Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft
File:                     bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft (raw, json)
Hash identifier:          IywgVAwHJ0pl0i5nH7cCZZkXJhzCGqA9MHJ9MWlpyVM=
Subject key identifier:   19:8C:62:76:6C:55:07:53:71:67:48:F4:2E:69:D3:AB:7E:71:BC:6A
Authority key identifier: 6D:DA:05:6C:3B:54:E5:00:CA:19:C8:F5:C4:77:0A:C3:F4:50:E4:BD
Certificate issuer:       /CN=6dda056c3b54e500ca19c8f5c4770ac3f450e4bd
Certificate serial:       0198D4E05CD3D0C6A851718A99629409A440
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft
Manifest number:          1645
Signing time:             Sat 23 Aug 2025 03:02:10 +0000
Manifest this update:     Sat 23 Aug 2025 03:02:10 +0000
Manifest next update:     Sun 24 Aug 2025 03:02:10 +0000
Files and hashes:         1: bdoFbDtU5QDKGcj1xHcKw_RQ5L0.crl (hash: adGabQQlRUBZ/pUw18a28SxDr6pCgjQebosyzYGPb4U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 03:02:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:e0:5c:d3:d0:c6:a8:51:71:8a:99:62:94:09:a4:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6dda056c3b54e500ca19c8f5c4770ac3f450e4bd
        Validity
            Not Before: Aug 23 03:02:10 2025 GMT
            Not After : Aug 24 03:02:10 2025 GMT
        Subject: CN=198c62766c550753716748f42e69d3ab7e71bc6a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:00:37:03:49:ee:5a:7e:10:e1:32:21:63:25:
                    86:2a:e8:a3:92:83:06:2b:75:4c:04:55:7d:5c:c1:
                    f9:75:0b:73:08:ad:f3:57:e9:65:17:fe:14:56:e9:
                    a0:4e:c9:5a:d8:05:4a:9e:47:d9:a1:08:8a:46:95:
                    60:2d:92:36:6a:c5:f8:3a:c0:7c:ee:9b:bd:08:d8:
                    12:86:2a:4b:f0:ec:f6:8c:6a:46:28:06:f1:79:b5:
                    a2:2c:b2:32:01:07:50:19:f6:a5:07:82:a2:f4:b7:
                    0b:46:df:12:a9:58:cf:48:b6:47:07:17:57:d4:c0:
                    4d:00:fd:d9:ed:70:87:af:5b:65:7e:b4:22:72:ab:
                    d4:08:dc:36:ae:62:ae:1d:54:5a:32:8d:39:c3:d1:
                    59:51:cc:97:ed:c6:ed:6f:f7:84:1e:83:28:6b:d3:
                    49:e0:e9:25:e3:72:c7:40:18:bd:37:6c:eb:eb:cd:
                    ec:b8:d0:cb:8c:39:bd:b8:cf:56:d0:b4:8b:9b:a3:
                    42:67:f7:25:62:d5:0a:3b:b8:21:6d:78:34:ce:31:
                    7b:aa:e1:90:ff:da:a5:6b:bd:68:3f:8b:c9:98:07:
                    b1:72:9f:73:4d:75:75:c9:ca:46:0f:cf:61:39:fe:
                    43:85:ff:bc:10:2a:7f:cd:45:5c:e4:0e:57:58:37:
                    14:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:8C:62:76:6C:55:07:53:71:67:48:F4:2E:69:D3:AB:7E:71:BC:6A
            X509v3 Authority Key Identifier:
                keyid:6D:DA:05:6C:3B:54:E5:00:CA:19:C8:F5:C4:77:0A:C3:F4:50:E4:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:34:37:67:c4:14:f7:f6:88:c7:c5:8e:21:28:fc:ba:4e:1f:
         ad:78:87:df:3e:45:5f:f2:e7:e1:1d:4b:fa:04:a3:24:e6:81:
         44:84:f1:25:37:cb:1b:93:2f:cb:1f:2f:94:3e:32:6d:94:19:
         cf:e6:66:0f:55:ae:dc:88:1c:c6:9a:71:85:e2:ab:58:67:7a:
         fd:37:ea:51:fa:8e:81:b0:10:af:b1:1b:69:5f:d5:04:1a:8e:
         a5:10:f6:7b:ee:a1:6b:1b:82:2b:a9:85:ab:2b:12:0d:19:1e:
         54:5d:13:c3:fa:f3:5b:d4:10:3b:24:f4:76:10:1f:bd:44:c0:
         06:d4:26:29:35:81:59:bc:c3:c6:3b:66:e5:40:b9:05:37:b7:
         9a:f2:71:4a:ad:f3:13:f2:38:2a:5f:bc:95:d3:51:7d:ee:23:
         e9:65:3a:23:be:28:c9:e9:4c:7e:9a:77:4a:ce:de:f5:b9:e2:
         e7:02:ef:10:04:6a:78:1a:0e:b1:00:a9:c1:dc:ac:f9:5e:56:
         dc:ab:8a:ec:4b:cb:ae:c6:bc:77:2c:72:28:29:71:47:70:57:
         c9:3f:17:8d:23:b0:8e:71:59:63:ab:15:d1:26:63:d6:dd:d7:
         c8:5a:f0:c5:0f:51:69:16:95:9f:91:7b:ce:42:ba:e7:aa:b8:
         12:c1:cc:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4FzT0MaoUXGKmWKUCaRAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGEwNTZjM2I1NGU1MDBjYTE5YzhmNWM0NzcwYWMzZjQ1
MGU0YmQwHhcNMjUwODIzMDMwMjEwWhcNMjUwODI0MDMwMjEwWjAzMTEwLwYDVQQD
EygxOThjNjI3NjZjNTUwNzUzNzE2NzQ4ZjQyZTY5ZDNhYjdlNzFiYzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQA3A0nuWn4Q4TIhYyWGKuijkoMG
K3VMBFV9XMH5dQtzCK3zV+llF/4UVumgTsla2AVKnkfZoQiKRpVgLZI2asX4OsB8
7pu9CNgShipL8Oz2jGpGKAbxebWiLLIyAQdQGfalB4Ki9LcLRt8SqVjPSLZHBxdX
1MBNAP3Z7XCHr1tlfrQicqvUCNw2rmKuHVRaMo05w9FZUcyX7cbtb/eEHoMoa9NJ
4Okl43LHQBi9N2zr683suNDLjDm9uM9W0LSLm6NCZ/clYtUKO7ghbXg0zjF7quGQ
/9qla71oP4vJmAexcp9zTXV1ycpGD89hOf5Dhf+8ECp/zUVc5A5XWDcUiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBmMYnZsVQdTcWdI9C5p06t+cbxqMB8GA1UdIwQY
MBaAFG3aBWw7VOUAyhnI9cR3CsP0UOS9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRvRmJEdFU1UURLR2NqMXhIY0t3X1JRNUwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9kYjhlZDUtMzdkYi00MTdlLTkxNTct
YTNjM2Y5YWE4NjA4LzEvYmRvRmJEdFU1UURLR2NqMXhIY0t3X1JRNUwwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9kYjhlZDUtMzdkYi00MTdlLTkxNTctYTNjM2Y5YWE4NjA4
LzEvYmRvRmJEdFU1UURLR2NqMXhIY0t3X1JRNUwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQDQ3Z8QU
9/aIx8WOISj8uk4frXiH3z5FX/Ln4R1L+gSjJOaBRITxJTfLG5Mvyx8vlD4ybZQZ
z+ZmD1Wu3IgcxppxheKrWGd6/TfqUfqOgbAQr7EbaV/VBBqOpRD2e+6haxuCK6mF
qysSDRkeVF0Tw/rzW9QQOyT0dhAfvUTABtQmKTWBWbzDxjtm5UC5BTe3mvJxSq3z
E/I4Kl+8ldNRfe4j6WU6I74oyelMfpp3Ss7e9bni5wLvEARqeBoOsQCpwdys+V5W
3KuK7EvLrsa8dyxyKClxR3BXyT8XjSOwjnFZY6sV0SZj1t3XyFrwxQ9RaRaVn5F7
zkK656q4EsHMbA==
-----END CERTIFICATE-----