Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft
File:                     tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft (raw, json)
Hash identifier:          Y5Png1Bn/CHa5UmXorfMtO2Mq4U+g5HEjnuMIjLGxU0=
Subject key identifier:   D6:6D:D5:00:7C:EC:11:0B:C3:FF:5C:AA:C7:43:F7:13:C7:7F:75:98
Authority key identifier: B5:39:83:18:35:C8:7C:75:01:F6:C3:7C:B4:8E:60:A7:95:A3:94:BB
Certificate issuer:       /CN=b539831835c87c7501f6c37cb48e60a795a394bb
Certificate serial:       019921B26EC788CAE804269932FE16CAE721
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tTmDGDXIfHUB9sN8tI5gp5WjlLs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft
Manifest number:          1670
Signing time:             Sun 07 Sep 2025 01:02:45 +0000
Manifest this update:     Sun 07 Sep 2025 01:02:45 +0000
Manifest next update:     Mon 08 Sep 2025 01:02:45 +0000
Files and hashes:         1: tTmDGDXIfHUB9sN8tI5gp5WjlLs.crl (hash: kupljSLfi7nO2cekK3OGBRsugjcbn03dHA+7WV7w3EU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tTmDGDXIfHUB9sN8tI5gp5WjlLs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:02:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b2:6e:c7:88:ca:e8:04:26:99:32:fe:16:ca:e7:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b539831835c87c7501f6c37cb48e60a795a394bb
        Validity
            Not Before: Sep  7 01:02:45 2025 GMT
            Not After : Sep  8 01:02:45 2025 GMT
        Subject: CN=d66dd5007cec110bc3ff5caac743f713c77f7598
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:5f:a9:30:fe:96:d3:f8:7a:e0:06:4d:1d:48:
                    ef:5b:d3:f2:d7:a3:5e:fb:ff:71:9e:24:2d:8a:4e:
                    f4:39:02:25:03:42:65:db:36:05:c5:78:dd:ed:5e:
                    d8:71:99:f3:e1:00:99:0b:dc:de:ff:d0:37:4f:7d:
                    28:b5:0b:80:8c:1c:90:55:e2:e2:63:7a:3d:20:25:
                    bb:37:5b:12:1d:e9:9e:65:05:25:37:a1:96:5e:74:
                    57:a1:53:db:fa:85:ff:7f:47:bb:4e:82:69:1f:62:
                    58:0d:89:c8:aa:ea:3a:9a:da:8a:a8:61:13:a9:a3:
                    2c:07:7b:e2:25:59:b5:26:fb:0e:4a:8c:a6:01:9d:
                    b4:52:3e:a1:d0:8d:a6:6d:f9:cd:02:fb:51:b8:09:
                    cf:aa:34:6b:0a:4a:91:43:3d:6d:7b:0e:03:40:a7:
                    a8:8b:02:b9:58:88:5c:48:a2:34:11:55:7a:ed:3b:
                    0c:2f:5f:92:09:e7:4d:26:3f:01:89:7a:cb:e9:f6:
                    be:f3:dd:39:43:2b:2b:c3:8d:f9:16:b2:11:98:4b:
                    72:ef:b2:19:85:21:a6:ed:d5:82:8f:84:a9:8f:09:
                    47:a5:73:f3:f3:0a:e2:32:ea:0e:ef:dd:fc:0d:b4:
                    42:f1:05:4a:0c:40:f3:ff:17:5a:20:2d:08:6c:a8:
                    62:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:6D:D5:00:7C:EC:11:0B:C3:FF:5C:AA:C7:43:F7:13:C7:7F:75:98
            X509v3 Authority Key Identifier:
                keyid:B5:39:83:18:35:C8:7C:75:01:F6:C3:7C:B4:8E:60:A7:95:A3:94:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tTmDGDXIfHUB9sN8tI5gp5WjlLs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:62:d1:43:88:36:a7:f6:56:dc:2a:ea:65:50:b0:67:e5:e8:
         8d:df:be:26:f2:7c:51:33:6b:4f:f9:d1:82:4a:6b:21:de:59:
         05:8d:bc:e3:b8:8d:9b:43:c3:b3:48:c3:fb:cc:38:62:a4:93:
         d3:f9:cb:b1:e4:ba:09:bc:89:0c:02:e6:23:8f:65:e2:b3:96:
         c9:61:7c:d4:c7:af:16:6c:88:99:bb:37:92:be:8e:ac:8d:f5:
         a4:76:ec:0c:2e:80:d6:b6:df:f3:8f:e4:69:d6:d7:d5:17:81:
         57:ae:5c:03:80:82:64:cd:1b:53:ac:bb:65:3b:01:3e:d6:0b:
         90:27:9a:a4:50:3b:84:54:da:21:e2:24:c9:a9:fe:ee:6f:07:
         66:41:f2:bf:a7:70:ef:4d:0f:bb:6e:86:87:f7:6a:d0:95:a4:
         1d:46:df:3f:c0:db:7c:d4:4a:de:87:7e:f4:e2:11:18:22:d4:
         34:b9:83:3b:fe:28:2b:95:26:60:cf:ab:ea:40:75:63:1a:e7:
         76:80:53:13:cd:6a:4d:2d:de:9d:3d:52:dc:f2:f0:4e:4a:31:
         0b:6b:a6:02:46:ef:49:54:4b:8a:55:9d:6a:fa:03:bc:67:5d:
         a2:5f:d5:01:12:44:63:e0:42:ed:dc:f0:c8:95:46:24:43:e1:
         1a:e1:37:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsm7HiMroBCaZMv4WyuchMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1Mzk4MzE4MzVjODdjNzUwMWY2YzM3Y2I0OGU2MGE3OTVh
Mzk0YmIwHhcNMjUwOTA3MDEwMjQ1WhcNMjUwOTA4MDEwMjQ1WjAzMTEwLwYDVQQD
EyhkNjZkZDUwMDdjZWMxMTBiYzNmZjVjYWFjNzQzZjcxM2M3N2Y3NTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA21+pMP6W0/h64AZNHUjvW9Py16Ne
+/9xniQtik70OQIlA0Jl2zYFxXjd7V7YcZnz4QCZC9ze/9A3T30otQuAjByQVeLi
Y3o9ICW7N1sSHemeZQUlN6GWXnRXoVPb+oX/f0e7ToJpH2JYDYnIquo6mtqKqGET
qaMsB3viJVm1JvsOSoymAZ20Uj6h0I2mbfnNAvtRuAnPqjRrCkqRQz1tew4DQKeo
iwK5WIhcSKI0EVV67TsML1+SCedNJj8BiXrL6fa+8905Qysrw435FrIRmEty77IZ
hSGm7dWCj4SpjwlHpXPz8wriMuoO7938DbRC8QVKDEDz/xdaIC0IbKhi6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNZt1QB87BELw/9cqsdD9xPHf3WYMB8GA1UdIwQY
MBaAFLU5gxg1yHx1AfbDfLSOYKeVo5S7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFRtREdEWElmSFVCOXNOOHRJNWdwNVdqbExzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9lNzAzYzgtNDY1Zi00N2E1LTk1MmMt
NDk1ZTE4ODcwMWI2LzEvdFRtREdEWElmSFVCOXNOOHRJNWdwNVdqbExzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9lNzAzYzgtNDY1Zi00N2E1LTk1MmMtNDk1ZTE4ODcwMWI2
LzEvdFRtREdEWElmSFVCOXNOOHRJNWdwNVdqbExzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm2LRQ4g2
p/ZW3CrqZVCwZ+Xojd++JvJ8UTNrT/nRgkprId5ZBY2847iNm0PDs0jD+8w4YqST
0/nLseS6CbyJDALmI49l4rOWyWF81MevFmyImbs3kr6OrI31pHbsDC6A1rbf84/k
adbX1ReBV65cA4CCZM0bU6y7ZTsBPtYLkCeapFA7hFTaIeIkyan+7m8HZkHyv6dw
700Pu26Gh/dq0JWkHUbfP8DbfNRK3od+9OIRGCLUNLmDO/4oK5UmYM+r6kB1Yxrn
doBTE81qTS3enT1S3PLwTkoxC2umAkbvSVRLilWdavoDvGddol/VARJEY+BC7dzw
yJVGJEPhGuE36Q==
-----END CERTIFICATE-----