Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.mft
File:                     iTbfSsL0Z-pmwRl6hinT9ku1Y_A.mft (raw, json)
Hash identifier:          5FkevxKrcJqp0Rt+CVO2I65UwSPJgzSkJG2kiw6+Isk=
Subject key identifier:   D2:5F:E2:A1:4C:1A:6E:ED:05:59:2B:C3:86:3C:36:66:CD:71:CB:B4
Authority key identifier: 89:36:DF:4A:C2:F4:67:EA:66:C1:19:7A:86:29:D3:F6:4B:B5:63:F0
Certificate issuer:       /CN=8936df4ac2f467ea66c1197a8629d3f64bb563f0
Certificate serial:       019923A0E52EBB1D6F59FA9E34D9E085DE3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.mft
Manifest number:          12B7
Signing time:             Sun 07 Sep 2025 10:02:50 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:50 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:50 +0000
Files and hashes:         1: iTbfSsL0Z-pmwRl6hinT9ku1Y_A.crl (hash: 2DaIHV3RhoGO77JRIJAR5YwfDFO7vK8Vz/MwAGRV8sQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:e5:2e:bb:1d:6f:59:fa:9e:34:d9:e0:85:de:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8936df4ac2f467ea66c1197a8629d3f64bb563f0
        Validity
            Not Before: Sep  7 10:02:50 2025 GMT
            Not After : Sep  8 10:02:50 2025 GMT
        Subject: CN=d25fe2a14c1a6eed05592bc3863c3666cd71cbb4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:40:5d:3d:72:0a:f0:fb:a0:66:6a:06:a7:33:
                    f9:76:11:c8:75:f0:2e:60:a8:bd:11:44:a7:71:1c:
                    b7:ce:b3:6b:d8:f0:88:eb:97:ae:69:e4:52:7e:d4:
                    62:f2:b6:22:a9:cf:0f:c7:d8:d9:26:1a:10:5a:e4:
                    b3:4e:ff:c1:fe:a4:10:1f:ed:a0:c4:6f:44:83:ed:
                    29:1b:c0:6f:01:fc:9e:9e:74:1f:35:01:cd:c1:02:
                    ed:4a:8f:a4:07:26:e8:a7:f6:87:57:c6:dd:b1:30:
                    ab:5e:7e:a1:c9:58:3c:03:bb:09:dd:c8:13:18:ac:
                    dc:6e:2e:e4:64:60:5a:38:40:06:26:f6:ff:67:62:
                    ff:bd:b5:1e:4e:8c:80:c0:e6:5b:7e:07:a7:64:ca:
                    90:c2:86:ab:79:9d:7b:25:e8:cf:02:ac:79:4b:40:
                    32:3c:19:a0:d9:d3:8c:e1:f5:cb:5b:7f:74:13:9a:
                    bf:e9:1c:70:5a:0f:07:5a:7c:e9:dd:6c:a2:72:58:
                    b3:c1:2e:be:d4:e6:e7:3f:81:62:a7:8b:aa:ef:cd:
                    89:5c:ce:f6:29:31:46:ca:83:8a:74:33:e0:5b:13:
                    86:d2:39:59:5e:ce:48:c6:03:e3:15:34:c2:fe:e3:
                    2c:33:01:bf:de:d8:44:37:89:a9:0b:63:4d:10:27:
                    1a:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:5F:E2:A1:4C:1A:6E:ED:05:59:2B:C3:86:3C:36:66:CD:71:CB:B4
            X509v3 Authority Key Identifier:
                keyid:89:36:DF:4A:C2:F4:67:EA:66:C1:19:7A:86:29:D3:F6:4B:B5:63:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a7:d0:f3:5e:30:9d:76:1f:35:7c:e3:19:63:a0:1c:40:61:d9:
         c9:36:c7:97:0e:4e:b0:5d:46:49:48:fe:fe:07:a0:3e:e8:e9:
         f0:46:fc:ec:90:7b:56:7e:f6:4d:fa:ce:7d:41:35:97:ab:37:
         4e:44:7c:30:52:4e:70:02:76:85:f3:d4:91:78:df:6d:2b:25:
         c7:78:ba:98:70:c7:b3:43:14:34:1c:ae:c4:a2:44:7c:f8:ea:
         fc:1f:be:0e:ca:b9:20:d8:04:22:48:01:d0:ad:a9:d3:86:51:
         4a:fe:7e:6f:ed:f7:fc:81:02:85:aa:c4:00:d7:b6:40:d1:a1:
         39:b2:9a:f5:74:c1:31:75:cd:be:a3:c4:af:00:08:cb:94:05:
         65:f2:22:97:c1:7c:f4:ab:ac:4c:70:e8:31:99:e4:5b:a4:ed:
         4e:53:00:c2:1a:bf:37:f8:94:be:8f:ed:a3:48:4b:0a:a3:53:
         d2:e7:ee:c5:d2:a1:f6:66:7f:69:a6:85:8b:54:cd:bb:ef:7a:
         e3:a1:66:8c:33:bd:25:d8:1f:87:02:01:ce:70:63:db:9c:ad:
         e7:4f:b3:f0:3b:f2:4e:41:27:00:04:e7:95:25:45:b7:63:df:
         a5:ae:11:d5:b7:f2:8c:5e:8e:81:37:f4:e2:4a:bc:fa:74:dc:
         79:2c:b9:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoOUuux1vWfqeNNnghd48MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MzZkZjRhYzJmNDY3ZWE2NmMxMTk3YTg2MjlkM2Y2NGJi
NTYzZjAwHhcNMjUwOTA3MTAwMjUwWhcNMjUwOTA4MTAwMjUwWjAzMTEwLwYDVQQD
EyhkMjVmZTJhMTRjMWE2ZWVkMDU1OTJiYzM4NjNjMzY2NmNkNzFjYmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwEBdPXIK8PugZmoGpzP5dhHIdfAu
YKi9EUSncRy3zrNr2PCI65euaeRSftRi8rYiqc8Px9jZJhoQWuSzTv/B/qQQH+2g
xG9Eg+0pG8BvAfyennQfNQHNwQLtSo+kBybop/aHV8bdsTCrXn6hyVg8A7sJ3cgT
GKzcbi7kZGBaOEAGJvb/Z2L/vbUeToyAwOZbfgenZMqQwoareZ17JejPAqx5S0Ay
PBmg2dOM4fXLW390E5q/6RxwWg8HWnzp3WyiclizwS6+1ObnP4Fip4uq782JXM72
KTFGyoOKdDPgWxOG0jlZXs5IxgPjFTTC/uMsMwG/3thEN4mpC2NNECcanwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNJf4qFMGm7tBVkrw4Y8NmbNccu0MB8GA1UdIwQY
MBaAFIk230rC9GfqZsEZeoYp0/ZLtWPwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVRiZlNzTDBaLXBtd1JsNmhpblQ5a3UxWV9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi83ODk1ZjgtYWMzMS00Nzk4LTg0MDQt
NGUyNzhkZDQ4YTNmLzEvaVRiZlNzTDBaLXBtd1JsNmhpblQ5a3UxWV9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi83ODk1ZjgtYWMzMS00Nzk4LTg0MDQtNGUyNzhkZDQ4YTNm
LzEvaVRiZlNzTDBaLXBtd1JsNmhpblQ5a3UxWV9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp9DzXjCd
dh81fOMZY6AcQGHZyTbHlw5OsF1GSUj+/gegPujp8Eb87JB7Vn72TfrOfUE1l6s3
TkR8MFJOcAJ2hfPUkXjfbSslx3i6mHDHs0MUNByuxKJEfPjq/B++Dsq5INgEIkgB
0K2p04ZRSv5+b+33/IECharEANe2QNGhObKa9XTBMXXNvqPErwAIy5QFZfIil8F8
9KusTHDoMZnkW6TtTlMAwhq/N/iUvo/to0hLCqNT0ufuxdKh9mZ/aaaFi1TNu+96
46FmjDO9JdgfhwIBznBj25yt50+z8DvyTkEnAATnlSVFt2Pfpa4R1bfyjF6OgTf0
4kq8+nTceSy5UA==
-----END CERTIFICATE-----