Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/295c95-e367-4ca2-9bd5-ab997fc650e4/1/a-SeWhSwy_QQTANLVyoPnxVKmXU.mft
File:                     a-SeWhSwy_QQTANLVyoPnxVKmXU.mft (raw, json)
Hash identifier:          TcbvfER/fkYt9Aan9S5Pkip+xj00CgaD3ud9mECEUbs=
Subject key identifier:   32:A4:FE:87:AD:A3:A1:F5:77:72:02:72:80:D3:3D:4E:36:6B:FF:B6
Authority key identifier: 6B:E4:9E:5A:14:B0:CB:F4:10:4C:03:4B:57:2A:0F:9F:15:4A:99:75
Certificate issuer:       /CN=6be49e5a14b0cbf4104c034b572a0f9f154a9975
Certificate serial:       0198D705E210E03CF674B2C260F798CD3513
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a-SeWhSwy_QQTANLVyoPnxVKmXU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/295c95-e367-4ca2-9bd5-ab997fc650e4/1/a-SeWhSwy_QQTANLVyoPnxVKmXU.mft
Manifest number:          04EF
Signing time:             Sat 23 Aug 2025 13:02:23 +0000
Manifest this update:     Sat 23 Aug 2025 13:02:23 +0000
Manifest next update:     Sun 24 Aug 2025 13:02:23 +0000
Files and hashes:         1: a-SeWhSwy_QQTANLVyoPnxVKmXU.crl (hash: B0Wka5JdlfwZaXw2vLe8493R6Vha5TKKoON5rUvpN50=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/295c95-e367-4ca2-9bd5-ab997fc650e4/1/a-SeWhSwy_QQTANLVyoPnxVKmXU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/295c95-e367-4ca2-9bd5-ab997fc650e4/1/a-SeWhSwy_QQTANLVyoPnxVKmXU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a-SeWhSwy_QQTANLVyoPnxVKmXU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 12:50:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:05:e2:10:e0:3c:f6:74:b2:c2:60:f7:98:cd:35:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6be49e5a14b0cbf4104c034b572a0f9f154a9975
        Validity
            Not Before: Aug 23 13:02:23 2025 GMT
            Not After : Aug 24 13:02:23 2025 GMT
        Subject: CN=32a4fe87ada3a1f57772027280d33d4e366bffb6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:e0:42:35:cb:d8:74:df:28:fe:a2:e6:f5:d8:
                    a5:09:41:45:33:28:d8:f6:42:7e:ad:00:4b:f5:d3:
                    5a:1a:ce:65:33:48:11:8d:92:d8:99:40:ca:e1:34:
                    61:95:2c:19:cc:a2:3e:e3:85:dd:a5:dc:a8:19:05:
                    83:f2:7b:5f:50:6f:9b:bb:75:56:cc:96:b9:68:f9:
                    f7:b6:a2:2c:6a:40:da:05:35:1f:e6:8c:f6:35:13:
                    81:ae:3a:08:50:1b:58:d4:6a:c0:0c:d0:4e:0f:7e:
                    70:b2:1e:98:ff:e1:e8:0e:d5:b6:66:4f:05:24:78:
                    c1:fd:5b:3d:bb:39:23:e3:04:b5:95:8c:ba:a1:8b:
                    90:53:99:3d:46:98:59:f1:55:05:f3:b5:3e:40:9b:
                    b8:2f:cd:42:ee:04:07:71:e8:6c:7a:75:3a:e9:53:
                    88:5c:55:e4:4e:19:e2:5b:a9:40:19:fd:8a:53:ce:
                    52:cf:a5:ea:66:56:03:e0:b2:e1:8e:9d:06:fe:c3:
                    92:7e:55:03:f4:67:cb:c1:8c:c6:86:a1:5e:ed:59:
                    95:c7:18:b2:f0:bd:d4:8a:5d:04:aa:2e:6d:dc:37:
                    a7:87:02:2b:2c:f6:6d:9f:61:05:84:85:9b:cf:07:
                    9e:d2:db:aa:77:01:f7:03:b7:6f:36:99:c4:7e:63:
                    3f:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:A4:FE:87:AD:A3:A1:F5:77:72:02:72:80:D3:3D:4E:36:6B:FF:B6
            X509v3 Authority Key Identifier:
                keyid:6B:E4:9E:5A:14:B0:CB:F4:10:4C:03:4B:57:2A:0F:9F:15:4A:99:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a-SeWhSwy_QQTANLVyoPnxVKmXU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/295c95-e367-4ca2-9bd5-ab997fc650e4/1/a-SeWhSwy_QQTANLVyoPnxVKmXU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/295c95-e367-4ca2-9bd5-ab997fc650e4/1/a-SeWhSwy_QQTANLVyoPnxVKmXU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:ef:18:05:f5:c1:d6:36:08:24:1a:26:98:5b:b4:ff:2c:38:
         47:86:97:d1:56:c7:5f:e2:c6:a0:14:9d:6c:01:ea:cf:51:c1:
         5a:92:cd:f3:93:1a:05:6d:3d:e9:a0:bb:57:2b:31:08:a9:51:
         66:34:2c:a2:28:5f:0c:76:b9:47:5c:7b:d2:59:0e:56:ac:56:
         d7:0a:14:a5:94:9f:a7:ae:51:28:84:e3:ec:6d:b1:12:45:d8:
         38:c9:fa:01:ed:de:aa:ed:b3:eb:33:8c:7b:52:12:78:37:b4:
         db:67:a1:58:1c:9d:14:95:4a:58:04:2a:55:52:04:84:d6:ea:
         84:90:ef:b5:4e:5c:ac:39:c1:0a:c4:ff:e4:ef:4a:b9:05:ec:
         a4:f7:11:6a:f3:4c:73:8f:7f:25:6f:fb:68:07:41:8d:6c:81:
         52:17:2d:c1:35:b9:b9:91:9d:92:34:21:8c:17:8f:d9:ae:98:
         ef:de:bb:44:23:45:f4:4f:85:75:a6:07:6f:93:5d:b8:6c:74:
         c1:b1:44:43:d5:4a:58:8e:fe:9c:88:7e:fa:18:b9:fd:e3:8e:
         ee:f8:8c:8b:ee:9f:17:48:2c:f7:01:2d:0f:9a:cc:3f:11:be:
         9d:e1:85:78:c6:f1:05:02:5e:82:25:1f:d0:9c:64:88:0a:5b:
         7a:9a:1e:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXBeIQ4Dz2dLLCYPeYzTUTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiZTQ5ZTVhMTRiMGNiZjQxMDRjMDM0YjU3MmEwZjlmMTU0
YTk5NzUwHhcNMjUwODIzMTMwMjIzWhcNMjUwODI0MTMwMjIzWjAzMTEwLwYDVQQD
EygzMmE0ZmU4N2FkYTNhMWY1Nzc3MjAyNzI4MGQzM2Q0ZTM2NmJmZmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOBCNcvYdN8o/qLm9dilCUFFMyjY
9kJ+rQBL9dNaGs5lM0gRjZLYmUDK4TRhlSwZzKI+44XdpdyoGQWD8ntfUG+bu3VW
zJa5aPn3tqIsakDaBTUf5oz2NROBrjoIUBtY1GrADNBOD35wsh6Y/+HoDtW2Zk8F
JHjB/Vs9uzkj4wS1lYy6oYuQU5k9RphZ8VUF87U+QJu4L81C7gQHcehsenU66VOI
XFXkThniW6lAGf2KU85Sz6XqZlYD4LLhjp0G/sOSflUD9GfLwYzGhqFe7VmVxxiy
8L3Uil0Eqi5t3DenhwIrLPZtn2EFhIWbzwee0tuqdwH3A7dvNpnEfmM/KwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDKk/oeto6H1d3ICcoDTPU42a/+2MB8GA1UdIwQY
MBaAFGvknloUsMv0EEwDS1cqD58VSpl1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYS1TZVdoU3d5X1FRVEFOTFZ5b1BueFZLbVhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8yOTVjOTUtZTM2Ny00Y2EyLTliZDUt
YWI5OTdmYzY1MGU0LzEvYS1TZVdoU3d5X1FRVEFOTFZ5b1BueFZLbVhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny8yOTVjOTUtZTM2Ny00Y2EyLTliZDUtYWI5OTdmYzY1MGU0
LzEvYS1TZVdoU3d5X1FRVEFOTFZ5b1BueFZLbVhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADu8YBfXB
1jYIJBommFu0/yw4R4aX0VbHX+LGoBSdbAHqz1HBWpLN85MaBW096aC7VysxCKlR
ZjQsoihfDHa5R1x70lkOVqxW1woUpZSfp65RKITj7G2xEkXYOMn6Ae3equ2z6zOM
e1ISeDe022ehWBydFJVKWAQqVVIEhNbqhJDvtU5crDnBCsT/5O9KuQXspPcRavNM
c49/JW/7aAdBjWyBUhctwTW5uZGdkjQhjBeP2a6Y7967RCNF9E+FdaYHb5NduGx0
wbFEQ9VKWI7+nIh++hi5/eOO7viMi+6fF0gs9wEtD5rMPxG+neGFeMbxBQJegiUf
0JxkiApbepoerw==
-----END CERTIFICATE-----