject: CN=59283d48df35e24a3a0726a6aa7983263dd001b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:3f:2d:88:91:2f:0a:b0:92:a4:a8:03:ba:a6:
                    b9:e3:d5:50:d2:53:fc:f3:d9:84:67:d6:c3:67:36:
                    de:70:75:43:d9:79:f5:26:bc:89:68:e4:bc:47:83:
                    6a:17:2b:24:3f:46:2d:3f:cd:c2:83:6e:8b:d3:f0:
                    04:bc:07:7f:b9:b1:6e:8f:02:98:63:5c:cc:37:34:
                    c8:ca:2d:96:a8:5b:b8:d2:c3:03:c9:3e:30:c1:e1:
                    3e:42:57:1b:2d:f8:ff:d5:a8:c7:85:f9:8e:3c:95:
                    26:bd:7d:60:4f:d9:65:cd:d6:fa:8d:19:11:f4:00:
                    bd:7a:1b:f2:d6:7b:ef:a3:76:29:f2:10:a6:93:4a:
                    7a:e2:27:22:c9:a9:9c:f7:44:fc:cc:68:e6:95:8d:
                    1e:91:25:96:d1:bd:da:f0:03:27:28:d9:77:a8:c9:
                    c2:44:71:29:8f:61:f6:91:69:80:3e:c3:14:5d:0e:
                    4e:a6:62:fd:8b:e8:83:60:df:36:83:4c:f4:47:5b:
                    a5:9a:c9:50:6b:d7:18:ea:5a:a1:1c:98:a1:e5:3b:
                    be:63:2e:83:82:8b:97:d8:19:c9:e5:d0:9c:43:d8:
                    17:32:a8:d7:d7:48:bd:ba:bf:01:67:85:02:99:f2:
                    31:e3:09:83:fb:41:21:2e:fd:4c:d3:6c:30:a1:62:
                    d5:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:28:3D:48:DF:35:E2:4A:3A:07:26:A6:AA:79:83:26:3D:D0:01:B4
            X509v3 Authority Key Identifier:
                keyid:20:F7:50:69:BD:56:EF:C5:17:03:83:ED:31:CA:D2:24:64:FD:F0:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IPdQab1W78UXA4PtMcrSJGT98DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:7b:72:d8:be:76:f6:f7:49:98:b4:c5:16:a1:b8:36:a7:4c:
         50:ea:3c:e1:e3:e0:2b:57:a5:56:08:33:f5:81:0d:a3:2c:11:
         4a:69:17:13:de:d6:a1:a6:c3:5f:87:2b:0d:d0:d1:e6:df:b2:
         15:3b:8a:81:c8:70:f6:b7:3d:84:05:b4:32:ff:6e:0e:c8:99:
         a4:6c:d4:f1:9b:df:2a:df:4b:10:47:de:87:5c:db:41:68:27:
         ca:d3:74:81:d4:22:d5:77:45:e9:88:5c:b2:ab:98:bb:c3:31:
         67:b9:15:ac:bb:cf:fb:b4:cb:6d:83:80:97:06:de:8c:e2:cf:
         dd:2d:d8:d1:21:33:23:15:73:fb:da:52:9c:a0:a8:34:d2:15:
         94:9d:c9:0b:fb:48:ad:41:79:67:dd:04:44:76:06:03:09:c6:
         5d:b0:a8:ca:f8:93:8f:a9:a1:56:72:f1:63:fc:60:b4:9f:38:
         f2:92:b6:01:26:54:66:52:e1:94:5c:13:6d:7d:2b:59:4c:b9:
         0a:8c:b5:b6:2a:31:77:b2:c6:52:c0:f7:41:12:a5:57:b0:01:
         f8:f4:4a:99:6f:07:d3:c3:b8:44:26:23:7b:39:0f:ee:df:b9:
         fc:06:14:a7:64:81:a1:b3:59:c8:cb:38:42:bf:64:60:b4:87:
         fb:8f:58:8b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVa/UTKgbpTT/pN0/QRoiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZjc1MDY5YmQ1NmVmYzUxNzAzODNlZDMxY2FkMjI0NjRm
ZGYwMzAwHhcNMjUwOTA3MDQwMTA0WhcNMjUwOTA4MDQwMTA0WjAzMTEwLwYDVQQD
Eyg1OTI4M2Q0OGRmMzVlMjRhM2EwNzI2YTZhYTc5ODMyNjNkZDAwMWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmj8tiJEvCrCSpKgDuqa549VQ0lP8
89mEZ9bDZzbecHVD2Xn1JryJaOS8R4NqFyskP0YtP83Cg26L0/AEvAd/ubFujwKY
Y1zMNzTIyi2WqFu40sMDyT4wweE+QlcbLfj/1ajHhfmOPJUmvX1gT9llzdb6jRkR
9AC9ehvy1nvvo3Yp8hCmk0p64iciyamc90T8zGjmlY0ekSWW0b3a8AMnKNl3qMnC
RHEpj2H2kWmAPsMUXQ5OpmL9i+iDYN82g0z0R1ulmslQa9cY6lqhHJih5Tu+Yy6D
gouX2BnJ5dCcQ9gXMqjX10i9ur8BZ4UCmfIx4wmD+0EhLv1M02wwoWLV1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFkoPUjfNeJKOgcmpqp5gyY90AG0MB8GA1UdIwQY
MBaAFCD3UGm9Vu/FFwOD7THK0iRk/fAwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVBkUWFiMVc3OFVYQTRQdE1jclNKR1Q5OERBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC85NWNkNzAtNTBjZC00NmJkLThlMDYt
Yjk3MDVkN2QzNTc5LzEvSVBkUWFiMVc3OFVYQTRQdE1jclNKR1Q5OERBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC85NWNkNzAtNTBjZC00NmJkLThlMDYtYjk3MDVkN2QzNTc5
LzEvSVBkUWFiMVc3OFVYQTRQdE1jclNKR1Q5OERBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS3ty2L52
9vdJmLTFFqG4NqdMUOo84ePgK1elVggz9YENoywRSmkXE97WoabDX4crDdDR5t+y
FTuKgchw9rc9hAW0Mv9uDsiZpGzU8ZvfKt9LEEfeh1zbQWgnytN0gdQi1XdF6Yhc
squYu8MxZ7kVrLvP+7TLbYOAlwbejOLP3S3Y0SEzIxVz+9pSnKCoNNIVlJ3JC/tI
rUF5Z90ERHYGAwnGXbCoyviTj6mhVnLxY/xgtJ848pK2ASZUZlLhlFwTbX0rWUy5
Coy1tioxd7LGUsD3QRKlV7AB+PRKmW8H08O4RCYjezkP7t+5/AYUp2SBobNZyMs4
Qr9kYLSH+49Yiw==
-----END CERTIFICATE-----