Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft
File:                     898KdcnvaBuNIzZ9vo7a0FPzvZU.mft (raw, json)
Hash identifier:          R7PMpjd2hPQO7iUu7OeZhG6hBEEAl9S2dWjvlK/LEks=
Subject key identifier:   2A:09:82:7A:C2:6D:A8:09:EA:67:5F:AB:67:5A:3F:16:B4:D7:A7:A6
Authority key identifier: F3:DF:0A:75:C9:EF:68:1B:8D:23:36:7D:BE:8E:DA:D0:53:F3:BD:95
Certificate issuer:       /CN=f3df0a75c9ef681b8d23367dbe8edad053f3bd95
Certificate serial:       0199239F528B7C4C59A6913A79AFC68F70DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/898KdcnvaBuNIzZ9vo7a0FPzvZU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft
Manifest number:          1670
Signing time:             Sun 07 Sep 2025 10:01:07 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:07 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:07 +0000
Files and hashes:         1: 898KdcnvaBuNIzZ9vo7a0FPzvZU.crl (hash: oWUOJds7xlyiPFRG8GN9Is2/A6JEx+AH5iKLqh+LPAE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/898KdcnvaBuNIzZ9vo7a0FPzvZU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:52:8b:7c:4c:59:a6:91:3a:79:af:c6:8f:70:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f3df0a75c9ef681b8d23367dbe8edad053f3bd95
        Validity
            Not Before: Sep  7 10:01:07 2025 GMT
            Not After : Sep  8 10:01:07 2025 GMT
        Subject: CN=2a09827ac26da809ea675fab675a3f16b4d7a7a6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:b4:95:99:cf:6d:07:02:2d:84:83:11:03:c5:
                    c0:cf:42:ff:66:21:05:45:fd:26:f3:af:9f:a0:a7:
                    4e:93:f6:f7:cb:8d:65:30:02:2a:72:d8:10:98:f0:
                    92:89:6e:3b:73:ad:94:59:da:e3:22:3b:fb:c0:b8:
                    97:b2:27:7f:1c:82:9c:48:ba:be:2d:87:3a:68:7b:
                    ae:73:2a:40:b6:95:e2:12:19:45:a0:94:93:f8:3d:
                    90:9d:45:16:0c:95:ed:7a:fe:1f:fa:3e:83:2b:9b:
                    a1:0c:8b:7d:d0:dd:8c:06:46:30:f0:31:2e:ba:34:
                    15:e4:0b:74:32:61:de:63:79:2c:0b:2b:b0:0d:ef:
                    5d:43:68:d8:83:88:ab:0f:6b:16:1f:a9:9f:7d:f4:
                    df:70:14:16:63:bd:83:a1:70:10:0e:58:db:20:34:
                    c1:45:66:d8:2e:20:3c:50:6a:06:69:47:f0:1b:3c:
                    1a:23:6b:68:84:ae:44:d5:93:cb:65:1f:04:8a:e6:
                    af:d3:f1:1a:c8:a4:41:55:9a:9c:e1:1e:89:44:97:
                    c2:40:66:6a:50:c3:43:d4:d1:28:57:f8:0b:8f:c1:
                    7f:99:fe:72:41:26:8a:40:f1:9d:de:26:47:98:ae:
                    cd:4d:fb:95:23:2a:e2:c2:c4:3b:af:a9:b3:55:11:
                    67:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:09:82:7A:C2:6D:A8:09:EA:67:5F:AB:67:5A:3F:16:B4:D7:A7:A6
            X509v3 Authority Key Identifier:
                keyid:F3:DF:0A:75:C9:EF:68:1B:8D:23:36:7D:BE:8E:DA:D0:53:F3:BD:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/898KdcnvaBuNIzZ9vo7a0FPzvZU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:a8:c7:4e:35:aa:73:95:a5:ad:04:e6:ec:88:23:47:15:49:
         57:fb:1f:b6:3e:5d:fb:f9:f3:ec:3d:50:d8:f1:cc:54:46:77:
         e3:91:8c:6d:c7:72:2f:a7:04:ad:82:9b:fe:1b:c9:d3:da:c0:
         2c:50:43:9a:2e:31:7c:d0:49:dc:be:6e:98:74:05:ec:c5:78:
         93:8e:31:59:b2:0b:70:10:a2:67:f1:ca:3b:8f:2a:92:50:56:
         bb:75:b6:0e:ed:29:47:b7:b8:88:a1:90:01:67:48:66:db:c6:
         0b:84:29:85:d7:a3:53:a1:72:24:f8:5e:3c:e7:e4:d1:ea:22:
         36:3b:22:aa:ea:89:c6:b7:b2:a8:d3:d1:41:73:be:67:81:68:
         62:db:c0:50:20:6e:a5:a6:84:71:5f:44:26:07:57:e4:ec:a2:
         79:f4:75:d1:19:81:97:0c:f2:c8:a6:3c:61:db:08:1c:17:ed:
         0f:b6:ee:23:02:05:6f:51:af:9d:b6:56:f7:d2:59:b0:c4:c5:
         11:b3:58:e2:23:2e:07:bb:2e:56:75:be:60:f8:cf:6e:bb:a0:
         b4:fc:35:15:d1:1a:e6:15:16:33:c4:e7:2c:00:49:67:4d:24:
         e6:0e:56:63:ca:fd:e7:87:3a:d9:94:74:99:41:1e:3f:de:a8:
         ee:01:e5:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn1KLfExZppE6ea/Gj3DdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzZGYwYTc1YzllZjY4MWI4ZDIzMzY3ZGJlOGVkYWQwNTNm
M2JkOTUwHhcNMjUwOTA3MTAwMTA3WhcNMjUwOTA4MTAwMTA3WjAzMTEwLwYDVQQD
EygyYTA5ODI3YWMyNmRhODA5ZWE2NzVmYWI2NzVhM2YxNmI0ZDdhN2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrSVmc9tBwIthIMRA8XAz0L/ZiEF
Rf0m86+foKdOk/b3y41lMAIqctgQmPCSiW47c62UWdrjIjv7wLiXsid/HIKcSLq+
LYc6aHuucypAtpXiEhlFoJST+D2QnUUWDJXtev4f+j6DK5uhDIt90N2MBkYw8DEu
ujQV5At0MmHeY3ksCyuwDe9dQ2jYg4irD2sWH6mfffTfcBQWY72DoXAQDljbIDTB
RWbYLiA8UGoGaUfwGzwaI2tohK5E1ZPLZR8Eiuav0/EayKRBVZqc4R6JRJfCQGZq
UMND1NEoV/gLj8F/mf5yQSaKQPGd3iZHmK7NTfuVIyriwsQ7r6mzVRFn5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCoJgnrCbagJ6mdfq2daPxa016emMB8GA1UdIwQY
MBaAFPPfCnXJ72gbjSM2fb6O2tBT872VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODk4S2RjbnZhQnVOSXpaOXZvN2EwRlB6dlpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80Y2I3MmItM2Y4Mi00NmQyLWJmMjUt
YWI4YWJjYzY5MDE2LzEvODk4S2RjbnZhQnVOSXpaOXZvN2EwRlB6dlpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80Y2I3MmItM2Y4Mi00NmQyLWJmMjUtYWI4YWJjYzY5MDE2
LzEvODk4S2RjbnZhQnVOSXpaOXZvN2EwRlB6dlpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkajHTjWq
c5WlrQTm7IgjRxVJV/sftj5d+/nz7D1Q2PHMVEZ345GMbcdyL6cErYKb/hvJ09rA
LFBDmi4xfNBJ3L5umHQF7MV4k44xWbILcBCiZ/HKO48qklBWu3W2Du0pR7e4iKGQ
AWdIZtvGC4QphdejU6FyJPhePOfk0eoiNjsiquqJxreyqNPRQXO+Z4FoYtvAUCBu
paaEcV9EJgdX5OyiefR10RmBlwzyyKY8YdsIHBftD7buIwIFb1GvnbZW99JZsMTF
EbNY4iMuB7suVnW+YPjPbrugtPw1FdEa5hUWM8TnLABJZ00k5g5WY8r954c62ZR0
mUEeP96o7gHlRA==
-----END CERTIFICATE-----