Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f509b5-2a01-456d-b410-5a471edb8018/1/2ma78NRZYjYmqZu-JCXgIHIJC08.mft
File:                     2ma78NRZYjYmqZu-JCXgIHIJC08.mft (raw, json)
Hash identifier:          bcYMZq/6erZLCQoLyFF36Zz5i16zQ8qfo6ABCVzQBCM=
Subject key identifier:   66:D8:92:4D:35:2A:C2:6A:FB:0B:B5:DC:CE:D7:F4:25:42:88:53:49
Authority key identifier: DA:66:BB:F0:D4:59:62:36:26:A9:9B:BE:24:25:E0:20:72:09:0B:4F
Certificate issuer:       /CN=da66bbf0d459623626a99bbe2425e02072090b4f
Certificate serial:       0198D6611B7B3084E6144EDE9230F7733032
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2ma78NRZYjYmqZu-JCXgIHIJC08.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/f509b5-2a01-456d-b410-5a471edb8018/1/2ma78NRZYjYmqZu-JCXgIHIJC08.mft
Manifest number:          FE
Signing time:             Sat 23 Aug 2025 10:02:24 +0000
Manifest this update:     Sat 23 Aug 2025 10:02:24 +0000
Manifest next update:     Sun 24 Aug 2025 10:02:24 +0000
Files and hashes:         1: 2ma78NRZYjYmqZu-JCXgIHIJC08.crl (hash: DNIV8gBoJU9QwtNfohcF+MeolV09ELiRYVO/j0h0i+M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/f509b5-2a01-456d-b410-5a471edb8018/1/2ma78NRZYjYmqZu-JCXgIHIJC08.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/f509b5-2a01-456d-b410-5a471edb8018/1/2ma78NRZYjYmqZu-JCXgIHIJC08.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2ma78NRZYjYmqZu-JCXgIHIJC08.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:61:1b:7b:30:84:e6:14:4e:de:92:30:f7:73:30:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da66bbf0d459623626a99bbe2425e02072090b4f
        Validity
            Not Before: Aug 23 10:02:24 2025 GMT
            Not After : Aug 24 10:02:24 2025 GMT
        Subject: CN=66d8924d352ac26afb0bb5dcced7f42542885349
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:ef:9d:db:a6:56:03:76:cc:c1:42:57:0c:90:
                    a5:15:cf:75:70:2d:cb:b6:66:45:94:66:a5:11:81:
                    2c:6c:7a:8b:98:62:3c:19:b4:82:bb:2f:14:95:09:
                    e7:3f:3d:59:8a:0b:1a:3c:55:e4:1d:47:45:2a:0a:
                    ba:5d:c1:25:ae:b1:4f:a9:62:ca:70:7e:77:ac:e6:
                    a9:8c:1d:f7:fb:37:7c:da:7f:b8:1c:89:3a:94:c3:
                    36:7a:99:1b:33:f9:0d:b8:48:3b:01:77:85:0e:79:
                    c9:2d:45:62:9a:15:47:bc:18:d9:0e:f9:dd:59:45:
                    58:07:ab:8b:fc:8b:33:68:b9:07:59:44:d5:1a:84:
                    f8:3a:e2:e9:6c:dd:15:1d:2c:21:43:80:9d:d1:73:
                    71:d0:f9:94:f7:28:89:d9:f3:78:c5:df:dd:18:c5:
                    69:14:52:b0:74:9d:a1:a3:b8:a3:3b:74:df:d6:23:
                    d0:57:0d:12:6b:5d:30:75:be:af:29:03:f3:6c:ab:
                    2e:31:03:92:8c:c8:01:5f:02:13:d8:ef:f5:4c:8b:
                    c4:e6:28:7c:52:9f:fe:2a:75:87:1b:3c:cb:5f:6c:
                    b4:1b:72:7e:6e:f9:ad:22:44:e7:e9:04:a7:be:5b:
                    d0:ac:8c:eb:e8:f3:64:7f:85:66:50:e5:6a:4f:73:
                    96:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:D8:92:4D:35:2A:C2:6A:FB:0B:B5:DC:CE:D7:F4:25:42:88:53:49
            X509v3 Authority Key Identifier:
                keyid:DA:66:BB:F0:D4:59:62:36:26:A9:9B:BE:24:25:E0:20:72:09:0B:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ma78NRZYjYmqZu-JCXgIHIJC08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f509b5-2a01-456d-b410-5a471edb8018/1/2ma78NRZYjYmqZu-JCXgIHIJC08.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f509b5-2a01-456d-b410-5a471edb8018/1/2ma78NRZYjYmqZu-JCXgIHIJC08.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:b3:e8:20:37:a5:6a:f7:04:a6:f6:38:6c:91:cb:76:58:46:
         ea:08:39:7f:dd:db:75:2c:cd:68:98:d4:7d:ce:e2:a1:65:42:
         be:00:28:fe:1e:a6:97:2e:6b:61:4e:82:00:fa:a3:09:79:44:
         1c:a4:0c:d0:aa:7c:04:b0:f7:ad:b3:d3:b0:e9:94:53:ac:51:
         46:9b:8d:93:52:1a:b0:b6:a7:59:03:00:55:a7:cb:51:56:52:
         1c:04:58:a3:eb:9d:2b:84:93:3c:ac:19:6e:2e:00:81:88:54:
         68:57:9c:2e:28:7f:79:98:c2:b5:94:a4:55:3c:3d:85:b4:05:
         3b:97:29:49:36:44:bc:ac:d7:7d:26:c8:2b:a0:c9:d7:47:6f:
         a3:9f:b0:97:db:c4:93:ef:23:0c:35:af:71:62:cd:f6:74:52:
         94:ac:2b:45:04:f6:1b:54:03:b4:b8:7f:fc:bb:cd:1e:b4:b7:
         f0:0d:d9:5d:b4:07:98:94:b4:5b:3d:fc:f4:60:7d:a8:37:57:
         c7:f8:b4:31:27:d6:c8:e7:fa:8b:97:2a:a0:02:e3:bc:6c:03:
         52:bb:76:a1:73:85:d0:9a:2c:f3:5f:eb:91:4d:3b:cb:dc:c7:
         95:b6:fd:ea:0f:bf:62:37:6f:f6:69:ca:cb:34:a7:e8:c1:05:
         c4:f3:c5:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYRt7MITmFE7ekjD3czAyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNjZiYmYwZDQ1OTYyMzYyNmE5OWJiZTI0MjVlMDIwNzIw
OTBiNGYwHhcNMjUwODIzMTAwMjI0WhcNMjUwODI0MTAwMjI0WjAzMTEwLwYDVQQD
Eyg2NmQ4OTI0ZDM1MmFjMjZhZmIwYmI1ZGNjZWQ3ZjQyNTQyODg1MzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5O+d26ZWA3bMwUJXDJClFc91cC3L
tmZFlGalEYEsbHqLmGI8GbSCuy8UlQnnPz1ZigsaPFXkHUdFKgq6XcElrrFPqWLK
cH53rOapjB33+zd82n+4HIk6lMM2epkbM/kNuEg7AXeFDnnJLUVimhVHvBjZDvnd
WUVYB6uL/IszaLkHWUTVGoT4OuLpbN0VHSwhQ4Cd0XNx0PmU9yiJ2fN4xd/dGMVp
FFKwdJ2ho7ijO3Tf1iPQVw0Sa10wdb6vKQPzbKsuMQOSjMgBXwIT2O/1TIvE5ih8
Up/+KnWHGzzLX2y0G3J+bvmtIkTn6QSnvlvQrIzr6PNkf4VmUOVqT3OWcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGbYkk01KsJq+wu13M7X9CVCiFNJMB8GA1UdIwQY
MBaAFNpmu/DUWWI2JqmbviQl4CByCQtPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm1hNzhOUlpZalltcVp1LUpDWGdJSElKQzA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mNTA5YjUtMmEwMS00NTZkLWI0MTAt
NWE0NzFlZGI4MDE4LzEvMm1hNzhOUlpZalltcVp1LUpDWGdJSElKQzA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mNTA5YjUtMmEwMS00NTZkLWI0MTAtNWE0NzFlZGI4MDE4
LzEvMm1hNzhOUlpZalltcVp1LUpDWGdJSElKQzA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe7PoIDel
avcEpvY4bJHLdlhG6gg5f93bdSzNaJjUfc7ioWVCvgAo/h6mly5rYU6CAPqjCXlE
HKQM0Kp8BLD3rbPTsOmUU6xRRpuNk1IasLanWQMAVafLUVZSHARYo+udK4STPKwZ
bi4AgYhUaFecLih/eZjCtZSkVTw9hbQFO5cpSTZEvKzXfSbIK6DJ10dvo5+wl9vE
k+8jDDWvcWLN9nRSlKwrRQT2G1QDtLh//LvNHrS38A3ZXbQHmJS0Wz389GB9qDdX
x/i0MSfWyOf6i5cqoALjvGwDUrt2oXOF0Jos81/rkU07y9zHlbb96g+/Yjdv9mnK
yzSn6MEFxPPFIg==
-----END CERTIFICATE-----