Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/ff50ec-b12d-4798-89fa-22d1bcfa1eda/1/g76BmaF8rKps1S15QSNtpuVuG-o.mft
File:                     g76BmaF8rKps1S15QSNtpuVuG-o.mft (raw, json)
Hash identifier:          4t8CdCvEhHufNEovCoU5zy+Hb6FzUIa2VZOKRoIRitY=
Subject key identifier:   88:52:E5:F3:58:A0:AA:75:52:B6:AB:26:B8:79:3F:2A:64:93:C6:E9
Authority key identifier: 83:BE:81:99:A1:7C:AC:AA:6C:D5:2D:79:41:23:6D:A6:E5:6E:1B:EA
Certificate issuer:       /CN=83be8199a17cacaa6cd52d7941236da6e56e1bea
Certificate serial:       0199239F2BF333CFB7972698371A175360CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/g76BmaF8rKps1S15QSNtpuVuG-o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/ff50ec-b12d-4798-89fa-22d1bcfa1eda/1/g76BmaF8rKps1S15QSNtpuVuG-o.mft
Manifest number:          09F6
Signing time:             Sun 07 Sep 2025 10:00:57 +0000
Manifest this update:     Sun 07 Sep 2025 10:00:57 +0000
Manifest next update:     Mon 08 Sep 2025 10:00:57 +0000
Files and hashes:         1: g76BmaF8rKps1S15QSNtpuVuG-o.crl (hash: zLhUKMhwHZyVTMjXORwOtGi0hhTGUxvfWjdb3AefQbY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/ff50ec-b12d-4798-89fa-22d1bcfa1eda/1/g76BmaF8rKps1S15QSNtpuVuG-o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/ff50ec-b12d-4798-89fa-22d1bcfa1eda/1/g76BmaF8rKps1S15QSNtpuVuG-o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/g76BmaF8rKps1S15QSNtpuVuG-o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:2b:f3:33:cf:b7:97:26:98:37:1a:17:53:60:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=83be8199a17cacaa6cd52d7941236da6e56e1bea
        Validity
            Not Before: Sep  7 10:00:57 2025 GMT
            Not After : Sep  8 10:00:57 2025 GMT
        Subject: CN=8852e5f358a0aa7552b6ab26b8793f2a6493c6e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:74:aa:b6:cb:a1:bc:b0:3b:01:4e:b8:bc:32:
                    42:6d:2c:50:45:8f:4d:b0:cf:7c:1e:79:49:1c:07:
                    1e:85:ec:b0:1a:aa:db:b1:b3:27:42:4d:7b:a8:7e:
                    ec:62:43:52:a1:86:ed:f5:ef:3b:69:4e:fe:5c:a0:
                    69:27:35:cc:ae:fd:84:c5:43:78:20:4a:44:eb:c4:
                    ae:00:2f:0f:ae:e0:32:16:eb:bd:2c:f4:2e:b8:66:
                    f2:3e:cc:ab:88:a2:a4:4f:a0:89:22:6e:2c:06:c6:
                    ee:22:b9:96:58:10:aa:b6:92:a7:62:07:06:94:b5:
                    35:c8:ff:fd:20:ae:e4:d1:59:a3:fa:be:30:bf:71:
                    97:a0:51:b3:a4:30:e4:3b:cb:32:4c:09:16:16:32:
                    81:5c:20:b7:19:71:32:6d:81:c6:36:84:ab:db:ec:
                    09:25:f9:79:03:71:9c:78:18:47:8c:f2:81:4b:cb:
                    3e:f2:88:16:30:24:09:b2:6a:a6:25:bc:01:b6:9d:
                    46:47:54:c0:b8:dd:21:34:b4:d2:94:f9:b9:30:19:
                    f6:ac:ff:d0:41:b8:99:f6:cd:95:bc:55:51:51:43:
                    91:10:22:4b:cf:a8:ed:6c:f6:50:30:e3:a8:6f:9b:
                    75:1f:60:ef:a0:4b:7b:15:62:3d:62:5a:57:06:2e:
                    72:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:52:E5:F3:58:A0:AA:75:52:B6:AB:26:B8:79:3F:2A:64:93:C6:E9
            X509v3 Authority Key Identifier:
                keyid:83:BE:81:99:A1:7C:AC:AA:6C:D5:2D:79:41:23:6D:A6:E5:6E:1B:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g76BmaF8rKps1S15QSNtpuVuG-o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ff50ec-b12d-4798-89fa-22d1bcfa1eda/1/g76BmaF8rKps1S15QSNtpuVuG-o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ff50ec-b12d-4798-89fa-22d1bcfa1eda/1/g76BmaF8rKps1S15QSNtpuVuG-o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:85:f1:65:73:2c:45:63:ed:a2:e1:e5:cd:e7:b4:9f:61:3b:
         3d:94:4a:3d:4d:81:a6:fe:fb:6f:c2:6d:d2:0d:4e:12:b9:18:
         ee:75:26:13:71:20:cd:7e:4d:d7:ab:25:31:f4:fb:6d:12:6c:
         d5:33:c8:d0:32:30:7f:d9:b5:41:71:d1:bd:df:f9:c0:4a:0f:
         78:8b:00:64:df:ff:0d:96:67:50:4f:25:0d:22:8b:95:dd:6a:
         b5:0f:29:f6:63:f7:4a:aa:b7:9f:5f:c3:e4:c7:73:f5:74:c7:
         f6:2f:5b:9f:23:44:5c:49:66:c8:85:20:ee:4b:5c:3a:d7:cd:
         cc:9a:cc:6e:a9:dc:87:de:2c:b8:88:b9:ad:7c:c7:e8:1b:bb:
         05:97:84:26:0b:47:b5:59:85:e2:00:11:df:9d:3b:02:18:26:
         02:bb:5f:e8:d5:35:1e:c3:da:7a:8a:55:b6:a9:3d:74:c4:f3:
         e3:46:49:91:5e:72:5b:d9:3c:bd:f5:ec:ee:75:83:ac:49:7c:
         4c:41:99:d6:86:ce:60:fd:2d:1e:94:3a:dd:42:1b:9c:47:65:
         24:62:1b:ac:59:c8:d0:2b:63:c7:84:c5:16:76:ce:99:98:df:
         1b:2e:17:e3:4d:72:a9:54:ff:d7:50:02:51:51:96:92:63:52:
         e7:b1:9b:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjnyvzM8+3lyaYNxoXU2DMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzYmU4MTk5YTE3Y2FjYWE2Y2Q1MmQ3OTQxMjM2ZGE2ZTU2
ZTFiZWEwHhcNMjUwOTA3MTAwMDU3WhcNMjUwOTA4MTAwMDU3WjAzMTEwLwYDVQQD
Eyg4ODUyZTVmMzU4YTBhYTc1NTJiNmFiMjZiODc5M2YyYTY0OTNjNmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA23SqtsuhvLA7AU64vDJCbSxQRY9N
sM98HnlJHAceheywGqrbsbMnQk17qH7sYkNSoYbt9e87aU7+XKBpJzXMrv2ExUN4
IEpE68SuAC8PruAyFuu9LPQuuGbyPsyriKKkT6CJIm4sBsbuIrmWWBCqtpKnYgcG
lLU1yP/9IK7k0Vmj+r4wv3GXoFGzpDDkO8syTAkWFjKBXCC3GXEybYHGNoSr2+wJ
Jfl5A3GceBhHjPKBS8s+8ogWMCQJsmqmJbwBtp1GR1TAuN0hNLTSlPm5MBn2rP/Q
QbiZ9s2VvFVRUUORECJLz6jtbPZQMOOob5t1H2DvoEt7FWI9YlpXBi5y3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIhS5fNYoKp1UrarJrh5Pypkk8bpMB8GA1UdIwQY
MBaAFIO+gZmhfKyqbNUteUEjbablbhvqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzc2Qm1hRjhyS3BzMVMxNVFTTnRwdVZ1Ry1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9mZjUwZWMtYjEyZC00Nzk4LTg5ZmEt
MjJkMWJjZmExZWRhLzEvZzc2Qm1hRjhyS3BzMVMxNVFTTnRwdVZ1Ry1vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9mZjUwZWMtYjEyZC00Nzk4LTg5ZmEtMjJkMWJjZmExZWRh
LzEvZzc2Qm1hRjhyS3BzMVMxNVFTTnRwdVZ1Ry1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM4XxZXMs
RWPtouHlzee0n2E7PZRKPU2Bpv77b8Jt0g1OErkY7nUmE3EgzX5N16slMfT7bRJs
1TPI0DIwf9m1QXHRvd/5wEoPeIsAZN//DZZnUE8lDSKLld1qtQ8p9mP3Sqq3n1/D
5Mdz9XTH9i9bnyNEXElmyIUg7ktcOtfNzJrMbqnch94suIi5rXzH6Bu7BZeEJgtH
tVmF4gAR3507AhgmArtf6NU1HsPaeopVtqk9dMTz40ZJkV5yW9k8vfXs7nWDrEl8
TEGZ1obOYP0tHpQ63UIbnEdlJGIbrFnI0Ctjx4TFFnbOmZjfGy4X401yqVT/11AC
UVGWkmNS57GbRg==
-----END CERTIFICATE-----