Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/5e0e4f-746c-4908-855d-e77e0e21b16a/1/8mH6H-bcCfpU0a9ZwuEAzRQSx_A.mft
File:                     8mH6H-bcCfpU0a9ZwuEAzRQSx_A.mft (raw, json)
Hash identifier:          fM4P37ON5h3bXPt/aTTAGYd/u5GyaKS9hW4EntKEPKU=
Subject key identifier:   F3:29:70:02:98:A0:BE:12:5E:E4:9B:B2:A0:3A:F5:A4:A0:2C:B4:89
Authority key identifier: F2:61:FA:1F:E6:DC:09:FA:54:D1:AF:59:C2:E1:00:CD:14:12:C7:F0
Certificate issuer:       /CN=f261fa1fe6dc09fa54d1af59c2e100cd1412c7f0
Certificate serial:       0198D4742DEA4EDD546B9B7CA26D5AD59807
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8mH6H-bcCfpU0a9ZwuEAzRQSx_A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/5e0e4f-746c-4908-855d-e77e0e21b16a/1/8mH6H-bcCfpU0a9ZwuEAzRQSx_A.mft
Manifest number:          1647
Signing time:             Sat 23 Aug 2025 01:04:00 +0000
Manifest this update:     Sat 23 Aug 2025 01:04:00 +0000
Manifest next update:     Sun 24 Aug 2025 01:04:00 +0000
Files and hashes:         1: 8mH6H-bcCfpU0a9ZwuEAzRQSx_A.crl (hash: RrOdZfdkJwstu/R1poEA8qMZABf8D3UiQ7GMu684Shw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/5e0e4f-746c-4908-855d-e77e0e21b16a/1/8mH6H-bcCfpU0a9ZwuEAzRQSx_A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/5e0e4f-746c-4908-855d-e77e0e21b16a/1/8mH6H-bcCfpU0a9ZwuEAzRQSx_A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8mH6H-bcCfpU0a9ZwuEAzRQSx_A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 01:04:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:74:2d:ea:4e:dd:54:6b:9b:7c:a2:6d:5a:d5:98:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f261fa1fe6dc09fa54d1af59c2e100cd1412c7f0
        Validity
            Not Before: Aug 23 01:04:00 2025 GMT
            Not After : Aug 24 01:04:00 2025 GMT
        Subject: CN=f329700298a0be125ee49bb2a03af5a4a02cb489
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:ce:17:b9:84:20:bb:37:53:83:da:cb:02:72:
                    00:1b:1a:6f:d8:92:23:8e:07:3d:d8:2c:b2:6b:66:
                    14:e9:04:72:1e:0f:15:96:77:8d:c3:fa:ab:7c:74:
                    09:05:c6:aa:ea:c3:5c:29:25:84:84:b5:a5:42:55:
                    02:34:98:2e:ae:d7:1e:59:86:33:f5:76:c1:07:bb:
                    33:56:7e:69:56:38:dc:74:c5:47:d9:2f:85:3d:fe:
                    07:70:13:75:a2:ac:79:4a:b6:b5:f1:cf:46:53:38:
                    ac:b5:fb:57:d2:c2:a3:08:70:dd:a9:01:50:86:8c:
                    c9:63:2b:eb:20:7a:13:76:96:3b:cd:ff:9f:02:8a:
                    ba:a2:bd:f0:fe:e1:01:9a:87:1a:65:5e:af:de:8f:
                    28:2d:8a:8a:e7:20:bb:76:42:5f:28:7b:d6:45:23:
                    e3:b4:56:b6:21:cb:93:6d:73:c5:e3:b3:70:5d:4c:
                    2e:92:b2:7d:9f:65:2b:88:39:bf:d5:67:e7:61:3b:
                    e4:98:1d:f0:d2:3c:19:73:f1:2c:58:21:81:c9:98:
                    1a:34:a5:70:5d:c9:49:0a:33:de:80:f8:50:49:2d:
                    73:0e:46:52:ec:00:56:11:1d:f0:69:b4:6d:1c:86:
                    1e:48:f6:5d:2c:2b:e4:cd:7f:12:c1:d2:1f:f9:24:
                    07:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:29:70:02:98:A0:BE:12:5E:E4:9B:B2:A0:3A:F5:A4:A0:2C:B4:89
            X509v3 Authority Key Identifier:
                keyid:F2:61:FA:1F:E6:DC:09:FA:54:D1:AF:59:C2:E1:00:CD:14:12:C7:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8mH6H-bcCfpU0a9ZwuEAzRQSx_A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/5e0e4f-746c-4908-855d-e77e0e21b16a/1/8mH6H-bcCfpU0a9ZwuEAzRQSx_A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/5e0e4f-746c-4908-855d-e77e0e21b16a/1/8mH6H-bcCfpU0a9ZwuEAzRQSx_A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9d:04:c5:92:a9:59:97:73:58:e4:34:e3:f6:6b:60:a3:72:c4:
         3c:0c:48:2d:fa:77:e7:fb:89:e5:16:3d:8e:09:66:bf:d8:07:
         a4:04:c0:91:81:cd:3b:b5:a8:bb:71:b9:a7:8d:0c:df:ea:49:
         7d:95:0d:43:1e:f4:15:50:a1:39:11:7a:6d:48:83:42:73:32:
         17:c7:50:4d:00:e5:9c:e3:25:44:64:0e:82:45:86:8f:1c:b9:
         05:b4:23:a3:09:48:4e:d6:e6:84:c5:7b:38:2a:f1:49:b5:c7:
         f4:ae:50:1c:88:3a:79:1e:8a:e1:f7:92:73:ca:d5:3d:cc:e3:
         36:50:fe:09:60:41:4c:87:0f:c9:29:b2:6d:2f:03:e5:29:11:
         83:a4:10:b5:ab:f3:c3:cd:83:54:ca:66:09:6c:7f:88:7e:b6:
         92:d7:31:3b:e6:ed:ff:36:bb:f1:1a:5a:ec:48:d1:4c:29:a1:
         3e:fc:5c:7a:62:74:77:9e:94:0d:75:30:67:f8:3b:e4:a9:99:
         1d:35:95:41:08:28:5f:6b:ae:68:cd:f6:8f:d2:1d:c9:0a:15:
         7d:c5:6a:8e:bc:5b:cc:a7:84:ec:27:48:b8:7f:0c:4b:e4:90:
         b2:cd:4d:65:48:fb:4e:8b:26:0b:cf:d1:0e:4f:18:0d:32:03:
         84:31:39:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUdC3qTt1Ua5t8om1a1ZgHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyNjFmYTFmZTZkYzA5ZmE1NGQxYWY1OWMyZTEwMGNkMTQx
MmM3ZjAwHhcNMjUwODIzMDEwNDAwWhcNMjUwODI0MDEwNDAwWjAzMTEwLwYDVQQD
EyhmMzI5NzAwMjk4YTBiZTEyNWVlNDliYjJhMDNhZjVhNGEwMmNiNDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA884XuYQguzdTg9rLAnIAGxpv2JIj
jgc92Cyya2YU6QRyHg8VlneNw/qrfHQJBcaq6sNcKSWEhLWlQlUCNJgurtceWYYz
9XbBB7szVn5pVjjcdMVH2S+FPf4HcBN1oqx5Sra18c9GUzistftX0sKjCHDdqQFQ
hozJYyvrIHoTdpY7zf+fAoq6or3w/uEBmocaZV6v3o8oLYqK5yC7dkJfKHvWRSPj
tFa2IcuTbXPF47NwXUwukrJ9n2UriDm/1WfnYTvkmB3w0jwZc/EsWCGByZgaNKVw
XclJCjPegPhQSS1zDkZS7ABWER3wabRtHIYeSPZdLCvkzX8SwdIf+SQHnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPMpcAKYoL4SXuSbsqA69aSgLLSJMB8GA1UdIwQY
MBaAFPJh+h/m3An6VNGvWcLhAM0UEsfwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOG1INkgtYmNDZnBVMGE5Wnd1RUF6UlFTeF9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi81ZTBlNGYtNzQ2Yy00OTA4LTg1NWQt
ZTc3ZTBlMjFiMTZhLzEvOG1INkgtYmNDZnBVMGE5Wnd1RUF6UlFTeF9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi81ZTBlNGYtNzQ2Yy00OTA4LTg1NWQtZTc3ZTBlMjFiMTZh
LzEvOG1INkgtYmNDZnBVMGE5Wnd1RUF6UlFTeF9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnQTFkqlZ
l3NY5DTj9mtgo3LEPAxILfp35/uJ5RY9jglmv9gHpATAkYHNO7Wou3G5p40M3+pJ
fZUNQx70FVChORF6bUiDQnMyF8dQTQDlnOMlRGQOgkWGjxy5BbQjowlITtbmhMV7
OCrxSbXH9K5QHIg6eR6K4feSc8rVPczjNlD+CWBBTIcPySmybS8D5SkRg6QQtavz
w82DVMpmCWx/iH62ktcxO+bt/za78Rpa7EjRTCmhPvxcemJ0d56UDXUwZ/g75KmZ
HTWVQQgoX2uuaM32j9IdyQoVfcVqjrxbzKeE7CdIuH8MS+SQss1NZUj7TosmC8/R
Dk8YDTIDhDE57A==
-----END CERTIFICATE-----