Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/d3220c-4d66-4d4c-9358-320df2eb0fd2/1/2V_Z-7sug4agu3amyEH8aKfD65g.mft
File:                     2V_Z-7sug4agu3amyEH8aKfD65g.mft (raw, json)
Hash identifier:          lQUm77xD69F9dWuSUrgDlkFSZqyO2fPGREm5gr40Q2o=
Subject key identifier:   D9:97:AD:69:05:BA:AC:08:2C:36:FB:09:10:7B:E7:FC:F1:98:52:08
Authority key identifier: D9:5F:D9:FB:BB:2E:83:86:A0:BB:76:A6:C8:41:FC:68:A7:C3:EB:98
Certificate issuer:       /CN=d95fd9fbbb2e8386a0bb76a6c841fc68a7c3eb98
Certificate serial:       0198D96079D57AB6C9294A15C8410F8D0179
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2V_Z-7sug4agu3amyEH8aKfD65g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/d3220c-4d66-4d4c-9358-320df2eb0fd2/1/2V_Z-7sug4agu3amyEH8aKfD65g.mft
Manifest number:          029D
Signing time:             Sun 24 Aug 2025 00:00:35 +0000
Manifest this update:     Sun 24 Aug 2025 00:00:35 +0000
Manifest next update:     Mon 25 Aug 2025 00:00:35 +0000
Files and hashes:         1: 2V_Z-7sug4agu3amyEH8aKfD65g.crl (hash: 4gRUk4gsLR/yvT6KbltCZ39WS/GJBzQBHydllzoYBCs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8b/d3220c-4d66-4d4c-9358-320df2eb0fd2/1/2V_Z-7sug4agu3amyEH8aKfD65g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8b/d3220c-4d66-4d4c-9358-320df2eb0fd2/1/2V_Z-7sug4agu3amyEH8aKfD65g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2V_Z-7sug4agu3amyEH8aKfD65g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 23:01:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d9:60:79:d5:7a:b6:c9:29:4a:15:c8:41:0f:8d:01:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d95fd9fbbb2e8386a0bb76a6c841fc68a7c3eb98
        Validity
            Not Before: Aug 24 00:00:35 2025 GMT
            Not After : Aug 25 00:00:35 2025 GMT
        Subject: CN=d997ad6905baac082c36fb09107be7fcf1985208
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:b7:7a:99:16:96:d4:a0:48:9d:b4:af:d6:23:
                    45:d2:80:fc:18:86:ba:f3:52:6a:66:d0:44:22:5b:
                    1e:99:45:36:23:ad:f0:f2:ae:7b:7d:4b:05:d0:63:
                    b5:ce:f4:c3:2e:d9:f6:3d:7e:35:85:d6:e0:3e:31:
                    44:f9:62:ee:87:02:c9:1e:f9:2f:22:81:25:03:2e:
                    e8:4a:9c:4e:3a:92:02:ce:78:a4:43:a9:83:23:66:
                    40:64:e7:1c:94:a0:97:cf:5a:6a:26:f8:30:85:31:
                    1c:ca:4c:f8:30:51:19:d9:dd:e9:ae:00:8d:47:c3:
                    d5:93:d1:15:12:54:e3:32:4f:68:ae:93:5c:9c:3f:
                    85:8d:66:31:ce:61:89:fc:40:94:46:26:85:dd:b7:
                    33:64:07:93:c2:d1:e6:d9:60:fd:f6:ec:1e:87:f9:
                    74:f7:2f:e2:45:ec:c1:b5:61:ab:23:dd:ec:8c:06:
                    7a:f4:5e:35:1d:b4:7b:f8:2d:50:0b:a6:da:c8:69:
                    97:13:87:d7:a1:75:a3:a8:6a:a7:c4:94:63:47:9f:
                    35:f0:8a:c7:7b:42:47:e0:fe:e4:15:44:c6:e4:30:
                    c3:56:f4:11:51:a0:d8:ce:67:14:20:28:15:ce:00:
                    eb:0d:6d:01:fa:6a:ae:41:da:d0:ce:5a:51:70:3a:
                    48:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:97:AD:69:05:BA:AC:08:2C:36:FB:09:10:7B:E7:FC:F1:98:52:08
            X509v3 Authority Key Identifier:
                keyid:D9:5F:D9:FB:BB:2E:83:86:A0:BB:76:A6:C8:41:FC:68:A7:C3:EB:98

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2V_Z-7sug4agu3amyEH8aKfD65g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/d3220c-4d66-4d4c-9358-320df2eb0fd2/1/2V_Z-7sug4agu3amyEH8aKfD65g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/d3220c-4d66-4d4c-9358-320df2eb0fd2/1/2V_Z-7sug4agu3amyEH8aKfD65g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:b7:8c:2d:e5:1c:6a:2a:b9:3d:5a:35:93:7a:7e:50:00:57:
         23:50:66:ee:f2:30:5c:65:43:e8:9d:91:ca:e5:aa:39:4a:93:
         22:a3:18:ba:37:6e:77:f2:3a:7a:f5:5b:c9:ea:1c:0b:32:22:
         21:cb:a8:8d:f0:bf:c3:2a:f2:72:a7:d1:27:1e:8d:75:14:d7:
         e5:31:15:ee:39:a6:d0:ae:b1:79:ff:1b:fa:05:fa:7e:a0:8f:
         21:c3:e3:b4:d1:e9:98:74:ec:37:7f:98:00:5f:d2:cc:f2:46:
         03:b7:35:bf:6e:d3:60:2d:7f:45:c7:9c:5e:85:1b:d4:f2:49:
         39:f7:eb:91:34:5c:2c:55:a3:43:d0:f3:92:3d:5d:cc:e9:8e:
         4f:7c:d0:c3:35:13:14:0e:75:40:15:95:10:cb:ba:31:bf:1b:
         29:38:2d:bd:3b:b7:2f:fb:04:8a:d5:a6:5e:ef:4a:6a:e2:6e:
         b7:ed:d9:10:a9:59:e9:67:d4:7b:82:6d:5c:7b:8f:6d:79:25:
         c3:03:6a:11:10:20:7e:dc:6d:cc:a1:00:bf:3e:e9:6c:ef:7c:
         bb:ea:e1:46:2d:d0:1b:f8:9d:9a:84:e5:14:76:11:45:8f:86:
         43:47:3c:84:df:30:c7:8d:7b:36:fb:dd:dc:d4:79:2a:7e:20:
         4b:b3:62:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjZYHnVerbJKUoVyEEPjQF5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5NWZkOWZiYmIyZTgzODZhMGJiNzZhNmM4NDFmYzY4YTdj
M2ViOTgwHhcNMjUwODI0MDAwMDM1WhcNMjUwODI1MDAwMDM1WjAzMTEwLwYDVQQD
EyhkOTk3YWQ2OTA1YmFhYzA4MmMzNmZiMDkxMDdiZTdmY2YxOTg1MjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubd6mRaW1KBInbSv1iNF0oD8GIa6
81JqZtBEIlsemUU2I63w8q57fUsF0GO1zvTDLtn2PX41hdbgPjFE+WLuhwLJHvkv
IoElAy7oSpxOOpICznikQ6mDI2ZAZOcclKCXz1pqJvgwhTEcykz4MFEZ2d3prgCN
R8PVk9EVElTjMk9orpNcnD+FjWYxzmGJ/ECURiaF3bczZAeTwtHm2WD99uweh/l0
9y/iRezBtWGrI93sjAZ69F41HbR7+C1QC6bayGmXE4fXoXWjqGqnxJRjR5818IrH
e0JH4P7kFUTG5DDDVvQRUaDYzmcUICgVzgDrDW0B+mquQdrQzlpRcDpIQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNmXrWkFuqwILDb7CRB75/zxmFIIMB8GA1UdIwQY
MBaAFNlf2fu7LoOGoLt2pshB/Ginw+uYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlZfWi03c3VnNGFndTNhbXlFSDhhS2ZENjVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9kMzIyMGMtNGQ2Ni00ZDRjLTkzNTgt
MzIwZGYyZWIwZmQyLzEvMlZfWi03c3VnNGFndTNhbXlFSDhhS2ZENjVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9kMzIyMGMtNGQ2Ni00ZDRjLTkzNTgtMzIwZGYyZWIwZmQy
LzEvMlZfWi03c3VnNGFndTNhbXlFSDhhS2ZENjVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf7eMLeUc
aiq5PVo1k3p+UABXI1Bm7vIwXGVD6J2RyuWqOUqTIqMYujdud/I6evVbyeocCzIi
IcuojfC/wyrycqfRJx6NdRTX5TEV7jmm0K6xef8b+gX6fqCPIcPjtNHpmHTsN3+Y
AF/SzPJGA7c1v27TYC1/RcecXoUb1PJJOffrkTRcLFWjQ9Dzkj1dzOmOT3zQwzUT
FA51QBWVEMu6Mb8bKTgtvTu3L/sEitWmXu9KauJut+3ZEKlZ6WfUe4JtXHuPbXkl
wwNqERAgftxtzKEAvz7pbO98u+rhRi3QG/idmoTlFHYRRY+GQ0c8hN8wx417Nvvd
3NR5Kn4gS7NiLw==
-----END CERTIFICATE-----