Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a57a63-a6b4-4165-9e5e-9c2d044dd4af/1/ScKchYIxItOsfH9IBdWyQocNLeI.mft
File:                     ScKchYIxItOsfH9IBdWyQocNLeI.mft (raw, json)
Hash identifier:          1HnIarfaKSFITY98y1VRB1sU2gntc/7KDfnCzV434w8=
Subject key identifier:   56:13:37:82:9A:BF:0F:64:04:41:11:CA:14:C7:E2:AB:E6:6C:29:C5
Authority key identifier: 49:C2:9C:85:82:31:22:D3:AC:7C:7F:48:05:D5:B2:42:87:0D:2D:E2
Certificate issuer:       /CN=49c29c85823122d3ac7c7f4805d5b242870d2de2
Certificate serial:       019921B1A006B0810BD461E55B56B7016F6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ScKchYIxItOsfH9IBdWyQocNLeI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/a57a63-a6b4-4165-9e5e-9c2d044dd4af/1/ScKchYIxItOsfH9IBdWyQocNLeI.mft
Manifest number:          1406
Signing time:             Sun 07 Sep 2025 01:01:52 +0000
Manifest this update:     Sun 07 Sep 2025 01:01:52 +0000
Manifest next update:     Mon 08 Sep 2025 01:01:52 +0000
Files and hashes:         1: ScKchYIxItOsfH9IBdWyQocNLeI.crl (hash: UpnxpRkddnNDAoWR/O4jRLgLiXPS/WBXESaSPTllam4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/a57a63-a6b4-4165-9e5e-9c2d044dd4af/1/ScKchYIxItOsfH9IBdWyQocNLeI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/a57a63-a6b4-4165-9e5e-9c2d044dd4af/1/ScKchYIxItOsfH9IBdWyQocNLeI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ScKchYIxItOsfH9IBdWyQocNLeI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:01:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b1:a0:06:b0:81:0b:d4:61:e5:5b:56:b7:01:6f:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49c29c85823122d3ac7c7f4805d5b242870d2de2
        Validity
            Not Before: Sep  7 01:01:52 2025 GMT
            Not After : Sep  8 01:01:52 2025 GMT
        Subject: CN=561337829abf0f64044111ca14c7e2abe66c29c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:d6:8b:05:84:fd:57:de:03:f2:c1:f0:01:58:
                    a4:8d:d7:07:69:fb:fa:51:b8:db:fb:c7:c6:15:a4:
                    c7:e1:a0:e7:80:b7:77:44:6e:6d:44:40:3e:26:fc:
                    93:14:71:ea:f9:0d:66:f7:1c:5e:7e:31:7f:c5:3e:
                    9b:ed:3e:a5:48:2e:8f:ef:c2:15:9a:ed:67:ea:11:
                    30:94:64:e3:a3:fe:90:7c:e9:8b:43:ae:84:89:be:
                    0c:30:c3:7d:98:4e:e4:43:ce:d1:f7:fc:da:c5:55:
                    68:cf:67:05:ba:0e:19:50:3f:df:96:a0:5b:c5:65:
                    fe:be:12:b3:1c:f0:15:e8:bb:81:3b:3a:5d:a2:58:
                    88:79:b2:2d:89:90:8f:68:bf:34:db:63:7e:b0:ce:
                    2c:ef:e1:dd:b9:f9:12:5d:30:55:c3:f9:1b:66:ce:
                    db:d6:96:52:fa:f3:75:cb:5a:e5:cf:73:b9:36:1d:
                    d7:b9:5d:0e:10:18:95:b9:35:22:ed:5c:f5:4a:1f:
                    0e:78:3d:b4:2e:5c:33:fa:ff:33:fc:8d:86:39:b1:
                    d9:ca:eb:07:30:76:0c:e8:af:60:2b:98:1c:5c:5e:
                    7a:ab:36:00:e4:08:8c:b8:9c:34:7a:44:5b:87:0c:
                    be:86:bb:42:10:e0:2b:72:a4:a3:be:b7:4d:12:05:
                    58:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:13:37:82:9A:BF:0F:64:04:41:11:CA:14:C7:E2:AB:E6:6C:29:C5
            X509v3 Authority Key Identifier:
                keyid:49:C2:9C:85:82:31:22:D3:AC:7C:7F:48:05:D5:B2:42:87:0D:2D:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ScKchYIxItOsfH9IBdWyQocNLeI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a57a63-a6b4-4165-9e5e-9c2d044dd4af/1/ScKchYIxItOsfH9IBdWyQocNLeI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a57a63-a6b4-4165-9e5e-9c2d044dd4af/1/ScKchYIxItOsfH9IBdWyQocNLeI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:97:2d:1d:6c:3f:82:18:47:3e:03:02:05:53:36:3c:94:ff:
         60:6f:c3:4e:d7:40:b6:f8:3d:74:a1:a0:fb:4b:4b:7b:c5:d7:
         7b:0b:bb:ea:27:e8:1e:13:8d:f9:f7:f5:06:74:1a:04:09:9b:
         8b:92:59:ae:84:fd:42:05:e7:99:47:f3:07:e3:5b:47:ba:d1:
         77:08:7a:14:21:4f:6c:0c:03:97:10:58:8b:cf:05:85:65:28:
         49:93:57:ea:4c:3e:a9:83:ca:ea:c6:b0:5d:f0:5e:00:5f:a3:
         59:3d:9e:6c:0b:14:81:c3:d2:ee:57:4d:70:2d:24:8a:6d:3b:
         e8:91:63:76:e4:86:8e:b7:09:34:b8:a5:a5:0a:fd:42:ac:e0:
         8b:a4:9a:d0:3f:61:db:22:da:50:5f:2c:0b:b4:30:0c:57:13:
         4b:41:1b:bf:50:ac:57:aa:f4:43:e2:c4:9a:9e:05:93:b7:21:
         23:92:21:7f:68:78:d8:0c:8b:e4:2a:b0:87:55:18:69:4c:ae:
         4b:67:8a:f8:1d:69:73:c9:0e:a0:77:13:b1:44:2e:b2:e9:01:
         1f:54:29:27:55:3d:c0:ca:d0:d2:c5:3f:86:74:04:2b:0b:6b:
         a6:18:9a:3d:c9:70:c6:30:2c:f2:c9:b5:7f:05:4d:ec:6f:0c:
         c5:01:57:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsaAGsIEL1GHlW1a3AW9tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5YzI5Yzg1ODIzMTIyZDNhYzdjN2Y0ODA1ZDViMjQyODcw
ZDJkZTIwHhcNMjUwOTA3MDEwMTUyWhcNMjUwOTA4MDEwMTUyWjAzMTEwLwYDVQQD
Eyg1NjEzMzc4MjlhYmYwZjY0MDQ0MTExY2ExNGM3ZTJhYmU2NmMyOWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNaLBYT9V94D8sHwAVikjdcHafv6
Ubjb+8fGFaTH4aDngLd3RG5tREA+JvyTFHHq+Q1m9xxefjF/xT6b7T6lSC6P78IV
mu1n6hEwlGTjo/6QfOmLQ66Eib4MMMN9mE7kQ87R9/zaxVVoz2cFug4ZUD/flqBb
xWX+vhKzHPAV6LuBOzpdoliIebItiZCPaL8022N+sM4s7+HdufkSXTBVw/kbZs7b
1pZS+vN1y1rlz3O5Nh3XuV0OEBiVuTUi7Vz1Sh8OeD20Llwz+v8z/I2GObHZyusH
MHYM6K9gK5gcXF56qzYA5AiMuJw0ekRbhwy+hrtCEOArcqSjvrdNEgVYzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFYTN4Kavw9kBEERyhTH4qvmbCnFMB8GA1UdIwQY
MBaAFEnCnIWCMSLTrHx/SAXVskKHDS3iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2NLY2hZSXhJdE9zZkg5SUJkV3lRb2NOTGVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hNTdhNjMtYTZiNC00MTY1LTllNWUt
OWMyZDA0NGRkNGFmLzEvU2NLY2hZSXhJdE9zZkg5SUJkV3lRb2NOTGVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hNTdhNjMtYTZiNC00MTY1LTllNWUtOWMyZDA0NGRkNGFm
LzEvU2NLY2hZSXhJdE9zZkg5SUJkV3lRb2NOTGVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU5ctHWw/
ghhHPgMCBVM2PJT/YG/DTtdAtvg9dKGg+0tLe8XXewu76ifoHhON+ff1BnQaBAmb
i5JZroT9QgXnmUfzB+NbR7rRdwh6FCFPbAwDlxBYi88FhWUoSZNX6kw+qYPK6saw
XfBeAF+jWT2ebAsUgcPS7ldNcC0kim076JFjduSGjrcJNLilpQr9Qqzgi6Sa0D9h
2yLaUF8sC7QwDFcTS0Ebv1CsV6r0Q+LEmp4Fk7chI5Ihf2h42AyL5Cqwh1UYaUyu
S2eK+B1pc8kOoHcTsUQusukBH1QpJ1U9wMrQ0sU/hnQEKwtrphiaPclwxjAs8sm1
fwVN7G8MxQFXWQ==
-----END CERTIFICATE-----