Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft
File:                     2GkQtETemfqBw5NVDJfkoyC86BI.mft (raw, json)
Hash identifier:          3xnnjX9lG8OCrrJf36igHq9UDcVXxkyvoTdz9IYTeXU=
Subject key identifier:   00:9A:07:2B:A0:FA:FC:7A:7F:F0:B0:BE:48:9B:EF:B5:DC:B0:65:FF
Authority key identifier: D8:69:10:B4:44:DE:99:FA:81:C3:93:55:0C:97:E4:A3:20:BC:E8:12
Certificate issuer:       /CN=d86910b444de99fa81c393550c97e4a320bce812
Certificate serial:       0198D69821F67DCFBA395DC006D57687758D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2GkQtETemfqBw5NVDJfkoyC86BI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft
Manifest number:          0D52
Signing time:             Sat 23 Aug 2025 11:02:30 +0000
Manifest this update:     Sat 23 Aug 2025 11:02:30 +0000
Manifest next update:     Sun 24 Aug 2025 11:02:30 +0000
Files and hashes:         1: 2GkQtETemfqBw5NVDJfkoyC86BI.crl (hash: RA0yM3/2G5BDUxkfuVgeMPqk9dYfIb+2S7Nmk9vypio=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2GkQtETemfqBw5NVDJfkoyC86BI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:98:21:f6:7d:cf:ba:39:5d:c0:06:d5:76:87:75:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d86910b444de99fa81c393550c97e4a320bce812
        Validity
            Not Before: Aug 23 11:02:30 2025 GMT
            Not After : Aug 24 11:02:30 2025 GMT
        Subject: CN=009a072ba0fafc7a7ff0b0be489befb5dcb065ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:ec:76:7d:53:ce:36:c6:60:74:33:96:3b:f2:
                    2d:74:ea:ce:2f:40:9f:39:bf:09:60:52:05:d3:c3:
                    1a:20:08:b0:76:30:91:df:5a:bc:0a:64:f9:ee:02:
                    94:cd:45:f1:63:21:c3:06:a6:33:eb:96:ce:d5:c3:
                    98:57:b5:27:88:e5:d8:67:d7:cb:20:3f:4f:de:8b:
                    dd:c4:4c:32:d4:78:39:da:1f:6d:f7:2b:bd:67:7d:
                    53:90:40:29:89:62:e8:91:d4:06:5f:58:45:4f:69:
                    b5:f4:e2:a2:90:79:1c:22:60:d9:fb:d9:e2:cc:e4:
                    72:ed:42:bf:dd:6f:be:25:cf:92:85:f7:62:32:33:
                    c5:be:ee:f9:80:76:e4:e0:12:5e:5a:d6:91:8b:6f:
                    f9:d8:0f:f6:74:55:ea:79:2f:44:6d:7d:3d:0a:55:
                    09:51:ac:fd:dd:92:96:d7:f6:40:16:7c:e9:44:86:
                    6e:67:a5:80:16:c8:8a:73:4f:37:d3:6e:fe:9f:87:
                    d5:9d:b2:8f:b9:b6:6e:1a:af:d4:82:f0:b3:13:ee:
                    dc:60:a7:27:e6:4c:5c:9f:9b:b6:d8:09:26:24:14:
                    dd:3d:69:aa:8f:8f:bf:ef:86:53:2b:a6:73:ba:6b:
                    b0:c8:df:1e:7e:ef:5b:6a:9b:c5:88:6d:f1:58:b2:
                    0d:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:9A:07:2B:A0:FA:FC:7A:7F:F0:B0:BE:48:9B:EF:B5:DC:B0:65:FF
            X509v3 Authority Key Identifier:
                keyid:D8:69:10:B4:44:DE:99:FA:81:C3:93:55:0C:97:E4:A3:20:BC:E8:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2GkQtETemfqBw5NVDJfkoyC86BI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:c6:e2:2e:c2:25:9d:04:36:75:4e:f2:54:8c:08:cb:d8:c5:
         bc:24:59:15:3d:e7:94:05:3e:04:f2:60:c5:f9:d4:fd:a7:0b:
         ba:4b:6b:82:0d:59:f8:3d:69:38:98:bd:35:36:72:a9:48:2d:
         1c:51:eb:7a:92:be:f7:64:21:4d:57:bd:b8:c5:ab:36:34:55:
         16:f9:0d:4d:73:2c:5e:3b:aa:64:17:d8:1a:5b:a7:5d:e4:fa:
         a8:c1:e9:21:2f:cb:fb:bd:14:98:a3:bf:a0:8a:cb:65:01:ab:
         a7:48:72:22:77:69:02:b3:87:ee:d5:de:c4:78:99:df:43:80:
         6d:7b:c4:01:02:f9:6f:fc:3f:0a:07:c3:ca:5b:31:ca:25:5e:
         3f:52:44:49:44:f0:46:ff:6d:19:88:5a:2c:c1:75:cf:31:07:
         e3:80:00:a3:d7:cc:55:5b:88:2a:f2:bf:dd:92:fc:2c:9b:f7:
         2a:d3:8b:2b:b5:bc:64:95:c4:1c:0c:ac:b1:51:42:5e:9b:8d:
         9e:3f:0a:c8:7e:95:f3:fd:12:95:b6:35:47:f7:a3:8b:41:09:
         d8:0c:2c:bf:e2:02:ce:42:89:ff:f4:0e:ab:76:29:d7:90:91:
         f3:7d:a7:b3:64:2c:c1:67:c1:84:a0:08:d0:8e:9b:d9:17:74:
         23:cc:d5:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWmCH2fc+6OV3ABtV2h3WNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NjkxMGI0NDRkZTk5ZmE4MWMzOTM1NTBjOTdlNGEzMjBi
Y2U4MTIwHhcNMjUwODIzMTEwMjMwWhcNMjUwODI0MTEwMjMwWjAzMTEwLwYDVQQD
EygwMDlhMDcyYmEwZmFmYzdhN2ZmMGIwYmU0ODliZWZiNWRjYjA2NWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+x2fVPONsZgdDOWO/ItdOrOL0Cf
Ob8JYFIF08MaIAiwdjCR31q8CmT57gKUzUXxYyHDBqYz65bO1cOYV7UniOXYZ9fL
ID9P3ovdxEwy1Hg52h9t9yu9Z31TkEApiWLokdQGX1hFT2m19OKikHkcImDZ+9ni
zORy7UK/3W++Jc+ShfdiMjPFvu75gHbk4BJeWtaRi2/52A/2dFXqeS9EbX09ClUJ
Uaz93ZKW1/ZAFnzpRIZuZ6WAFsiKc083027+n4fVnbKPubZuGq/UgvCzE+7cYKcn
5kxcn5u22AkmJBTdPWmqj4+/74ZTK6ZzumuwyN8efu9bapvFiG3xWLINhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFACaByug+vx6f/Cwvkib77XcsGX/MB8GA1UdIwQY
MBaAFNhpELRE3pn6gcOTVQyX5KMgvOgSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkdrUXRFVGVtZnFCdzVOVkRKZmtveUM4NkJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy80ZjI1NjMtMmU4Mi00NzhlLThmNjAt
ODY5MzFiZmUzZWVhLzEvMkdrUXRFVGVtZnFCdzVOVkRKZmtveUM4NkJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy80ZjI1NjMtMmU4Mi00NzhlLThmNjAtODY5MzFiZmUzZWVh
LzEvMkdrUXRFVGVtZnFCdzVOVkRKZmtveUM4NkJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbsbiLsIl
nQQ2dU7yVIwIy9jFvCRZFT3nlAU+BPJgxfnU/acLuktrgg1Z+D1pOJi9NTZyqUgt
HFHrepK+92QhTVe9uMWrNjRVFvkNTXMsXjuqZBfYGlunXeT6qMHpIS/L+70UmKO/
oIrLZQGrp0hyIndpArOH7tXexHiZ30OAbXvEAQL5b/w/CgfDylsxyiVeP1JESUTw
Rv9tGYhaLMF1zzEH44AAo9fMVVuIKvK/3ZL8LJv3KtOLK7W8ZJXEHAyssVFCXpuN
nj8KyH6V8/0SlbY1R/eji0EJ2Awsv+ICzkKJ//QOq3Yp15CR832ns2QswWfBhKAI
0I6b2Rd0I8zVQg==
-----END CERTIFICATE-----