Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.mft
File:                     Ay1SsyOaHOPN00MxNIzngN3xZMA.mft (raw, json)
Hash identifier:          8nP2kc2f/eDthAcfzO3MHEe6hx+efA3E8kGZZKrX5+Y=
Subject key identifier:   3F:D7:19:5E:42:6A:5E:65:32:30:60:59:58:63:E7:15:C0:4D:15:4B
Authority key identifier: 03:2D:52:B3:23:9A:1C:E3:CD:D3:43:31:34:8C:E7:80:DD:F1:64:C0
Certificate issuer:       /CN=032d52b3239a1ce3cdd34331348ce780ddf164c0
Certificate serial:       019923A0D1D7BBB01CBA446EE398754F9630
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ay1SsyOaHOPN00MxNIzngN3xZMA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.mft
Manifest number:          0723
Signing time:             Sun 07 Sep 2025 10:02:45 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:45 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:45 +0000
Files and hashes:         1: Ay1SsyOaHOPN00MxNIzngN3xZMA.crl (hash: lnl6p/tUSwVrhSB/VmyUjaDTfkd8dN6bf6OAP3rt9ns=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ay1SsyOaHOPN00MxNIzngN3xZMA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:d1:d7:bb:b0:1c:ba:44:6e:e3:98:75:4f:96:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=032d52b3239a1ce3cdd34331348ce780ddf164c0
        Validity
            Not Before: Sep  7 10:02:45 2025 GMT
            Not After : Sep  8 10:02:45 2025 GMT
        Subject: CN=3fd7195e426a5e65323060595863e715c04d154b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:bf:11:bf:c7:72:d7:7a:10:15:7d:58:03:32:
                    1a:d8:d3:44:a5:2a:96:c1:7c:6f:09:6c:c4:07:10:
                    1b:8e:d4:95:00:f7:53:5e:99:9f:11:13:e5:9e:07:
                    a6:d7:f0:82:f4:01:09:a2:10:ba:dd:89:e3:4e:fe:
                    2d:5d:23:93:68:12:58:30:6a:23:a6:d6:8e:c7:cc:
                    6c:8e:45:41:86:e8:08:81:40:5b:3f:cd:5c:9a:5e:
                    03:2d:e1:fa:2a:c5:00:92:43:c5:27:c8:d7:b1:2b:
                    d8:37:ab:ca:39:c3:de:63:db:4d:07:3c:c6:dd:e0:
                    19:72:a5:d8:34:d8:c0:91:96:10:33:e0:e7:f0:e9:
                    e2:b9:31:53:c4:30:b5:b2:34:47:5c:fa:aa:05:67:
                    99:f1:82:2f:a4:d3:ce:e7:da:07:a9:85:7f:45:d5:
                    ca:c7:3b:22:cd:62:96:4b:94:5a:96:3c:91:46:d4:
                    49:69:e0:b3:0a:c3:32:cd:06:a9:fb:85:af:8e:44:
                    b6:80:67:71:e2:31:b3:34:dc:55:03:80:22:03:14:
                    70:56:29:a7:a2:67:f8:6d:f4:38:88:91:5f:79:4d:
                    f8:33:2b:11:e1:6b:57:56:9c:33:05:45:48:dd:8e:
                    3c:50:bb:1c:f5:5d:0e:f6:7f:13:c9:0e:ab:2a:0c:
                    25:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:D7:19:5E:42:6A:5E:65:32:30:60:59:58:63:E7:15:C0:4D:15:4B
            X509v3 Authority Key Identifier:
                keyid:03:2D:52:B3:23:9A:1C:E3:CD:D3:43:31:34:8C:E7:80:DD:F1:64:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ay1SsyOaHOPN00MxNIzngN3xZMA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:e8:eb:30:1e:e1:c1:d9:dc:e6:98:d0:ba:38:a0:94:7b:8c:
         60:b3:33:5d:b7:5e:cb:6f:4a:f6:26:61:58:b9:3a:31:06:27:
         54:b3:43:c7:9c:85:da:ef:94:eb:3a:4f:e9:00:3d:7e:bf:f3:
         88:bc:89:69:95:34:e5:1f:b1:75:a0:80:57:4d:2a:30:2b:eb:
         d7:15:2c:66:e5:8f:dc:91:67:1a:63:a7:0e:d7:c7:16:03:12:
         e2:10:44:20:a9:63:ba:bc:98:38:cd:c7:59:5d:90:6d:fe:b7:
         26:2c:6f:77:9d:8a:a2:74:9b:48:f5:8e:00:19:36:41:c6:80:
         7f:c5:98:bc:40:af:6c:1c:5b:68:c4:8d:62:81:b9:e2:c0:dd:
         4b:a1:a0:1d:5b:51:5b:5d:1a:8d:58:1a:74:f0:23:4b:1d:5e:
         dd:95:40:65:ab:1a:b2:dd:df:da:41:37:0a:58:d4:4d:29:5f:
         ed:70:e4:f9:d8:a5:23:6f:37:03:00:1e:c5:6b:ab:e1:48:1f:
         47:0b:a0:92:de:bb:c3:8a:61:63:8c:19:09:0b:a9:66:80:21:
         27:d7:41:9a:85:f1:e0:fc:f3:22:3a:f6:4c:30:a1:54:4f:ff:
         e0:be:70:93:ad:9d:01:cc:15:cc:e9:07:05:16:d2:6a:34:89:
         32:c1:57:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoNHXu7AcukRu45h1T5YwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMmQ1MmIzMjM5YTFjZTNjZGQzNDMzMTM0OGNlNzgwZGRm
MTY0YzAwHhcNMjUwOTA3MTAwMjQ1WhcNMjUwOTA4MTAwMjQ1WjAzMTEwLwYDVQQD
EygzZmQ3MTk1ZTQyNmE1ZTY1MzIzMDYwNTk1ODYzZTcxNWMwNGQxNTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlL8Rv8dy13oQFX1YAzIa2NNEpSqW
wXxvCWzEBxAbjtSVAPdTXpmfERPlngem1/CC9AEJohC63YnjTv4tXSOTaBJYMGoj
ptaOx8xsjkVBhugIgUBbP81cml4DLeH6KsUAkkPFJ8jXsSvYN6vKOcPeY9tNBzzG
3eAZcqXYNNjAkZYQM+Dn8OniuTFTxDC1sjRHXPqqBWeZ8YIvpNPO59oHqYV/RdXK
xzsizWKWS5RaljyRRtRJaeCzCsMyzQap+4WvjkS2gGdx4jGzNNxVA4AiAxRwVimn
omf4bfQ4iJFfeU34MysR4WtXVpwzBUVI3Y48ULsc9V0O9n8TyQ6rKgwlZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD/XGV5Cal5lMjBgWVhj5xXATRVLMB8GA1UdIwQY
MBaAFAMtUrMjmhzjzdNDMTSM54Dd8WTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXkxU3N5T2FIT1BOMDBNeE5Jem5nTjN4Wk1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9iYzVmMTUtNThhZS00ZGYwLTljNmQt
ZTdhZDczYmJjYzg5LzEvQXkxU3N5T2FIT1BOMDBNeE5Jem5nTjN4Wk1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9iYzVmMTUtNThhZS00ZGYwLTljNmQtZTdhZDczYmJjYzg5
LzEvQXkxU3N5T2FIT1BOMDBNeE5Jem5nTjN4Wk1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkOjrMB7h
wdnc5pjQujiglHuMYLMzXbdey29K9iZhWLk6MQYnVLNDx5yF2u+U6zpP6QA9fr/z
iLyJaZU05R+xdaCAV00qMCvr1xUsZuWP3JFnGmOnDtfHFgMS4hBEIKljuryYOM3H
WV2Qbf63Jixvd52KonSbSPWOABk2QcaAf8WYvECvbBxbaMSNYoG54sDdS6GgHVtR
W10ajVgadPAjSx1e3ZVAZasast3f2kE3CljUTSlf7XDk+dilI283AwAexWur4Ugf
Rwugkt67w4phY4wZCQupZoAhJ9dBmoXx4PzzIjr2TDChVE//4L5wk62dAcwVzOkH
BRbSajSJMsFXdg==
-----END CERTIFICATE-----