Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/37e5cb-d9ee-45d3-95ab-0db0fd74db32/1/chgSXs-7IR7fwt4EcvlkqobL6Z4.mft
File:                     chgSXs-7IR7fwt4EcvlkqobL6Z4.mft (raw, json)
Hash identifier:          AlrNqLD4hzJxyp7+YgG5gi09SWlOKxPXXg+6dXMRi3k=
Subject key identifier:   23:6A:DF:63:2A:97:1B:06:5F:E3:68:34:3A:73:33:97:32:B5:0B:94
Authority key identifier: 72:18:12:5E:CF:BB:21:1E:DF:C2:DE:04:72:F9:64:AA:86:CB:E9:9E
Certificate issuer:       /CN=7218125ecfbb211edfc2de0472f964aa86cbe99e
Certificate serial:       0198D660E5DC8C22D295D7DF95D033F39CCF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/chgSXs-7IR7fwt4EcvlkqobL6Z4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/37e5cb-d9ee-45d3-95ab-0db0fd74db32/1/chgSXs-7IR7fwt4EcvlkqobL6Z4.mft
Manifest number:          0D2F
Signing time:             Sat 23 Aug 2025 10:02:11 +0000
Manifest this update:     Sat 23 Aug 2025 10:02:11 +0000
Manifest next update:     Sun 24 Aug 2025 10:02:11 +0000
Files and hashes:         1: chgSXs-7IR7fwt4EcvlkqobL6Z4.crl (hash: Y1+MnO7UBrgJGTBga2OKadBB8M3UFkEu89BrjAsTY5I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/86/37e5cb-d9ee-45d3-95ab-0db0fd74db32/1/chgSXs-7IR7fwt4EcvlkqobL6Z4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/86/37e5cb-d9ee-45d3-95ab-0db0fd74db32/1/chgSXs-7IR7fwt4EcvlkqobL6Z4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/chgSXs-7IR7fwt4EcvlkqobL6Z4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:e5:dc:8c:22:d2:95:d7:df:95:d0:33:f3:9c:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7218125ecfbb211edfc2de0472f964aa86cbe99e
        Validity
            Not Before: Aug 23 10:02:11 2025 GMT
            Not After : Aug 24 10:02:11 2025 GMT
        Subject: CN=236adf632a971b065fe368343a73339732b50b94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:f2:96:62:3a:cb:2a:26:b5:30:a3:95:a8:ce:
                    60:3d:e0:df:36:30:10:78:e2:98:f0:2d:f0:99:83:
                    93:3d:1c:95:a0:a6:51:dc:0b:26:4e:78:90:ba:24:
                    64:68:4d:18:64:2b:e1:8c:18:f9:0a:1d:ab:83:29:
                    87:8a:ee:2d:39:b7:9b:9d:42:70:9c:f3:f7:96:7f:
                    8c:97:8c:d3:27:20:fa:e0:eb:76:6d:05:11:73:95:
                    82:2e:0d:73:8e:3a:a5:b3:02:7e:b1:55:e7:78:09:
                    8d:e9:52:e3:84:bd:ee:e9:2f:c8:79:6f:b2:16:41:
                    11:3b:1c:c8:f9:d0:ff:56:34:a6:d8:89:96:3d:ce:
                    51:78:73:79:78:51:da:83:f8:f9:10:ed:30:45:79:
                    21:67:36:85:9d:ac:81:bc:0f:18:aa:e3:74:3c:30:
                    e5:46:ce:4a:89:af:8e:42:e2:4f:e6:b6:be:0e:d2:
                    3e:03:31:80:0a:db:95:aa:28:62:a2:bd:68:1f:13:
                    e9:98:33:08:91:75:e9:b8:ff:f9:f1:9b:7e:86:d7:
                    fb:e5:a0:71:81:60:77:a7:47:0a:4a:5d:31:04:24:
                    21:08:65:00:d2:73:86:47:59:15:c7:de:9c:e7:ea:
                    59:9a:3a:32:14:37:97:7b:5f:35:4f:fc:9e:35:5d:
                    ef:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:6A:DF:63:2A:97:1B:06:5F:E3:68:34:3A:73:33:97:32:B5:0B:94
            X509v3 Authority Key Identifier:
                keyid:72:18:12:5E:CF:BB:21:1E:DF:C2:DE:04:72:F9:64:AA:86:CB:E9:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/chgSXs-7IR7fwt4EcvlkqobL6Z4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/37e5cb-d9ee-45d3-95ab-0db0fd74db32/1/chgSXs-7IR7fwt4EcvlkqobL6Z4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/37e5cb-d9ee-45d3-95ab-0db0fd74db32/1/chgSXs-7IR7fwt4EcvlkqobL6Z4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:e4:9a:6c:9d:71:3d:c5:b6:f2:e3:60:36:ad:10:cc:f9:3e:
         d4:be:94:2d:1e:29:04:7d:aa:08:cf:e1:4c:e3:1d:a7:17:71:
         bc:0e:b1:bc:81:e4:ae:63:53:bc:3b:29:9d:38:59:61:7e:fe:
         93:8c:bf:48:fa:b5:2f:84:36:9f:76:5e:99:fb:0e:ab:e6:8d:
         f0:6e:6a:e3:30:f9:5c:90:76:81:2c:68:5f:ea:ca:fd:cc:aa:
         0b:c0:93:61:66:b9:f3:44:48:be:d3:2b:05:8c:c9:ef:7c:5b:
         f6:f9:5c:1d:a5:00:8c:f2:26:4a:2e:0a:42:eb:1a:f0:9b:36:
         54:b4:f2:61:fd:47:b7:3b:05:1a:f6:bb:a9:5b:f6:38:20:2a:
         b2:3a:ab:01:c8:75:1b:c0:23:57:49:53:29:9d:4e:b9:98:b7:
         91:83:60:59:17:17:42:58:7f:00:b3:b8:47:f0:94:d5:00:ba:
         34:74:3f:dd:e3:fb:56:18:3c:1b:82:dd:0e:11:72:dc:6d:8c:
         c6:1e:24:1b:96:8f:68:9c:25:ef:9d:35:76:2b:75:ba:1e:f5:
         29:67:b6:92:86:e4:4f:f9:93:46:17:0a:7f:36:75:54:79:21:
         61:21:47:0e:21:57:a1:fd:6c:ae:89:2a:0e:6d:08:e3:49:d9:
         07:31:d8:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYOXcjCLSldffldAz85zPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMTgxMjVlY2ZiYjIxMWVkZmMyZGUwNDcyZjk2NGFhODZj
YmU5OWUwHhcNMjUwODIzMTAwMjExWhcNMjUwODI0MTAwMjExWjAzMTEwLwYDVQQD
EygyMzZhZGY2MzJhOTcxYjA2NWZlMzY4MzQzYTczMzM5NzMyYjUwYjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPKWYjrLKia1MKOVqM5gPeDfNjAQ
eOKY8C3wmYOTPRyVoKZR3AsmTniQuiRkaE0YZCvhjBj5Ch2rgymHiu4tObebnUJw
nPP3ln+Ml4zTJyD64Ot2bQURc5WCLg1zjjqlswJ+sVXneAmN6VLjhL3u6S/IeW+y
FkEROxzI+dD/VjSm2ImWPc5ReHN5eFHag/j5EO0wRXkhZzaFnayBvA8YquN0PDDl
Rs5Kia+OQuJP5ra+DtI+AzGACtuVqihior1oHxPpmDMIkXXpuP/58Zt+htf75aBx
gWB3p0cKSl0xBCQhCGUA0nOGR1kVx96c5+pZmjoyFDeXe181T/yeNV3vTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCNq32MqlxsGX+NoNDpzM5cytQuUMB8GA1UdIwQY
MBaAFHIYEl7PuyEe38LeBHL5ZKqGy+meMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2hnU1hzLTdJUjdmd3Q0RWN2bGtxb2JMNlo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni8zN2U1Y2ItZDllZS00NWQzLTk1YWIt
MGRiMGZkNzRkYjMyLzEvY2hnU1hzLTdJUjdmd3Q0RWN2bGtxb2JMNlo0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni8zN2U1Y2ItZDllZS00NWQzLTk1YWItMGRiMGZkNzRkYjMy
LzEvY2hnU1hzLTdJUjdmd3Q0RWN2bGtxb2JMNlo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg+SabJ1x
PcW28uNgNq0QzPk+1L6ULR4pBH2qCM/hTOMdpxdxvA6xvIHkrmNTvDspnThZYX7+
k4y/SPq1L4Q2n3ZemfsOq+aN8G5q4zD5XJB2gSxoX+rK/cyqC8CTYWa580RIvtMr
BYzJ73xb9vlcHaUAjPImSi4KQusa8Js2VLTyYf1HtzsFGva7qVv2OCAqsjqrAch1
G8AjV0lTKZ1OuZi3kYNgWRcXQlh/ALO4R/CU1QC6NHQ/3eP7Vhg8G4LdDhFy3G2M
xh4kG5aPaJwl7501dit1uh71KWe2kobkT/mTRhcKfzZ1VHkhYSFHDiFXof1srokq
Dm0I40nZBzHYfA==
-----END CERTIFICATE-----