Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/e7277e-f8db-4e32-bddd-9815249aadef/1/MtYmm4lSBJZffsl_Gdi12ckwt40.mft
File:                     MtYmm4lSBJZffsl_Gdi12ckwt40.mft (raw, json)
Hash identifier:          2z8D4dxFStALKxlIZcPB5NmZEnfycX9BqushPZUVX3A=
Subject key identifier:   47:5A:2B:B5:23:4D:08:96:C1:40:B3:44:BF:4F:03:69:6F:81:AB:36
Authority key identifier: 32:D6:26:9B:89:52:04:96:5F:7E:C9:7F:19:D8:B5:D9:C9:30:B7:8D
Certificate issuer:       /CN=32d6269b895204965f7ec97f19d8b5d9c930b78d
Certificate serial:       0198D660DE878CAA3504299D6E5E14443EE9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MtYmm4lSBJZffsl_Gdi12ckwt40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/e7277e-f8db-4e32-bddd-9815249aadef/1/MtYmm4lSBJZffsl_Gdi12ckwt40.mft
Manifest number:          FE
Signing time:             Sat 23 Aug 2025 10:02:09 +0000
Manifest this update:     Sat 23 Aug 2025 10:02:09 +0000
Manifest next update:     Sun 24 Aug 2025 10:02:09 +0000
Files and hashes:         1: MtYmm4lSBJZffsl_Gdi12ckwt40.crl (hash: z40Y6vixlCcQU/p31GscMvQ/ZK4gIPrgf2wFIFEKTsI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/e7277e-f8db-4e32-bddd-9815249aadef/1/MtYmm4lSBJZffsl_Gdi12ckwt40.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/e7277e-f8db-4e32-bddd-9815249aadef/1/MtYmm4lSBJZffsl_Gdi12ckwt40.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MtYmm4lSBJZffsl_Gdi12ckwt40.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 10:02:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:de:87:8c:aa:35:04:29:9d:6e:5e:14:44:3e:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=32d6269b895204965f7ec97f19d8b5d9c930b78d
        Validity
            Not Before: Aug 23 10:02:09 2025 GMT
            Not After : Aug 24 10:02:09 2025 GMT
        Subject: CN=475a2bb5234d0896c140b344bf4f03696f81ab36
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:15:bb:eb:6c:50:b2:15:36:66:c0:16:9d:40:
                    d6:ad:e3:df:4b:af:86:58:1d:75:a9:38:a3:86:d2:
                    66:46:b1:5f:11:75:ba:42:dc:b4:7f:58:c3:74:de:
                    cb:22:86:34:67:69:15:d3:c1:2a:ac:fc:c1:2d:e3:
                    85:32:7d:26:58:4d:e8:bc:31:fe:12:0e:7e:3a:18:
                    52:82:46:d6:95:50:cc:2a:86:9f:99:d3:c4:9a:71:
                    b7:8b:d4:dd:23:fc:2b:91:1c:3c:94:c4:0a:72:ae:
                    ea:af:f8:6e:7f:7b:f7:84:d1:52:ee:db:52:24:df:
                    5c:fa:b5:c5:94:30:2c:5d:89:ba:00:e1:03:2b:bf:
                    08:bb:bb:15:6e:c2:74:34:af:7d:68:25:60:3f:59:
                    57:5f:6d:06:66:d9:b4:fe:31:50:7d:0f:a3:25:d3:
                    22:8c:30:10:e6:a4:b4:c9:57:68:ec:24:9f:91:60:
                    63:af:33:ee:1f:8f:8c:fd:c8:86:9d:d2:a4:16:63:
                    58:6a:a6:a4:0b:0b:73:3c:6a:7e:98:1f:63:b4:f3:
                    ee:aa:23:b4:bc:37:17:c9:95:b3:a5:3d:60:45:0b:
                    bf:01:bd:f8:b3:b3:f2:cf:19:ea:0a:78:92:99:ba:
                    08:ec:28:08:84:fd:0a:5c:15:43:64:9a:8f:51:5d:
                    45:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:5A:2B:B5:23:4D:08:96:C1:40:B3:44:BF:4F:03:69:6F:81:AB:36
            X509v3 Authority Key Identifier:
                keyid:32:D6:26:9B:89:52:04:96:5F:7E:C9:7F:19:D8:B5:D9:C9:30:B7:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MtYmm4lSBJZffsl_Gdi12ckwt40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/e7277e-f8db-4e32-bddd-9815249aadef/1/MtYmm4lSBJZffsl_Gdi12ckwt40.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/e7277e-f8db-4e32-bddd-9815249aadef/1/MtYmm4lSBJZffsl_Gdi12ckwt40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:da:89:19:ff:ea:db:39:17:29:2a:7e:4e:34:e0:93:d7:e3:
         a5:9e:67:99:81:03:d6:1d:70:69:07:0f:ab:cc:46:e4:16:2e:
         49:31:6f:1d:c3:de:db:35:d3:d3:18:20:c1:a9:d8:6a:83:8e:
         d9:cb:00:50:59:74:96:29:b5:a7:d4:3f:d8:7d:04:ad:f2:48:
         a9:3d:8e:84:59:8a:c2:2f:5e:57:9d:64:08:84:f7:8f:62:ae:
         ef:d7:48:11:af:4b:4a:2b:b6:10:6e:aa:85:82:8e:18:51:e7:
         15:b3:9f:02:0f:1f:b6:25:91:5d:45:b6:6f:95:ac:6b:77:05:
         b3:54:4f:f3:38:47:bb:1c:47:b8:d9:0e:ec:e3:b6:1b:7e:c3:
         34:10:a1:49:6b:04:b6:c8:ff:86:dc:fc:9f:d0:f5:e2:4c:4e:
         19:d4:ba:61:a0:56:90:6b:94:71:d6:90:2f:19:d9:73:1e:dd:
         54:9f:6b:cc:86:b9:af:41:ea:2f:b0:c6:b8:ee:06:a6:67:19:
         02:5f:97:b8:af:39:ca:63:25:04:02:ff:22:08:8a:79:ca:6f:
         a6:9a:d4:19:7f:76:76:70:1c:d0:50:89:3b:9f:61:7b:46:91:
         bc:a0:27:a8:46:de:6b:83:37:db:b1:5a:c1:f6:c4:ac:1c:7f:
         e7:46:c4:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYN6HjKo1BCmdbl4URD7pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyZDYyNjliODk1MjA0OTY1ZjdlYzk3ZjE5ZDhiNWQ5Yzkz
MGI3OGQwHhcNMjUwODIzMTAwMjA5WhcNMjUwODI0MTAwMjA5WjAzMTEwLwYDVQQD
Eyg0NzVhMmJiNTIzNGQwODk2YzE0MGIzNDRiZjRmMDM2OTZmODFhYjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyRW762xQshU2ZsAWnUDWrePfS6+G
WB11qTijhtJmRrFfEXW6Qty0f1jDdN7LIoY0Z2kV08EqrPzBLeOFMn0mWE3ovDH+
Eg5+OhhSgkbWlVDMKoafmdPEmnG3i9TdI/wrkRw8lMQKcq7qr/huf3v3hNFS7ttS
JN9c+rXFlDAsXYm6AOEDK78Iu7sVbsJ0NK99aCVgP1lXX20GZtm0/jFQfQ+jJdMi
jDAQ5qS0yVdo7CSfkWBjrzPuH4+M/ciGndKkFmNYaqakCwtzPGp+mB9jtPPuqiO0
vDcXyZWzpT1gRQu/Ab34s7PyzxnqCniSmboI7CgIhP0KXBVDZJqPUV1FzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEdaK7UjTQiWwUCzRL9PA2lvgas2MB8GA1UdIwQY
MBaAFDLWJpuJUgSWX37JfxnYtdnJMLeNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXRZbW00bFNCSlpmZnNsX0dkaTEyY2t3dDQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9lNzI3N2UtZjhkYi00ZTMyLWJkZGQt
OTgxNTI0OWFhZGVmLzEvTXRZbW00bFNCSlpmZnNsX0dkaTEyY2t3dDQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9lNzI3N2UtZjhkYi00ZTMyLWJkZGQtOTgxNTI0OWFhZGVm
LzEvTXRZbW00bFNCSlpmZnNsX0dkaTEyY2t3dDQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaNqJGf/q
2zkXKSp+TjTgk9fjpZ5nmYED1h1waQcPq8xG5BYuSTFvHcPe2zXT0xggwanYaoOO
2csAUFl0lim1p9Q/2H0ErfJIqT2OhFmKwi9eV51kCIT3j2Ku79dIEa9LSiu2EG6q
hYKOGFHnFbOfAg8ftiWRXUW2b5Wsa3cFs1RP8zhHuxxHuNkO7OO2G37DNBChSWsE
tsj/htz8n9D14kxOGdS6YaBWkGuUcdaQLxnZcx7dVJ9rzIa5r0HqL7DGuO4GpmcZ
Al+XuK85ymMlBAL/IgiKecpvpprUGX92dnAc0FCJO59he0aRvKAnqEbea4M327Fa
wfbErBx/50bEhA==
-----END CERTIFICATE-----