Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/233d82-938e-4f35-aa48-d4e9cf26ee10/1/mpVYgYJyucVAD8XaGIE6zOkXWI0.mft
File:                     mpVYgYJyucVAD8XaGIE6zOkXWI0.mft (raw, json)
Hash identifier:          dkEKUhEIitpN9f62r5sCL2HOf06u2S0Xwj7lC4wxznM=
Subject key identifier:   5F:14:89:66:0D:31:3B:6F:3C:6B:D8:CF:FB:FD:AD:F4:83:7D:37:3D
Authority key identifier: 9A:95:58:81:82:72:B9:C5:40:0F:C5:DA:18:81:3A:CC:E9:17:58:8D
Certificate issuer:       /CN=9a9558818272b9c5400fc5da18813acce917588d
Certificate serial:       0199239ED6437ABEB218FB29DE24F20A810A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mpVYgYJyucVAD8XaGIE6zOkXWI0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/233d82-938e-4f35-aa48-d4e9cf26ee10/1/mpVYgYJyucVAD8XaGIE6zOkXWI0.mft
Manifest number:          166E
Signing time:             Sun 07 Sep 2025 10:00:36 +0000
Manifest this update:     Sun 07 Sep 2025 10:00:36 +0000
Manifest next update:     Mon 08 Sep 2025 10:00:36 +0000
Files and hashes:         1: mpVYgYJyucVAD8XaGIE6zOkXWI0.crl (hash: JOI5Ifnd6c5H1DLxYnUH/hRhdBdnLZrV9Zen+zceGC8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/be/233d82-938e-4f35-aa48-d4e9cf26ee10/1/mpVYgYJyucVAD8XaGIE6zOkXWI0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/be/233d82-938e-4f35-aa48-d4e9cf26ee10/1/mpVYgYJyucVAD8XaGIE6zOkXWI0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mpVYgYJyucVAD8XaGIE6zOkXWI0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9e:d6:43:7a:be:b2:18:fb:29:de:24:f2:0a:81:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9a9558818272b9c5400fc5da18813acce917588d
        Validity
            Not Before: Sep  7 10:00:36 2025 GMT
            Not After : Sep  8 10:00:36 2025 GMT
        Subject: CN=5f1489660d313b6f3c6bd8cffbfdadf4837d373d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:75:f3:56:de:7d:bf:a3:e7:c7:a6:3a:cb:ad:
                    e8:dd:33:dd:a4:37:18:8c:53:4f:d8:5c:5e:20:17:
                    36:ed:cf:26:0e:25:e7:d8:d8:65:3c:20:5d:62:4b:
                    3b:24:81:2f:0f:9a:44:52:d0:6f:91:14:f6:23:71:
                    5a:8e:69:ec:b7:1c:ca:9c:ab:08:27:30:f3:a6:af:
                    1a:04:34:f6:20:44:1b:38:ce:77:17:6b:8e:fc:e1:
                    f6:63:49:7d:fd:eb:bc:e1:31:de:86:25:ac:02:90:
                    e5:23:e5:64:7b:aa:bf:76:77:58:e4:09:b5:67:81:
                    06:06:a0:21:62:25:ce:f5:0e:6e:01:d6:95:40:f8:
                    9a:bb:7a:04:33:aa:bc:2a:bc:66:98:4f:9f:b4:7d:
                    45:47:28:5c:83:b8:a5:48:21:30:42:b4:c6:03:d1:
                    52:12:05:da:5d:6b:2e:a7:06:71:05:b0:59:f2:94:
                    9a:48:a4:d9:13:57:e1:ed:c8:06:9d:e8:bd:d3:30:
                    87:34:b1:55:14:a2:a3:62:38:6e:c3:6d:47:8e:0e:
                    c5:8d:dd:40:5d:2f:7a:6f:bd:7e:65:b2:7d:1c:35:
                    19:87:25:d7:95:0c:ee:7f:66:3f:72:e1:ab:7d:96:
                    aa:76:2b:19:25:04:bb:c5:c0:3d:f4:e6:40:4a:27:
                    a9:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:14:89:66:0D:31:3B:6F:3C:6B:D8:CF:FB:FD:AD:F4:83:7D:37:3D
            X509v3 Authority Key Identifier:
                keyid:9A:95:58:81:82:72:B9:C5:40:0F:C5:DA:18:81:3A:CC:E9:17:58:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mpVYgYJyucVAD8XaGIE6zOkXWI0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/233d82-938e-4f35-aa48-d4e9cf26ee10/1/mpVYgYJyucVAD8XaGIE6zOkXWI0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/233d82-938e-4f35-aa48-d4e9cf26ee10/1/mpVYgYJyucVAD8XaGIE6zOkXWI0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:a2:01:13:3b:46:cf:4e:3c:11:12:be:34:e7:7f:a9:41:61:
         de:9c:42:bd:a2:b3:ed:96:64:a1:cf:c7:b8:73:3b:c3:b1:c8:
         05:ed:b1:ae:82:83:8f:68:44:ea:03:e1:b9:59:7e:07:d7:82:
         fb:ce:45:e1:6a:d2:76:5b:f1:d9:15:be:00:50:77:1c:05:d3:
         95:bc:51:31:f5:d1:dd:56:8c:07:4e:eb:c5:45:4b:5f:d0:e1:
         0b:e8:3a:f2:ac:ff:10:11:75:40:e3:76:51:e4:2a:1e:c7:9c:
         a0:98:c1:c9:d7:86:b7:fe:44:b5:52:8f:dc:97:cd:a6:0d:d2:
         26:b9:23:81:b1:fa:22:fb:d5:8d:65:75:1f:7b:fa:17:0e:8a:
         44:d3:17:e2:1b:e0:30:fc:24:18:3f:5a:8b:02:84:89:93:91:
         20:93:60:7c:0a:20:10:05:ba:b6:f2:6a:ee:3a:f6:b0:32:95:
         4c:8f:c8:71:f9:64:b8:ff:7a:e5:c5:e5:63:73:6e:88:0a:40:
         e5:c2:a2:7b:36:0b:52:14:72:fe:5c:b8:96:70:08:19:4a:ee:
         24:70:ff:26:30:51:63:b3:fc:10:6f:27:99:c1:f2:b0:ff:c1:
         4d:c9:97:77:d6:df:ce:f2:31:89:f8:17:70:71:1a:01:2f:98:
         2d:7b:b1:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjntZDer6yGPsp3iTyCoEKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhOTU1ODgxODI3MmI5YzU0MDBmYzVkYTE4ODEzYWNjZTkx
NzU4OGQwHhcNMjUwOTA3MTAwMDM2WhcNMjUwOTA4MTAwMDM2WjAzMTEwLwYDVQQD
Eyg1ZjE0ODk2NjBkMzEzYjZmM2M2YmQ4Y2ZmYmZkYWRmNDgzN2QzNzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnXzVt59v6Pnx6Y6y63o3TPdpDcY
jFNP2FxeIBc27c8mDiXn2NhlPCBdYks7JIEvD5pEUtBvkRT2I3FajmnstxzKnKsI
JzDzpq8aBDT2IEQbOM53F2uO/OH2Y0l9/eu84THehiWsApDlI+Vke6q/dndY5Am1
Z4EGBqAhYiXO9Q5uAdaVQPiau3oEM6q8KrxmmE+ftH1FRyhcg7ilSCEwQrTGA9FS
EgXaXWsupwZxBbBZ8pSaSKTZE1fh7cgGnei90zCHNLFVFKKjYjhuw21Hjg7Fjd1A
XS96b71+ZbJ9HDUZhyXXlQzuf2Y/cuGrfZaqdisZJQS7xcA99OZASiepOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF8UiWYNMTtvPGvYz/v9rfSDfTc9MB8GA1UdIwQY
MBaAFJqVWIGCcrnFQA/F2hiBOszpF1iNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXBWWWdZSnl1Y1ZBRDhYYUdJRTZ6T2tYV0kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8yMzNkODItOTM4ZS00ZjM1LWFhNDgt
ZDRlOWNmMjZlZTEwLzEvbXBWWWdZSnl1Y1ZBRDhYYUdJRTZ6T2tYV0kwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8yMzNkODItOTM4ZS00ZjM1LWFhNDgtZDRlOWNmMjZlZTEw
LzEvbXBWWWdZSnl1Y1ZBRDhYYUdJRTZ6T2tYV0kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKqIBEztG
z048ERK+NOd/qUFh3pxCvaKz7ZZkoc/HuHM7w7HIBe2xroKDj2hE6gPhuVl+B9eC
+85F4WrSdlvx2RW+AFB3HAXTlbxRMfXR3VaMB07rxUVLX9DhC+g68qz/EBF1QON2
UeQqHsecoJjBydeGt/5EtVKP3JfNpg3SJrkjgbH6IvvVjWV1H3v6Fw6KRNMX4hvg
MPwkGD9aiwKEiZORIJNgfAogEAW6tvJq7jr2sDKVTI/IcflkuP965cXlY3NuiApA
5cKiezYLUhRy/ly4lnAIGUruJHD/JjBRY7P8EG8nmcHysP/BTcmXd9bfzvIxifgX
cHEaAS+YLXuxRw==
-----END CERTIFICATE-----