Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/c25444-2671-4ad2-9050-baa59ece2b63/1/ew1GxYIsrZJT6lOhAPPZNiJK5oc.mft
File:                     ew1GxYIsrZJT6lOhAPPZNiJK5oc.mft (raw, json)
Hash identifier:          nPBCG0czeaxs2kcipnpW/UetwS0szKPElplZDq1EJ0M=
Subject key identifier:   32:DA:53:CC:91:2B:9A:FB:EF:62:68:C8:18:9B:C6:65:86:A4:B3:95
Authority key identifier: 7B:0D:46:C5:82:2C:AD:92:53:EA:53:A1:00:F3:D9:36:22:4A:E6:87
Certificate issuer:       /CN=7b0d46c5822cad9253ea53a100f3d936224ae687
Certificate serial:       019922FAC2F45A8CB65965D31B37FFE81E9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ew1GxYIsrZJT6lOhAPPZNiJK5oc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/c25444-2671-4ad2-9050-baa59ece2b63/1/ew1GxYIsrZJT6lOhAPPZNiJK5oc.mft
Manifest number:          04A2
Signing time:             Sun 07 Sep 2025 07:01:23 +0000
Manifest this update:     Sun 07 Sep 2025 07:01:23 +0000
Manifest next update:     Mon 08 Sep 2025 07:01:23 +0000
Files and hashes:         1: ew1GxYIsrZJT6lOhAPPZNiJK5oc.crl (hash: xptEWN5t2UMJh77G3ky2fZPv84iwxVaN8lAfNp6OSMw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/c25444-2671-4ad2-9050-baa59ece2b63/1/ew1GxYIsrZJT6lOhAPPZNiJK5oc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/c25444-2671-4ad2-9050-baa59ece2b63/1/ew1GxYIsrZJT6lOhAPPZNiJK5oc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ew1GxYIsrZJT6lOhAPPZNiJK5oc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:fa:c2:f4:5a:8c:b6:59:65:d3:1b:37:ff:e8:1e:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7b0d46c5822cad9253ea53a100f3d936224ae687
        Validity
            Not Before: Sep  7 07:01:23 2025 GMT
            Not After : Sep  8 07:01:23 2025 GMT
        Subject: CN=32da53cc912b9afbef6268c8189bc66586a4b395
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:6f:6d:45:2c:34:af:62:58:ff:3e:b5:21:8c:
                    85:cb:38:19:c2:8d:bd:42:95:19:ae:55:5e:9e:e6:
                    18:9e:f7:10:fe:25:78:cc:b7:3f:69:68:8b:54:aa:
                    85:9b:2d:00:9d:23:9f:7d:2f:d9:a4:47:8e:72:73:
                    1d:be:29:ca:3b:de:e8:da:39:93:6f:fa:4d:7d:51:
                    23:6d:9d:38:f2:03:18:82:0f:54:37:c4:73:22:bc:
                    b5:41:cb:c1:24:85:95:de:de:4f:8e:49:8d:61:98:
                    82:f5:26:7a:f5:c3:e0:4b:0b:d2:d4:c3:cd:19:64:
                    7f:9a:df:49:c9:98:e7:e1:e6:3a:67:aa:1c:bb:9f:
                    d8:6e:31:2f:88:b1:4a:a8:a1:93:92:43:d8:41:f2:
                    b1:2f:d6:c6:3e:e7:83:21:c0:09:76:48:d4:af:8a:
                    d9:42:f3:c2:d3:73:2a:0e:79:c0:c4:65:8c:37:c0:
                    20:36:f9:39:36:50:94:16:02:87:b1:39:be:c9:74:
                    26:9d:e8:a8:3e:7f:49:24:33:f2:06:3c:d4:ad:46:
                    28:51:6a:68:cb:86:e9:3a:bf:34:51:4f:1c:72:94:
                    45:90:fb:ad:88:23:a4:7c:ad:50:07:7c:59:21:05:
                    60:a3:2f:07:77:4b:44:36:5c:ff:57:c7:9f:ee:78:
                    ff:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:DA:53:CC:91:2B:9A:FB:EF:62:68:C8:18:9B:C6:65:86:A4:B3:95
            X509v3 Authority Key Identifier:
                keyid:7B:0D:46:C5:82:2C:AD:92:53:EA:53:A1:00:F3:D9:36:22:4A:E6:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ew1GxYIsrZJT6lOhAPPZNiJK5oc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/c25444-2671-4ad2-9050-baa59ece2b63/1/ew1GxYIsrZJT6lOhAPPZNiJK5oc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/c25444-2671-4ad2-9050-baa59ece2b63/1/ew1GxYIsrZJT6lOhAPPZNiJK5oc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:76:b9:bc:73:19:c2:8a:dc:09:11:1c:ca:3d:3e:25:d8:88:
         d5:a0:69:85:bc:0a:47:6c:2d:3e:40:55:bd:5c:de:c9:50:20:
         c6:bb:1c:34:41:5d:1c:fe:57:47:46:17:cc:ec:ba:60:ae:b2:
         75:11:73:a8:7c:32:7c:88:38:e9:c1:76:15:e9:45:e7:b6:66:
         a3:c1:7c:c3:8d:f6:ad:00:e7:d2:9c:b3:ad:5c:8a:13:07:4d:
         d8:14:60:b3:0b:d4:f9:58:8c:14:9a:4c:53:9d:1a:63:d3:e1:
         81:6e:6d:83:93:79:09:8a:a4:fc:c1:0a:43:a8:6a:b9:62:0e:
         44:d8:10:99:6b:3c:48:12:b5:70:1a:3c:db:a4:4a:1c:bb:a4:
         02:1c:be:db:9d:8f:0f:34:d3:9c:e3:5b:3d:7b:5c:c0:41:3f:
         cb:4e:00:95:97:60:26:9c:a5:97:32:a0:e9:32:bc:9e:4b:d1:
         e2:c1:33:45:c7:1c:77:cb:6a:a9:c4:6a:62:43:98:a2:ca:1f:
         35:66:2a:88:e4:20:6e:e9:43:72:dd:8a:8c:3e:17:9d:a2:15:
         53:ce:ae:9a:2a:48:81:b4:55:e7:63:f7:e7:a3:fc:84:07:fe:
         83:c1:d6:08:20:bf:ea:de:8f:f1:70:be:34:9a:43:d9:12:36:
         3a:de:bf:8b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZki+sL0Woy2WWXTGzf/6B6fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiMGQ0NmM1ODIyY2FkOTI1M2VhNTNhMTAwZjNkOTM2MjI0
YWU2ODcwHhcNMjUwOTA3MDcwMTIzWhcNMjUwOTA4MDcwMTIzWjAzMTEwLwYDVQQD
EygzMmRhNTNjYzkxMmI5YWZiZWY2MjY4YzgxODliYzY2NTg2YTRiMzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo29tRSw0r2JY/z61IYyFyzgZwo29
QpUZrlVenuYYnvcQ/iV4zLc/aWiLVKqFmy0AnSOffS/ZpEeOcnMdvinKO97o2jmT
b/pNfVEjbZ048gMYgg9UN8RzIry1QcvBJIWV3t5PjkmNYZiC9SZ69cPgSwvS1MPN
GWR/mt9JyZjn4eY6Z6ocu5/YbjEviLFKqKGTkkPYQfKxL9bGPueDIcAJdkjUr4rZ
QvPC03MqDnnAxGWMN8AgNvk5NlCUFgKHsTm+yXQmneioPn9JJDPyBjzUrUYoUWpo
y4bpOr80UU8ccpRFkPutiCOkfK1QB3xZIQVgoy8Hd0tENlz/V8ef7nj/fwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDLaU8yRK5r772JoyBibxmWGpLOVMB8GA1UdIwQY
MBaAFHsNRsWCLK2SU+pToQDz2TYiSuaHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXcxR3hZSXNyWkpUNmxPaEFQUFpOaUpLNW9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9jMjU0NDQtMjY3MS00YWQyLTkwNTAt
YmFhNTllY2UyYjYzLzEvZXcxR3hZSXNyWkpUNmxPaEFQUFpOaUpLNW9jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9jMjU0NDQtMjY3MS00YWQyLTkwNTAtYmFhNTllY2UyYjYz
LzEvZXcxR3hZSXNyWkpUNmxPaEFQUFpOaUpLNW9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnna5vHMZ
worcCREcyj0+JdiI1aBphbwKR2wtPkBVvVzeyVAgxrscNEFdHP5XR0YXzOy6YK6y
dRFzqHwyfIg46cF2FelF57Zmo8F8w432rQDn0pyzrVyKEwdN2BRgswvU+ViMFJpM
U50aY9PhgW5tg5N5CYqk/MEKQ6hquWIORNgQmWs8SBK1cBo826RKHLukAhy+252P
DzTTnONbPXtcwEE/y04AlZdgJpyllzKg6TK8nkvR4sEzRcccd8tqqcRqYkOYosof
NWYqiOQgbulDct2KjD4XnaIVU86umipIgbRV52P356P8hAf+g8HWCCC/6t6P8XC+
NJpD2RI2Ot6/iw==
-----END CERTIFICATE-----