Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft
File:                     xAqOocjcM7gpD-vTTkU4vZWXROg.mft (raw, json)
Hash identifier:          IkcwOVRyjrSPbSgAyouUlejuJfOpIQWIjexNtjhIdJQ=
Subject key identifier:   29:3D:22:99:A3:A5:4A:27:0E:E5:28:67:95:3F:40:18:AC:FA:62:63
Authority key identifier: C4:0A:8E:A1:C8:DC:33:B8:29:0F:EB:D3:4E:45:38:BD:95:97:44:E8
Certificate issuer:       /CN=c40a8ea1c8dc33b8290febd34e4538bd959744e8
Certificate serial:       0199240C8534B514E535C563E8884D9BAB7F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xAqOocjcM7gpD-vTTkU4vZWXROg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft
Manifest number:          1602
Signing time:             Sun 07 Sep 2025 12:00:24 +0000
Manifest this update:     Sun 07 Sep 2025 12:00:24 +0000
Manifest next update:     Mon 08 Sep 2025 12:00:24 +0000
Files and hashes:         1: xAqOocjcM7gpD-vTTkU4vZWXROg.crl (hash: 3vUKOSR5vB2mZY529SCG018ePRgDoaSjYopQcT2v7zM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xAqOocjcM7gpD-vTTkU4vZWXROg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:24:0c:85:34:b5:14:e5:35:c5:63:e8:88:4d:9b:ab:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c40a8ea1c8dc33b8290febd34e4538bd959744e8
        Validity
            Not Before: Sep  7 12:00:24 2025 GMT
            Not After : Sep  8 12:00:24 2025 GMT
        Subject: CN=293d2299a3a54a270ee52867953f4018acfa6263
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:31:10:80:da:50:68:ea:5a:91:d8:9f:57:ed:
                    71:86:e5:a2:84:85:e5:b3:69:62:ef:34:e5:0f:16:
                    09:0a:1b:53:6a:b9:fe:de:9d:98:9f:ed:c7:a8:65:
                    73:2f:6e:b8:88:71:b9:7a:77:ae:22:aa:54:38:f8:
                    16:13:6a:d4:5f:1e:59:b6:80:1c:fc:1d:7a:1f:97:
                    c6:ba:24:a9:2f:39:07:ca:c6:4a:df:63:92:20:2e:
                    ad:97:4b:ed:69:56:cf:77:8e:e6:f2:0e:64:96:e1:
                    08:c6:50:ab:29:15:59:12:dc:bc:c2:9b:8d:53:67:
                    25:64:19:06:5c:f2:c2:64:e8:20:0f:91:d8:65:c5:
                    df:3f:8e:ed:61:ff:b7:64:82:e3:2a:4c:c3:19:b2:
                    45:79:6d:fd:ea:12:f7:37:86:e4:fe:76:01:ce:48:
                    b7:79:78:78:cd:16:8c:c2:ec:de:87:7f:90:87:f8:
                    5a:19:37:36:c2:34:36:3a:2d:52:5f:d0:6b:dd:83:
                    85:39:87:ac:e6:5f:01:19:66:3a:16:9a:f3:61:11:
                    a9:0d:df:27:12:e9:37:9d:6d:5f:48:5c:37:17:66:
                    28:a1:04:25:93:36:8f:10:e9:b3:0f:c7:23:35:61:
                    98:f8:64:b1:76:66:d4:50:22:87:2e:0c:8c:b8:88:
                    7c:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:3D:22:99:A3:A5:4A:27:0E:E5:28:67:95:3F:40:18:AC:FA:62:63
            X509v3 Authority Key Identifier:
                keyid:C4:0A:8E:A1:C8:DC:33:B8:29:0F:EB:D3:4E:45:38:BD:95:97:44:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xAqOocjcM7gpD-vTTkU4vZWXROg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:33:84:7c:c9:61:81:5b:1b:03:07:07:2f:b6:e2:0b:53:d2:
         d0:f1:ef:40:0b:0d:2c:08:b8:fa:50:c2:28:2b:b5:ee:09:00:
         b4:a7:e3:0b:be:29:98:1c:fa:ab:0d:0d:84:ea:56:32:36:38:
         e2:43:1e:6a:43:3c:5c:2b:22:c2:54:b9:23:f2:97:9b:f5:8d:
         c8:85:50:79:94:56:e5:26:c8:bf:95:06:26:6a:2d:00:c8:59:
         75:9b:a2:1c:11:73:58:63:c3:c2:34:c6:43:c4:7a:c2:38:31:
         11:76:91:be:bc:6a:c4:38:d0:b7:65:26:2d:4e:80:ef:92:7a:
         aa:9a:82:dc:2e:8b:9b:26:c5:bf:19:8e:74:f5:35:d4:f3:7f:
         80:0e:29:b0:c5:e9:1e:e6:d4:f6:85:47:02:17:26:7f:99:59:
         c3:f2:64:76:f8:5e:8f:39:68:5f:3c:2e:b1:7b:39:a3:75:9a:
         a7:ea:98:d9:e0:5d:d6:d2:6b:3e:b0:f6:ec:b8:ac:27:a0:6f:
         83:ed:be:60:b7:e4:1e:c1:b3:99:57:a2:ef:7c:a4:56:91:df:
         f9:45:8d:b0:78:07:ab:8b:7b:f1:1c:64:a9:27:1f:8d:d5:e7:
         03:ee:cf:66:89:d5:f8:51:71:c4:b5:0c:6b:bc:31:28:82:d7:
         3d:33:78:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkkDIU0tRTlNcVj6IhNm6t/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MGE4ZWExYzhkYzMzYjgyOTBmZWJkMzRlNDUzOGJkOTU5
NzQ0ZTgwHhcNMjUwOTA3MTIwMDI0WhcNMjUwOTA4MTIwMDI0WjAzMTEwLwYDVQQD
EygyOTNkMjI5OWEzYTU0YTI3MGVlNTI4Njc5NTNmNDAxOGFjZmE2MjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1DEQgNpQaOpakdifV+1xhuWihIXl
s2li7zTlDxYJChtTarn+3p2Yn+3HqGVzL264iHG5eneuIqpUOPgWE2rUXx5ZtoAc
/B16H5fGuiSpLzkHysZK32OSIC6tl0vtaVbPd47m8g5kluEIxlCrKRVZEty8wpuN
U2clZBkGXPLCZOggD5HYZcXfP47tYf+3ZILjKkzDGbJFeW396hL3N4bk/nYBzki3
eXh4zRaMwuzeh3+Qh/haGTc2wjQ2Oi1SX9Br3YOFOYes5l8BGWY6FprzYRGpDd8n
Euk3nW1fSFw3F2YooQQlkzaPEOmzD8cjNWGY+GSxdmbUUCKHLgyMuIh8zQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCk9IpmjpUonDuUoZ5U/QBis+mJjMB8GA1UdIwQY
MBaAFMQKjqHI3DO4KQ/r005FOL2Vl0ToMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEFxT29jamNNN2dwRC12VFRrVTR2WldYUk9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9lOThiZjctYzVjOC00NTYxLTk3ZTgt
ZTEzMTYwYWMzZTIzLzEveEFxT29jamNNN2dwRC12VFRrVTR2WldYUk9nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9lOThiZjctYzVjOC00NTYxLTk3ZTgtZTEzMTYwYWMzZTIz
LzEveEFxT29jamNNN2dwRC12VFRrVTR2WldYUk9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAijOEfMlh
gVsbAwcHL7biC1PS0PHvQAsNLAi4+lDCKCu17gkAtKfjC74pmBz6qw0NhOpWMjY4
4kMeakM8XCsiwlS5I/KXm/WNyIVQeZRW5SbIv5UGJmotAMhZdZuiHBFzWGPDwjTG
Q8R6wjgxEXaRvrxqxDjQt2UmLU6A75J6qpqC3C6LmybFvxmOdPU11PN/gA4psMXp
HubU9oVHAhcmf5lZw/JkdvhejzloXzwusXs5o3Wap+qY2eBd1tJrPrD27LisJ6Bv
g+2+YLfkHsGzmVei73ykVpHf+UWNsHgHq4t78RxkqScfjdXnA+7PZonV+FFxxLUM
a7wxKILXPTN4hQ==
-----END CERTIFICATE-----