Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft
File:                     2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft (raw, json)
Hash identifier:          EjDchcK6KtRH0S9vCk27sOYUTaLPslZfAu29/r7WGqA=
Subject key identifier:   50:29:A3:2D:F6:69:07:CA:3E:83:53:F0:56:0C:B3:93:76:D0:CA:21
Authority key identifier: DB:FE:F0:D0:E3:F3:A1:13:43:BB:91:7F:CB:79:33:F4:E9:DA:E4:AD
Certificate issuer:       /CN=dbfef0d0e3f3a11343bb917fcb7933f4e9dae4ad
Certificate serial:       0198D47323AF7FAA7EED3492BB928AFE285D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2_7w0OPzoRNDu5F_y3kz9Ona5K0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft
Manifest number:          092A
Signing time:             Sat 23 Aug 2025 01:02:52 +0000
Manifest this update:     Sat 23 Aug 2025 01:02:52 +0000
Manifest next update:     Sun 24 Aug 2025 01:02:52 +0000
Files and hashes:         1: 2_7w0OPzoRNDu5F_y3kz9Ona5K0.crl (hash: ouho9CaRaATJLVIaUj+ZgiETCTtRs7Ct27jT/o6FAaY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2_7w0OPzoRNDu5F_y3kz9Ona5K0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 01:02:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:73:23:af:7f:aa:7e:ed:34:92:bb:92:8a:fe:28:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbfef0d0e3f3a11343bb917fcb7933f4e9dae4ad
        Validity
            Not Before: Aug 23 01:02:52 2025 GMT
            Not After : Aug 24 01:02:52 2025 GMT
        Subject: CN=5029a32df66907ca3e8353f0560cb39376d0ca21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:ec:c5:c6:a4:62:2c:22:9a:8a:51:1d:97:5e:
                    69:76:9a:8e:05:cb:10:0b:4b:12:ad:42:1c:d3:8b:
                    9c:a9:0e:4f:7d:2e:a0:c6:fd:29:b1:f0:8b:a2:4e:
                    51:de:b1:21:5c:de:c8:0b:65:2d:3b:5b:44:d1:24:
                    c1:73:48:b5:de:e9:10:2e:2b:24:cc:0a:db:1c:1c:
                    fe:4f:a9:42:19:40:4d:57:68:74:ea:88:3c:0c:4e:
                    b1:ec:f6:91:62:03:4a:ff:85:d7:4a:1f:05:b2:e9:
                    ff:ac:66:10:e9:f6:60:22:b0:1b:bc:9d:1c:17:f9:
                    2d:84:07:8e:4c:5d:33:5f:1d:f6:ad:80:62:f2:bc:
                    81:84:a9:b8:af:23:4f:f5:c1:6c:9a:d5:a4:cc:56:
                    e4:7d:7a:c9:47:71:6d:f0:0a:e3:11:6d:d5:86:99:
                    0b:72:d1:1b:7d:ce:bc:55:7d:7f:ef:6c:8c:cb:83:
                    86:43:25:c4:d1:61:60:6a:7e:ed:91:e3:e8:20:7d:
                    84:56:d3:ef:bc:7c:57:8b:63:c6:84:8f:f3:ed:53:
                    59:e6:b1:15:0b:20:fb:b3:a3:c1:b3:6a:01:f2:79:
                    27:ee:5c:af:39:bb:81:38:89:cb:5b:f1:d6:14:7d:
                    ca:f6:50:72:37:3c:65:65:e1:c6:ba:0d:37:34:fd:
                    58:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:29:A3:2D:F6:69:07:CA:3E:83:53:F0:56:0C:B3:93:76:D0:CA:21
            X509v3 Authority Key Identifier:
                keyid:DB:FE:F0:D0:E3:F3:A1:13:43:BB:91:7F:CB:79:33:F4:E9:DA:E4:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2_7w0OPzoRNDu5F_y3kz9Ona5K0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:a0:c5:83:da:aa:b5:b6:f1:10:84:16:8f:b4:70:02:7c:42:
         66:3c:53:fb:cf:da:6f:73:fe:37:85:b2:73:f2:93:92:7c:73:
         50:a1:33:dd:6f:68:09:8a:ac:c7:48:89:98:37:c0:e2:34:c2:
         78:ca:58:a4:3a:c0:17:ef:b1:55:bf:13:11:8c:7e:87:56:82:
         72:47:65:55:1d:57:84:39:2a:8a:9a:f2:d1:23:69:cc:17:d9:
         e2:64:57:91:79:c2:12:49:12:9c:80:4f:5a:ed:2c:94:bb:9e:
         a8:df:2a:34:77:dc:77:57:8a:aa:6f:82:67:9e:da:88:11:04:
         2c:5d:0a:70:63:83:73:a1:36:80:7f:14:46:30:37:c6:dc:d4:
         68:1e:66:97:66:cc:dc:06:46:45:f1:fd:ab:45:2d:47:91:f9:
         24:4e:66:4a:65:8a:12:61:7d:3c:73:14:c2:2f:bb:da:17:df:
         84:bf:00:b8:d8:65:9b:ef:f5:f7:2c:87:c6:15:ea:d5:48:5b:
         dd:14:ae:bc:76:eb:dd:58:b7:24:85:75:96:7d:f7:eb:83:43:
         a9:5a:74:69:74:ca:6f:9f:8c:dc:29:13:c7:7f:ee:24:2c:9f:
         c4:f0:d4:8c:33:f1:7e:bf:1c:c0:3f:6f:d2:57:5a:2a:a6:36:
         2f:0c:ec:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUcyOvf6p+7TSSu5KK/ihdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZmVmMGQwZTNmM2ExMTM0M2JiOTE3ZmNiNzkzM2Y0ZTlk
YWU0YWQwHhcNMjUwODIzMDEwMjUyWhcNMjUwODI0MDEwMjUyWjAzMTEwLwYDVQQD
Eyg1MDI5YTMyZGY2NjkwN2NhM2U4MzUzZjA1NjBjYjM5Mzc2ZDBjYTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjuzFxqRiLCKailEdl15pdpqOBcsQ
C0sSrUIc04ucqQ5PfS6gxv0psfCLok5R3rEhXN7IC2UtO1tE0STBc0i13ukQLisk
zArbHBz+T6lCGUBNV2h06og8DE6x7PaRYgNK/4XXSh8Fsun/rGYQ6fZgIrAbvJ0c
F/kthAeOTF0zXx32rYBi8ryBhKm4ryNP9cFsmtWkzFbkfXrJR3Ft8ArjEW3VhpkL
ctEbfc68VX1/72yMy4OGQyXE0WFgan7tkePoIH2EVtPvvHxXi2PGhI/z7VNZ5rEV
CyD7s6PBs2oB8nkn7lyvObuBOInLW/HWFH3K9lByNzxlZeHGug03NP1YpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFApoy32aQfKPoNT8FYMs5N20MohMB8GA1UdIwQY
MBaAFNv+8NDj86ETQ7uRf8t5M/Tp2uStMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMl83dzBPUHpvUk5EdTVGX3kza3o5T25hNUswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy8wYThlMjMtYjYzMS00NDQ0LTk2Mjkt
ZTY0YzRlYzNjOTE5LzEvMl83dzBPUHpvUk5EdTVGX3kza3o5T25hNUswLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy8wYThlMjMtYjYzMS00NDQ0LTk2MjktZTY0YzRlYzNjOTE5
LzEvMl83dzBPUHpvUk5EdTVGX3kza3o5T25hNUswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXqDFg9qq
tbbxEIQWj7RwAnxCZjxT+8/ab3P+N4Wyc/KTknxzUKEz3W9oCYqsx0iJmDfA4jTC
eMpYpDrAF++xVb8TEYx+h1aCckdlVR1XhDkqipry0SNpzBfZ4mRXkXnCEkkSnIBP
Wu0slLueqN8qNHfcd1eKqm+CZ57aiBEELF0KcGODc6E2gH8URjA3xtzUaB5ml2bM
3AZGRfH9q0UtR5H5JE5mSmWKEmF9PHMUwi+72hffhL8AuNhlm+/19yyHxhXq1Uhb
3RSuvHbr3Vi3JIV1ln3364NDqVp0aXTKb5+M3CkTx3/uJCyfxPDUjDPxfr8cwD9v
0ldaKqY2LwzsVA==
-----END CERTIFICATE-----