Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.mft
File:                     yh3vhAA2XhysFuj3iHCS2smDtz4.mft (raw, json)
Hash identifier:          zhJkHxA6N/u6KV1UsD+tO/mA4fiGrbAMQh0+MZthwug=
Subject key identifier:   FA:9A:F2:73:1F:3A:C9:A9:E8:18:D6:EC:0B:11:AA:62:10:FC:E2:73
Authority key identifier: CA:1D:EF:84:00:36:5E:1C:AC:16:E8:F7:88:70:92:DA:C9:83:B7:3E
Certificate issuer:       /CN=ca1def8400365e1cac16e8f7887092dac983b73e
Certificate serial:       0198D6CD86B1071E48489B8A5190474EB1BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yh3vhAA2XhysFuj3iHCS2smDtz4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.mft
Manifest number:          11E7
Signing time:             Sat 23 Aug 2025 12:00:50 +0000
Manifest this update:     Sat 23 Aug 2025 12:00:50 +0000
Manifest next update:     Sun 24 Aug 2025 12:00:50 +0000
Files and hashes:         1: yh3vhAA2XhysFuj3iHCS2smDtz4.crl (hash: b3l4YMOeqVg1Ye1Glesj+iWTadvTQjvmPxN5JsAYyds=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yh3vhAA2XhysFuj3iHCS2smDtz4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:cd:86:b1:07:1e:48:48:9b:8a:51:90:47:4e:b1:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca1def8400365e1cac16e8f7887092dac983b73e
        Validity
            Not Before: Aug 23 12:00:50 2025 GMT
            Not After : Aug 24 12:00:50 2025 GMT
        Subject: CN=fa9af2731f3ac9a9e818d6ec0b11aa6210fce273
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:ee:5b:4e:01:b8:ee:d1:09:e8:a4:5d:18:44:
                    0b:31:dd:7d:7d:4d:c1:77:26:da:f3:bc:04:f1:b5:
                    22:27:ac:08:0e:88:e3:5d:e1:01:2d:66:2d:2d:ac:
                    b6:0e:5e:3c:37:10:5d:66:68:c1:87:d2:5d:20:2d:
                    78:f2:b6:2d:fd:f4:d6:4d:45:0e:59:8b:f3:3c:de:
                    25:a3:21:af:72:66:e9:46:e0:53:62:88:e4:3c:2a:
                    7c:73:7a:ac:72:d7:50:af:99:e0:bb:08:34:34:3b:
                    4f:39:97:d4:13:66:a3:50:b9:b0:0e:f8:ce:89:fe:
                    9a:b0:46:e3:09:8f:65:4e:5d:d5:75:af:3b:0d:a1:
                    89:df:15:67:9b:f9:d5:ae:87:18:bd:1b:d7:9c:df:
                    d8:98:ca:b8:12:ff:38:a5:84:62:bd:38:0c:ae:a2:
                    79:04:6d:bd:07:08:a8:8a:45:69:d4:21:c0:30:e7:
                    e8:e6:c0:3a:25:f4:5d:63:34:cf:e1:97:37:ae:7e:
                    06:8f:1a:fe:82:3c:dd:1a:ae:1f:7e:7d:98:89:42:
                    bf:f1:01:a9:70:ab:55:c6:0f:d1:99:19:99:e6:2a:
                    da:92:a0:c1:8f:f2:52:d5:32:da:9a:57:93:48:1d:
                    93:51:15:54:76:b6:61:fa:06:08:aa:84:36:35:50:
                    1b:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:9A:F2:73:1F:3A:C9:A9:E8:18:D6:EC:0B:11:AA:62:10:FC:E2:73
            X509v3 Authority Key Identifier:
                keyid:CA:1D:EF:84:00:36:5E:1C:AC:16:E8:F7:88:70:92:DA:C9:83:B7:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yh3vhAA2XhysFuj3iHCS2smDtz4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:5b:4a:59:ab:1b:15:37:01:b5:71:55:99:10:6a:b9:85:f3:
         0f:31:33:6b:86:ca:c8:f3:1a:cc:16:63:21:af:8d:04:d6:47:
         03:14:e7:b6:8d:6b:f1:e4:ed:f0:75:1b:f1:ae:d9:67:60:eb:
         df:9b:e0:e0:6b:e5:0e:d1:96:59:6e:1e:ae:24:41:8a:c9:3e:
         5a:23:c1:09:5b:c0:ad:74:8b:96:de:bf:f7:47:86:87:21:48:
         2b:5f:0f:ba:ce:b9:01:31:89:e6:e8:ee:c7:b9:6c:26:91:5f:
         e9:80:7b:c0:44:8a:e2:09:05:6b:48:7f:99:57:71:9b:2f:91:
         1f:cb:18:55:50:cf:bd:6d:48:6c:90:2f:13:7f:e3:35:b4:24:
         56:1c:2a:9a:56:c6:f2:fc:f4:0a:df:55:bd:14:80:b0:59:3f:
         49:c7:5f:44:76:2b:21:62:7e:96:e2:58:7e:54:bd:0a:7e:81:
         54:21:b6:66:74:3a:c0:b7:9a:77:cb:33:5c:f0:9e:19:eb:ea:
         78:ab:b3:a9:4c:e6:87:33:8b:98:1a:91:c1:87:95:98:9d:2a:
         ba:8a:e1:ab:eb:fe:6a:5a:28:1c:5a:9b:34:d4:fc:f1:6b:bb:
         d4:4c:a1:e4:7f:68:b4:1e:0f:29:63:b4:8a:40:6b:ba:c0:23:
         87:b9:e7:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWzYaxBx5ISJuKUZBHTrG9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMWRlZjg0MDAzNjVlMWNhYzE2ZThmNzg4NzA5MmRhYzk4
M2I3M2UwHhcNMjUwODIzMTIwMDUwWhcNMjUwODI0MTIwMDUwWjAzMTEwLwYDVQQD
EyhmYTlhZjI3MzFmM2FjOWE5ZTgxOGQ2ZWMwYjExYWE2MjEwZmNlMjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyu5bTgG47tEJ6KRdGEQLMd19fU3B
dyba87wE8bUiJ6wIDojjXeEBLWYtLay2Dl48NxBdZmjBh9JdIC148rYt/fTWTUUO
WYvzPN4loyGvcmbpRuBTYojkPCp8c3qsctdQr5nguwg0NDtPOZfUE2ajULmwDvjO
if6asEbjCY9lTl3Vda87DaGJ3xVnm/nVrocYvRvXnN/YmMq4Ev84pYRivTgMrqJ5
BG29BwioikVp1CHAMOfo5sA6JfRdYzTP4Zc3rn4Gjxr+gjzdGq4ffn2YiUK/8QGp
cKtVxg/RmRmZ5irakqDBj/JS1TLamleTSB2TURVUdrZh+gYIqoQ2NVAboQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPqa8nMfOsmp6BjW7AsRqmIQ/OJzMB8GA1UdIwQY
MBaAFMod74QANl4crBbo94hwktrJg7c+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWgzdmhBQTJYaHlzRnVqM2lIQ1Myc21EdHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi83MWZkMTAtNGYyNi00NDlhLWIzNjEt
Zjk4ZWM5ZDE2MmJlLzEveWgzdmhBQTJYaHlzRnVqM2lIQ1Myc21EdHo0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi83MWZkMTAtNGYyNi00NDlhLWIzNjEtZjk4ZWM5ZDE2MmJl
LzEveWgzdmhBQTJYaHlzRnVqM2lIQ1Myc21EdHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATltKWasb
FTcBtXFVmRBquYXzDzEza4bKyPMazBZjIa+NBNZHAxTnto1r8eTt8HUb8a7ZZ2Dr
35vg4GvlDtGWWW4eriRBisk+WiPBCVvArXSLlt6/90eGhyFIK18Pus65ATGJ5uju
x7lsJpFf6YB7wESK4gkFa0h/mVdxmy+RH8sYVVDPvW1IbJAvE3/jNbQkVhwqmlbG
8vz0Ct9VvRSAsFk/ScdfRHYrIWJ+luJYflS9Cn6BVCG2ZnQ6wLead8szXPCeGevq
eKuzqUzmhzOLmBqRwYeVmJ0quorhq+v+alooHFqbNNT88Wu71Eyh5H9otB4PKWO0
ikBrusAjh7nnBw==
-----END CERTIFICATE-----