Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.mft
File:                     itMkK15lo9DZHGsZ60CRlZskMUg.mft (raw, json)
Hash identifier:          LHdepnZ0t8ilW7s20ZFQXqPDyGS73D+bG+YrQOMX8Ng=
Subject key identifier:   B9:D8:B2:3E:9A:23:83:EA:10:43:37:5F:04:B9:96:8E:E7:BC:83:ED
Authority key identifier: 8A:D3:24:2B:5E:65:A3:D0:D9:1C:6B:19:EB:40:91:95:9B:24:31:48
Certificate issuer:       /CN=8ad3242b5e65a3d0d91c6b19eb4091959b243148
Certificate serial:       0198D47287084D8731299083D4CB4AF01E21
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/itMkK15lo9DZHGsZ60CRlZskMUg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.mft
Manifest number:          0355
Signing time:             Sat 23 Aug 2025 01:02:12 +0000
Manifest this update:     Sat 23 Aug 2025 01:02:12 +0000
Manifest next update:     Sun 24 Aug 2025 01:02:12 +0000
Files and hashes:         1: itMkK15lo9DZHGsZ60CRlZskMUg.crl (hash: kZ2Eu3CxIYLcOcwnGb6vijPLGLoATH5MW5DD67KeRxw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/itMkK15lo9DZHGsZ60CRlZskMUg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:72:87:08:4d:87:31:29:90:83:d4:cb:4a:f0:1e:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8ad3242b5e65a3d0d91c6b19eb4091959b243148
        Validity
            Not Before: Aug 23 01:02:12 2025 GMT
            Not After : Aug 24 01:02:12 2025 GMT
        Subject: CN=b9d8b23e9a2383ea1043375f04b9968ee7bc83ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:b3:72:f0:5b:e9:4b:4e:cf:61:62:cd:3c:bc:
                    39:96:78:8b:a9:de:6f:35:26:29:9c:60:c7:4f:e2:
                    78:27:00:04:6a:f1:3c:48:21:0b:d2:54:a8:6d:95:
                    37:a0:ae:0f:7f:8f:34:36:6c:78:00:4e:e1:a2:37:
                    a0:55:cb:d0:82:8d:9d:34:b2:14:8c:a5:90:b0:c6:
                    cf:69:ee:45:26:a0:6b:ec:59:c0:78:a4:3a:f4:bd:
                    fc:6c:e3:61:66:bb:80:c6:40:f2:16:fe:bc:32:b6:
                    90:89:45:9f:5e:35:62:5a:68:0b:28:44:f1:6e:38:
                    0a:da:5c:20:b0:e0:57:eb:98:2f:0f:45:8f:c6:0d:
                    4d:8c:5f:fd:3e:14:87:da:7a:42:23:1f:e2:d9:9b:
                    d4:c6:ce:20:15:11:d1:7c:06:d9:77:e6:54:5f:08:
                    81:bf:ed:4e:88:f8:84:0b:7a:a2:b9:2f:ec:3c:cc:
                    fa:4a:44:29:53:88:d2:23:50:07:ae:a5:67:76:b8:
                    64:21:1d:74:9d:4c:2c:a7:ac:64:06:67:4d:c5:6d:
                    d8:ca:22:62:0a:89:b1:c4:97:12:03:63:16:16:ae:
                    0b:84:54:e5:d2:0b:12:ad:6d:a6:48:d1:fc:ff:0d:
                    3b:99:ee:48:59:31:3e:9f:3e:7f:24:c1:ad:6f:20:
                    10:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:D8:B2:3E:9A:23:83:EA:10:43:37:5F:04:B9:96:8E:E7:BC:83:ED
            X509v3 Authority Key Identifier:
                keyid:8A:D3:24:2B:5E:65:A3:D0:D9:1C:6B:19:EB:40:91:95:9B:24:31:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itMkK15lo9DZHGsZ60CRlZskMUg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:c9:61:cd:d1:00:2a:64:97:32:46:e7:ce:40:1d:17:18:c0:
         22:83:79:83:c5:73:52:e6:81:e0:6d:30:84:a5:21:74:34:82:
         ea:ef:9c:78:3b:8b:29:eb:38:d8:02:ce:c1:0f:f6:29:63:83:
         75:3a:04:94:14:0b:5c:4d:88:95:48:68:4c:e6:10:ea:11:e7:
         85:77:71:9d:b9:97:f9:36:32:fb:a2:1c:7c:d1:ca:64:a5:ad:
         eb:52:bc:0e:81:a8:cf:6c:5c:a0:0f:fc:65:2e:2f:b1:4b:d2:
         6a:b7:1d:6c:ea:74:39:51:89:ea:6a:34:f2:21:06:e1:e5:86:
         58:6f:78:1b:58:81:82:a3:ae:b7:0b:c5:9d:c5:fb:4a:e5:07:
         ca:70:a8:dc:33:18:90:3b:89:c3:69:fe:36:4e:f1:04:a6:a8:
         59:52:3d:99:e3:a6:28:8e:0a:47:6b:25:39:3a:49:5f:e4:a7:
         7f:5e:c7:58:02:ae:77:01:66:9e:c5:4d:ee:d2:4e:36:19:dd:
         d6:87:25:b6:40:d7:b3:06:7f:98:88:75:06:8f:0f:03:01:45:
         a8:66:d6:b2:d1:08:38:5a:72:3b:2b:1f:e0:58:86:9f:71:f7:
         0d:37:5a:54:a0:96:40:ca:7a:56:26:88:b0:56:a4:5f:51:d1:
         e6:80:4c:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUcocITYcxKZCD1MtK8B4hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZDMyNDJiNWU2NWEzZDBkOTFjNmIxOWViNDA5MTk1OWIy
NDMxNDgwHhcNMjUwODIzMDEwMjEyWhcNMjUwODI0MDEwMjEyWjAzMTEwLwYDVQQD
EyhiOWQ4YjIzZTlhMjM4M2VhMTA0MzM3NWYwNGI5OTY4ZWU3YmM4M2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvrNy8FvpS07PYWLNPLw5lniLqd5v
NSYpnGDHT+J4JwAEavE8SCEL0lSobZU3oK4Pf480Nmx4AE7hojegVcvQgo2dNLIU
jKWQsMbPae5FJqBr7FnAeKQ69L38bONhZruAxkDyFv68MraQiUWfXjViWmgLKETx
bjgK2lwgsOBX65gvD0WPxg1NjF/9PhSH2npCIx/i2ZvUxs4gFRHRfAbZd+ZUXwiB
v+1OiPiEC3qiuS/sPMz6SkQpU4jSI1AHrqVndrhkIR10nUwsp6xkBmdNxW3YyiJi
ComxxJcSA2MWFq4LhFTl0gsSrW2mSNH8/w07me5IWTE+nz5/JMGtbyAQGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLnYsj6aI4PqEEM3XwS5lo7nvIPtMB8GA1UdIwQY
MBaAFIrTJCteZaPQ2RxrGetAkZWbJDFIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXRNa0sxNWxvOURaSEdzWjYwQ1JsWnNrTVVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9kN2RlMTAtNWRjMC00ZDg5LTlhNjgt
ZjcwNGIxZjUzYWNlLzEvaXRNa0sxNWxvOURaSEdzWjYwQ1JsWnNrTVVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9kN2RlMTAtNWRjMC00ZDg5LTlhNjgtZjcwNGIxZjUzYWNl
LzEvaXRNa0sxNWxvOURaSEdzWjYwQ1JsWnNrTVVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKclhzdEA
KmSXMkbnzkAdFxjAIoN5g8VzUuaB4G0whKUhdDSC6u+ceDuLKes42ALOwQ/2KWOD
dToElBQLXE2IlUhoTOYQ6hHnhXdxnbmX+TYy+6IcfNHKZKWt61K8DoGoz2xcoA/8
ZS4vsUvSarcdbOp0OVGJ6mo08iEG4eWGWG94G1iBgqOutwvFncX7SuUHynCo3DMY
kDuJw2n+Nk7xBKaoWVI9meOmKI4KR2slOTpJX+Snf17HWAKudwFmnsVN7tJONhnd
1ocltkDXswZ/mIh1Bo8PAwFFqGbWstEIOFpyOysf4FiGn3H3DTdaVKCWQMp6ViaI
sFakX1HR5oBMng==
-----END CERTIFICATE-----