Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/ef9479-2994-449c-9d9c-e1dc69e333df/1/z39cWYBZ4a5ZdsgeorgmaX7hmQY.mft
File:                     z39cWYBZ4a5ZdsgeorgmaX7hmQY.mft (raw, json)
Hash identifier:          uXpi4BO5Wc5ocakhE1RTQ3zEoXPg8kXm5Kzr+U/go6E=
Subject key identifier:   02:AC:60:DA:4A:22:91:52:0B:FD:10:C4:B5:97:BC:26:24:4F:4E:8D
Authority key identifier: CF:7F:5C:59:80:59:E1:AE:59:76:C8:1E:A2:B8:26:69:7E:E1:99:06
Certificate issuer:       /CN=cf7f5c598059e1ae5976c81ea2b826697ee19906
Certificate serial:       0198D54E09F147B0C22A3D2D103EA25A8CC5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z39cWYBZ4a5ZdsgeorgmaX7hmQY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/ef9479-2994-449c-9d9c-e1dc69e333df/1/z39cWYBZ4a5ZdsgeorgmaX7hmQY.mft
Manifest number:          04E8
Signing time:             Sat 23 Aug 2025 05:01:58 +0000
Manifest this update:     Sat 23 Aug 2025 05:01:58 +0000
Manifest next update:     Sun 24 Aug 2025 05:01:58 +0000
Files and hashes:         1: z39cWYBZ4a5ZdsgeorgmaX7hmQY.crl (hash: XALclCQWowGKPN04IHIeoHex6q3XNqBsBA9ni07tr/A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7d/ef9479-2994-449c-9d9c-e1dc69e333df/1/z39cWYBZ4a5ZdsgeorgmaX7hmQY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7d/ef9479-2994-449c-9d9c-e1dc69e333df/1/z39cWYBZ4a5ZdsgeorgmaX7hmQY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z39cWYBZ4a5ZdsgeorgmaX7hmQY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:4e:09:f1:47:b0:c2:2a:3d:2d:10:3e:a2:5a:8c:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf7f5c598059e1ae5976c81ea2b826697ee19906
        Validity
            Not Before: Aug 23 05:01:58 2025 GMT
            Not After : Aug 24 05:01:58 2025 GMT
        Subject: CN=02ac60da4a2291520bfd10c4b597bc26244f4e8d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:67:b9:fb:9b:09:b1:f0:71:77:69:19:e5:43:
                    9e:35:f0:c9:12:fa:14:37:dc:36:0d:b4:f7:fb:fe:
                    02:1b:aa:00:bd:57:6f:a9:fb:58:0d:0f:f2:26:61:
                    52:e5:d5:33:cc:ac:b6:6e:47:d3:bb:82:ae:24:88:
                    94:15:1f:e1:7a:e9:32:89:5e:c9:94:79:d9:73:3d:
                    0c:b1:5b:46:ff:f4:30:09:f8:c8:b3:7e:cc:bf:bc:
                    41:3d:a6:e0:e5:1b:70:31:bd:0a:fa:ab:24:7c:30:
                    23:1a:28:5d:b4:2f:22:44:77:86:3f:cb:a1:8d:b7:
                    68:43:09:e9:43:ca:84:35:a8:11:53:d3:f2:07:9f:
                    93:b5:75:1c:9d:f0:15:00:77:74:ee:d6:29:a7:a2:
                    57:99:e9:12:7a:9d:14:74:32:f9:a9:5b:2a:d9:de:
                    81:3a:0e:44:00:f4:82:57:cd:b8:74:d5:7b:e5:ba:
                    9f:50:05:9c:94:a2:9b:b8:36:27:6b:ba:8e:bb:eb:
                    78:36:4c:3f:33:fe:eb:60:81:bc:6d:21:ad:d3:79:
                    c1:78:1e:16:c8:6a:b2:ef:85:73:65:e5:fc:2c:b2:
                    4d:ed:0d:66:bb:60:91:01:81:9c:c5:28:d5:f5:78:
                    4d:e6:2f:d8:45:7b:8f:13:c6:a8:7a:ec:6e:c1:7a:
                    12:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:AC:60:DA:4A:22:91:52:0B:FD:10:C4:B5:97:BC:26:24:4F:4E:8D
            X509v3 Authority Key Identifier:
                keyid:CF:7F:5C:59:80:59:E1:AE:59:76:C8:1E:A2:B8:26:69:7E:E1:99:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z39cWYBZ4a5ZdsgeorgmaX7hmQY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ef9479-2994-449c-9d9c-e1dc69e333df/1/z39cWYBZ4a5ZdsgeorgmaX7hmQY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ef9479-2994-449c-9d9c-e1dc69e333df/1/z39cWYBZ4a5ZdsgeorgmaX7hmQY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:a3:8e:e7:ae:ae:4d:df:2e:45:d9:36:ac:be:64:ae:3b:3e:
         5e:f5:e2:ee:6d:d7:be:4f:18:08:fe:8d:76:9c:e3:79:da:ba:
         d5:5d:88:f2:40:87:19:84:bb:62:5f:10:e5:e0:71:23:16:1c:
         07:ab:58:ff:18:fb:63:10:4b:71:e7:56:0e:55:d2:24:09:26:
         ee:5e:0d:2b:41:07:65:ef:20:15:86:08:a5:2b:46:ce:05:20:
         39:cd:33:ad:b7:a1:70:d3:4e:0a:a1:ed:e6:20:da:e2:ab:7d:
         5b:e2:f2:45:81:ce:00:b1:a4:92:dd:53:46:66:19:88:06:18:
         3d:cb:8c:66:80:54:a7:25:16:bd:c5:d4:8d:6c:00:70:5f:39:
         15:f0:4d:79:79:4e:0c:96:24:36:bb:f0:fe:fd:4b:9f:96:07:
         d1:48:fe:0e:d6:95:7a:6b:e9:bd:5b:f1:6f:f3:5f:f3:b0:6a:
         d8:52:4f:89:e8:e5:73:d0:07:39:f6:92:72:07:37:9b:11:31:
         fc:d4:96:bb:76:15:a9:e1:ae:8f:e1:57:7c:7a:b8:48:05:1f:
         c0:61:12:d9:6e:6b:94:b2:e1:2d:13:94:bf:08:98:ff:c8:59:
         58:d0:87:3a:5f:83:52:76:0a:63:3e:3f:0a:9e:ce:7c:70:9b:
         6a:5c:9e:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTgnxR7DCKj0tED6iWozFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmN2Y1YzU5ODA1OWUxYWU1OTc2YzgxZWEyYjgyNjY5N2Vl
MTk5MDYwHhcNMjUwODIzMDUwMTU4WhcNMjUwODI0MDUwMTU4WjAzMTEwLwYDVQQD
EygwMmFjNjBkYTRhMjI5MTUyMGJmZDEwYzRiNTk3YmMyNjI0NGY0ZThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzGe5+5sJsfBxd2kZ5UOeNfDJEvoU
N9w2DbT3+/4CG6oAvVdvqftYDQ/yJmFS5dUzzKy2bkfTu4KuJIiUFR/heukyiV7J
lHnZcz0MsVtG//QwCfjIs37Mv7xBPabg5RtwMb0K+qskfDAjGihdtC8iRHeGP8uh
jbdoQwnpQ8qENagRU9PyB5+TtXUcnfAVAHd07tYpp6JXmekSep0UdDL5qVsq2d6B
Og5EAPSCV824dNV75bqfUAWclKKbuDYna7qOu+t4Nkw/M/7rYIG8bSGt03nBeB4W
yGqy74VzZeX8LLJN7Q1mu2CRAYGcxSjV9XhN5i/YRXuPE8aoeuxuwXoSiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAKsYNpKIpFSC/0QxLWXvCYkT06NMB8GA1UdIwQY
MBaAFM9/XFmAWeGuWXbIHqK4Jml+4ZkGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejM5Y1dZQlo0YTVaZHNnZW9yZ21hWDdobVFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9lZjk0NzktMjk5NC00NDljLTlkOWMt
ZTFkYzY5ZTMzM2RmLzEvejM5Y1dZQlo0YTVaZHNnZW9yZ21hWDdobVFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9lZjk0NzktMjk5NC00NDljLTlkOWMtZTFkYzY5ZTMzM2Rm
LzEvejM5Y1dZQlo0YTVaZHNnZW9yZ21hWDdobVFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJqOO566u
Td8uRdk2rL5krjs+XvXi7m3Xvk8YCP6Ndpzjedq61V2I8kCHGYS7Yl8Q5eBxIxYc
B6tY/xj7YxBLcedWDlXSJAkm7l4NK0EHZe8gFYYIpStGzgUgOc0zrbehcNNOCqHt
5iDa4qt9W+LyRYHOALGkkt1TRmYZiAYYPcuMZoBUpyUWvcXUjWwAcF85FfBNeXlO
DJYkNrvw/v1Ln5YH0Uj+DtaVemvpvVvxb/Nf87Bq2FJPiejlc9AHOfaScgc3mxEx
/NSWu3YVqeGuj+FXfHq4SAUfwGES2W5rlLLhLROUvwiY/8hZWNCHOl+DUnYKYz4/
Cp7OfHCbalyeFg==
-----END CERTIFICATE-----