Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/063bc3-8c76-475e-b9f1-f0bbbebbd6a9/1/MT2hk1fLxn2n1V-jWqs2lbwE0E8.mft
File:                     MT2hk1fLxn2n1V-jWqs2lbwE0E8.mft (raw, json)
Hash identifier:          pGaNcC7f2z/VptDoVjC1ZBJbUcSRDDmrdo6lNksViEU=
Subject key identifier:   0D:68:65:F5:D1:68:6E:D0:14:43:77:AF:E3:B2:F3:70:FF:7C:AA:2B
Authority key identifier: 31:3D:A1:93:57:CB:C6:7D:A7:D5:5F:A3:5A:AB:36:95:BC:04:D0:4F
Certificate issuer:       /CN=313da19357cbc67da7d55fa35aab3695bc04d04f
Certificate serial:       019921B117C7F7A5F9A3035AF14B07A1AFCC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MT2hk1fLxn2n1V-jWqs2lbwE0E8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/063bc3-8c76-475e-b9f1-f0bbbebbd6a9/1/MT2hk1fLxn2n1V-jWqs2lbwE0E8.mft
Manifest number:          09E0
Signing time:             Sun 07 Sep 2025 01:01:17 +0000
Manifest this update:     Sun 07 Sep 2025 01:01:17 +0000
Manifest next update:     Mon 08 Sep 2025 01:01:17 +0000
Files and hashes:         1: MT2hk1fLxn2n1V-jWqs2lbwE0E8.crl (hash: QqmUk3XqTmMSBR932aCdJAstaZd3IPNp6mvKb9Fa7uY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/063bc3-8c76-475e-b9f1-f0bbbebbd6a9/1/MT2hk1fLxn2n1V-jWqs2lbwE0E8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/063bc3-8c76-475e-b9f1-f0bbbebbd6a9/1/MT2hk1fLxn2n1V-jWqs2lbwE0E8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MT2hk1fLxn2n1V-jWqs2lbwE0E8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b1:17:c7:f7:a5:f9:a3:03:5a:f1:4b:07:a1:af:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=313da19357cbc67da7d55fa35aab3695bc04d04f
        Validity
            Not Before: Sep  7 01:01:17 2025 GMT
            Not After : Sep  8 01:01:17 2025 GMT
        Subject: CN=0d6865f5d1686ed0144377afe3b2f370ff7caa2b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:27:46:c6:66:ed:ea:07:06:23:04:87:bc:24:
                    04:ef:10:45:53:26:21:75:5f:a3:20:55:ba:8b:bc:
                    15:4b:75:ad:86:bf:ea:39:2d:33:a1:a0:31:0b:61:
                    c3:fe:e8:5f:1d:c4:87:37:69:02:84:74:ff:78:bb:
                    d0:d7:4e:b3:4c:0f:d0:f8:77:8a:8e:92:a8:9f:b7:
                    17:fe:fc:8d:20:cc:79:49:29:4b:e8:79:98:2e:b5:
                    70:af:a8:f4:86:de:b0:3c:37:7d:e5:56:a3:af:f4:
                    5f:06:86:2e:01:ec:32:5f:cf:f4:dd:49:79:7e:4d:
                    56:99:cc:e3:d5:80:6c:8c:a8:50:20:fe:21:d5:d1:
                    35:0c:28:44:cb:b2:ae:e7:5e:9d:e8:a1:8e:33:3b:
                    8d:b2:09:0d:d3:a4:d9:d3:ea:e4:3b:4a:07:e2:ab:
                    83:c3:d0:ac:1c:b7:4c:20:95:77:ec:67:9b:d2:60:
                    29:05:51:3a:2c:5d:93:83:51:ba:55:2c:91:d9:ec:
                    16:d0:f2:05:d0:bd:55:be:60:8e:6a:20:6a:78:37:
                    06:ec:31:51:dc:cb:de:46:8d:49:91:57:11:09:05:
                    d8:3a:1b:70:17:06:2b:5c:4b:19:88:aa:3f:dd:46:
                    02:5b:12:ce:2f:f9:d8:31:6a:37:8a:eb:37:5b:51:
                    b8:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:68:65:F5:D1:68:6E:D0:14:43:77:AF:E3:B2:F3:70:FF:7C:AA:2B
            X509v3 Authority Key Identifier:
                keyid:31:3D:A1:93:57:CB:C6:7D:A7:D5:5F:A3:5A:AB:36:95:BC:04:D0:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MT2hk1fLxn2n1V-jWqs2lbwE0E8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/063bc3-8c76-475e-b9f1-f0bbbebbd6a9/1/MT2hk1fLxn2n1V-jWqs2lbwE0E8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/063bc3-8c76-475e-b9f1-f0bbbebbd6a9/1/MT2hk1fLxn2n1V-jWqs2lbwE0E8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:f7:46:1c:26:f0:5f:15:d0:96:13:bd:55:96:a8:63:3e:fc:
         99:fe:bf:7a:b9:80:e3:18:e2:a6:05:23:04:1f:82:2f:7c:dd:
         43:84:7a:ae:2b:f8:e3:51:c9:6e:39:03:e8:59:e9:df:51:a2:
         28:89:0c:f6:12:0d:b7:4d:b5:35:65:17:6a:41:f2:0b:aa:60:
         71:51:02:1d:4e:7d:6b:6e:26:9c:c0:45:e1:b3:2d:f6:7d:ce:
         8e:db:f2:c8:e7:ad:46:58:31:1e:7e:e8:68:54:50:92:5b:2c:
         1d:25:36:d0:db:0b:17:81:3f:24:e9:06:2d:94:6e:e1:ef:6d:
         8c:e2:29:e9:a0:07:d4:ad:3b:b1:ce:14:95:fe:3b:e7:02:4c:
         5a:ec:b9:d3:7b:9f:ae:7b:db:ac:cc:07:af:d2:a9:58:93:15:
         7f:c4:7a:52:8d:5c:db:fa:fe:a0:b6:f2:88:9e:80:3d:d3:04:
         fc:b3:b6:84:8e:62:72:51:4b:3f:7f:45:62:43:b3:c0:a8:58:
         2e:25:2f:eb:8e:a8:f5:9d:b5:80:3b:08:31:7c:18:25:af:75:
         b2:21:b1:01:57:23:62:cc:32:78:96:4b:a8:12:68:bc:d0:4f:
         99:b8:29:64:35:51:9a:e8:25:56:dc:f0:eb:16:69:13:4b:0c:
         44:1d:8b:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsRfH96X5owNa8UsHoa/MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxM2RhMTkzNTdjYmM2N2RhN2Q1NWZhMzVhYWIzNjk1YmMw
NGQwNGYwHhcNMjUwOTA3MDEwMTE3WhcNMjUwOTA4MDEwMTE3WjAzMTEwLwYDVQQD
EygwZDY4NjVmNWQxNjg2ZWQwMTQ0Mzc3YWZlM2IyZjM3MGZmN2NhYTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSdGxmbt6gcGIwSHvCQE7xBFUyYh
dV+jIFW6i7wVS3Wthr/qOS0zoaAxC2HD/uhfHcSHN2kChHT/eLvQ106zTA/Q+HeK
jpKon7cX/vyNIMx5SSlL6HmYLrVwr6j0ht6wPDd95Vajr/RfBoYuAewyX8/03Ul5
fk1Wmczj1YBsjKhQIP4h1dE1DChEy7Ku516d6KGOMzuNsgkN06TZ0+rkO0oH4quD
w9CsHLdMIJV37Geb0mApBVE6LF2Tg1G6VSyR2ewW0PIF0L1VvmCOaiBqeDcG7DFR
3MveRo1JkVcRCQXYOhtwFwYrXEsZiKo/3UYCWxLOL/nYMWo3ius3W1G4awIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA1oZfXRaG7QFEN3r+Oy83D/fKorMB8GA1UdIwQY
MBaAFDE9oZNXy8Z9p9Vfo1qrNpW8BNBPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVQyaGsxZkx4bjJuMVYtaldxczJsYndFMEU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8wNjNiYzMtOGM3Ni00NzVlLWI5ZjEt
ZjBiYmJlYmJkNmE5LzEvTVQyaGsxZkx4bjJuMVYtaldxczJsYndFMEU4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy8wNjNiYzMtOGM3Ni00NzVlLWI5ZjEtZjBiYmJlYmJkNmE5
LzEvTVQyaGsxZkx4bjJuMVYtaldxczJsYndFMEU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgvdGHCbw
XxXQlhO9VZaoYz78mf6/ermA4xjipgUjBB+CL3zdQ4R6riv441HJbjkD6Fnp31Gi
KIkM9hINt021NWUXakHyC6pgcVECHU59a24mnMBF4bMt9n3OjtvyyOetRlgxHn7o
aFRQklssHSU20NsLF4E/JOkGLZRu4e9tjOIp6aAH1K07sc4Ulf475wJMWuy503uf
rnvbrMwHr9KpWJMVf8R6Uo1c2/r+oLbyiJ6APdME/LO2hI5iclFLP39FYkOzwKhY
LiUv646o9Z21gDsIMXwYJa91siGxAVcjYswyeJZLqBJovNBPmbgpZDVRmuglVtzw
6xZpE0sMRB2Leg==
-----END CERTIFICATE-----