Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/8544a0-ae46-4da2-ad2d-e893b13b2c9f/1/JchJyqV3LJi4E8E7TzD85PSNLa4.mft
File:                     JchJyqV3LJi4E8E7TzD85PSNLa4.mft (raw, json)
Hash identifier:          uBeAlyqkgvVX9vrLxuMI653l3uMjyjSa+23Cz2wsJBk=
Subject key identifier:   BC:61:30:3D:49:D7:F1:DE:C8:F3:01:6D:81:42:7A:26:F2:3E:63:74
Authority key identifier: 25:C8:49:CA:A5:77:2C:98:B8:13:C1:3B:4F:30:FC:E4:F4:8D:2D:AE
Certificate issuer:       /CN=25c849caa5772c98b813c13b4f30fce4f48d2dae
Certificate serial:       019922561141F4FEDE9F35A31B047131095C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JchJyqV3LJi4E8E7TzD85PSNLa4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/8544a0-ae46-4da2-ad2d-e893b13b2c9f/1/JchJyqV3LJi4E8E7TzD85PSNLa4.mft
Manifest number:          0A46
Signing time:             Sun 07 Sep 2025 04:01:29 +0000
Manifest this update:     Sun 07 Sep 2025 04:01:29 +0000
Manifest next update:     Mon 08 Sep 2025 04:01:29 +0000
Files and hashes:         1: JchJyqV3LJi4E8E7TzD85PSNLa4.crl (hash: FkzA4dJVB40idV6i65nITOT1yYtFLv1GZ1i6OpxOocs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/8544a0-ae46-4da2-ad2d-e893b13b2c9f/1/JchJyqV3LJi4E8E7TzD85PSNLa4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/8544a0-ae46-4da2-ad2d-e893b13b2c9f/1/JchJyqV3LJi4E8E7TzD85PSNLa4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JchJyqV3LJi4E8E7TzD85PSNLa4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 04:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:56:11:41:f4:fe:de:9f:35:a3:1b:04:71:31:09:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25c849caa5772c98b813c13b4f30fce4f48d2dae
        Validity
            Not Before: Sep  7 04:01:29 2025 GMT
            Not After : Sep  8 04:01:29 2025 GMT
        Subject: CN=bc61303d49d7f1dec8f3016d81427a26f23e6374
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:bd:ea:e7:89:dd:89:f0:5c:8f:d0:ac:f4:6d:
                    62:91:42:31:b5:55:12:68:a9:ce:7a:1d:b5:ed:32:
                    7c:f3:0e:5d:36:7d:0c:e2:92:7b:ae:97:e2:46:58:
                    27:66:bc:98:52:02:79:7e:1e:fa:73:96:d8:f1:5a:
                    99:9b:c4:bd:f8:f1:67:63:a3:04:95:d4:c0:1d:d8:
                    8d:ad:fa:de:34:43:27:5d:2b:ae:68:a3:f6:42:11:
                    f9:83:a9:b7:dc:94:d1:e5:0f:88:33:96:2a:18:a0:
                    27:db:0f:67:48:19:3b:85:02:98:c2:7b:57:c0:d2:
                    8f:d5:5b:6b:ea:9d:1e:e5:b2:af:d6:11:4d:d4:26:
                    ce:1e:75:90:10:3a:86:a8:28:a6:8b:97:0c:25:24:
                    05:b8:4c:cf:a5:18:4c:c0:cc:7e:19:18:ca:a0:45:
                    d1:6e:0f:e2:a9:8c:d9:2d:ac:9f:13:b2:18:cf:87:
                    dc:28:17:a2:14:37:29:f3:6a:7d:49:3b:34:cd:d2:
                    28:e1:44:86:af:f3:a8:f4:05:3d:75:36:15:00:ae:
                    70:cd:5f:7e:c0:f6:ff:06:fb:86:0b:8a:be:e8:f7:
                    ec:ac:fd:34:15:18:e2:84:7a:d7:e4:67:e9:38:4f:
                    d6:98:d5:0b:8a:23:66:0f:27:84:4b:87:58:79:27:
                    36:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:61:30:3D:49:D7:F1:DE:C8:F3:01:6D:81:42:7A:26:F2:3E:63:74
            X509v3 Authority Key Identifier:
                keyid:25:C8:49:CA:A5:77:2C:98:B8:13:C1:3B:4F:30:FC:E4:F4:8D:2D:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JchJyqV3LJi4E8E7TzD85PSNLa4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/8544a0-ae46-4da2-ad2d-e893b13b2c9f/1/JchJyqV3LJi4E8E7TzD85PSNLa4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/8544a0-ae46-4da2-ad2d-e893b13b2c9f/1/JchJyqV3LJi4E8E7TzD85PSNLa4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:7a:ac:12:82:80:02:7e:e1:65:ee:d1:a5:35:99:ab:4d:0f:
         f0:4a:25:ce:90:85:6e:83:95:1c:93:ba:f6:a8:f4:2e:6f:be:
         67:8e:6a:fc:73:3a:c7:8c:2a:b1:9f:e1:7d:65:71:02:df:14:
         e7:33:f0:32:dc:07:b7:fa:0b:91:39:9c:52:d9:79:09:e6:b1:
         7e:52:29:d8:75:0d:eb:04:b1:1c:70:41:39:43:b4:df:81:87:
         9a:71:d8:24:3c:6c:46:e4:46:dc:42:4d:7a:8a:67:6d:81:13:
         48:ad:56:bd:55:2e:17:70:b8:c0:d3:8b:6c:b6:51:d1:9a:36:
         2d:d3:25:85:1c:70:83:e4:78:c6:ed:95:5e:b9:6c:0d:26:2e:
         9c:1c:8f:a0:71:76:3d:bf:82:e0:83:b9:88:92:db:d0:60:9a:
         a2:b6:10:03:3d:bf:dd:26:38:83:70:33:b8:8d:39:54:ec:76:
         93:05:d0:27:4f:02:ec:56:c6:8f:9a:d2:f2:43:7e:6b:5b:ab:
         31:2d:b5:29:f2:a3:68:51:dc:dd:c7:86:4f:76:74:e5:c5:e0:
         70:3e:56:a7:2d:d1:91:2e:12:be:58:31:4b:1a:11:6e:66:40:
         65:8b:82:ca:46:02:27:20:1b:a1:50:be:82:cc:f7:f9:e0:5c:
         d0:d7:58:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVhFB9P7enzWjGwRxMQlcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1Yzg0OWNhYTU3NzJjOThiODEzYzEzYjRmMzBmY2U0ZjQ4
ZDJkYWUwHhcNMjUwOTA3MDQwMTI5WhcNMjUwOTA4MDQwMTI5WjAzMTEwLwYDVQQD
EyhiYzYxMzAzZDQ5ZDdmMWRlYzhmMzAxNmQ4MTQyN2EyNmYyM2U2Mzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtL3q54ndifBcj9Cs9G1ikUIxtVUS
aKnOeh217TJ88w5dNn0M4pJ7rpfiRlgnZryYUgJ5fh76c5bY8VqZm8S9+PFnY6ME
ldTAHdiNrfreNEMnXSuuaKP2QhH5g6m33JTR5Q+IM5YqGKAn2w9nSBk7hQKYwntX
wNKP1Vtr6p0e5bKv1hFN1CbOHnWQEDqGqCimi5cMJSQFuEzPpRhMwMx+GRjKoEXR
bg/iqYzZLayfE7IYz4fcKBeiFDcp82p9STs0zdIo4USGr/Oo9AU9dTYVAK5wzV9+
wPb/BvuGC4q+6PfsrP00FRjihHrX5GfpOE/WmNULiiNmDyeES4dYeSc2owIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLxhMD1J1/HeyPMBbYFCeibyPmN0MB8GA1UdIwQY
MBaAFCXIScqldyyYuBPBO08w/OT0jS2uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmNoSnlxVjNMSmk0RThFN1R6RDg1UFNOTGE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS84NTQ0YTAtYWU0Ni00ZGEyLWFkMmQt
ZTg5M2IxM2IyYzlmLzEvSmNoSnlxVjNMSmk0RThFN1R6RDg1UFNOTGE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS84NTQ0YTAtYWU0Ni00ZGEyLWFkMmQtZTg5M2IxM2IyYzlm
LzEvSmNoSnlxVjNMSmk0RThFN1R6RDg1UFNOTGE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVHqsEoKA
An7hZe7RpTWZq00P8EolzpCFboOVHJO69qj0Lm++Z45q/HM6x4wqsZ/hfWVxAt8U
5zPwMtwHt/oLkTmcUtl5CeaxflIp2HUN6wSxHHBBOUO034GHmnHYJDxsRuRG3EJN
eopnbYETSK1WvVUuF3C4wNOLbLZR0Zo2LdMlhRxwg+R4xu2VXrlsDSYunByPoHF2
Pb+C4IO5iJLb0GCaorYQAz2/3SY4g3AzuI05VOx2kwXQJ08C7FbGj5rS8kN+a1ur
MS21KfKjaFHc3ceGT3Z05cXgcD5Wpy3RkS4SvlgxSxoRbmZAZYuCykYCJyAboVC+
gsz3+eBc0NdYgw==
-----END CERTIFICATE-----