Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.mft
File:                     8p5p65n-wSVjcxHUMFL3kx2P3TI.mft (raw, json)
Hash identifier:          D0UHGmqhlGs6os55M3hIjgA8nosAWq2uj68PLUyMlDI=
Subject key identifier:   F4:2B:B2:FE:4E:36:6E:53:D8:C8:49:F6:C9:B4:CE:7B:30:37:37:13
Authority key identifier: F2:9E:69:EB:99:FE:C1:25:63:73:11:D4:30:52:F7:93:1D:8F:DD:32
Certificate issuer:       /CN=f29e69eb99fec125637311d43052f7931d8fdd32
Certificate serial:       0197B70F02CF916548E2D63AD38EAD933FCE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8p5p65n-wSVjcxHUMFL3kx2P3TI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.mft
Manifest number:          054F
Signing time:             Sat 28 Jun 2025 15:01:43 +0000
Manifest this update:     Sat 28 Jun 2025 15:01:43 +0000
Manifest next update:     Sun 29 Jun 2025 15:01:43 +0000
Files and hashes:         1: 8p5p65n-wSVjcxHUMFL3kx2P3TI.crl (hash: Y2as4H52X86mZQgi/1fLz6PBwS6Ek2KLcYSZ/AR/UjU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8p5p65n-wSVjcxHUMFL3kx2P3TI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0f:02:cf:91:65:48:e2:d6:3a:d3:8e:ad:93:3f:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f29e69eb99fec125637311d43052f7931d8fdd32
        Validity
            Not Before: Jun 28 15:01:43 2025 GMT
            Not After : Jun 29 15:01:43 2025 GMT
        Subject: CN=f42bb2fe4e366e53d8c849f6c9b4ce7b30373713
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:0b:bf:e7:81:ac:c6:73:3c:04:14:00:5c:23:
                    e0:0e:c4:d1:8f:df:c6:fa:f5:9a:2d:d0:28:ec:b0:
                    ea:17:9c:f7:61:8f:a1:37:a2:59:8b:23:ae:34:64:
                    62:b3:dd:8b:28:3c:01:fb:5d:7f:b2:11:47:90:eb:
                    e0:d4:90:c1:db:8c:ad:64:c4:45:55:37:11:69:2a:
                    5e:fc:45:d1:90:2a:7f:f7:a3:cf:eb:7f:1b:a1:01:
                    51:02:23:c1:cd:60:a2:f3:7f:0c:ea:30:4f:54:e5:
                    3a:1a:48:d8:4d:56:ab:5d:22:99:2c:5b:4c:c9:1b:
                    c1:e8:fd:86:b5:30:64:ac:30:6e:2d:d9:28:49:ca:
                    a2:9e:b4:8b:14:b8:eb:5c:60:c5:74:d3:2b:ce:01:
                    46:e1:88:c9:75:56:a4:29:7d:a4:5e:25:4a:2a:cf:
                    ec:f1:ac:45:c2:11:b2:32:f3:45:a0:2c:e6:88:06:
                    b9:32:56:db:fb:a2:d8:a1:ed:6b:ce:73:ae:e4:db:
                    18:fc:3e:4c:02:94:62:e7:c0:62:44:96:f7:e1:8d:
                    a1:4b:8f:ce:58:ea:8c:54:80:4e:68:b8:f5:55:ec:
                    48:ce:60:23:ef:c9:31:f2:47:23:25:07:f6:3a:9b:
                    a7:bd:1a:2f:f8:14:a7:e3:b3:64:eb:50:b8:af:07:
                    8a:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:2B:B2:FE:4E:36:6E:53:D8:C8:49:F6:C9:B4:CE:7B:30:37:37:13
            X509v3 Authority Key Identifier:
                keyid:F2:9E:69:EB:99:FE:C1:25:63:73:11:D4:30:52:F7:93:1D:8F:DD:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8p5p65n-wSVjcxHUMFL3kx2P3TI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:47:9f:50:f0:a8:54:b6:24:1c:46:0b:75:84:33:e8:69:c3:
         96:32:bf:cd:00:11:bc:53:d9:75:18:69:8e:da:ff:f7:75:0e:
         a8:04:55:2b:2e:f5:ce:3a:5c:60:09:c8:f3:ae:29:3e:4a:ef:
         28:09:54:0f:8a:d7:4b:e4:2c:83:4d:9f:da:a2:58:08:c7:85:
         89:1d:a5:36:01:06:e7:d5:d9:34:6f:7a:b0:11:3a:06:82:dd:
         52:83:15:33:4e:74:d2:9c:0e:4b:0d:1c:92:36:9f:fd:51:f3:
         b9:96:72:76:31:aa:33:08:95:cf:2a:49:88:b9:10:fa:a0:11:
         a6:97:64:e8:fd:f2:e9:7d:cd:9f:27:3a:96:5c:14:0a:38:c3:
         7a:e2:6a:66:11:b6:39:e8:19:97:e9:16:07:ee:2f:42:dc:2b:
         53:c6:a8:71:6b:ab:d4:52:0e:3f:1e:6e:50:07:ea:48:35:df:
         52:67:56:cf:eb:44:3c:bb:b9:89:9a:be:76:ea:3f:e5:72:a2:
         d1:56:fa:19:ca:43:61:dc:93:d0:f9:a5:72:0f:d7:e0:87:66:
         ef:16:0a:15:44:89:79:cc:9c:1c:48:8b:33:5d:a7:cc:91:15:
         e1:30:2b:30:7a:dd:95:ad:f3:85:27:2c:76:dc:e2:53:3e:94:
         53:16:43:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3DwLPkWVI4tY6046tkz/OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyOWU2OWViOTlmZWMxMjU2MzczMTFkNDMwNTJmNzkzMWQ4
ZmRkMzIwHhcNMjUwNjI4MTUwMTQzWhcNMjUwNjI5MTUwMTQzWjAzMTEwLwYDVQQD
EyhmNDJiYjJmZTRlMzY2ZTUzZDhjODQ5ZjZjOWI0Y2U3YjMwMzczNzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Au/54GsxnM8BBQAXCPgDsTRj9/G
+vWaLdAo7LDqF5z3YY+hN6JZiyOuNGRis92LKDwB+11/shFHkOvg1JDB24ytZMRF
VTcRaSpe/EXRkCp/96PP638boQFRAiPBzWCi838M6jBPVOU6GkjYTVarXSKZLFtM
yRvB6P2GtTBkrDBuLdkoScqinrSLFLjrXGDFdNMrzgFG4YjJdVakKX2kXiVKKs/s
8axFwhGyMvNFoCzmiAa5Mlbb+6LYoe1rznOu5NsY/D5MApRi58BiRJb34Y2hS4/O
WOqMVIBOaLj1VexIzmAj78kx8kcjJQf2OpunvRov+BSn47Nk61C4rweKcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPQrsv5ONm5T2MhJ9sm0znswNzcTMB8GA1UdIwQY
MBaAFPKeaeuZ/sElY3MR1DBS95Mdj90yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHA1cDY1bi13U1ZqY3hIVU1GTDNreDJQM1RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC85YzgyNmQtOTNiOC00YzNhLWEyMWYt
NTEzNDAzZTNkODIwLzEvOHA1cDY1bi13U1ZqY3hIVU1GTDNreDJQM1RJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC85YzgyNmQtOTNiOC00YzNhLWEyMWYtNTEzNDAzZTNkODIw
LzEvOHA1cDY1bi13U1ZqY3hIVU1GTDNreDJQM1RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjkefUPCo
VLYkHEYLdYQz6GnDljK/zQARvFPZdRhpjtr/93UOqARVKy71zjpcYAnI864pPkrv
KAlUD4rXS+Qsg02f2qJYCMeFiR2lNgEG59XZNG96sBE6BoLdUoMVM0500pwOSw0c
kjaf/VHzuZZydjGqMwiVzypJiLkQ+qARppdk6P3y6X3Nnyc6llwUCjjDeuJqZhG2
OegZl+kWB+4vQtwrU8aocWur1FIOPx5uUAfqSDXfUmdWz+tEPLu5iZq+duo/5XKi
0Vb6GcpDYdyT0Pmlcg/X4Idm7xYKFUSJecycHEiLM12nzJEV4TArMHrdla3zhScs
dtziUz6UUxZDiQ==
-----END CERTIFICATE-----