Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/2d4858-dbcf-46d1-86d3-0c867457692b/1/RGMFqaHfoG26hXtD8N6eYi9JUaM.mft
File:                     RGMFqaHfoG26hXtD8N6eYi9JUaM.mft (raw, json)
Hash identifier:          4FnkIEcHqFPUrPYLGYfoSdxACUqXYUA3deNhx5Wts2w=
Subject key identifier:   49:A3:85:88:AA:15:E1:95:3D:57:EC:AF:DF:48:7C:87:00:5B:A3:DE
Authority key identifier: 44:63:05:A9:A1:DF:A0:6D:BA:85:7B:43:F0:DE:9E:62:2F:49:51:A3
Certificate issuer:       /CN=446305a9a1dfa06dba857b43f0de9e622f4951a3
Certificate serial:       019921B113C3F2FC441917066A717578D16C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RGMFqaHfoG26hXtD8N6eYi9JUaM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/2d4858-dbcf-46d1-86d3-0c867457692b/1/RGMFqaHfoG26hXtD8N6eYi9JUaM.mft
Manifest number:          0AFF
Signing time:             Sun 07 Sep 2025 01:01:17 +0000
Manifest this update:     Sun 07 Sep 2025 01:01:17 +0000
Manifest next update:     Mon 08 Sep 2025 01:01:17 +0000
Files and hashes:         1: RGMFqaHfoG26hXtD8N6eYi9JUaM.crl (hash: AIhXYwe3jK0PyMuMwDkEWxxO468gPqA09tm2QY1negk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f1/2d4858-dbcf-46d1-86d3-0c867457692b/1/RGMFqaHfoG26hXtD8N6eYi9JUaM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f1/2d4858-dbcf-46d1-86d3-0c867457692b/1/RGMFqaHfoG26hXtD8N6eYi9JUaM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RGMFqaHfoG26hXtD8N6eYi9JUaM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b1:13:c3:f2:fc:44:19:17:06:6a:71:75:78:d1:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=446305a9a1dfa06dba857b43f0de9e622f4951a3
        Validity
            Not Before: Sep  7 01:01:17 2025 GMT
            Not After : Sep  8 01:01:17 2025 GMT
        Subject: CN=49a38588aa15e1953d57ecafdf487c87005ba3de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:fa:7f:e6:7c:57:a5:f7:6f:6f:c3:34:96:da:
                    4e:4e:f4:0a:e8:8e:f3:e1:fc:5f:23:36:8b:7b:00:
                    40:84:d8:97:5b:99:99:56:53:89:58:3e:76:d6:9e:
                    47:5e:3d:4a:21:78:d4:31:93:9c:76:e7:d9:9f:24:
                    cd:d1:d1:13:67:4c:68:d5:b2:49:4e:d0:a0:41:9a:
                    25:c6:97:f4:05:15:93:22:41:0a:e1:2d:0f:6c:f8:
                    36:13:4a:61:10:c8:4c:f6:ae:15:06:1a:d6:6b:f0:
                    52:d9:90:82:f4:e4:12:22:a9:5a:e6:09:ce:06:1b:
                    62:06:4a:c9:da:38:3b:d1:49:5b:0e:6e:8e:cd:e0:
                    7f:f4:1e:34:bc:af:51:82:8d:ce:cc:15:65:51:58:
                    03:78:5e:76:70:9c:56:95:c0:1a:cc:d8:b7:e5:d1:
                    68:fe:9a:80:f1:8c:d4:0d:db:1b:65:f8:ea:e7:7a:
                    1c:fb:0e:1c:36:10:0a:24:f3:b6:b2:e9:62:ae:1d:
                    d8:eb:41:00:59:c0:d2:15:c8:d3:3e:d4:ee:d2:4e:
                    77:5e:4f:e2:bd:0f:19:78:3b:09:a2:82:c1:73:d8:
                    8b:93:40:4a:45:68:02:9a:34:6c:10:ac:7b:01:1d:
                    f8:cd:02:f7:2a:57:0d:f4:ee:5b:c7:ef:49:51:bd:
                    6a:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:A3:85:88:AA:15:E1:95:3D:57:EC:AF:DF:48:7C:87:00:5B:A3:DE
            X509v3 Authority Key Identifier:
                keyid:44:63:05:A9:A1:DF:A0:6D:BA:85:7B:43:F0:DE:9E:62:2F:49:51:A3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RGMFqaHfoG26hXtD8N6eYi9JUaM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/2d4858-dbcf-46d1-86d3-0c867457692b/1/RGMFqaHfoG26hXtD8N6eYi9JUaM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/2d4858-dbcf-46d1-86d3-0c867457692b/1/RGMFqaHfoG26hXtD8N6eYi9JUaM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:7f:2e:1c:6c:02:aa:10:19:d1:6d:76:53:32:de:80:ce:40:
         03:ff:c7:c4:7e:1c:84:d9:74:45:d3:a2:69:1c:49:af:f6:c1:
         c0:11:d8:f2:cd:6a:7b:57:be:86:a7:f7:59:33:c7:00:c7:f2:
         32:38:c6:eb:60:d7:c5:e6:47:f2:c0:6e:94:69:01:09:d3:d1:
         75:ee:11:ba:d3:f1:59:4f:92:80:e0:0f:cc:ef:54:2d:aa:bb:
         e2:d2:97:2b:51:be:31:63:00:e2:71:3c:7e:4e:d7:a8:f9:55:
         c4:e9:12:54:89:dc:16:1f:48:9a:39:c8:cd:11:92:a4:a1:75:
         d5:47:af:6e:25:0c:45:c3:b2:89:76:a0:36:3e:ab:b5:b0:77:
         47:4e:d8:e3:55:94:19:29:c9:52:a0:b3:ff:21:e5:69:55:7c:
         47:f0:a0:70:9c:fa:b8:8b:e4:d4:12:4e:ba:0b:0b:1d:bd:c5:
         c9:d0:5a:28:83:79:e3:99:bf:0b:70:79:9b:9a:3e:81:16:aa:
         3d:73:d6:91:3e:08:9c:d3:a7:80:41:68:c0:d0:f2:a7:be:ea:
         6e:8d:cc:3e:98:2a:f2:45:74:59:f4:41:98:34:ae:86:f5:f7:
         4d:48:4a:ad:e7:48:a5:4f:ac:9b:af:53:b3:8a:86:f5:69:50:
         76:e3:89:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsRPD8vxEGRcGanF1eNFsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NjMwNWE5YTFkZmEwNmRiYTg1N2I0M2YwZGU5ZTYyMmY0
OTUxYTMwHhcNMjUwOTA3MDEwMTE3WhcNMjUwOTA4MDEwMTE3WjAzMTEwLwYDVQQD
Eyg0OWEzODU4OGFhMTVlMTk1M2Q1N2VjYWZkZjQ4N2M4NzAwNWJhM2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfp/5nxXpfdvb8M0ltpOTvQK6I7z
4fxfIzaLewBAhNiXW5mZVlOJWD521p5HXj1KIXjUMZOcdufZnyTN0dETZ0xo1bJJ
TtCgQZolxpf0BRWTIkEK4S0PbPg2E0phEMhM9q4VBhrWa/BS2ZCC9OQSIqla5gnO
BhtiBkrJ2jg70UlbDm6OzeB/9B40vK9Rgo3OzBVlUVgDeF52cJxWlcAazNi35dFo
/pqA8YzUDdsbZfjq53oc+w4cNhAKJPO2sulirh3Y60EAWcDSFcjTPtTu0k53Xk/i
vQ8ZeDsJooLBc9iLk0BKRWgCmjRsEKx7AR34zQL3KlcN9O5bx+9JUb1qnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEmjhYiqFeGVPVfsr99IfIcAW6PeMB8GA1UdIwQY
MBaAFERjBamh36BtuoV7Q/DenmIvSVGjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkdNRnFhSGZvRzI2aFh0RDhONmVZaTlKVWFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8yZDQ4NTgtZGJjZi00NmQxLTg2ZDMt
MGM4Njc0NTc2OTJiLzEvUkdNRnFhSGZvRzI2aFh0RDhONmVZaTlKVWFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8yZDQ4NTgtZGJjZi00NmQxLTg2ZDMtMGM4Njc0NTc2OTJi
LzEvUkdNRnFhSGZvRzI2aFh0RDhONmVZaTlKVWFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd38uHGwC
qhAZ0W12UzLegM5AA//HxH4chNl0RdOiaRxJr/bBwBHY8s1qe1e+hqf3WTPHAMfy
MjjG62DXxeZH8sBulGkBCdPRde4RutPxWU+SgOAPzO9ULaq74tKXK1G+MWMA4nE8
fk7XqPlVxOkSVIncFh9ImjnIzRGSpKF11UevbiUMRcOyiXagNj6rtbB3R07Y41WU
GSnJUqCz/yHlaVV8R/CgcJz6uIvk1BJOugsLHb3FydBaKIN545m/C3B5m5o+gRaq
PXPWkT4InNOngEFowNDyp77qbo3MPpgq8kV0WfRBmDSuhvX3TUhKredIpU+sm69T
s4qG9WlQduOJdA==
-----END CERTIFICATE-----