Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/a1f0a0-439d-4266-a3db-e6b1e986f95f/1/iqR9CPyFIT30_aLPlWG45ovCc9w.mft
File:                     iqR9CPyFIT30_aLPlWG45ovCc9w.mft (raw, json)
Hash identifier:          /eneJVIL9IU4r0IYGhMJzkidZhYE4hjq/eGkaey5bn4=
Subject key identifier:   B0:A0:A3:05:08:03:5C:7C:59:11:5A:36:A8:63:57:2E:50:85:B4:70
Authority key identifier: 8A:A4:7D:08:FC:85:21:3D:F4:FD:A2:CF:95:61:B8:E6:8B:C2:73:DC
Certificate issuer:       /CN=8aa47d08fc85213df4fda2cf9561b8e68bc273dc
Certificate serial:       0198D4A840DE929309EE5360344139ABA279
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iqR9CPyFIT30_aLPlWG45ovCc9w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/a1f0a0-439d-4266-a3db-e6b1e986f95f/1/iqR9CPyFIT30_aLPlWG45ovCc9w.mft
Manifest number:          0AD9
Signing time:             Sat 23 Aug 2025 02:00:53 +0000
Manifest this update:     Sat 23 Aug 2025 02:00:53 +0000
Manifest next update:     Sun 24 Aug 2025 02:00:53 +0000
Files and hashes:         1: iqR9CPyFIT30_aLPlWG45ovCc9w.crl (hash: 2GxbxH6evqEP10oaFT0qQgsR3tK4Q2j9rtgD+ZVsdPE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0b/a1f0a0-439d-4266-a3db-e6b1e986f95f/1/iqR9CPyFIT30_aLPlWG45ovCc9w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0b/a1f0a0-439d-4266-a3db-e6b1e986f95f/1/iqR9CPyFIT30_aLPlWG45ovCc9w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iqR9CPyFIT30_aLPlWG45ovCc9w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 02:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:a8:40:de:92:93:09:ee:53:60:34:41:39:ab:a2:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8aa47d08fc85213df4fda2cf9561b8e68bc273dc
        Validity
            Not Before: Aug 23 02:00:53 2025 GMT
            Not After : Aug 24 02:00:53 2025 GMT
        Subject: CN=b0a0a30508035c7c59115a36a863572e5085b470
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:82:b8:36:af:85:b8:6d:d5:14:73:87:99:b3:
                    b1:72:9a:c8:1f:6c:bf:87:12:07:e3:ac:37:44:77:
                    ac:63:cb:e6:1f:4e:35:ea:f1:d8:04:81:58:32:bf:
                    c2:78:d5:ad:51:70:4b:40:88:70:7a:72:2a:d6:60:
                    f3:b2:96:4e:dc:5a:d0:a1:d5:30:25:cb:3d:7d:2c:
                    81:2a:14:06:70:be:af:9f:fa:d0:c4:ad:c3:16:31:
                    54:06:37:25:99:7f:f1:ac:92:22:c0:3f:08:25:a5:
                    d0:d5:fb:58:ed:b6:ce:64:c4:3c:c9:8b:30:9a:51:
                    d3:64:da:72:c9:ae:9b:cb:76:1c:05:6d:70:a3:a7:
                    8b:b1:e3:b6:d6:0f:a0:8d:56:b4:27:c2:b0:ba:f0:
                    f0:4b:aa:e8:b8:d7:0b:1a:eb:5e:84:c5:0c:49:4a:
                    0f:b7:29:9a:fd:9f:c7:28:d9:d0:22:aa:5f:65:1b:
                    10:98:c7:46:df:47:4c:f7:d9:0f:8d:47:64:bd:cb:
                    5e:57:66:9a:dc:db:75:28:be:67:d7:6b:a2:35:ae:
                    ba:51:be:e0:04:1c:e4:9c:eb:38:00:61:f4:43:ad:
                    4e:3d:02:90:f1:50:89:7e:0d:7d:43:ef:3b:0a:73:
                    d2:bd:db:c7:1f:35:1b:6e:29:e7:43:37:56:8c:7f:
                    07:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:A0:A3:05:08:03:5C:7C:59:11:5A:36:A8:63:57:2E:50:85:B4:70
            X509v3 Authority Key Identifier:
                keyid:8A:A4:7D:08:FC:85:21:3D:F4:FD:A2:CF:95:61:B8:E6:8B:C2:73:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iqR9CPyFIT30_aLPlWG45ovCc9w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/a1f0a0-439d-4266-a3db-e6b1e986f95f/1/iqR9CPyFIT30_aLPlWG45ovCc9w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/a1f0a0-439d-4266-a3db-e6b1e986f95f/1/iqR9CPyFIT30_aLPlWG45ovCc9w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:5c:38:b8:b1:25:c7:6c:86:b2:05:c3:e4:76:c6:14:1a:3d:
         c7:56:1e:e0:e9:13:44:ed:70:26:f0:f4:0a:bf:96:4a:46:40:
         07:81:20:6b:04:43:c7:bd:7d:21:e8:9c:e5:22:6e:3e:32:4e:
         e1:10:8f:4a:72:ef:b3:da:97:55:8a:7d:b5:6b:0a:1a:ea:1f:
         65:a7:ba:c5:d6:c4:84:2a:5d:85:ac:d5:af:b4:b5:22:fe:e1:
         97:e8:aa:55:e7:1c:d7:fc:aa:35:62:21:63:d6:f3:6b:eb:30:
         2a:86:a1:ed:4c:de:d1:18:43:72:56:6e:33:ee:ae:6c:88:d4:
         16:f6:e8:f9:c7:42:de:14:1e:7b:99:5c:b4:64:bb:07:9c:d2:
         21:16:cf:c1:43:59:5e:0d:04:2c:79:b8:90:96:67:9c:87:d1:
         2c:a4:f4:b9:3d:d4:c9:97:6b:79:41:2e:98:1c:f3:ac:47:05:
         f5:9a:10:ac:88:43:17:15:d4:d6:e4:c0:93:36:58:9f:ef:f9:
         2e:1b:b0:bb:c9:4c:19:35:e0:61:3b:f6:e8:a7:9e:9f:cf:62:
         52:bd:de:67:63:40:2c:3d:11:6d:08:61:b9:92:7b:54:2d:3f:
         47:00:26:61:c8:46:d9:13:43:d7:27:5e:64:0f:62:96:a2:b2:
         e4:65:9a:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUqEDekpMJ7lNgNEE5q6J5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYTQ3ZDA4ZmM4NTIxM2RmNGZkYTJjZjk1NjFiOGU2OGJj
MjczZGMwHhcNMjUwODIzMDIwMDUzWhcNMjUwODI0MDIwMDUzWjAzMTEwLwYDVQQD
EyhiMGEwYTMwNTA4MDM1YzdjNTkxMTVhMzZhODYzNTcyZTUwODViNDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4K4Nq+FuG3VFHOHmbOxcprIH2y/
hxIH46w3RHesY8vmH0416vHYBIFYMr/CeNWtUXBLQIhwenIq1mDzspZO3FrQodUw
Jcs9fSyBKhQGcL6vn/rQxK3DFjFUBjclmX/xrJIiwD8IJaXQ1ftY7bbOZMQ8yYsw
mlHTZNpyya6by3YcBW1wo6eLseO21g+gjVa0J8KwuvDwS6rouNcLGutehMUMSUoP
tyma/Z/HKNnQIqpfZRsQmMdG30dM99kPjUdkvcteV2aa3Nt1KL5n12uiNa66Ub7g
BBzknOs4AGH0Q61OPQKQ8VCJfg19Q+87CnPSvdvHHzUbbinnQzdWjH8HkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLCgowUIA1x8WRFaNqhjVy5QhbRwMB8GA1UdIwQY
MBaAFIqkfQj8hSE99P2iz5VhuOaLwnPcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXFSOUNQeUZJVDMwX2FMUGxXRzQ1b3ZDYzl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9hMWYwYTAtNDM5ZC00MjY2LWEzZGIt
ZTZiMWU5ODZmOTVmLzEvaXFSOUNQeUZJVDMwX2FMUGxXRzQ1b3ZDYzl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi9hMWYwYTAtNDM5ZC00MjY2LWEzZGItZTZiMWU5ODZmOTVm
LzEvaXFSOUNQeUZJVDMwX2FMUGxXRzQ1b3ZDYzl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcFw4uLEl
x2yGsgXD5HbGFBo9x1Ye4OkTRO1wJvD0Cr+WSkZAB4EgawRDx719Ieic5SJuPjJO
4RCPSnLvs9qXVYp9tWsKGuofZae6xdbEhCpdhazVr7S1Iv7hl+iqVecc1/yqNWIh
Y9bza+swKoah7Uze0RhDclZuM+6ubIjUFvbo+cdC3hQee5lctGS7B5zSIRbPwUNZ
Xg0ELHm4kJZnnIfRLKT0uT3UyZdreUEumBzzrEcF9ZoQrIhDFxXU1uTAkzZYn+/5
Lhuwu8lMGTXgYTv26Keen89iUr3eZ2NALD0RbQhhuZJ7VC0/RwAmYchG2RND1yde
ZA9ilqKy5GWalw==
-----END CERTIFICATE-----