Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/a30c10-1c2d-478c-9cf8-72255d249c5d/1/obtQVKF8yU__wrwpWhW_74qQQwo.mft
File:                     obtQVKF8yU__wrwpWhW_74qQQwo.mft (raw, json)
Hash identifier:          vH7+a/PJKtEDBz2hsDk8Wr8ymOOaQZSGFobLrpnZm+M=
Subject key identifier:   11:9A:0C:4B:36:7F:3F:6A:66:E1:1F:84:E3:29:A1:50:57:FA:C0:5A
Authority key identifier: A1:BB:50:54:A1:7C:C9:4F:FF:C2:BC:29:5A:15:BF:EF:8A:90:43:0A
Certificate issuer:       /CN=a1bb5054a17cc94fffc2bc295a15bfef8a90430a
Certificate serial:       0199228C8A060CD4156B7B52088DA8F7AFDE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/obtQVKF8yU__wrwpWhW_74qQQwo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/a30c10-1c2d-478c-9cf8-72255d249c5d/1/obtQVKF8yU__wrwpWhW_74qQQwo.mft
Manifest number:          0686
Signing time:             Sun 07 Sep 2025 05:00:59 +0000
Manifest this update:     Sun 07 Sep 2025 05:00:59 +0000
Manifest next update:     Mon 08 Sep 2025 05:00:59 +0000
Files and hashes:         1: obtQVKF8yU__wrwpWhW_74qQQwo.crl (hash: DDobjAKAdDN2bc0/esL31PeyEeNW8wfPwMJg19vAneI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e9/a30c10-1c2d-478c-9cf8-72255d249c5d/1/obtQVKF8yU__wrwpWhW_74qQQwo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e9/a30c10-1c2d-478c-9cf8-72255d249c5d/1/obtQVKF8yU__wrwpWhW_74qQQwo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/obtQVKF8yU__wrwpWhW_74qQQwo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:8c:8a:06:0c:d4:15:6b:7b:52:08:8d:a8:f7:af:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1bb5054a17cc94fffc2bc295a15bfef8a90430a
        Validity
            Not Before: Sep  7 05:00:59 2025 GMT
            Not After : Sep  8 05:00:59 2025 GMT
        Subject: CN=119a0c4b367f3f6a66e11f84e329a15057fac05a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:c3:9e:8e:67:81:3e:3d:e4:4f:4c:95:c3:de:
                    4a:c5:7a:05:aa:15:48:1c:30:93:9c:18:78:30:79:
                    9b:e2:f5:df:1e:54:fa:ac:64:92:78:a6:53:ca:a6:
                    56:2b:ab:29:47:51:37:9a:1b:18:75:3b:ff:76:63:
                    91:3d:4a:b0:eb:9e:11:66:60:5c:46:46:48:15:d0:
                    c7:6b:d9:31:11:02:25:0d:ad:4f:4d:94:2b:5f:e5:
                    9a:9c:ca:c5:bd:b9:f7:85:fe:7f:c6:28:5f:c1:14:
                    db:b2:b7:bb:0b:61:53:cf:78:50:8f:18:18:e4:e9:
                    05:db:eb:2b:34:81:74:2f:4c:cd:e8:06:4e:f0:3c:
                    7f:cb:6d:bf:36:ac:d7:f7:ed:28:db:1b:e1:bb:93:
                    9a:1c:3e:dd:ff:d5:a4:a2:91:b5:e7:73:43:a2:e8:
                    87:dc:ef:a1:bf:df:cf:e2:3d:3a:36:fe:c8:85:68:
                    71:ea:cd:78:6a:e2:cc:7f:32:3a:9b:83:4f:ea:f5:
                    88:13:b7:96:82:76:95:08:03:b7:5a:18:ff:12:4d:
                    4b:18:c9:fb:72:37:de:24:7e:e2:ae:33:6c:33:8b:
                    e4:40:48:e5:0e:e6:0b:97:22:f6:78:1e:ab:4c:35:
                    76:63:dd:79:48:ae:f3:dd:c9:0d:43:79:5b:51:34:
                    d6:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:9A:0C:4B:36:7F:3F:6A:66:E1:1F:84:E3:29:A1:50:57:FA:C0:5A
            X509v3 Authority Key Identifier:
                keyid:A1:BB:50:54:A1:7C:C9:4F:FF:C2:BC:29:5A:15:BF:EF:8A:90:43:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/obtQVKF8yU__wrwpWhW_74qQQwo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/a30c10-1c2d-478c-9cf8-72255d249c5d/1/obtQVKF8yU__wrwpWhW_74qQQwo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/a30c10-1c2d-478c-9cf8-72255d249c5d/1/obtQVKF8yU__wrwpWhW_74qQQwo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:27:04:48:74:7e:d2:05:25:1c:b6:49:31:50:a4:1a:c8:4e:
         c2:27:34:e3:b3:7c:98:2c:8b:b3:ac:35:a4:f3:4e:fd:7f:4a:
         aa:f3:6a:36:88:c2:b8:d7:73:6b:14:60:1f:a0:c8:ac:33:ad:
         64:e1:60:30:b0:85:a7:54:bb:db:d7:0e:ca:71:82:d3:54:2f:
         9b:ed:be:de:fa:ac:42:00:13:b2:58:92:0e:8d:27:49:b0:fc:
         f6:86:11:ef:0b:dc:5e:e8:c8:68:55:c8:8e:01:58:b4:54:8b:
         33:07:53:bf:2e:17:5b:52:b2:45:59:20:15:4b:79:85:eb:1c:
         3f:0b:4f:ea:87:be:5a:39:ec:3a:64:58:c0:50:05:0b:df:1b:
         c6:25:88:ed:dd:2b:c6:e1:1e:99:3a:51:8e:c9:6a:d9:c0:c4:
         a0:b8:bb:c4:a4:63:d0:f7:95:a3:54:5f:61:21:e9:73:ff:f5:
         4e:14:8c:ca:bf:fd:c8:21:8a:ed:24:18:cf:86:e0:d5:d9:17:
         c4:61:f4:3d:e2:58:ea:ac:86:b2:32:85:ae:f5:47:78:16:4e:
         c4:c8:cb:84:34:d0:14:e6:f7:f3:7a:45:f7:d0:07:01:66:54:
         ed:b5:80:eb:3e:28:89:7e:11:10:af:9e:77:77:b1:3d:3b:f8:
         10:da:8f:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkijIoGDNQVa3tSCI2o96/eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExYmI1MDU0YTE3Y2M5NGZmZmMyYmMyOTVhMTViZmVmOGE5
MDQzMGEwHhcNMjUwOTA3MDUwMDU5WhcNMjUwOTA4MDUwMDU5WjAzMTEwLwYDVQQD
EygxMTlhMGM0YjM2N2YzZjZhNjZlMTFmODRlMzI5YTE1MDU3ZmFjMDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzcOejmeBPj3kT0yVw95KxXoFqhVI
HDCTnBh4MHmb4vXfHlT6rGSSeKZTyqZWK6spR1E3mhsYdTv/dmORPUqw654RZmBc
RkZIFdDHa9kxEQIlDa1PTZQrX+WanMrFvbn3hf5/xihfwRTbsre7C2FTz3hQjxgY
5OkF2+srNIF0L0zN6AZO8Dx/y22/NqzX9+0o2xvhu5OaHD7d/9WkopG153NDouiH
3O+hv9/P4j06Nv7IhWhx6s14auLMfzI6m4NP6vWIE7eWgnaVCAO3Whj/Ek1LGMn7
cjfeJH7irjNsM4vkQEjlDuYLlyL2eB6rTDV2Y915SK7z3ckNQ3lbUTTWdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBGaDEs2fz9qZuEfhOMpoVBX+sBaMB8GA1UdIwQY
MBaAFKG7UFShfMlP/8K8KVoVv++KkEMKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2J0UVZLRjh5VV9fd3J3cFdoV183NHFRUXdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9hMzBjMTAtMWMyZC00NzhjLTljZjgt
NzIyNTVkMjQ5YzVkLzEvb2J0UVZLRjh5VV9fd3J3cFdoV183NHFRUXdvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9hMzBjMTAtMWMyZC00NzhjLTljZjgtNzIyNTVkMjQ5YzVk
LzEvb2J0UVZLRjh5VV9fd3J3cFdoV183NHFRUXdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAECcESHR+
0gUlHLZJMVCkGshOwic047N8mCyLs6w1pPNO/X9KqvNqNojCuNdzaxRgH6DIrDOt
ZOFgMLCFp1S729cOynGC01Qvm+2+3vqsQgATsliSDo0nSbD89oYR7wvcXujIaFXI
jgFYtFSLMwdTvy4XW1KyRVkgFUt5hescPwtP6oe+WjnsOmRYwFAFC98bxiWI7d0r
xuEemTpRjslq2cDEoLi7xKRj0PeVo1RfYSHpc//1ThSMyr/9yCGK7SQYz4bg1dkX
xGH0PeJY6qyGsjKFrvVHeBZOxMjLhDTQFOb383pF99AHAWZU7bWA6z4oiX4REK+e
d3exPTv4ENqPvw==
-----END CERTIFICATE-----