Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.mft
File:                     9lb6GLEZw6Scu8xWpgRXQ5pEks4.mft (raw, json)
Hash identifier:          T2Re83Gfx95rn6LbDHUCyrIgG8a2ESUxQdA83+dlxDk=
Subject key identifier:   CA:C4:43:37:A2:51:F0:3C:46:8E:2A:9C:F7:44:F0:62:05:C2:24:66
Authority key identifier: F6:56:FA:18:B1:19:C3:A4:9C:BB:CC:56:A6:04:57:43:9A:44:92:CE
Certificate issuer:       /CN=f656fa18b119c3a49cbbcc56a60457439a4492ce
Certificate serial:       0199240D68A82EAF60511469D4C38E902D78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9lb6GLEZw6Scu8xWpgRXQ5pEks4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.mft
Manifest number:          15FE
Signing time:             Sun 07 Sep 2025 12:01:22 +0000
Manifest this update:     Sun 07 Sep 2025 12:01:22 +0000
Manifest next update:     Mon 08 Sep 2025 12:01:22 +0000
Files and hashes:         1: 9lb6GLEZw6Scu8xWpgRXQ5pEks4.crl (hash: YPi0AOPjd3JQac6FLHvCRrMFqFrLayZ7x/ay3CEfEjA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9lb6GLEZw6Scu8xWpgRXQ5pEks4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:24:0d:68:a8:2e:af:60:51:14:69:d4:c3:8e:90:2d:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f656fa18b119c3a49cbbcc56a60457439a4492ce
        Validity
            Not Before: Sep  7 12:01:22 2025 GMT
            Not After : Sep  8 12:01:22 2025 GMT
        Subject: CN=cac44337a251f03c468e2a9cf744f06205c22466
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:0b:ab:94:d3:d2:3f:86:1d:c0:33:de:fb:7c:
                    dd:28:c1:8f:74:12:8b:ae:67:9e:d7:15:b9:ff:c9:
                    7d:17:24:00:df:c5:c8:c8:ba:3c:a8:b9:9e:de:99:
                    ff:ea:2b:52:1c:f1:56:46:3d:c0:10:0d:8b:7b:96:
                    a2:69:60:a4:73:43:a6:d0:0c:43:35:82:6d:86:f3:
                    07:8e:9a:02:61:78:42:82:4a:92:a2:e2:c0:05:d6:
                    f9:46:24:13:0b:33:82:ad:d9:0a:71:4b:07:0f:3e:
                    21:bd:10:fd:ac:cf:15:56:ce:58:30:47:75:16:ef:
                    ea:63:bb:ad:ca:75:4e:84:96:08:6b:cb:a2:5b:b9:
                    07:96:d2:3c:3b:5e:f3:4f:23:b8:ec:8c:c0:6a:a6:
                    b7:a8:20:e3:7f:6b:15:a7:fa:8e:96:c8:35:40:6b:
                    cd:00:40:6e:ae:2d:d9:53:99:4c:b2:2b:58:f9:09:
                    3d:45:fb:83:50:13:a9:19:7e:38:22:8b:c7:76:42:
                    20:21:52:20:02:fd:f0:7e:74:df:b2:de:7a:b7:d8:
                    b1:63:96:4e:dc:8e:9a:da:5e:21:3e:09:48:0c:09:
                    85:e7:cc:c5:c1:2b:02:16:a5:78:07:bd:55:31:ba:
                    41:17:03:fa:aa:3d:7f:ff:dd:e2:4b:36:59:16:14:
                    d2:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:C4:43:37:A2:51:F0:3C:46:8E:2A:9C:F7:44:F0:62:05:C2:24:66
            X509v3 Authority Key Identifier:
                keyid:F6:56:FA:18:B1:19:C3:A4:9C:BB:CC:56:A6:04:57:43:9A:44:92:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9lb6GLEZw6Scu8xWpgRXQ5pEks4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:fc:e7:75:24:85:b3:c3:a4:0b:c1:5e:70:d2:92:0a:c7:fc:
         15:d5:70:f1:57:9d:45:84:94:d7:6a:76:fa:fb:3c:b3:ba:a3:
         e3:f4:9e:91:3e:e6:79:88:7f:b6:ac:38:cf:f0:af:3d:91:6b:
         06:40:4c:22:44:8e:f5:e5:37:2b:81:ae:b2:4f:52:57:73:c8:
         df:d2:92:06:12:54:d4:60:7f:37:36:b9:2e:7a:42:38:90:40:
         a2:95:4a:82:e3:54:c9:5b:1c:d5:22:0a:cf:7b:83:87:c2:1e:
         b4:a4:df:60:ae:4a:df:35:0b:16:55:e8:c0:ed:18:87:00:2c:
         3d:41:ec:33:34:49:09:ca:57:3d:af:ac:7b:66:84:4c:36:5d:
         70:be:e4:17:7b:99:92:41:fc:ca:18:ff:dc:34:2e:ba:e9:f0:
         7a:dd:e8:bd:9b:f9:2e:d3:30:4a:ff:da:8b:61:3e:79:c7:e4:
         0b:51:47:9e:14:b7:cd:6d:41:29:06:6b:37:b7:f1:0a:1c:31:
         cf:02:a8:80:1d:b2:8b:0c:f2:cc:5a:9e:3c:0f:2d:80:b6:cf:
         cf:8e:73:d6:6f:82:28:a8:8a:d4:02:6a:38:e8:d2:e0:e1:66:
         8f:aa:8e:4a:cf:82:b1:5a:2e:c2:75:3a:09:8c:45:75:60:1c:
         5f:90:15:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkkDWioLq9gURRp1MOOkC14MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2NTZmYTE4YjExOWMzYTQ5Y2JiY2M1NmE2MDQ1NzQzOWE0
NDkyY2UwHhcNMjUwOTA3MTIwMTIyWhcNMjUwOTA4MTIwMTIyWjAzMTEwLwYDVQQD
EyhjYWM0NDMzN2EyNTFmMDNjNDY4ZTJhOWNmNzQ0ZjA2MjA1YzIyNDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwAurlNPSP4YdwDPe+3zdKMGPdBKL
rmee1xW5/8l9FyQA38XIyLo8qLme3pn/6itSHPFWRj3AEA2Le5aiaWCkc0Om0AxD
NYJthvMHjpoCYXhCgkqSouLABdb5RiQTCzOCrdkKcUsHDz4hvRD9rM8VVs5YMEd1
Fu/qY7utynVOhJYIa8uiW7kHltI8O17zTyO47IzAaqa3qCDjf2sVp/qOlsg1QGvN
AEBuri3ZU5lMsitY+Qk9RfuDUBOpGX44IovHdkIgIVIgAv3wfnTfst56t9ixY5ZO
3I6a2l4hPglIDAmF58zFwSsCFqV4B71VMbpBFwP6qj1//93iSzZZFhTSnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMrEQzeiUfA8Ro4qnPdE8GIFwiRmMB8GA1UdIwQY
MBaAFPZW+hixGcOknLvMVqYEV0OaRJLOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWxiNkdMRVp3NlNjdTh4V3BnUlhRNXBFa3M0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9mMmQzYTItYjE0YS00MTFhLTg2Mjkt
YzkyMGYxNjQ2YzljLzEvOWxiNkdMRVp3NlNjdTh4V3BnUlhRNXBFa3M0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9mMmQzYTItYjE0YS00MTFhLTg2MjktYzkyMGYxNjQ2Yzlj
LzEvOWxiNkdMRVp3NlNjdTh4V3BnUlhRNXBFa3M0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiPzndSSF
s8OkC8FecNKSCsf8FdVw8VedRYSU12p2+vs8s7qj4/SekT7meYh/tqw4z/CvPZFr
BkBMIkSO9eU3K4Gusk9SV3PI39KSBhJU1GB/Nza5LnpCOJBAopVKguNUyVsc1SIK
z3uDh8IetKTfYK5K3zULFlXowO0YhwAsPUHsMzRJCcpXPa+se2aETDZdcL7kF3uZ
kkH8yhj/3DQuuunwet3ovZv5LtMwSv/ai2E+ecfkC1FHnhS3zW1BKQZrN7fxChwx
zwKogB2yiwzyzFqePA8tgLbPz45z1m+CKKiK1AJqOOjS4OFmj6qOSs+CsVouwnU6
CYxFdWAcX5AVEw==
-----END CERTIFICATE-----