Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.mft
File:                     z8cAjG-Rci3DsSdSdVjr2rxoDOY.mft (raw, json)
Hash identifier:          bTPXywKPms12jRl1WzZTtITS8YzvXUdoaL54KoIMa9M=
Subject key identifier:   E4:80:3F:46:02:C9:58:A7:11:77:E8:8A:80:D2:BB:3D:0E:D8:6F:EF
Authority key identifier: CF:C7:00:8C:6F:91:72:2D:C3:B1:27:52:75:58:EB:DA:BC:68:0C:E6
Certificate issuer:       /CN=cfc7008c6f91722dc3b127527558ebdabc680ce6
Certificate serial:       0198D6605FDF569F90A265889E8C7217A28D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z8cAjG-Rci3DsSdSdVjr2rxoDOY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.mft
Manifest number:          0FAA
Signing time:             Sat 23 Aug 2025 10:01:36 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:36 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:36 +0000
Files and hashes:         1: z8cAjG-Rci3DsSdSdVjr2rxoDOY.crl (hash: QyWQYc9TlDKzLRz2HPTPQ6XW3+rqvl4o6HjBRVFRQNQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z8cAjG-Rci3DsSdSdVjr2rxoDOY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 10:01:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:5f:df:56:9f:90:a2:65:88:9e:8c:72:17:a2:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cfc7008c6f91722dc3b127527558ebdabc680ce6
        Validity
            Not Before: Aug 23 10:01:36 2025 GMT
            Not After : Aug 24 10:01:36 2025 GMT
        Subject: CN=e4803f4602c958a71177e88a80d2bb3d0ed86fef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:a2:e8:3f:bd:aa:cc:7f:ba:a6:35:ec:a2:46:
                    16:38:c0:84:17:a8:02:cf:2b:3a:8f:66:69:54:67:
                    20:a9:2f:fd:38:b8:76:1f:0d:22:9e:a0:8b:d5:0b:
                    5d:ff:6d:10:94:e5:c9:95:18:57:c6:42:d7:75:d1:
                    a4:5e:ff:f5:db:98:c4:5e:5f:9d:58:6e:37:7d:be:
                    c3:3e:93:d6:ea:4e:e7:f7:68:c9:29:f1:eb:4d:3d:
                    0d:12:41:96:ca:b7:92:c1:45:c2:11:1d:aa:c7:10:
                    05:73:73:5a:06:6f:80:39:8d:50:94:33:8b:6a:f8:
                    79:8b:6f:8f:41:7a:59:12:3a:be:34:45:7d:b8:0d:
                    16:48:54:36:5c:25:6b:e6:7a:15:7b:f2:8a:04:c8:
                    d0:53:cf:78:bb:87:12:ff:01:97:a2:67:37:26:ef:
                    c1:8c:62:9d:85:ad:7c:ab:74:35:1c:dd:00:92:22:
                    65:b8:ad:a8:48:00:59:b3:42:6e:91:b3:66:eb:27:
                    d3:ef:9d:c1:e7:ee:7d:77:83:7c:ca:f2:cd:aa:1b:
                    e5:56:23:d2:f5:da:ce:a3:a2:35:79:e9:8b:51:56:
                    dd:d4:bc:cd:c2:1f:81:96:52:72:22:73:03:1b:07:
                    a0:9d:75:df:3b:00:9b:19:b9:9b:62:7c:4d:c1:7d:
                    89:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:80:3F:46:02:C9:58:A7:11:77:E8:8A:80:D2:BB:3D:0E:D8:6F:EF
            X509v3 Authority Key Identifier:
                keyid:CF:C7:00:8C:6F:91:72:2D:C3:B1:27:52:75:58:EB:DA:BC:68:0C:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z8cAjG-Rci3DsSdSdVjr2rxoDOY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:50:b3:cf:b4:43:a4:45:2d:c2:0d:71:97:df:1f:d6:e1:96:
         1e:ce:42:0b:36:73:7c:b2:6d:32:d9:4b:37:e8:3c:c0:18:c3:
         11:bd:63:7e:7f:5e:1d:da:3b:8a:f6:91:fb:01:48:7d:22:85:
         0a:3c:7a:c8:ec:d3:62:02:9e:b8:60:5f:a1:25:0e:56:47:4c:
         58:cc:c1:41:57:78:87:ab:f3:f1:59:d3:8d:48:f9:0c:bc:5c:
         41:4e:7a:a4:80:6c:6b:bc:7f:57:f7:20:f1:2b:d9:88:79:cb:
         63:9c:8c:e1:7d:54:e0:ff:55:fe:8d:77:38:be:9d:e0:e4:8c:
         5f:4b:36:0e:72:ae:38:8b:00:f2:65:c5:20:42:39:99:80:8d:
         d4:e3:d4:9f:d1:51:d0:92:1b:d8:74:2e:24:7c:63:91:6d:25:
         b7:24:18:9f:b5:23:83:df:0b:9d:0c:f8:87:29:18:f8:95:fe:
         d1:23:ff:ca:58:46:d8:c3:c1:1f:43:ae:7e:4f:2d:c6:4c:e1:
         46:64:ca:d7:24:19:79:f3:0e:58:bd:d0:80:06:e7:a6:45:cb:
         ff:3d:37:90:0c:25:1c:7e:1f:ad:e4:d0:32:83:af:4a:c1:57:
         78:09:f7:88:6a:8b:6b:a1:f8:98:32:92:8a:c4:66:25:68:69:
         e9:f1:08:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYF/fVp+QomWInoxyF6KNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmYzcwMDhjNmY5MTcyMmRjM2IxMjc1Mjc1NThlYmRhYmM2
ODBjZTYwHhcNMjUwODIzMTAwMTM2WhcNMjUwODI0MTAwMTM2WjAzMTEwLwYDVQQD
EyhlNDgwM2Y0NjAyYzk1OGE3MTE3N2U4OGE4MGQyYmIzZDBlZDg2ZmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqLoP72qzH+6pjXsokYWOMCEF6gC
zys6j2ZpVGcgqS/9OLh2Hw0inqCL1Qtd/20QlOXJlRhXxkLXddGkXv/125jEXl+d
WG43fb7DPpPW6k7n92jJKfHrTT0NEkGWyreSwUXCER2qxxAFc3NaBm+AOY1QlDOL
avh5i2+PQXpZEjq+NEV9uA0WSFQ2XCVr5noVe/KKBMjQU894u4cS/wGXomc3Ju/B
jGKdha18q3Q1HN0AkiJluK2oSABZs0JukbNm6yfT753B5+59d4N8yvLNqhvlViPS
9drOo6I1eemLUVbd1LzNwh+BllJyInMDGwegnXXfOwCbGbmbYnxNwX2JMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOSAP0YCyVinEXfoioDSuz0O2G/vMB8GA1UdIwQY
MBaAFM/HAIxvkXItw7EnUnVY69q8aAzmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejhjQWpHLVJjaTNEc1NkU2RWanIycnhvRE9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS80MTY4ZGEtZTY1Yy00N2I2LWJiNjEt
MzZmMjRhZDRhMDRmLzEvejhjQWpHLVJjaTNEc1NkU2RWanIycnhvRE9ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS80MTY4ZGEtZTY1Yy00N2I2LWJiNjEtMzZmMjRhZDRhMDRm
LzEvejhjQWpHLVJjaTNEc1NkU2RWanIycnhvRE9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANVCzz7RD
pEUtwg1xl98f1uGWHs5CCzZzfLJtMtlLN+g8wBjDEb1jfn9eHdo7ivaR+wFIfSKF
Cjx6yOzTYgKeuGBfoSUOVkdMWMzBQVd4h6vz8VnTjUj5DLxcQU56pIBsa7x/V/cg
8SvZiHnLY5yM4X1U4P9V/o13OL6d4OSMX0s2DnKuOIsA8mXFIEI5mYCN1OPUn9FR
0JIb2HQuJHxjkW0ltyQYn7Ujg98LnQz4hykY+JX+0SP/ylhG2MPBH0Oufk8txkzh
RmTK1yQZefMOWL3QgAbnpkXL/z03kAwlHH4freTQMoOvSsFXeAn3iGqLa6H4mDKS
isRmJWhp6fEI6Q==
-----END CERTIFICATE-----