Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/cbe8e7-5a78-4558-9951-84accecc51f0/1/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.mft
File:                     Ay05zpG-hnz1zhtgCdUmLCi2Ugk.mft (raw, json)
Hash identifier:          bWWsKUD5Kx0hJMvmBoN6ag1b/jiG+SD7Ya5BvQJA5EY=
Subject key identifier:   B4:CD:0E:8F:8F:63:65:E7:22:27:50:DB:BF:91:01:69:DB:1F:BD:01
Authority key identifier: 03:2D:39:CE:91:BE:86:7C:F5:CE:1B:60:09:D5:26:2C:28:B6:52:09
Certificate issuer:       /CN=032d39ce91be867cf5ce1b6009d5262c28b65209
Certificate serial:       019922FA84763A08732A26DACD7947566C51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/cbe8e7-5a78-4558-9951-84accecc51f0/1/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.mft
Manifest number:          166E
Signing time:             Sun 07 Sep 2025 07:01:07 +0000
Manifest this update:     Sun 07 Sep 2025 07:01:07 +0000
Manifest next update:     Mon 08 Sep 2025 07:01:07 +0000
Files and hashes:         1: Ay05zpG-hnz1zhtgCdUmLCi2Ugk.crl (hash: U0O28A37ilI+X5NEdNzi+h4Tgs6En6DJ9xAgPzmq6Y8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/cbe8e7-5a78-4558-9951-84accecc51f0/1/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/cbe8e7-5a78-4558-9951-84accecc51f0/1/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:fa:84:76:3a:08:73:2a:26:da:cd:79:47:56:6c:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=032d39ce91be867cf5ce1b6009d5262c28b65209
        Validity
            Not Before: Sep  7 07:01:07 2025 GMT
            Not After : Sep  8 07:01:07 2025 GMT
        Subject: CN=b4cd0e8f8f6365e7222750dbbf910169db1fbd01
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:a3:c6:53:fe:76:f9:05:ee:4d:a9:80:6c:82:
                    e4:d9:40:d5:74:89:81:89:c9:a0:18:a5:fb:7e:45:
                    24:2b:00:b6:57:eb:42:a9:70:0e:1b:94:cb:64:47:
                    47:6a:fe:44:99:43:4f:04:f1:ca:bb:3d:7c:05:4b:
                    1d:ca:8a:37:eb:57:f7:14:c6:e8:16:a2:92:94:a5:
                    69:b1:40:ee:b2:91:88:02:3d:20:9a:88:54:39:55:
                    4c:ed:24:d1:8f:65:dc:7a:df:fa:1f:d7:36:10:cd:
                    04:41:01:6a:cc:1e:08:b6:d3:20:98:c8:70:ad:fa:
                    dd:8f:aa:d3:7b:9a:7e:d5:b6:4e:0d:a2:83:ca:87:
                    ee:72:99:6d:52:d2:e9:58:5f:6a:9a:64:0f:cf:d1:
                    b7:96:e6:57:d1:2a:d3:55:71:7a:54:89:cb:ff:bb:
                    f9:e0:ff:66:06:4d:d5:c4:d5:fe:f4:bc:c3:4f:a4:
                    e2:e2:03:b3:fe:23:b1:dd:50:07:1a:f4:24:6c:35:
                    17:18:ce:96:d6:8d:ae:ee:57:8d:21:49:11:52:93:
                    46:7b:e3:aa:a2:03:05:25:1e:7b:c3:ce:3a:24:e5:
                    1d:8c:b7:66:e3:59:5a:25:ef:83:e8:de:31:21:00:
                    91:8d:4f:fa:e2:9a:14:db:49:d6:ba:d3:3e:56:08:
                    98:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:CD:0E:8F:8F:63:65:E7:22:27:50:DB:BF:91:01:69:DB:1F:BD:01
            X509v3 Authority Key Identifier:
                keyid:03:2D:39:CE:91:BE:86:7C:F5:CE:1B:60:09:D5:26:2C:28:B6:52:09

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/cbe8e7-5a78-4558-9951-84accecc51f0/1/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/cbe8e7-5a78-4558-9951-84accecc51f0/1/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b5:c1:72:8d:88:86:5f:89:74:2a:53:af:61:90:d9:24:c6:8a:
         c1:43:34:4c:52:81:88:12:12:fc:e0:8a:2f:93:79:3b:57:5a:
         2a:49:ac:1a:c4:93:11:6c:52:13:53:53:c1:23:f7:61:3f:8b:
         f3:8c:77:8f:00:71:49:64:03:e7:55:e4:14:b9:5e:92:26:a4:
         95:84:f3:9b:b0:a7:dc:34:b6:d8:61:93:77:ef:b9:83:31:5e:
         52:7f:2e:86:96:b5:9e:4a:8b:a8:60:81:bd:31:f9:9c:50:3f:
         32:2d:56:44:e4:a9:56:a0:3f:71:4a:4e:e2:3d:3a:01:45:cc:
         7d:64:40:c4:55:f8:55:a1:44:70:16:57:17:30:76:09:aa:8d:
         4a:1c:59:60:ee:d8:0e:99:8a:15:74:8a:92:ea:82:31:ed:6c:
         7d:7a:16:a9:4d:ac:92:09:5d:7b:51:d3:c9:86:61:45:f1:11:
         8e:0f:2c:fc:a9:3c:dc:ca:1a:6a:fb:17:cc:1f:ac:52:93:80:
         d1:25:ce:7a:4d:c9:02:0e:39:b1:e5:fd:7b:f9:5a:ee:14:af:
         80:ac:1c:15:b6:99:a2:09:a1:dd:85:84:61:be:aa:a1:44:60:
         8f:65:83:2a:81:da:4f:52:4e:82:89:56:58:67:ae:2c:e0:06:
         70:b7:ae:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZki+oR2OghzKibazXlHVmxRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMmQzOWNlOTFiZTg2N2NmNWNlMWI2MDA5ZDUyNjJjMjhi
NjUyMDkwHhcNMjUwOTA3MDcwMTA3WhcNMjUwOTA4MDcwMTA3WjAzMTEwLwYDVQQD
EyhiNGNkMGU4ZjhmNjM2NWU3MjIyNzUwZGJiZjkxMDE2OWRiMWZiZDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsaPGU/52+QXuTamAbILk2UDVdImB
icmgGKX7fkUkKwC2V+tCqXAOG5TLZEdHav5EmUNPBPHKuz18BUsdyoo361f3FMbo
FqKSlKVpsUDuspGIAj0gmohUOVVM7STRj2Xcet/6H9c2EM0EQQFqzB4IttMgmMhw
rfrdj6rTe5p+1bZODaKDyofucpltUtLpWF9qmmQPz9G3luZX0SrTVXF6VInL/7v5
4P9mBk3VxNX+9LzDT6Ti4gOz/iOx3VAHGvQkbDUXGM6W1o2u7leNIUkRUpNGe+Oq
ogMFJR57w846JOUdjLdm41laJe+D6N4xIQCRjU/64poU20nWutM+VgiYkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLTNDo+PY2XnIidQ27+RAWnbH70BMB8GA1UdIwQY
MBaAFAMtOc6RvoZ89c4bYAnVJiwotlIJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXkwNXpwRy1obnoxemh0Z0NkVW1MQ2kyVWdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9jYmU4ZTctNWE3OC00NTU4LTk5NTEt
ODRhY2NlY2M1MWYwLzEvQXkwNXpwRy1obnoxemh0Z0NkVW1MQ2kyVWdrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9jYmU4ZTctNWE3OC00NTU4LTk5NTEtODRhY2NlY2M1MWYw
LzEvQXkwNXpwRy1obnoxemh0Z0NkVW1MQ2kyVWdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtcFyjYiG
X4l0KlOvYZDZJMaKwUM0TFKBiBIS/OCKL5N5O1daKkmsGsSTEWxSE1NTwSP3YT+L
84x3jwBxSWQD51XkFLlekiaklYTzm7Cn3DS22GGTd++5gzFeUn8uhpa1nkqLqGCB
vTH5nFA/Mi1WROSpVqA/cUpO4j06AUXMfWRAxFX4VaFEcBZXFzB2CaqNShxZYO7Y
DpmKFXSKkuqCMe1sfXoWqU2skglde1HTyYZhRfERjg8s/Kk83MoaavsXzB+sUpOA
0SXOek3JAg45seX9e/la7hSvgKwcFbaZogmh3YWEYb6qoURgj2WDKoHaT1JOgolW
WGeuLOAGcLeuug==
-----END CERTIFICATE-----