Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/feb7e0-2b7e-426c-b037-2091cca8bc48/1/rl81puj7U5sZVMtDps516X-q4XU.mft
File:                     rl81puj7U5sZVMtDps516X-q4XU.mft (raw, json)
Hash identifier:          tWUrHapcf0V37/SAOYrFrtQjBMZuP0QXTN/CtbC4aQI=
Subject key identifier:   D0:56:31:DC:DE:40:46:2A:81:B6:F0:B1:91:1F:9F:7E:45:3F:CC:96
Authority key identifier: AE:5F:35:A6:E8:FB:53:9B:19:54:CB:43:A6:CE:75:E9:7F:AA:E1:75
Certificate issuer:       /CN=ae5f35a6e8fb539b1954cb43a6ce75e97faae175
Certificate serial:       0199239FE6E2DE050AD7BF2EC54618EC80E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rl81puj7U5sZVMtDps516X-q4XU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/feb7e0-2b7e-426c-b037-2091cca8bc48/1/rl81puj7U5sZVMtDps516X-q4XU.mft
Manifest number:          0A69
Signing time:             Sun 07 Sep 2025 10:01:45 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:45 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:45 +0000
Files and hashes:         1: rl81puj7U5sZVMtDps516X-q4XU.crl (hash: mo8l7cYbKifWKVeLNtHhySdtujbjVpTnH2CBTzfMoCg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b2/feb7e0-2b7e-426c-b037-2091cca8bc48/1/rl81puj7U5sZVMtDps516X-q4XU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b2/feb7e0-2b7e-426c-b037-2091cca8bc48/1/rl81puj7U5sZVMtDps516X-q4XU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rl81puj7U5sZVMtDps516X-q4XU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:e6:e2:de:05:0a:d7:bf:2e:c5:46:18:ec:80:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ae5f35a6e8fb539b1954cb43a6ce75e97faae175
        Validity
            Not Before: Sep  7 10:01:45 2025 GMT
            Not After : Sep  8 10:01:45 2025 GMT
        Subject: CN=d05631dcde40462a81b6f0b1911f9f7e453fcc96
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:0b:15:69:e0:63:f6:45:b3:cd:21:30:be:28:
                    43:71:c3:ca:25:9e:33:82:09:76:98:2c:dc:11:7d:
                    b7:85:69:a1:6f:83:1d:5c:ce:04:d4:65:8a:17:c2:
                    ff:64:29:a3:94:18:e6:5e:6f:f4:ac:e3:74:ca:9b:
                    5d:69:ec:56:98:49:e0:ef:b9:9a:fb:dc:18:01:2a:
                    04:c5:39:90:9b:0b:61:4b:1d:7c:ff:ea:6e:55:6c:
                    df:e7:f9:13:ae:d9:fa:b3:3f:29:f8:0e:3e:9f:8d:
                    be:87:08:a3:ea:54:e8:7f:e1:6a:1d:e9:4b:31:d3:
                    e2:6f:48:f7:c4:75:30:25:f9:25:d1:85:10:a9:b6:
                    94:7b:0c:14:e1:a3:5a:ec:18:e2:7b:79:71:b9:5a:
                    db:7f:3a:38:61:ff:ea:34:39:fd:a2:2f:f0:3d:82:
                    1b:d0:94:5f:1c:2d:f7:c8:4e:67:42:42:cb:39:93:
                    aa:60:17:37:36:b9:60:e8:ea:6e:b2:cb:39:04:7b:
                    56:bf:36:f0:8f:47:9c:39:40:f1:d5:20:e9:79:15:
                    e0:60:6b:01:e1:de:d1:c2:7f:3f:3c:b9:f6:25:64:
                    b7:98:fd:6c:35:75:a2:7b:b0:3a:06:ff:51:cc:08:
                    5e:60:30:0e:5c:a1:b7:39:18:0c:8b:c7:17:16:62:
                    a5:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:56:31:DC:DE:40:46:2A:81:B6:F0:B1:91:1F:9F:7E:45:3F:CC:96
            X509v3 Authority Key Identifier:
                keyid:AE:5F:35:A6:E8:FB:53:9B:19:54:CB:43:A6:CE:75:E9:7F:AA:E1:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rl81puj7U5sZVMtDps516X-q4XU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/feb7e0-2b7e-426c-b037-2091cca8bc48/1/rl81puj7U5sZVMtDps516X-q4XU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/feb7e0-2b7e-426c-b037-2091cca8bc48/1/rl81puj7U5sZVMtDps516X-q4XU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:47:e7:3a:26:72:96:14:39:a6:99:81:85:75:a6:2e:40:5c:
         9c:47:da:c4:cb:ac:d4:74:6b:bf:17:18:83:18:e6:83:e5:89:
         73:77:9c:96:5e:62:a1:9f:1e:82:d0:a0:c5:20:66:d3:24:36:
         62:80:49:0e:5d:43:57:dd:06:08:ab:85:ad:3c:49:58:0e:5f:
         63:95:f9:07:0f:bd:2d:a7:bd:e1:0b:ed:02:fa:64:da:6e:9c:
         2b:0b:60:f8:a3:78:c2:d7:c9:e2:be:3d:2e:be:ef:cd:16:44:
         73:8f:a0:75:ea:a8:f0:9a:fa:84:3e:fe:d3:36:b3:d5:5c:4a:
         4f:d8:9d:83:97:94:94:be:23:76:51:f2:37:18:1f:c8:f8:56:
         ec:7e:eb:8c:8b:1c:51:71:92:4c:b6:f1:5a:f1:22:71:5a:b4:
         2f:62:fc:e5:bf:a3:e3:e5:82:99:c4:ae:d2:0b:ee:66:df:e3:
         e9:25:e8:92:1d:c7:cd:91:9b:db:ac:43:66:19:e3:e6:75:cc:
         72:0c:fe:06:7a:0c:50:1d:b6:f7:5a:35:4e:05:1a:63:e6:ec:
         5d:14:35:be:a3:b1:5d:f7:9a:59:f8:fe:5b:b6:78:2d:c2:83:
         ec:e1:f1:fd:4b:70:64:e8:c8:51:59:d2:61:e3:12:8f:ab:a8:
         ec:b4:6e:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn+bi3gUK178uxUYY7IDoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNWYzNWE2ZThmYjUzOWIxOTU0Y2I0M2E2Y2U3NWU5N2Zh
YWUxNzUwHhcNMjUwOTA3MTAwMTQ1WhcNMjUwOTA4MTAwMTQ1WjAzMTEwLwYDVQQD
EyhkMDU2MzFkY2RlNDA0NjJhODFiNmYwYjE5MTFmOWY3ZTQ1M2ZjYzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQsVaeBj9kWzzSEwvihDccPKJZ4z
ggl2mCzcEX23hWmhb4MdXM4E1GWKF8L/ZCmjlBjmXm/0rON0yptdaexWmEng77ma
+9wYASoExTmQmwthSx18/+puVWzf5/kTrtn6sz8p+A4+n42+hwij6lTof+FqHelL
MdPib0j3xHUwJfkl0YUQqbaUewwU4aNa7Bjie3lxuVrbfzo4Yf/qNDn9oi/wPYIb
0JRfHC33yE5nQkLLOZOqYBc3Nrlg6Opusss5BHtWvzbwj0ecOUDx1SDpeRXgYGsB
4d7Rwn8/PLn2JWS3mP1sNXWie7A6Bv9RzAheYDAOXKG3ORgMi8cXFmKlHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNBWMdzeQEYqgbbwsZEfn35FP8yWMB8GA1UdIwQY
MBaAFK5fNabo+1ObGVTLQ6bOdel/quF1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmw4MXB1ajdVNXNaVk10RHBzNTE2WC1xNFhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9mZWI3ZTAtMmI3ZS00MjZjLWIwMzct
MjA5MWNjYThiYzQ4LzEvcmw4MXB1ajdVNXNaVk10RHBzNTE2WC1xNFhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9mZWI3ZTAtMmI3ZS00MjZjLWIwMzctMjA5MWNjYThiYzQ4
LzEvcmw4MXB1ajdVNXNaVk10RHBzNTE2WC1xNFhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkEfnOiZy
lhQ5ppmBhXWmLkBcnEfaxMus1HRrvxcYgxjmg+WJc3ecll5ioZ8egtCgxSBm0yQ2
YoBJDl1DV90GCKuFrTxJWA5fY5X5Bw+9Lae94QvtAvpk2m6cKwtg+KN4wtfJ4r49
Lr7vzRZEc4+gdeqo8Jr6hD7+0zaz1VxKT9idg5eUlL4jdlHyNxgfyPhW7H7rjIsc
UXGSTLbxWvEicVq0L2L85b+j4+WCmcSu0gvuZt/j6SXokh3HzZGb26xDZhnj5nXM
cgz+BnoMUB2291o1TgUaY+bsXRQ1vqOxXfeaWfj+W7Z4LcKD7OHx/UtwZOjIUVnS
YeMSj6uo7LRuXg==
-----END CERTIFICATE-----