Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft
File:                     MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft (raw, json)
Hash identifier:          ADx2eCMhivwuncHQ5jSbb0Byv309bJ7Hd51yy9/21Ag=
Subject key identifier:   B9:C8:88:4C:57:1B:46:22:08:8F:5B:4D:A1:BA:13:53:34:4D:DB:45
Authority key identifier: 30:AA:B0:2B:65:4E:91:5C:AD:CA:33:92:92:E2:8C:15:C4:7D:F8:58
Certificate issuer:       /CN=30aab02b654e915cadca339292e28c15c47df858
Certificate serial:       019924442D19186FB71F833F8749D0A413CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MKqwK2VOkVytyjOSkuKMFcR9-Fg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft
Manifest number:          04D4
Signing time:             Sun 07 Sep 2025 13:01:11 +0000
Manifest this update:     Sun 07 Sep 2025 13:01:11 +0000
Manifest next update:     Mon 08 Sep 2025 13:01:11 +0000
Files and hashes:         1: MKqwK2VOkVytyjOSkuKMFcR9-Fg.crl (hash: pdzSAfDC7xBN9prdLL6s/K0V//Z3RlgvAD3QbEG6CWk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MKqwK2VOkVytyjOSkuKMFcR9-Fg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:24:44:2d:19:18:6f:b7:1f:83:3f:87:49:d0:a4:13:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30aab02b654e915cadca339292e28c15c47df858
        Validity
            Not Before: Sep  7 13:01:11 2025 GMT
            Not After : Sep  8 13:01:11 2025 GMT
        Subject: CN=b9c8884c571b4622088f5b4da1ba1353344ddb45
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:a9:a2:89:c8:13:ff:40:9e:ae:5a:c0:df:2f:
                    9e:df:1e:4f:c7:5f:ea:f3:3d:93:62:5c:ec:43:fe:
                    4a:4e:a2:01:74:57:0d:88:d3:03:a7:f7:e7:a8:a3:
                    f5:86:73:8b:6e:93:61:12:1b:18:c0:83:62:c9:92:
                    0a:5c:fc:b7:ec:c4:6e:57:9b:57:77:7d:99:04:6a:
                    60:1d:6a:4b:c6:27:d5:92:4a:2c:a6:d8:e7:62:b2:
                    04:97:e5:c2:10:2c:4e:9f:5c:68:18:fc:fe:de:19:
                    99:18:4b:20:91:32:71:8e:1b:72:54:2c:6d:ac:22:
                    b5:85:9c:cf:62:ab:13:df:ee:b4:59:df:64:32:d1:
                    73:9a:02:cf:fe:78:39:86:cf:bf:35:4a:ac:26:ac:
                    ed:9c:83:06:52:f6:59:e8:35:a2:08:2b:dc:f4:f9:
                    3e:9b:ff:2d:6d:e5:ce:eb:19:01:cb:47:16:4a:89:
                    80:e8:11:13:58:2a:63:05:4d:a7:eb:61:bc:54:0b:
                    50:c0:8c:51:8f:36:38:ee:87:7d:2d:eb:f6:33:8e:
                    88:74:38:54:f3:35:34:7c:b7:20:e1:6e:47:f1:9f:
                    21:4c:04:fc:a4:16:b7:99:1b:dc:c3:49:bb:a6:af:
                    7c:c3:ac:11:38:cd:7a:a8:7e:5a:fe:dd:eb:08:a7:
                    24:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:C8:88:4C:57:1B:46:22:08:8F:5B:4D:A1:BA:13:53:34:4D:DB:45
            X509v3 Authority Key Identifier:
                keyid:30:AA:B0:2B:65:4E:91:5C:AD:CA:33:92:92:E2:8C:15:C4:7D:F8:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MKqwK2VOkVytyjOSkuKMFcR9-Fg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:f7:3f:76:f6:60:d2:eb:e9:55:77:b8:08:99:c3:0a:18:93:
         77:cf:91:8f:b7:ca:ab:4c:e9:2e:3c:2c:1f:56:2c:47:5e:6a:
         11:47:ae:a7:27:1f:d7:c1:9d:4a:dd:7f:fa:f0:21:a3:21:fa:
         6b:a5:2f:69:6b:88:35:83:82:15:89:7e:be:99:74:b3:79:2e:
         bf:33:10:0b:bd:4e:61:e3:d1:5f:08:21:c2:7e:9e:04:ff:7b:
         b1:73:30:b8:ee:73:68:45:59:7c:89:28:dd:45:6c:93:7e:e9:
         60:16:88:77:ec:92:ce:59:72:cc:f0:c7:5c:cb:18:e6:df:4a:
         13:b0:13:4f:f6:79:00:db:be:52:24:93:6f:7f:12:85:1b:3a:
         6a:a9:c6:a1:a0:a5:e0:7a:ed:08:fb:63:3f:c9:4c:f2:da:f8:
         da:86:5c:21:fd:a0:d8:e5:28:0b:46:24:8b:d8:de:2b:cd:f1:
         1e:5e:77:fe:2a:5b:59:fd:e2:f7:8d:00:be:34:7b:5b:01:4e:
         4d:1a:d9:eb:31:74:69:99:c0:9a:8e:bd:ec:fa:b6:02:d8:bb:
         d3:cf:7f:65:e2:00:85:0b:5d:c5:78:95:9d:b4:ae:d9:97:41:
         85:1e:fe:22:8c:3e:d1:aa:2d:32:31:50:6e:6f:83:be:41:cb:
         c3:57:a4:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkkRC0ZGG+3H4M/h0nQpBPLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwYWFiMDJiNjU0ZTkxNWNhZGNhMzM5MjkyZTI4YzE1YzQ3
ZGY4NTgwHhcNMjUwOTA3MTMwMTExWhcNMjUwOTA4MTMwMTExWjAzMTEwLwYDVQQD
EyhiOWM4ODg0YzU3MWI0NjIyMDg4ZjViNGRhMWJhMTM1MzM0NGRkYjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6miicgT/0CerlrA3y+e3x5Px1/q
8z2TYlzsQ/5KTqIBdFcNiNMDp/fnqKP1hnOLbpNhEhsYwINiyZIKXPy37MRuV5tX
d32ZBGpgHWpLxifVkkosptjnYrIEl+XCECxOn1xoGPz+3hmZGEsgkTJxjhtyVCxt
rCK1hZzPYqsT3+60Wd9kMtFzmgLP/ng5hs+/NUqsJqztnIMGUvZZ6DWiCCvc9Pk+
m/8tbeXO6xkBy0cWSomA6BETWCpjBU2n62G8VAtQwIxRjzY47od9Lev2M46IdDhU
8zU0fLcg4W5H8Z8hTAT8pBa3mRvcw0m7pq98w6wROM16qH5a/t3rCKckOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLnIiExXG0YiCI9bTaG6E1M0TdtFMB8GA1UdIwQY
MBaAFDCqsCtlTpFcrcozkpLijBXEffhYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUtxd0syVk9rVnl0eWpPU2t1S01GY1I5LUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS85YWZmNTQtNTk3MS00MDJmLWFiNjkt
YTQxOTY3MGQxN2UxLzEvTUtxd0syVk9rVnl0eWpPU2t1S01GY1I5LUZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS85YWZmNTQtNTk3MS00MDJmLWFiNjktYTQxOTY3MGQxN2Ux
LzEvTUtxd0syVk9rVnl0eWpPU2t1S01GY1I5LUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVfc/dvZg
0uvpVXe4CJnDChiTd8+Rj7fKq0zpLjwsH1YsR15qEUeupycf18GdSt1/+vAhoyH6
a6UvaWuINYOCFYl+vpl0s3kuvzMQC71OYePRXwghwn6eBP97sXMwuO5zaEVZfIko
3UVsk37pYBaId+ySzllyzPDHXMsY5t9KE7ATT/Z5ANu+UiSTb38ShRs6aqnGoaCl
4HrtCPtjP8lM8tr42oZcIf2g2OUoC0Yki9jeK83xHl53/ipbWf3i940AvjR7WwFO
TRrZ6zF0aZnAmo697Pq2Ati7089/ZeIAhQtdxXiVnbSu2ZdBhR7+Iow+0aotMjFQ
bm+DvkHLw1ekcA==
-----END CERTIFICATE-----