Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/a35d37-7447-4cf4-982f-50f398bb26e9/1/_yBr0QgxynN4dWteFhc4lqYLAZE.mft
File:                     _yBr0QgxynN4dWteFhc4lqYLAZE.mft (raw, json)
Hash identifier:          Z13uBAfjr+PkJDZUw23byMVqa5rLHB1rtvD7VKast24=
Subject key identifier:   E2:53:FE:07:7D:98:1F:CC:35:B3:43:86:3D:EC:CD:CC:9E:37:C9:7B
Authority key identifier: FF:20:6B:D1:08:31:CA:73:78:75:6B:5E:16:17:38:96:A6:0B:01:91
Certificate issuer:       /CN=ff206bd10831ca7378756b5e16173896a60b0191
Certificate serial:       019921B0CC1AD247959B33F735EDAF1CCF7D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_yBr0QgxynN4dWteFhc4lqYLAZE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f6/a35d37-7447-4cf4-982f-50f398bb26e9/1/_yBr0QgxynN4dWteFhc4lqYLAZE.mft
Manifest number:          0E30
Signing time:             Sun 07 Sep 2025 01:00:58 +0000
Manifest this update:     Sun 07 Sep 2025 01:00:58 +0000
Manifest next update:     Mon 08 Sep 2025 01:00:58 +0000
Files and hashes:         1: _yBr0QgxynN4dWteFhc4lqYLAZE.crl (hash: ThNY7jtoArISp5ZrvogxrWePgvpw2zL72v1sLQbpB7g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f6/a35d37-7447-4cf4-982f-50f398bb26e9/1/_yBr0QgxynN4dWteFhc4lqYLAZE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f6/a35d37-7447-4cf4-982f-50f398bb26e9/1/_yBr0QgxynN4dWteFhc4lqYLAZE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_yBr0QgxynN4dWteFhc4lqYLAZE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b0:cc:1a:d2:47:95:9b:33:f7:35:ed:af:1c:cf:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff206bd10831ca7378756b5e16173896a60b0191
        Validity
            Not Before: Sep  7 01:00:58 2025 GMT
            Not After : Sep  8 01:00:58 2025 GMT
        Subject: CN=e253fe077d981fcc35b343863deccdcc9e37c97b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fe:74:1f:7f:0c:14:e4:cd:f1:1e:5a:55:49:d4:
                    61:0c:24:9d:b9:ea:b6:99:81:19:0d:a1:3f:7a:9f:
                    6f:6a:62:c5:02:8b:9d:ee:68:58:dc:71:26:5b:c7:
                    6c:12:07:c1:1d:aa:1a:b8:4a:16:29:50:5e:ce:91:
                    4b:00:7f:50:16:d4:89:98:7b:2a:f4:8f:98:54:ee:
                    94:83:0f:2a:6b:95:34:bf:7a:d5:0c:11:3a:c0:f9:
                    a6:8f:02:8d:62:96:21:57:71:5d:3f:b6:f0:6d:a1:
                    1f:3a:58:84:4d:d5:7e:98:81:6d:a3:cd:06:45:1d:
                    59:8d:7f:43:fc:32:1b:20:35:ab:7b:2c:e7:b3:3a:
                    19:c2:80:57:8f:9c:93:08:94:4d:b3:ec:eb:21:d8:
                    e4:98:20:a8:18:10:02:b2:9f:0f:e6:81:b5:52:78:
                    41:e4:e4:2d:17:e2:30:0d:9a:52:c5:36:2e:0f:99:
                    42:c2:fe:0b:21:85:d7:9d:b2:24:33:2d:4d:72:82:
                    a0:8d:6d:8a:df:50:38:5f:e1:69:70:fc:e5:12:c8:
                    ed:25:9c:31:41:f6:9d:55:eb:2b:e4:4c:e4:78:fc:
                    76:2f:6e:74:20:c2:61:96:bb:70:34:27:58:92:da:
                    00:cf:ca:b1:cf:54:82:f0:9e:46:b6:11:64:a9:10:
                    98:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:53:FE:07:7D:98:1F:CC:35:B3:43:86:3D:EC:CD:CC:9E:37:C9:7B
            X509v3 Authority Key Identifier:
                keyid:FF:20:6B:D1:08:31:CA:73:78:75:6B:5E:16:17:38:96:A6:0B:01:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_yBr0QgxynN4dWteFhc4lqYLAZE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/a35d37-7447-4cf4-982f-50f398bb26e9/1/_yBr0QgxynN4dWteFhc4lqYLAZE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/a35d37-7447-4cf4-982f-50f398bb26e9/1/_yBr0QgxynN4dWteFhc4lqYLAZE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:70:e2:9d:f6:fc:a5:22:29:21:39:60:13:f1:d0:89:f4:26:
         e2:75:c1:68:81:7f:d5:52:89:bc:bc:c0:d8:48:9f:99:7f:16:
         a4:5b:1f:0b:6b:fc:0b:d2:26:9b:39:37:c9:df:b4:be:ef:77:
         fe:5b:f4:af:04:78:7d:95:82:5a:f6:47:47:c9:1b:11:d1:28:
         f3:3f:8d:09:04:cd:8f:e0:e5:f0:7d:46:65:86:48:74:49:f2:
         94:8b:af:14:d5:f3:ea:7f:14:d2:8c:c2:28:b5:a0:35:84:2c:
         ce:ae:13:96:96:41:65:5e:37:4a:89:14:9a:58:c3:fc:3a:69:
         9b:c8:08:07:16:02:a1:68:6f:5d:57:c7:16:28:10:36:ce:5c:
         9a:96:08:d7:c6:26:a3:cc:19:19:b3:a1:97:60:12:9c:20:0f:
         b6:bd:6e:6a:f4:38:29:78:ba:e2:f6:b6:64:b5:c3:c6:00:56:
         da:03:2e:b7:99:72:0d:3e:56:7b:27:20:05:97:30:76:2e:8e:
         c3:0a:29:d9:9c:3c:d0:d8:dd:13:cc:98:41:f7:30:5c:03:3e:
         b5:55:cd:62:a9:e9:22:af:8f:e1:05:f5:e0:8d:a5:23:55:79:
         f6:3e:fd:bc:49:ab:71:6b:6f:8e:5b:ca:64:ab:6d:29:16:82:
         c4:8e:2a:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsMwa0keVmzP3Ne2vHM99MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMjA2YmQxMDgzMWNhNzM3ODc1NmI1ZTE2MTczODk2YTYw
YjAxOTEwHhcNMjUwOTA3MDEwMDU4WhcNMjUwOTA4MDEwMDU4WjAzMTEwLwYDVQQD
EyhlMjUzZmUwNzdkOTgxZmNjMzViMzQzODYzZGVjY2RjYzllMzdjOTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/nQffwwU5M3xHlpVSdRhDCSdueq2
mYEZDaE/ep9vamLFAoud7mhY3HEmW8dsEgfBHaoauEoWKVBezpFLAH9QFtSJmHsq
9I+YVO6Ugw8qa5U0v3rVDBE6wPmmjwKNYpYhV3FdP7bwbaEfOliETdV+mIFto80G
RR1ZjX9D/DIbIDWreyznszoZwoBXj5yTCJRNs+zrIdjkmCCoGBACsp8P5oG1UnhB
5OQtF+IwDZpSxTYuD5lCwv4LIYXXnbIkMy1NcoKgjW2K31A4X+FpcPzlEsjtJZwx
QfadVesr5EzkePx2L250IMJhlrtwNCdYktoAz8qxz1SC8J5GthFkqRCYawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOJT/gd9mB/MNbNDhj3szcyeN8l7MB8GA1UdIwQY
MBaAFP8ga9EIMcpzeHVrXhYXOJamCwGRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3lCcjBRZ3h5bk40ZFd0ZUZoYzRscVlMQVpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9hMzVkMzctNzQ0Ny00Y2Y0LTk4MmYt
NTBmMzk4YmIyNmU5LzEvX3lCcjBRZ3h5bk40ZFd0ZUZoYzRscVlMQVpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9hMzVkMzctNzQ0Ny00Y2Y0LTk4MmYtNTBmMzk4YmIyNmU5
LzEvX3lCcjBRZ3h5bk40ZFd0ZUZoYzRscVlMQVpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALXDinfb8
pSIpITlgE/HQifQm4nXBaIF/1VKJvLzA2EifmX8WpFsfC2v8C9Immzk3yd+0vu93
/lv0rwR4fZWCWvZHR8kbEdEo8z+NCQTNj+Dl8H1GZYZIdEnylIuvFNXz6n8U0ozC
KLWgNYQszq4TlpZBZV43SokUmljD/Dppm8gIBxYCoWhvXVfHFigQNs5cmpYI18Ym
o8wZGbOhl2ASnCAPtr1uavQ4KXi64va2ZLXDxgBW2gMut5lyDT5WeycgBZcwdi6O
wwop2Zw80NjdE8yYQfcwXAM+tVXNYqnpIq+P4QX14I2lI1V59j79vEmrcWtvjlvK
ZKttKRaCxI4qIQ==
-----END CERTIFICATE-----