Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.mft
File:                     udCVzONbOja-8QjvdipiGvRmJiE.mft (raw, json)
Hash identifier:          j3ltglTD33F9KNf4rSnGMUJiuw8lJ2NdQBWz+lQdOrg=
Subject key identifier:   65:42:6D:9F:A1:43:F6:2B:4B:91:55:EA:34:85:3D:0D:5E:A8:21:03
Authority key identifier: B9:D0:95:CC:E3:5B:3A:36:BE:F1:08:EF:76:2A:62:1A:F4:66:26:21
Certificate issuer:       /CN=b9d095cce35b3a36bef108ef762a621af4662621
Certificate serial:       0198D5F19EC2F05FB4ED116E9B9E42641BB1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/udCVzONbOja-8QjvdipiGvRmJiE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.mft
Manifest number:          039E
Signing time:             Sat 23 Aug 2025 08:00:38 +0000
Manifest this update:     Sat 23 Aug 2025 08:00:38 +0000
Manifest next update:     Sun 24 Aug 2025 08:00:38 +0000
Files and hashes:         1: udCVzONbOja-8QjvdipiGvRmJiE.crl (hash: H2ALx89xXqU0ByGQGyCJxGVfLIIalqrdvAvWGyrZZBM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/udCVzONbOja-8QjvdipiGvRmJiE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:f1:9e:c2:f0:5f:b4:ed:11:6e:9b:9e:42:64:1b:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9d095cce35b3a36bef108ef762a621af4662621
        Validity
            Not Before: Aug 23 08:00:38 2025 GMT
            Not After : Aug 24 08:00:38 2025 GMT
        Subject: CN=65426d9fa143f62b4b9155ea34853d0d5ea82103
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:7b:51:e0:5d:09:df:a3:07:b9:68:03:33:10:
                    0e:9c:4f:e4:2b:2f:3f:fa:90:03:a3:1a:0e:48:9d:
                    21:21:89:9b:95:d0:22:dd:c2:1e:5f:fd:94:79:99:
                    7f:71:77:c4:32:34:1f:11:ac:6f:bf:be:ca:ea:11:
                    b1:78:6c:da:1f:58:58:aa:3e:8e:71:21:1a:c6:ca:
                    60:d1:97:4c:6b:7e:80:f3:27:bb:cd:a8:20:da:ba:
                    b0:70:f4:d2:91:88:d7:d8:25:6f:43:73:54:f7:e5:
                    84:03:df:cf:a6:d3:69:b2:af:cc:70:bf:bd:b1:fe:
                    00:a7:39:1f:25:34:32:da:6b:82:60:84:2a:a7:52:
                    81:56:bd:59:8d:a9:12:51:3d:0c:5c:5d:ba:71:21:
                    d6:de:1d:0c:ec:40:d1:9d:13:75:f3:ec:fd:6b:13:
                    9c:ed:ba:50:ee:90:54:1b:38:14:1f:c4:05:a9:32:
                    c2:a2:04:18:ca:68:ef:57:71:43:0e:20:17:fd:09:
                    e7:c4:bd:fe:02:6e:c3:db:28:a1:3d:96:e7:51:aa:
                    88:53:39:e9:fc:9d:aa:89:36:bd:be:3c:ee:2b:fd:
                    a3:fc:82:51:68:4c:44:7a:f7:eb:9b:ce:14:15:fa:
                    85:02:8d:fb:86:46:a8:a5:31:c2:e7:4d:a2:67:1d:
                    a8:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:42:6D:9F:A1:43:F6:2B:4B:91:55:EA:34:85:3D:0D:5E:A8:21:03
            X509v3 Authority Key Identifier:
                keyid:B9:D0:95:CC:E3:5B:3A:36:BE:F1:08:EF:76:2A:62:1A:F4:66:26:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/udCVzONbOja-8QjvdipiGvRmJiE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:40:6e:62:b7:64:78:3e:89:34:e4:36:bc:32:f2:e1:a9:25:
         6d:11:94:c9:bf:80:2e:17:65:95:74:36:e0:4d:19:3f:6c:ab:
         5a:60:8c:32:25:b2:87:c1:17:26:8b:b0:7e:b2:f5:4f:03:c1:
         58:a1:0c:65:d5:c0:8f:5c:f4:21:46:f0:b6:6e:66:02:51:81:
         d0:84:0f:09:75:e4:9b:7f:65:44:80:39:c8:e3:3a:94:1f:8a:
         b2:a7:ca:fc:5c:f3:c8:c0:38:d6:8b:cb:02:e1:9a:e2:0e:80:
         30:ca:29:03:56:b1:7d:4d:f4:ba:6e:a5:5d:29:e2:62:27:44:
         85:1e:2f:e4:9d:da:d1:8f:bf:f5:18:a5:35:eb:b5:44:af:02:
         d1:23:98:b0:e0:7e:04:d9:8a:be:a9:cb:84:b5:6e:85:f9:f7:
         bc:aa:45:9e:10:e8:3c:4a:dc:35:ff:e3:c0:93:4d:28:f0:9f:
         03:c0:80:8c:18:12:01:47:05:b6:22:7a:88:fe:3b:bb:5c:4b:
         f2:32:02:96:0c:7e:bb:20:c0:47:e5:bb:bd:9a:c3:49:00:20:
         f5:4d:cc:b5:f4:92:71:73:3b:bc:4e:76:48:20:4b:04:aa:39:
         c4:c7:7e:14:51:d3:c9:a0:d6:7d:c7:ac:a3:de:2c:82:46:34:
         fa:f5:70:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjV8Z7C8F+07RFum55CZBuxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZDA5NWNjZTM1YjNhMzZiZWYxMDhlZjc2MmE2MjFhZjQ2
NjI2MjEwHhcNMjUwODIzMDgwMDM4WhcNMjUwODI0MDgwMDM4WjAzMTEwLwYDVQQD
Eyg2NTQyNmQ5ZmExNDNmNjJiNGI5MTU1ZWEzNDg1M2QwZDVlYTgyMTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXtR4F0J36MHuWgDMxAOnE/kKy8/
+pADoxoOSJ0hIYmbldAi3cIeX/2UeZl/cXfEMjQfEaxvv77K6hGxeGzaH1hYqj6O
cSEaxspg0ZdMa36A8ye7zagg2rqwcPTSkYjX2CVvQ3NU9+WEA9/PptNpsq/McL+9
sf4ApzkfJTQy2muCYIQqp1KBVr1ZjakSUT0MXF26cSHW3h0M7EDRnRN18+z9axOc
7bpQ7pBUGzgUH8QFqTLCogQYymjvV3FDDiAX/QnnxL3+Am7D2yihPZbnUaqIUznp
/J2qiTa9vjzuK/2j/IJRaExEevfrm84UFfqFAo37hkaopTHC502iZx2okQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGVCbZ+hQ/YrS5FV6jSFPQ1eqCEDMB8GA1UdIwQY
MBaAFLnQlczjWzo2vvEI73YqYhr0ZiYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWRDVnpPTmJPamEtOFFqdmRpcGlHdlJtSmlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8yODFjYzItOTU5ZS00MTkyLWJkZGUt
OGM3MGJjODQ3YmM1LzEvdWRDVnpPTmJPamEtOFFqdmRpcGlHdlJtSmlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8yODFjYzItOTU5ZS00MTkyLWJkZGUtOGM3MGJjODQ3YmM1
LzEvdWRDVnpPTmJPamEtOFFqdmRpcGlHdlJtSmlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGEBuYrdk
eD6JNOQ2vDLy4aklbRGUyb+ALhdllXQ24E0ZP2yrWmCMMiWyh8EXJouwfrL1TwPB
WKEMZdXAj1z0IUbwtm5mAlGB0IQPCXXkm39lRIA5yOM6lB+KsqfK/FzzyMA41ovL
AuGa4g6AMMopA1axfU30um6lXSniYidEhR4v5J3a0Y+/9RilNeu1RK8C0SOYsOB+
BNmKvqnLhLVuhfn3vKpFnhDoPErcNf/jwJNNKPCfA8CAjBgSAUcFtiJ6iP47u1xL
8jIClgx+uyDAR+W7vZrDSQAg9U3MtfSScXM7vE52SCBLBKo5xMd+FFHTyaDWfces
o94sgkY0+vVw2Q==
-----END CERTIFICATE-----