Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/a0cdd8-092d-43bb-a2a8-880c2e4faa6e/1/Y2sCe_q5GqRxmoDv4CEkYTdCi9o.mft
File:                     Y2sCe_q5GqRxmoDv4CEkYTdCi9o.mft (raw, json)
Hash identifier:          SELg/ROS7uU7afcJOkd3oLZpDTfZOGagX2cDXORVvFo=
Subject key identifier:   79:70:6E:9C:A7:8F:32:4D:2A:E5:5B:E3:B0:A6:2B:B2:4E:23:D4:BC
Authority key identifier: 63:6B:02:7B:FA:B9:1A:A4:71:9A:80:EF:E0:21:24:61:37:42:8B:DA
Certificate issuer:       /CN=636b027bfab91aa4719a80efe021246137428bda
Certificate serial:       0198D5BC0AF909218D82910886AB93ED69A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y2sCe_q5GqRxmoDv4CEkYTdCi9o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/a0cdd8-092d-43bb-a2a8-880c2e4faa6e/1/Y2sCe_q5GqRxmoDv4CEkYTdCi9o.mft
Manifest number:          13E9
Signing time:             Sat 23 Aug 2025 07:02:07 +0000
Manifest this update:     Sat 23 Aug 2025 07:02:07 +0000
Manifest next update:     Sun 24 Aug 2025 07:02:07 +0000
Files and hashes:         1: Y2sCe_q5GqRxmoDv4CEkYTdCi9o.crl (hash: phQxABHvSX1M2pTEcu8gfIwHtNfdfPoHXn9zzSjKFoE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/a0cdd8-092d-43bb-a2a8-880c2e4faa6e/1/Y2sCe_q5GqRxmoDv4CEkYTdCi9o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/a0cdd8-092d-43bb-a2a8-880c2e4faa6e/1/Y2sCe_q5GqRxmoDv4CEkYTdCi9o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y2sCe_q5GqRxmoDv4CEkYTdCi9o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bc:0a:f9:09:21:8d:82:91:08:86:ab:93:ed:69:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=636b027bfab91aa4719a80efe021246137428bda
        Validity
            Not Before: Aug 23 07:02:07 2025 GMT
            Not After : Aug 24 07:02:07 2025 GMT
        Subject: CN=79706e9ca78f324d2ae55be3b0a62bb24e23d4bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:24:bf:55:88:7c:1f:9e:28:ff:5c:05:03:0b:
                    ca:f6:e2:36:86:2c:aa:11:db:1c:72:f8:ad:09:fe:
                    63:15:92:44:0b:84:38:a0:fe:62:a2:f4:62:d3:c6:
                    ca:c2:d9:1e:f9:36:55:ba:58:ec:54:42:c3:52:49:
                    7f:1a:d8:14:68:d0:76:39:13:1b:99:f1:05:cb:41:
                    d7:c4:70:2f:48:33:5e:63:f9:c9:e4:34:ea:88:94:
                    d9:10:0e:bd:ed:7d:80:4f:1b:64:a3:10:92:50:9d:
                    09:ca:86:0b:ca:f5:9d:6e:b6:ed:48:fa:5c:ee:3e:
                    5c:0c:61:b8:65:07:a0:34:48:e6:b5:c9:d2:be:cb:
                    9a:d3:9d:1f:af:82:eb:cd:d8:35:2a:27:c4:e7:0c:
                    9a:c2:52:60:ac:f9:37:1d:3d:51:ce:0a:9c:62:22:
                    85:a6:f3:b7:6c:cb:d0:1c:00:29:72:8c:b4:ad:bb:
                    b7:3d:c2:9f:8a:6a:97:00:ab:44:f3:1f:89:64:41:
                    0b:14:fa:6e:3e:79:22:28:8a:ca:67:8e:00:d7:16:
                    94:e0:51:26:e8:d4:2e:d2:65:21:44:f6:9f:78:42:
                    ca:57:5f:fd:d8:10:96:02:ef:08:c3:f2:39:c7:12:
                    8e:ea:32:8c:d1:79:af:e1:c3:a6:0f:99:69:6e:0b:
                    d5:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:70:6E:9C:A7:8F:32:4D:2A:E5:5B:E3:B0:A6:2B:B2:4E:23:D4:BC
            X509v3 Authority Key Identifier:
                keyid:63:6B:02:7B:FA:B9:1A:A4:71:9A:80:EF:E0:21:24:61:37:42:8B:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y2sCe_q5GqRxmoDv4CEkYTdCi9o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/a0cdd8-092d-43bb-a2a8-880c2e4faa6e/1/Y2sCe_q5GqRxmoDv4CEkYTdCi9o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/a0cdd8-092d-43bb-a2a8-880c2e4faa6e/1/Y2sCe_q5GqRxmoDv4CEkYTdCi9o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:51:49:af:a5:f7:c7:b3:dd:57:f9:04:7f:84:f7:a0:11:0f:
         d9:de:bc:96:66:03:5a:71:fb:6a:0e:8e:6f:5a:9a:fe:bc:42:
         1a:36:24:e2:9d:26:47:b8:13:ec:f4:2f:5d:e2:8f:e5:32:6c:
         41:cd:d2:fd:c8:64:60:fb:69:0a:3d:f0:01:07:85:e5:cf:ed:
         39:66:30:79:6b:54:f9:da:05:f4:8d:bf:32:9d:ee:20:21:62:
         40:0c:64:13:75:df:95:eb:1e:6d:cc:92:3c:42:91:15:ac:42:
         66:2e:b4:0d:18:60:20:83:e6:20:e0:4f:e0:6e:d9:b5:cc:a5:
         93:d3:7a:1f:83:09:fd:ed:1a:9b:f6:64:bc:88:61:af:f8:df:
         56:65:9e:71:69:48:30:1f:08:7a:0f:37:4e:1c:b3:de:4c:94:
         85:cd:ad:21:37:22:a8:ac:dc:8b:2d:b7:9a:43:ab:91:de:33:
         5b:69:81:a5:2b:c2:19:8d:1f:11:f8:6f:a1:c5:1d:c3:6f:e6:
         78:66:c3:fd:d7:f5:cd:3b:74:7a:69:0a:67:1a:41:e7:26:80:
         95:27:2b:91:67:c3:dd:e7:e3:d7:44:a8:10:fe:22:83:ff:4f:
         2f:b3:47:06:d1:57:91:7e:25:22:1c:4f:98:48:d1:67:d2:91:
         e3:af:85:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVvAr5CSGNgpEIhquT7WmkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNmIwMjdiZmFiOTFhYTQ3MTlhODBlZmUwMjEyNDYxMzc0
MjhiZGEwHhcNMjUwODIzMDcwMjA3WhcNMjUwODI0MDcwMjA3WjAzMTEwLwYDVQQD
Eyg3OTcwNmU5Y2E3OGYzMjRkMmFlNTViZTNiMGE2MmJiMjRlMjNkNGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyS/VYh8H54o/1wFAwvK9uI2hiyq
EdsccvitCf5jFZJEC4Q4oP5iovRi08bKwtke+TZVuljsVELDUkl/GtgUaNB2ORMb
mfEFy0HXxHAvSDNeY/nJ5DTqiJTZEA697X2ATxtkoxCSUJ0JyoYLyvWdbrbtSPpc
7j5cDGG4ZQegNEjmtcnSvsua050fr4Lrzdg1KifE5wyawlJgrPk3HT1RzgqcYiKF
pvO3bMvQHAApcoy0rbu3PcKfimqXAKtE8x+JZEELFPpuPnkiKIrKZ44A1xaU4FEm
6NQu0mUhRPafeELKV1/92BCWAu8Iw/I5xxKO6jKM0Xmv4cOmD5lpbgvVQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHlwbpynjzJNKuVb47CmK7JOI9S8MB8GA1UdIwQY
MBaAFGNrAnv6uRqkcZqA7+AhJGE3QovaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTJzQ2VfcTVHcVJ4bW9EdjRDRWtZVGRDaTlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9hMGNkZDgtMDkyZC00M2JiLWEyYTgt
ODgwYzJlNGZhYTZlLzEvWTJzQ2VfcTVHcVJ4bW9EdjRDRWtZVGRDaTlvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9hMGNkZDgtMDkyZC00M2JiLWEyYTgtODgwYzJlNGZhYTZl
LzEvWTJzQ2VfcTVHcVJ4bW9EdjRDRWtZVGRDaTlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUlFJr6X3
x7PdV/kEf4T3oBEP2d68lmYDWnH7ag6Ob1qa/rxCGjYk4p0mR7gT7PQvXeKP5TJs
Qc3S/chkYPtpCj3wAQeF5c/tOWYweWtU+doF9I2/Mp3uICFiQAxkE3XflesebcyS
PEKRFaxCZi60DRhgIIPmIOBP4G7Ztcylk9N6H4MJ/e0am/ZkvIhhr/jfVmWecWlI
MB8Ieg83Thyz3kyUhc2tITciqKzciy23mkOrkd4zW2mBpSvCGY0fEfhvocUdw2/m
eGbD/df1zTt0emkKZxpB5yaAlScrkWfD3efj10SoEP4ig/9PL7NHBtFXkX4lIhxP
mEjRZ9KR46+FUw==
-----END CERTIFICATE-----