Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/1ce3e3-c859-4b71-b6d2-9359d8de2975/1/iQ8_qyNJwBsayP0LkhxgMYzhhNY.mft
File:                     iQ8_qyNJwBsayP0LkhxgMYzhhNY.mft (raw, json)
Hash identifier:          Z8TAMEBY3qzZhWpzzxIwLiHTKNQIZme5vaOOw2UqrmE=
Subject key identifier:   72:6D:37:0C:AC:8C:8C:59:3A:66:8B:C2:ED:1F:29:FF:EB:3C:6F:94
Authority key identifier: 89:0F:3F:AB:23:49:C0:1B:1A:C8:FD:0B:92:1C:60:31:8C:E1:84:D6
Certificate issuer:       /CN=890f3fab2349c01b1ac8fd0b921c60318ce184d6
Certificate serial:       0198D5839F0BD64B971DD5FCE7DBA96137D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iQ8_qyNJwBsayP0LkhxgMYzhhNY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/1ce3e3-c859-4b71-b6d2-9359d8de2975/1/iQ8_qyNJwBsayP0LkhxgMYzhhNY.mft
Manifest number:          0621
Signing time:             Sat 23 Aug 2025 06:00:29 +0000
Manifest this update:     Sat 23 Aug 2025 06:00:29 +0000
Manifest next update:     Sun 24 Aug 2025 06:00:29 +0000
Files and hashes:         1: iQ8_qyNJwBsayP0LkhxgMYzhhNY.crl (hash: 9CUZJKiU0IigF//Fj1KGMnOAAtB3ua3zbmnWtR3qDsk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/1ce3e3-c859-4b71-b6d2-9359d8de2975/1/iQ8_qyNJwBsayP0LkhxgMYzhhNY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/1ce3e3-c859-4b71-b6d2-9359d8de2975/1/iQ8_qyNJwBsayP0LkhxgMYzhhNY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iQ8_qyNJwBsayP0LkhxgMYzhhNY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 06:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:83:9f:0b:d6:4b:97:1d:d5:fc:e7:db:a9:61:37:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=890f3fab2349c01b1ac8fd0b921c60318ce184d6
        Validity
            Not Before: Aug 23 06:00:29 2025 GMT
            Not After : Aug 24 06:00:29 2025 GMT
        Subject: CN=726d370cac8c8c593a668bc2ed1f29ffeb3c6f94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:b2:24:95:6c:21:d1:fd:2c:ce:80:aa:74:94:
                    2a:b9:b7:1f:d8:e8:b6:95:ee:84:2e:3e:5d:3a:b1:
                    dc:41:b4:c1:c8:48:c6:c8:53:69:94:56:26:55:03:
                    75:57:fc:e4:e9:0a:e1:19:78:9d:cc:d4:8f:71:13:
                    d0:3d:a0:0e:8a:6a:df:25:ec:e4:60:05:fd:b0:4a:
                    75:0a:b7:03:0f:36:34:e1:e4:8c:11:57:9d:95:f8:
                    de:f9:13:cb:15:e8:a0:91:4c:1d:0f:46:9f:40:b0:
                    be:b7:e9:85:22:59:41:74:99:ed:a0:f5:30:8d:ff:
                    73:f9:8d:62:6e:4e:40:ca:79:d9:0b:a2:27:1b:af:
                    fc:b3:30:26:f7:f3:fc:51:e2:d6:69:3c:2e:ff:ce:
                    d4:df:cc:2b:7b:45:d5:2a:b8:63:cc:65:9f:8e:5e:
                    99:a9:70:fb:09:64:db:99:52:72:d1:1b:46:2d:af:
                    ac:c1:52:fb:1c:a5:98:87:6d:e7:78:54:b2:08:6e:
                    ad:ce:38:25:95:e0:11:8f:bc:ff:92:44:56:b1:d9:
                    ef:f4:34:a1:d4:40:31:8d:ef:a7:19:4e:c0:76:06:
                    3c:37:3a:9c:8e:e8:8c:c9:45:bb:fa:13:37:41:24:
                    15:9b:e6:65:53:ce:68:12:84:02:a3:a0:62:2c:aa:
                    7c:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:6D:37:0C:AC:8C:8C:59:3A:66:8B:C2:ED:1F:29:FF:EB:3C:6F:94
            X509v3 Authority Key Identifier:
                keyid:89:0F:3F:AB:23:49:C0:1B:1A:C8:FD:0B:92:1C:60:31:8C:E1:84:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQ8_qyNJwBsayP0LkhxgMYzhhNY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/1ce3e3-c859-4b71-b6d2-9359d8de2975/1/iQ8_qyNJwBsayP0LkhxgMYzhhNY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/1ce3e3-c859-4b71-b6d2-9359d8de2975/1/iQ8_qyNJwBsayP0LkhxgMYzhhNY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:4e:59:85:e2:dd:7d:ac:5d:04:33:14:30:28:ae:32:88:8f:
         16:ed:5f:f6:09:12:31:5d:ae:ae:88:f5:c0:53:a4:3e:ca:ea:
         10:43:a8:64:e5:5d:93:63:96:90:da:89:c0:9b:ff:e0:b0:f8:
         3e:ad:70:6c:69:f6:d1:39:e1:99:15:cb:c6:17:38:d0:08:ec:
         65:0f:a0:99:01:68:97:bf:be:ea:e8:fb:13:63:e4:2f:0e:1a:
         7f:1b:85:d6:a6:47:f4:e6:1f:9c:d9:ab:ae:3e:3d:8e:68:df:
         51:21:0b:77:57:db:f8:05:9b:1a:aa:f2:80:0e:ed:66:01:d6:
         1d:7d:48:e6:85:47:11:6d:ab:eb:63:d8:c8:a4:44:62:21:5a:
         14:91:9d:e0:05:95:5e:bc:6d:e0:3f:e6:ee:5f:bf:2b:3b:7f:
         0f:56:99:52:ed:70:dc:9a:92:8a:e8:05:18:e4:0a:af:98:74:
         4b:67:91:4f:29:af:79:6a:71:98:56:44:d5:fc:eb:43:b4:ba:
         ab:7c:95:32:9b:e4:e8:3b:16:ea:7f:51:3e:bd:fc:75:58:ad:
         51:e4:c7:f5:3c:7c:5f:cb:ad:c2:bc:dc:6e:ea:13:84:b1:21:
         f1:5c:c3:d5:46:83:8f:ae:07:93:00:a4:a2:e5:be:b3:2a:18:
         44:43:39:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVg58L1kuXHdX859upYTfTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MGYzZmFiMjM0OWMwMWIxYWM4ZmQwYjkyMWM2MDMxOGNl
MTg0ZDYwHhcNMjUwODIzMDYwMDI5WhcNMjUwODI0MDYwMDI5WjAzMTEwLwYDVQQD
Eyg3MjZkMzcwY2FjOGM4YzU5M2E2NjhiYzJlZDFmMjlmZmViM2M2Zjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprIklWwh0f0szoCqdJQqubcf2Oi2
le6ELj5dOrHcQbTByEjGyFNplFYmVQN1V/zk6QrhGXidzNSPcRPQPaAOimrfJezk
YAX9sEp1CrcDDzY04eSMEVedlfje+RPLFeigkUwdD0afQLC+t+mFIllBdJntoPUw
jf9z+Y1ibk5AynnZC6InG6/8szAm9/P8UeLWaTwu/87U38wre0XVKrhjzGWfjl6Z
qXD7CWTbmVJy0RtGLa+swVL7HKWYh23neFSyCG6tzjglleARj7z/kkRWsdnv9DSh
1EAxje+nGU7AdgY8NzqcjuiMyUW7+hM3QSQVm+ZlU85oEoQCo6BiLKp8zQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHJtNwysjIxZOmaLwu0fKf/rPG+UMB8GA1UdIwQY
MBaAFIkPP6sjScAbGsj9C5IcYDGM4YTWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVE4X3F5Tkp3QnNheVAwTGtoeGdNWXpoaE5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS8xY2UzZTMtYzg1OS00YjcxLWI2ZDIt
OTM1OWQ4ZGUyOTc1LzEvaVE4X3F5Tkp3QnNheVAwTGtoeGdNWXpoaE5ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS8xY2UzZTMtYzg1OS00YjcxLWI2ZDItOTM1OWQ4ZGUyOTc1
LzEvaVE4X3F5Tkp3QnNheVAwTGtoeGdNWXpoaE5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnk5ZheLd
faxdBDMUMCiuMoiPFu1f9gkSMV2uroj1wFOkPsrqEEOoZOVdk2OWkNqJwJv/4LD4
Pq1wbGn20TnhmRXLxhc40AjsZQ+gmQFol7++6uj7E2PkLw4afxuF1qZH9OYfnNmr
rj49jmjfUSELd1fb+AWbGqrygA7tZgHWHX1I5oVHEW2r62PYyKREYiFaFJGd4AWV
Xrxt4D/m7l+/Kzt/D1aZUu1w3JqSiugFGOQKr5h0S2eRTymveWpxmFZE1fzrQ7S6
q3yVMpvk6DsW6n9RPr38dVitUeTH9Tx8X8utwrzcbuoThLEh8VzD1UaDj64HkwCk
ouW+syoYREM5fg==
-----END CERTIFICATE-----