Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/63cff3-c9eb-4211-b92e-45f56b42c6ac/1/Su-8-n8Fn_EHJ-phnlkTnaN0GO8.mft
File:                     Su-8-n8Fn_EHJ-phnlkTnaN0GO8.mft (raw, json)
Hash identifier:          ES24mBCz0S5pM17GOe4V6lKsqI4+l+FL3MtrbHzDWeQ=
Subject key identifier:   53:EB:1B:4F:4A:75:19:45:7A:4D:38:C5:2B:80:CF:C3:72:4A:EB:33
Authority key identifier: 4A:EF:BC:FA:7F:05:9F:F1:07:27:EA:61:9E:59:13:9D:A3:74:18:EF
Certificate issuer:       /CN=4aefbcfa7f059ff10727ea619e59139da37418ef
Certificate serial:       0199FFC747BA3539BC42B980117D295AE281
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Su-8-n8Fn_EHJ-phnlkTnaN0GO8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/63cff3-c9eb-4211-b92e-45f56b42c6ac/1/Su-8-n8Fn_EHJ-phnlkTnaN0GO8.mft
Manifest number:          16E0
Signing time:             Mon 20 Oct 2025 04:01:14 +0000
Manifest this update:     Mon 20 Oct 2025 04:01:14 +0000
Manifest next update:     Tue 21 Oct 2025 04:01:14 +0000
Files and hashes:         1: Su-8-n8Fn_EHJ-phnlkTnaN0GO8.crl (hash: q7bboeB6bfgCjipOaqkCzCc4Vu4rLHiyO1iI60+h3Po=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ac/63cff3-c9eb-4211-b92e-45f56b42c6ac/1/Su-8-n8Fn_EHJ-phnlkTnaN0GO8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ac/63cff3-c9eb-4211-b92e-45f56b42c6ac/1/Su-8-n8Fn_EHJ-phnlkTnaN0GO8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Su-8-n8Fn_EHJ-phnlkTnaN0GO8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c7:47:ba:35:39:bc:42:b9:80:11:7d:29:5a:e2:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4aefbcfa7f059ff10727ea619e59139da37418ef
        Validity
            Not Before: Oct 20 04:01:14 2025 GMT
            Not After : Oct 21 04:01:14 2025 GMT
        Subject: CN=53eb1b4f4a7519457a4d38c52b80cfc3724aeb33
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:7f:a7:0b:51:63:ab:da:2b:43:84:ff:07:7b:
                    a1:98:a3:da:75:8f:37:c7:5c:7c:82:de:36:37:45:
                    a2:60:4b:57:10:92:ee:9d:bc:27:c7:2b:15:65:25:
                    a7:c3:e2:cd:43:a1:9a:fb:21:e8:75:e2:b9:d9:2b:
                    83:fd:53:05:45:a3:92:86:59:9a:56:64:73:d7:ff:
                    47:80:97:02:41:54:60:0e:79:20:d2:f3:16:a3:fb:
                    d4:31:35:00:57:8d:6e:8c:00:1e:25:e0:c5:be:43:
                    34:dc:51:a6:7c:79:54:fb:9a:70:8a:1f:d7:79:bd:
                    13:7d:2a:97:73:41:60:75:df:2c:32:73:80:ba:8e:
                    c7:eb:42:5d:06:bf:be:ce:a9:cf:41:41:bb:9b:2d:
                    37:34:e3:88:14:d1:24:4b:54:a3:45:26:80:ea:07:
                    e3:f2:e6:7f:4b:5a:ba:0c:6e:37:84:ad:eb:4c:39:
                    c1:c6:8d:65:e1:b0:78:fc:c0:32:92:3e:71:cf:61:
                    f1:5b:18:4d:0e:e4:c0:24:41:14:e6:5f:c2:ac:7e:
                    dd:5e:33:a4:0e:33:01:4b:39:1a:e1:8b:bb:24:f2:
                    4e:c2:4b:d4:8b:0a:ec:7b:59:d0:3d:0f:bc:1e:15:
                    15:66:2e:e9:d9:9a:fc:b7:1d:01:19:46:29:f0:e0:
                    e8:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:EB:1B:4F:4A:75:19:45:7A:4D:38:C5:2B:80:CF:C3:72:4A:EB:33
            X509v3 Authority Key Identifier:
                keyid:4A:EF:BC:FA:7F:05:9F:F1:07:27:EA:61:9E:59:13:9D:A3:74:18:EF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Su-8-n8Fn_EHJ-phnlkTnaN0GO8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/63cff3-c9eb-4211-b92e-45f56b42c6ac/1/Su-8-n8Fn_EHJ-phnlkTnaN0GO8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/63cff3-c9eb-4211-b92e-45f56b42c6ac/1/Su-8-n8Fn_EHJ-phnlkTnaN0GO8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c7:35:ae:0b:6d:db:95:b9:49:d3:25:b0:6d:73:fa:89:15:f9:
         2f:ca:7f:c9:d2:c6:cd:7e:8d:0a:f3:ec:1c:86:3d:b4:3d:66:
         c8:d7:a3:0c:4e:f5:2d:7f:87:9e:0a:8e:06:f7:fb:99:0c:bf:
         91:7e:ed:69:33:42:20:4f:85:07:6c:58:ce:83:ac:4c:28:40:
         0d:97:56:ed:79:c4:3c:98:d2:48:11:16:86:c6:5d:e9:86:3f:
         cb:c9:72:b2:cd:49:7a:13:41:b3:e6:67:e1:06:61:a6:15:02:
         ee:20:9f:a7:d4:c6:21:75:50:4a:8c:28:f2:07:6d:dd:24:d1:
         ad:42:43:f7:71:81:e4:2e:7a:87:b7:a1:74:08:d2:20:cb:a0:
         45:f3:c6:5c:84:bf:5e:c7:0d:92:5f:0e:93:e9:65:d9:64:17:
         22:a1:ad:ee:e0:7c:1e:2a:52:a8:dd:d9:bb:4f:56:21:f3:75:
         dd:0b:63:08:33:16:be:d5:42:5d:27:4a:9b:95:77:da:f6:cd:
         2b:1a:a9:b1:39:7a:ea:67:81:1c:d9:84:2a:8c:c2:8b:bc:01:
         f7:46:32:bf:f7:37:22:32:02:60:d7:d6:79:4b:90:33:7a:44:
         72:04:a8:7a:5b:33:25:8e:1f:39:6c:de:91:69:52:a2:2f:d9:
         c6:4d:2f:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/x0e6NTm8QrmAEX0pWuKBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhZWZiY2ZhN2YwNTlmZjEwNzI3ZWE2MTllNTkxMzlkYTM3
NDE4ZWYwHhcNMjUxMDIwMDQwMTE0WhcNMjUxMDIxMDQwMTE0WjAzMTEwLwYDVQQD
Eyg1M2ViMWI0ZjRhNzUxOTQ1N2E0ZDM4YzUyYjgwY2ZjMzcyNGFlYjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3+nC1Fjq9orQ4T/B3uhmKPadY83
x1x8gt42N0WiYEtXEJLunbwnxysVZSWnw+LNQ6Ga+yHodeK52SuD/VMFRaOShlma
VmRz1/9HgJcCQVRgDnkg0vMWo/vUMTUAV41ujAAeJeDFvkM03FGmfHlU+5pwih/X
eb0TfSqXc0Fgdd8sMnOAuo7H60JdBr++zqnPQUG7my03NOOIFNEkS1SjRSaA6gfj
8uZ/S1q6DG43hK3rTDnBxo1l4bB4/MAykj5xz2HxWxhNDuTAJEEU5l/CrH7dXjOk
DjMBSzka4Yu7JPJOwkvUiwrse1nQPQ+8HhUVZi7p2Zr8tx0BGUYp8ODovQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFPrG09KdRlFek04xSuAz8NySuszMB8GA1UdIwQY
MBaAFErvvPp/BZ/xByfqYZ5ZE52jdBjvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3UtOC1uOEZuX0VISi1waG5sa1RuYU4wR084LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy82M2NmZjMtYzllYi00MjExLWI5MmUt
NDVmNTZiNDJjNmFjLzEvU3UtOC1uOEZuX0VISi1waG5sa1RuYU4wR084Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy82M2NmZjMtYzllYi00MjExLWI5MmUtNDVmNTZiNDJjNmFj
LzEvU3UtOC1uOEZuX0VISi1waG5sa1RuYU4wR084LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxzWuC23b
lblJ0yWwbXP6iRX5L8p/ydLGzX6NCvPsHIY9tD1myNejDE71LX+HngqOBvf7mQy/
kX7taTNCIE+FB2xYzoOsTChADZdW7XnEPJjSSBEWhsZd6YY/y8lyss1JehNBs+Zn
4QZhphUC7iCfp9TGIXVQSowo8gdt3STRrUJD93GB5C56h7ehdAjSIMugRfPGXIS/
XscNkl8Ok+ll2WQXIqGt7uB8HipSqN3Zu09WIfN13QtjCDMWvtVCXSdKm5V32vbN
KxqpsTl66meBHNmEKozCi7wB90Yyv/c3IjICYNfWeUuQM3pEcgSoelszJY4fOWze
kWlSoi/Zxk0v3A==
-----END CERTIFICATE-----