Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/2aa9f9-bdb4-4ab9-8f9b-6b8aa0a2c960/1/9Lf2q209ljfV1-rM4943lLnPPg8.mft
File:                     9Lf2q209ljfV1-rM4943lLnPPg8.mft (raw, json)
Hash identifier:          rq9nrzzfUg8KfR7CpqVtG+/3RygOJFe/3f5wk4Swa/0=
Subject key identifier:   96:22:9A:FF:8D:45:B6:D9:84:74:BB:5D:2B:51:65:F7:17:E7:5E:3E
Authority key identifier: F4:B7:F6:AB:6D:3D:96:37:D5:D7:EA:CC:E3:DE:37:94:B9:CF:3E:0F
Certificate issuer:       /CN=f4b7f6ab6d3d9637d5d7eacce3de3794b9cf3e0f
Certificate serial:       0198D6CD2014BDD7642C8A4C0CF2D8E99E15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9Lf2q209ljfV1-rM4943lLnPPg8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/2aa9f9-bdb4-4ab9-8f9b-6b8aa0a2c960/1/9Lf2q209ljfV1-rM4943lLnPPg8.mft
Manifest number:          01F4
Signing time:             Sat 23 Aug 2025 12:00:23 +0000
Manifest this update:     Sat 23 Aug 2025 12:00:23 +0000
Manifest next update:     Sun 24 Aug 2025 12:00:23 +0000
Files and hashes:         1: 9Lf2q209ljfV1-rM4943lLnPPg8.crl (hash: Od9h242v2ywcy4N2OlJqnzkg2LHnEHzftvCJor1V/rY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/2aa9f9-bdb4-4ab9-8f9b-6b8aa0a2c960/1/9Lf2q209ljfV1-rM4943lLnPPg8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/2aa9f9-bdb4-4ab9-8f9b-6b8aa0a2c960/1/9Lf2q209ljfV1-rM4943lLnPPg8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9Lf2q209ljfV1-rM4943lLnPPg8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 12:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:cd:20:14:bd:d7:64:2c:8a:4c:0c:f2:d8:e9:9e:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f4b7f6ab6d3d9637d5d7eacce3de3794b9cf3e0f
        Validity
            Not Before: Aug 23 12:00:23 2025 GMT
            Not After : Aug 24 12:00:23 2025 GMT
        Subject: CN=96229aff8d45b6d98474bb5d2b5165f717e75e3e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:1b:5a:35:cb:ea:30:18:2a:0d:44:ea:39:e2:
                    93:07:c4:e4:cf:06:42:f0:5e:b4:78:dd:c3:5f:b8:
                    3d:6f:b6:79:80:95:b4:64:c1:21:9c:1c:8c:bb:e4:
                    54:e8:04:13:e0:5f:9a:02:62:05:e5:9e:dd:df:95:
                    09:b7:fe:61:2b:fe:eb:de:6d:90:c0:df:1c:37:49:
                    13:62:2a:e3:be:a8:00:ec:3c:05:5b:d0:67:4f:20:
                    36:57:4f:de:ea:87:f8:ff:40:9a:f4:f9:4a:39:14:
                    90:8d:2e:7d:68:74:f2:77:97:7f:67:d1:09:eb:95:
                    8d:8a:77:d3:b3:e5:74:4b:df:14:5d:42:14:fc:4c:
                    b7:c1:1d:fb:05:de:35:fe:49:11:6c:3a:99:89:c8:
                    3f:4c:28:b9:9f:b8:93:1b:fb:83:d7:14:fb:9c:d4:
                    9f:2a:0e:63:31:d8:fb:e4:2a:4e:f9:2e:03:43:cf:
                    01:e8:66:ec:b1:e2:d2:a5:25:be:73:81:73:06:e3:
                    71:3b:c3:54:e2:34:cb:9d:af:55:23:15:7f:11:83:
                    87:72:51:14:41:23:89:56:00:76:c8:5c:55:42:bd:
                    56:93:a8:4b:31:67:7b:44:ef:b3:ca:de:b0:b7:c2:
                    bb:e9:ce:c5:8a:be:e4:d2:ab:0e:d0:41:01:6f:0a:
                    86:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:22:9A:FF:8D:45:B6:D9:84:74:BB:5D:2B:51:65:F7:17:E7:5E:3E
            X509v3 Authority Key Identifier:
                keyid:F4:B7:F6:AB:6D:3D:96:37:D5:D7:EA:CC:E3:DE:37:94:B9:CF:3E:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Lf2q209ljfV1-rM4943lLnPPg8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/2aa9f9-bdb4-4ab9-8f9b-6b8aa0a2c960/1/9Lf2q209ljfV1-rM4943lLnPPg8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/2aa9f9-bdb4-4ab9-8f9b-6b8aa0a2c960/1/9Lf2q209ljfV1-rM4943lLnPPg8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:ef:c3:9f:f1:5a:93:f1:74:63:c4:03:c2:83:ec:1c:88:5a:
         e9:1a:be:54:9a:bf:75:f2:f4:47:ee:e9:86:d0:1a:f9:28:86:
         53:99:5d:5e:62:a4:93:db:3e:e5:a2:9f:14:68:13:2a:65:ac:
         e2:a9:35:b5:c6:f2:1f:74:d5:38:1e:41:83:ed:81:b3:65:d8:
         70:be:38:5d:93:5d:d6:9f:8d:54:43:a6:dd:be:75:36:f4:d7:
         e3:00:ba:e2:38:6f:21:43:d2:ae:0e:02:ea:f3:50:ed:24:dd:
         b6:c4:5b:48:19:f0:dc:5c:28:98:fe:76:e8:4d:ee:42:17:52:
         18:b1:d8:6e:d5:3f:1a:a4:c0:be:40:b8:ac:bf:14:4b:c8:13:
         99:38:71:43:67:2d:44:be:10:38:d3:02:b6:b7:42:4c:72:f6:
         1a:bc:fd:39:4f:be:b1:11:38:d9:35:3d:67:e5:54:ce:00:b7:
         0c:fd:ad:95:aa:9d:1d:de:89:3f:8c:48:aa:2e:cd:95:87:00:
         c7:56:34:b7:8a:5d:70:61:d7:db:2d:0f:d5:9d:fa:66:c5:46:
         5d:33:43:ad:98:40:15:fc:f3:82:79:ae:a2:c0:27:c7:7c:7e:
         49:5c:2e:05:00:c6:79:be:b7:5d:1c:2f:db:3e:b1:ba:1e:c5:
         ab:1a:a2:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWzSAUvddkLIpMDPLY6Z4VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YjdmNmFiNmQzZDk2MzdkNWQ3ZWFjY2UzZGUzNzk0Yjlj
ZjNlMGYwHhcNMjUwODIzMTIwMDIzWhcNMjUwODI0MTIwMDIzWjAzMTEwLwYDVQQD
Eyg5NjIyOWFmZjhkNDViNmQ5ODQ3NGJiNWQyYjUxNjVmNzE3ZTc1ZTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRtaNcvqMBgqDUTqOeKTB8TkzwZC
8F60eN3DX7g9b7Z5gJW0ZMEhnByMu+RU6AQT4F+aAmIF5Z7d35UJt/5hK/7r3m2Q
wN8cN0kTYirjvqgA7DwFW9BnTyA2V0/e6of4/0Ca9PlKORSQjS59aHTyd5d/Z9EJ
65WNinfTs+V0S98UXUIU/Ey3wR37Bd41/kkRbDqZicg/TCi5n7iTG/uD1xT7nNSf
Kg5jMdj75CpO+S4DQ88B6GbsseLSpSW+c4FzBuNxO8NU4jTLna9VIxV/EYOHclEU
QSOJVgB2yFxVQr1Wk6hLMWd7RO+zyt6wt8K76c7Fir7k0qsO0EEBbwqGgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJYimv+NRbbZhHS7XStRZfcX514+MB8GA1UdIwQY
MBaAFPS39qttPZY31dfqzOPeN5S5zz4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxmMnEyMDlsamZWMS1yTTQ5NDNsTG5QUGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8yYWE5ZjktYmRiNC00YWI5LThmOWIt
NmI4YWEwYTJjOTYwLzEvOUxmMnEyMDlsamZWMS1yTTQ5NDNsTG5QUGc4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8yYWE5ZjktYmRiNC00YWI5LThmOWItNmI4YWEwYTJjOTYw
LzEvOUxmMnEyMDlsamZWMS1yTTQ5NDNsTG5QUGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk+/Dn/Fa
k/F0Y8QDwoPsHIha6Rq+VJq/dfL0R+7phtAa+SiGU5ldXmKkk9s+5aKfFGgTKmWs
4qk1tcbyH3TVOB5Bg+2Bs2XYcL44XZNd1p+NVEOm3b51NvTX4wC64jhvIUPSrg4C
6vNQ7STdtsRbSBnw3FwomP526E3uQhdSGLHYbtU/GqTAvkC4rL8US8gTmThxQ2ct
RL4QONMCtrdCTHL2Grz9OU++sRE42TU9Z+VUzgC3DP2tlaqdHd6JP4xIqi7NlYcA
x1Y0t4pdcGHX2y0P1Z36ZsVGXTNDrZhAFfzzgnmuosAnx3x+SVwuBQDGeb63XRwv
2z6xuh7FqxqiZw==
-----END CERTIFICATE-----