Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/b4f3d0-b1d1-46be-a190-8e2027695d07/1/ehKIruzRFJyedF-YZT5okK-iU6s.mft
File:                     ehKIruzRFJyedF-YZT5okK-iU6s.mft (raw, json)
Hash identifier:          KPOxNBV3QgsQN0LdFEgyzsLdNlGD9k2NQ8G2k5K/3oE=
Subject key identifier:   76:52:8E:DC:E6:7D:85:E7:5C:CC:58:E2:31:E4:AA:01:73:45:1C:8C
Authority key identifier: 7A:12:88:AE:EC:D1:14:9C:9E:74:5F:98:65:3E:68:90:AF:A2:53:AB
Certificate issuer:       /CN=7a1288aeecd1149c9e745f98653e6890afa253ab
Certificate serial:       019916BEC4166BFF2DB1E0FBE9ECD6CBDA88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ehKIruzRFJyedF-YZT5okK-iU6s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/b4f3d0-b1d1-46be-a190-8e2027695d07/1/ehKIruzRFJyedF-YZT5okK-iU6s.mft
Manifest number:          0159
Signing time:             Thu 04 Sep 2025 22:00:24 +0000
Manifest this update:     Thu 04 Sep 2025 22:00:24 +0000
Manifest next update:     Fri 05 Sep 2025 22:00:24 +0000
Files and hashes:         1: ehKIruzRFJyedF-YZT5okK-iU6s.crl (hash: GDCPsaAVGRQS7gwkRYJlWAbq0Ifq5F+UzmoRn8BhBQA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d5/b4f3d0-b1d1-46be-a190-8e2027695d07/1/ehKIruzRFJyedF-YZT5okK-iU6s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d5/b4f3d0-b1d1-46be-a190-8e2027695d07/1/ehKIruzRFJyedF-YZT5okK-iU6s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ehKIruzRFJyedF-YZT5okK-iU6s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 05 Sep 2025 19:46:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:16:be:c4:16:6b:ff:2d:b1:e0:fb:e9:ec:d6:cb:da:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7a1288aeecd1149c9e745f98653e6890afa253ab
        Validity
            Not Before: Sep  4 22:00:24 2025 GMT
            Not After : Sep  5 22:00:24 2025 GMT
        Subject: CN=76528edce67d85e75ccc58e231e4aa0173451c8c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:38:25:ea:7d:5e:0c:ec:92:ef:85:80:a7:e7:
                    87:a9:2e:8f:a4:77:9a:06:6b:d4:6b:9e:0c:f0:3d:
                    1d:39:35:94:09:68:a8:37:d3:2d:59:cc:a3:af:60:
                    53:b1:ab:45:0d:ef:c6:85:86:19:d6:a3:6d:ce:92:
                    e2:bb:00:1b:99:5b:2b:cb:76:81:70:76:a0:91:0f:
                    a8:7b:60:f2:bf:1f:86:36:b6:ba:7f:30:6f:ce:e8:
                    0f:bb:9b:f0:3e:50:c5:49:ea:a5:11:61:be:b5:7a:
                    7a:8c:d4:34:ac:e6:6b:91:76:7c:6c:ff:5b:89:3d:
                    d2:76:49:5a:fe:e0:31:91:9e:fd:e0:6e:9c:05:09:
                    73:96:d0:b3:4e:fe:60:f9:ca:76:a6:c8:61:5b:76:
                    de:18:1b:32:4f:5a:1e:df:1b:9a:9a:ee:a4:4b:0c:
                    66:97:d8:53:a1:bb:79:92:f4:9e:b8:5d:dd:7f:9e:
                    63:43:63:e1:92:9d:3d:04:5a:80:4d:fd:8b:b1:24:
                    dc:ca:58:ba:98:d6:b5:30:f6:30:24:e1:3b:31:b5:
                    89:7d:68:a0:72:b1:8c:23:c4:fe:18:da:1c:6c:a7:
                    c9:13:f9:6f:e2:1a:77:c4:66:18:2f:c0:25:cc:87:
                    ec:c1:9e:be:05:9b:60:cb:20:71:31:6f:57:93:46:
                    eb:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:52:8E:DC:E6:7D:85:E7:5C:CC:58:E2:31:E4:AA:01:73:45:1C:8C
            X509v3 Authority Key Identifier:
                keyid:7A:12:88:AE:EC:D1:14:9C:9E:74:5F:98:65:3E:68:90:AF:A2:53:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ehKIruzRFJyedF-YZT5okK-iU6s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/b4f3d0-b1d1-46be-a190-8e2027695d07/1/ehKIruzRFJyedF-YZT5okK-iU6s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/b4f3d0-b1d1-46be-a190-8e2027695d07/1/ehKIruzRFJyedF-YZT5okK-iU6s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:db:d1:70:23:e6:67:4e:b4:0c:51:c0:20:55:7e:9f:33:31:
         fc:2d:01:06:dc:3b:ba:bc:cd:75:71:2f:6c:cc:c1:df:0e:10:
         e7:c1:f0:75:d9:9e:72:1f:89:b8:5c:85:e0:0e:e1:a3:0d:d3:
         15:c4:02:df:a4:a3:9d:2c:62:c8:b9:5c:00:4f:f9:23:28:61:
         ee:f3:f8:8a:c5:51:d1:c7:03:b4:d9:a1:53:9f:70:31:5d:54:
         f4:be:da:20:70:05:b4:76:a2:0f:b2:41:c5:b1:b8:fa:c3:a3:
         52:f5:5a:6a:c6:92:d4:04:17:fb:aa:19:e8:dd:d0:d5:70:a8:
         91:eb:a5:f5:41:4b:16:da:e1:99:34:90:6b:74:f2:77:be:59:
         b6:09:91:14:a3:24:8c:bb:73:3f:85:48:03:bc:2c:47:45:1b:
         d4:13:cf:b6:2f:7d:c5:df:48:ef:45:3c:44:26:98:ed:2b:ca:
         a3:10:c1:55:85:57:23:f4:10:10:55:86:33:ce:00:3a:1b:7a:
         38:00:70:1c:96:ab:d2:56:1d:cf:ea:ed:28:2f:e2:36:83:e9:
         7d:1c:20:fd:f7:a9:1e:45:56:5a:9e:f2:37:ee:21:04:da:0f:
         76:8c:2c:11:0b:04:7d:be:d0:03:1d:83:57:8a:5f:c3:3b:84:
         a5:2f:3d:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkWvsQWa/8tseD76ezWy9qIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMTI4OGFlZWNkMTE0OWM5ZTc0NWY5ODY1M2U2ODkwYWZh
MjUzYWIwHhcNMjUwOTA0MjIwMDI0WhcNMjUwOTA1MjIwMDI0WjAzMTEwLwYDVQQD
Eyg3NjUyOGVkY2U2N2Q4NWU3NWNjYzU4ZTIzMWU0YWEwMTczNDUxYzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzgl6n1eDOyS74WAp+eHqS6PpHea
BmvUa54M8D0dOTWUCWioN9MtWcyjr2BTsatFDe/GhYYZ1qNtzpLiuwAbmVsry3aB
cHagkQ+oe2Dyvx+GNra6fzBvzugPu5vwPlDFSeqlEWG+tXp6jNQ0rOZrkXZ8bP9b
iT3Sdkla/uAxkZ794G6cBQlzltCzTv5g+cp2pshhW3beGBsyT1oe3xuamu6kSwxm
l9hTobt5kvSeuF3df55jQ2Phkp09BFqATf2LsSTcyli6mNa1MPYwJOE7MbWJfWig
crGMI8T+GNocbKfJE/lv4hp3xGYYL8AlzIfswZ6+BZtgyyBxMW9Xk0brOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHZSjtzmfYXnXMxY4jHkqgFzRRyMMB8GA1UdIwQY
MBaAFHoSiK7s0RScnnRfmGU+aJCvolOrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWhLSXJ1elJGSnllZEYtWVpUNW9rSy1pVTZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9iNGYzZDAtYjFkMS00NmJlLWExOTAt
OGUyMDI3Njk1ZDA3LzEvZWhLSXJ1elJGSnllZEYtWVpUNW9rSy1pVTZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9iNGYzZDAtYjFkMS00NmJlLWExOTAtOGUyMDI3Njk1ZDA3
LzEvZWhLSXJ1elJGSnllZEYtWVpUNW9rSy1pVTZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAitvRcCPm
Z060DFHAIFV+nzMx/C0BBtw7urzNdXEvbMzB3w4Q58Hwddmech+JuFyF4A7how3T
FcQC36SjnSxiyLlcAE/5Iyhh7vP4isVR0ccDtNmhU59wMV1U9L7aIHAFtHaiD7JB
xbG4+sOjUvVaasaS1AQX+6oZ6N3Q1XCokeul9UFLFtrhmTSQa3Tyd75ZtgmRFKMk
jLtzP4VIA7wsR0Ub1BPPti99xd9I70U8RCaY7SvKoxDBVYVXI/QQEFWGM84AOht6
OABwHJar0lYdz+rtKC/iNoPpfRwg/fepHkVWWp7yN+4hBNoPdowsEQsEfb7QAx2D
V4pfwzuEpS89WA==
-----END CERTIFICATE-----