Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/587b7b-071c-430b-9eb2-6ec62690b19b/1/mXIUjHNiwsk5m7OvdBWSxCUWxUc.mft
File:                     mXIUjHNiwsk5m7OvdBWSxCUWxUc.mft (raw, json)
Hash identifier:          dqi0oOvW1dDijLq6kCLsJ6fJadOjQ3oJwX8lqLbAcFE=
Subject key identifier:   21:6A:72:27:34:1C:0E:BF:37:EC:5A:D9:55:45:EB:E7:E4:68:36:6C
Authority key identifier: 99:72:14:8C:73:62:C2:C9:39:9B:B3:AF:74:15:92:C4:25:16:C5:47
Certificate issuer:       /CN=9972148c7362c2c9399bb3af741592c42516c547
Certificate serial:       019922FA22A6758E160E2A6595458D13BA51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mXIUjHNiwsk5m7OvdBWSxCUWxUc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/587b7b-071c-430b-9eb2-6ec62690b19b/1/mXIUjHNiwsk5m7OvdBWSxCUWxUc.mft
Manifest number:          11AD
Signing time:             Sun 07 Sep 2025 07:00:42 +0000
Manifest this update:     Sun 07 Sep 2025 07:00:42 +0000
Manifest next update:     Mon 08 Sep 2025 07:00:42 +0000
Files and hashes:         1: mXIUjHNiwsk5m7OvdBWSxCUWxUc.crl (hash: w5vDFcdU7JI0XO7bKT0xrZ5kMZDDRmDE4pgEMOmN3+Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bc/587b7b-071c-430b-9eb2-6ec62690b19b/1/mXIUjHNiwsk5m7OvdBWSxCUWxUc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bc/587b7b-071c-430b-9eb2-6ec62690b19b/1/mXIUjHNiwsk5m7OvdBWSxCUWxUc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mXIUjHNiwsk5m7OvdBWSxCUWxUc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:fa:22:a6:75:8e:16:0e:2a:65:95:45:8d:13:ba:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9972148c7362c2c9399bb3af741592c42516c547
        Validity
            Not Before: Sep  7 07:00:42 2025 GMT
            Not After : Sep  8 07:00:42 2025 GMT
        Subject: CN=216a7227341c0ebf37ec5ad95545ebe7e468366c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:45:d9:6e:4b:5f:4d:8c:54:5b:64:a3:3c:d4:
                    a1:11:16:be:d7:f8:c1:58:5f:9c:e2:39:6c:c5:34:
                    47:72:3c:31:b6:a6:4a:c2:40:ac:f1:c2:57:75:29:
                    d7:19:0a:69:10:aa:39:5f:4a:c7:32:f9:f1:88:42:
                    0e:6e:be:e4:25:b1:b1:a9:50:69:bf:47:6b:c2:b4:
                    3f:be:54:e0:9a:6a:e8:5f:5b:c1:4b:71:6c:6e:61:
                    f4:46:12:68:2f:0c:fa:68:8b:f4:01:75:b7:de:de:
                    a5:89:dd:1d:cd:9c:78:74:e0:fd:d7:56:ea:11:cf:
                    a1:60:73:41:63:99:05:4d:4e:b1:a4:12:13:2d:43:
                    30:35:ee:af:18:45:3f:e2:84:5d:b0:99:20:8f:c5:
                    e2:9d:6f:a1:e0:4a:c7:15:7a:a0:29:de:42:60:d4:
                    90:0a:6d:ae:24:89:1f:79:34:09:76:1d:ff:25:99:
                    97:49:9b:bd:8f:5a:e1:47:ee:68:0f:f4:69:8d:ff:
                    53:46:e2:99:9c:84:c8:ef:14:de:54:63:58:d0:67:
                    de:da:7d:a1:c9:ac:c5:39:30:ae:62:44:aa:b0:32:
                    35:2f:da:86:97:d5:6c:60:6d:04:c5:36:51:23:72:
                    5b:d1:ad:01:54:5d:e9:35:6c:b1:b7:bd:53:0c:b2:
                    52:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:6A:72:27:34:1C:0E:BF:37:EC:5A:D9:55:45:EB:E7:E4:68:36:6C
            X509v3 Authority Key Identifier:
                keyid:99:72:14:8C:73:62:C2:C9:39:9B:B3:AF:74:15:92:C4:25:16:C5:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mXIUjHNiwsk5m7OvdBWSxCUWxUc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/587b7b-071c-430b-9eb2-6ec62690b19b/1/mXIUjHNiwsk5m7OvdBWSxCUWxUc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/587b7b-071c-430b-9eb2-6ec62690b19b/1/mXIUjHNiwsk5m7OvdBWSxCUWxUc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:8a:5f:93:93:01:18:61:7a:30:a5:d4:f0:03:75:de:f3:c4:
         79:30:c1:3a:bf:f4:17:26:06:90:9e:e3:e6:a6:c2:8c:54:9b:
         72:e4:ad:e2:41:9a:d7:e4:e1:7a:dd:66:54:81:16:1d:fd:aa:
         c3:85:7e:63:2c:a2:a9:bd:4d:0b:5a:7b:74:b6:19:0e:6d:44:
         77:53:aa:89:c1:5f:d9:69:79:73:b4:88:1a:bf:4d:d3:de:97:
         2d:1f:40:38:20:e9:20:4a:50:9a:7a:65:dc:3e:0d:3b:2e:7e:
         57:dd:4c:9b:d3:12:95:ac:e5:e8:1d:c8:6e:93:bf:ea:8b:cc:
         fb:03:5c:93:c8:bf:7d:1c:da:a0:2c:70:34:66:79:1a:56:be:
         3a:5e:0c:24:12:56:7a:6e:32:19:8a:62:84:7c:23:e3:3d:4a:
         05:66:c7:f3:57:c9:0e:73:74:3d:b4:ae:ab:e7:0c:b1:a6:e8:
         68:33:86:8b:b0:e1:6d:8c:5f:32:57:73:d3:e9:3e:1e:7c:9a:
         47:4c:1a:7f:55:4e:0b:73:f5:0a:10:a2:a2:70:b9:20:63:1b:
         bb:be:dd:33:b5:de:49:14:6e:86:6c:de:ba:db:ef:51:18:c6:
         db:3b:d2:a6:57:b8:0d:a3:be:24:8f:52:57:89:5e:0c:9f:1e:
         77:e3:f8:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZki+iKmdY4WDipllUWNE7pRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5NzIxNDhjNzM2MmMyYzkzOTliYjNhZjc0MTU5MmM0MjUx
NmM1NDcwHhcNMjUwOTA3MDcwMDQyWhcNMjUwOTA4MDcwMDQyWjAzMTEwLwYDVQQD
EygyMTZhNzIyNzM0MWMwZWJmMzdlYzVhZDk1NTQ1ZWJlN2U0NjgzNjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA40XZbktfTYxUW2SjPNShERa+1/jB
WF+c4jlsxTRHcjwxtqZKwkCs8cJXdSnXGQppEKo5X0rHMvnxiEIObr7kJbGxqVBp
v0drwrQ/vlTgmmroX1vBS3FsbmH0RhJoLwz6aIv0AXW33t6lid0dzZx4dOD911bq
Ec+hYHNBY5kFTU6xpBITLUMwNe6vGEU/4oRdsJkgj8XinW+h4ErHFXqgKd5CYNSQ
Cm2uJIkfeTQJdh3/JZmXSZu9j1rhR+5oD/Rpjf9TRuKZnITI7xTeVGNY0Gfe2n2h
yazFOTCuYkSqsDI1L9qGl9VsYG0ExTZRI3Jb0a0BVF3pNWyxt71TDLJSiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCFqcic0HA6/N+xa2VVF6+fkaDZsMB8GA1UdIwQY
MBaAFJlyFIxzYsLJOZuzr3QVksQlFsVHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVhJVWpITml3c2s1bTdPdmRCV1N4Q1VXeFVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy81ODdiN2ItMDcxYy00MzBiLTllYjIt
NmVjNjI2OTBiMTliLzEvbVhJVWpITml3c2s1bTdPdmRCV1N4Q1VXeFVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy81ODdiN2ItMDcxYy00MzBiLTllYjItNmVjNjI2OTBiMTli
LzEvbVhJVWpITml3c2s1bTdPdmRCV1N4Q1VXeFVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJIpfk5MB
GGF6MKXU8AN13vPEeTDBOr/0FyYGkJ7j5qbCjFSbcuSt4kGa1+Thet1mVIEWHf2q
w4V+Yyyiqb1NC1p7dLYZDm1Ed1OqicFf2Wl5c7SIGr9N096XLR9AOCDpIEpQmnpl
3D4NOy5+V91Mm9MSlazl6B3IbpO/6ovM+wNck8i/fRzaoCxwNGZ5Gla+Ol4MJBJW
em4yGYpihHwj4z1KBWbH81fJDnN0PbSuq+cMsaboaDOGi7DhbYxfMldz0+k+Hnya
R0waf1VOC3P1ChCionC5IGMbu77dM7XeSRRuhmzeutvvURjG2zvSple4DaO+JI9S
V4leDJ8ed+P4og==
-----END CERTIFICATE-----