Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/257fd7-a9f7-4284-acf3-34304f5cda98/1/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.mft
File:                     _ThaYWOY5BbHDcsyJWb5Pj0vvxM.mft (raw, json)
Hash identifier:          7sIxLPbvv4dznGjsRzbA/RBMkbsc6kYSD8wjBU7SQXQ=
Subject key identifier:   B5:94:E6:7D:2B:46:AF:87:A1:5D:80:4D:2F:93:38:A6:8C:47:F0:12
Authority key identifier: FD:38:5A:61:63:98:E4:16:C7:0D:CB:32:25:66:F9:3E:3D:2F:BF:13
Certificate issuer:       /CN=fd385a616398e416c70dcb322566f93e3d2fbf13
Certificate serial:       0198D4DFE0363DE77B4480A890B66D0330EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/257fd7-a9f7-4284-acf3-34304f5cda98/1/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.mft
Manifest number:          0DB9
Signing time:             Sat 23 Aug 2025 03:01:38 +0000
Manifest this update:     Sat 23 Aug 2025 03:01:38 +0000
Manifest next update:     Sun 24 Aug 2025 03:01:38 +0000
Files and hashes:         1: _ThaYWOY5BbHDcsyJWb5Pj0vvxM.crl (hash: YvDJST5aIxxRU932aME/PfC9zQfM82KgpUCD00zRBEM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/257fd7-a9f7-4284-acf3-34304f5cda98/1/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/257fd7-a9f7-4284-acf3-34304f5cda98/1/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 03:01:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:df:e0:36:3d:e7:7b:44:80:a8:90:b6:6d:03:30:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fd385a616398e416c70dcb322566f93e3d2fbf13
        Validity
            Not Before: Aug 23 03:01:38 2025 GMT
            Not After : Aug 24 03:01:38 2025 GMT
        Subject: CN=b594e67d2b46af87a15d804d2f9338a68c47f012
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:b0:4f:cf:e9:2a:10:37:3b:b7:4f:93:da:31:
                    7e:92:f4:6a:df:5a:44:b6:2d:aa:20:1f:09:12:1f:
                    82:55:0e:12:e8:d6:fe:c7:35:01:c1:ee:90:1b:12:
                    34:2e:44:7a:18:22:b3:08:a3:7b:39:d6:6a:ef:91:
                    0d:d6:77:f4:76:aa:90:51:15:a3:52:df:7b:b4:73:
                    7f:d6:ea:b0:d7:a5:e9:d1:61:6b:dd:cd:28:dd:e8:
                    0d:60:32:ec:11:74:f0:40:76:f7:d8:b1:bd:c2:31:
                    75:a9:57:a4:d6:6b:37:72:0c:cc:e6:7a:8d:fe:82:
                    27:72:29:d0:d4:58:ca:13:a4:6b:a4:df:32:50:e3:
                    e2:a2:1c:1c:2a:c0:3e:85:2b:34:25:5d:81:4f:44:
                    d1:45:7a:d7:ed:a3:0a:bd:b4:80:fc:e7:9d:7c:34:
                    ee:79:d2:05:e5:5f:4a:d6:f0:dd:0c:3e:cb:8a:3a:
                    44:47:32:58:30:65:cf:e6:11:30:c8:a1:68:35:3d:
                    be:b6:45:67:65:6b:f7:df:ed:e1:41:b7:fa:45:24:
                    66:a9:3f:86:1f:0f:fb:8f:20:44:bb:d6:89:8f:af:
                    67:ba:57:ed:7f:7c:e1:bf:0e:0a:8b:19:e1:ac:ca:
                    d0:ea:cf:62:72:5e:3d:3d:0e:3b:fb:f7:c1:4f:fa:
                    53:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:94:E6:7D:2B:46:AF:87:A1:5D:80:4D:2F:93:38:A6:8C:47:F0:12
            X509v3 Authority Key Identifier:
                keyid:FD:38:5A:61:63:98:E4:16:C7:0D:CB:32:25:66:F9:3E:3D:2F:BF:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/257fd7-a9f7-4284-acf3-34304f5cda98/1/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/257fd7-a9f7-4284-acf3-34304f5cda98/1/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:91:61:0a:9b:cb:93:07:b4:15:83:36:4f:3c:6d:e0:23:d5:
         ef:2f:26:9c:7c:85:64:aa:d0:38:da:a8:7d:76:2d:06:76:a4:
         3e:b4:d0:11:aa:24:b6:bd:f2:99:ce:be:20:ca:73:21:e4:7a:
         34:eb:7e:ef:31:82:42:e4:19:dd:24:42:fa:35:5a:2c:df:78:
         b1:94:ba:82:ae:8f:28:51:e5:fd:e3:be:7d:36:35:89:b2:a2:
         2f:6f:a4:de:ed:22:28:ef:59:c2:b8:b1:c8:f9:4f:dc:5a:3b:
         11:fb:5f:fb:47:f8:90:7f:1d:c5:d1:fb:e2:2c:53:8f:fa:9b:
         51:18:b1:bb:69:0a:21:a0:dc:64:9c:6e:9d:46:b1:b8:26:40:
         99:9e:07:1d:13:a9:0f:32:4a:e0:94:8b:d4:c0:c0:45:09:f4:
         f7:a3:d2:ab:73:7d:a3:cb:c5:f2:f0:22:62:65:a5:d3:d0:43:
         5b:9b:c9:a0:2b:14:46:9a:15:7e:79:fe:30:ce:c3:90:26:e2:
         83:3c:e5:16:19:99:61:e7:3a:9e:d7:20:b9:74:cc:ce:2a:a1:
         8d:db:69:67:4c:91:f5:1a:c5:1a:ba:51:74:85:5d:52:bd:94:
         ad:2a:0b:7c:1e:f5:00:a0:d9:66:09:11:c3:40:7f:54:88:d7:
         4e:a9:18:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU3+A2Ped7RICokLZtAzDsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMzg1YTYxNjM5OGU0MTZjNzBkY2IzMjI1NjZmOTNlM2Qy
ZmJmMTMwHhcNMjUwODIzMDMwMTM4WhcNMjUwODI0MDMwMTM4WjAzMTEwLwYDVQQD
EyhiNTk0ZTY3ZDJiNDZhZjg3YTE1ZDgwNGQyZjkzMzhhNjhjNDdmMDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLBPz+kqEDc7t0+T2jF+kvRq31pE
ti2qIB8JEh+CVQ4S6Nb+xzUBwe6QGxI0LkR6GCKzCKN7OdZq75EN1nf0dqqQURWj
Ut97tHN/1uqw16Xp0WFr3c0o3egNYDLsEXTwQHb32LG9wjF1qVek1ms3cgzM5nqN
/oIncinQ1FjKE6RrpN8yUOPiohwcKsA+hSs0JV2BT0TRRXrX7aMKvbSA/OedfDTu
edIF5V9K1vDdDD7LijpERzJYMGXP5hEwyKFoNT2+tkVnZWv33+3hQbf6RSRmqT+G
Hw/7jyBEu9aJj69nulftf3zhvw4KixnhrMrQ6s9icl49PQ47+/fBT/pT0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLWU5n0rRq+HoV2ATS+TOKaMR/ASMB8GA1UdIwQY
MBaAFP04WmFjmOQWxw3LMiVm+T49L78TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1RoYVlXT1k1QmJIRGNzeUpXYjVQajB2dnhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8yNTdmZDctYTlmNy00Mjg0LWFjZjMt
MzQzMDRmNWNkYTk4LzEvX1RoYVlXT1k1QmJIRGNzeUpXYjVQajB2dnhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8yNTdmZDctYTlmNy00Mjg0LWFjZjMtMzQzMDRmNWNkYTk4
LzEvX1RoYVlXT1k1QmJIRGNzeUpXYjVQajB2dnhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY5FhCpvL
kwe0FYM2Tzxt4CPV7y8mnHyFZKrQONqofXYtBnakPrTQEaoktr3ymc6+IMpzIeR6
NOt+7zGCQuQZ3SRC+jVaLN94sZS6gq6PKFHl/eO+fTY1ibKiL2+k3u0iKO9Zwrix
yPlP3Fo7Eftf+0f4kH8dxdH74ixTj/qbURixu2kKIaDcZJxunUaxuCZAmZ4HHROp
DzJK4JSL1MDARQn096PSq3N9o8vF8vAiYmWl09BDW5vJoCsURpoVfnn+MM7DkCbi
gzzlFhmZYec6ntcguXTMziqhjdtpZ0yR9RrFGrpRdIVdUr2UrSoLfB71AKDZZgkR
w0B/VIjXTqkYvw==
-----END CERTIFICATE-----