Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft
File:                     XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft (raw, json)
Hash identifier:          P5GTemNFawZLgIFVzxpBUppUpQJGKzSql8fyV1Bk0Nk=
Subject key identifier:   47:D0:C0:A4:F5:61:D9:FF:69:67:9F:96:1A:28:CF:D4:49:86:EC:86
Authority key identifier: 5C:DF:30:1A:C0:15:26:D0:8C:DE:C2:42:CC:5A:14:01:41:FB:15:3D
Certificate issuer:       /CN=5cdf301ac01526d08cdec242cc5a140141fb153d
Certificate serial:       0198D7E10ED2607424DD1B395772742C2E33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft
Manifest number:          026F
Signing time:             Sat 23 Aug 2025 17:01:47 +0000
Manifest this update:     Sat 23 Aug 2025 17:01:47 +0000
Manifest next update:     Sun 24 Aug 2025 17:01:47 +0000
Files and hashes:         1: XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl (hash: hBcix+uuaxRNEKx3O/eQJP9RBxEbEU0aC9YIawnn8kE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:e1:0e:d2:60:74:24:dd:1b:39:57:72:74:2c:2e:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5cdf301ac01526d08cdec242cc5a140141fb153d
        Validity
            Not Before: Aug 23 17:01:47 2025 GMT
            Not After : Aug 24 17:01:47 2025 GMT
        Subject: CN=47d0c0a4f561d9ff69679f961a28cfd44986ec86
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:0c:aa:2c:34:6c:ef:47:4b:15:23:d2:82:15:
                    39:e7:6a:54:36:7f:e4:8d:56:4d:bc:bc:fb:83:47:
                    65:d6:54:68:09:2c:ed:5d:38:32:fc:02:d4:67:8c:
                    c9:11:61:6d:7b:c1:e6:26:47:dd:c0:c1:82:83:c7:
                    28:ad:38:30:6d:f0:60:5b:fb:48:42:14:fe:7c:f4:
                    2c:1f:a3:57:ee:db:5c:96:70:92:99:9a:af:ae:ee:
                    cb:08:77:37:cd:6d:f6:0e:ae:8e:37:e0:81:39:9c:
                    5d:0e:9a:cb:c7:66:9a:e1:01:58:9f:7e:18:39:0f:
                    21:a0:9d:e9:b5:19:68:84:11:e5:c7:77:f8:72:02:
                    83:8b:5e:36:1b:d5:36:a4:70:fa:95:d7:37:f8:41:
                    f3:ae:55:55:47:2f:c8:ba:78:7e:95:c8:24:28:68:
                    20:ed:d7:5e:34:f5:f5:01:a6:86:82:dd:24:54:00:
                    30:15:c1:7e:c5:39:f8:61:f5:68:1b:47:8c:ca:20:
                    e7:c2:9c:ff:23:3d:f2:64:8a:36:00:84:3e:54:93:
                    4f:4e:27:d4:38:4e:e9:9f:33:65:d5:9b:e1:8e:37:
                    5e:45:af:cc:f2:a4:48:6f:2d:15:c6:4d:85:61:ee:
                    db:3c:97:69:2a:ff:d4:1a:e3:e4:6a:48:a2:56:31:
                    ff:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:D0:C0:A4:F5:61:D9:FF:69:67:9F:96:1A:28:CF:D4:49:86:EC:86
            X509v3 Authority Key Identifier:
                keyid:5C:DF:30:1A:C0:15:26:D0:8C:DE:C2:42:CC:5A:14:01:41:FB:15:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:ef:71:61:60:41:38:8e:39:a7:5f:73:09:65:af:e1:bc:ff:
         f1:95:00:a7:e1:85:30:65:f6:0c:7b:27:ed:08:49:e6:a4:89:
         77:c5:00:e3:90:fa:ec:3f:af:a1:3d:ab:d3:2b:be:27:53:45:
         d1:f7:fe:51:81:59:a7:8b:02:75:64:6a:17:b9:e7:f5:e2:b0:
         63:c7:be:c9:ca:d4:71:ef:89:25:10:4a:cb:0a:62:18:1a:dc:
         74:b0:8c:b7:b8:4d:26:1e:1f:82:9c:2f:5b:f7:2f:ba:67:16:
         ee:1e:05:74:f7:33:dd:30:33:7d:ee:90:a6:b2:a4:1b:7b:03:
         13:53:03:e6:86:ce:bf:37:f9:85:25:45:e5:ac:12:01:c1:14:
         09:89:b8:32:4a:6b:98:30:fd:3c:46:20:b3:7c:85:fd:65:7f:
         ed:57:4b:fe:fe:92:39:27:52:9f:18:81:a3:e9:d0:b8:a7:79:
         f9:e9:4b:5f:c6:20:76:80:ae:83:be:d7:12:04:e6:f2:55:0e:
         c6:f8:ad:74:fe:e7:21:82:17:f7:35:f9:35:be:96:3b:a7:fd:
         f7:f4:04:37:b1:b7:6d:17:23:24:dc:9c:0f:d4:10:ea:10:d5:
         3b:df:76:92:3e:77:b4:42:48:29:33:bd:e9:13:71:0d:1e:c7:
         f1:97:08:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjX4Q7SYHQk3Rs5V3J0LC4zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZGYzMDFhYzAxNTI2ZDA4Y2RlYzI0MmNjNWExNDAxNDFm
YjE1M2QwHhcNMjUwODIzMTcwMTQ3WhcNMjUwODI0MTcwMTQ3WjAzMTEwLwYDVQQD
Eyg0N2QwYzBhNGY1NjFkOWZmNjk2NzlmOTYxYTI4Y2ZkNDQ5ODZlYzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgyqLDRs70dLFSPSghU552pUNn/k
jVZNvLz7g0dl1lRoCSztXTgy/ALUZ4zJEWFte8HmJkfdwMGCg8corTgwbfBgW/tI
QhT+fPQsH6NX7ttclnCSmZqvru7LCHc3zW32Dq6ON+CBOZxdDprLx2aa4QFYn34Y
OQ8hoJ3ptRlohBHlx3f4cgKDi142G9U2pHD6ldc3+EHzrlVVRy/Iunh+lcgkKGgg
7ddeNPX1AaaGgt0kVAAwFcF+xTn4YfVoG0eMyiDnwpz/Iz3yZIo2AIQ+VJNPTifU
OE7pnzNl1ZvhjjdeRa/M8qRIby0Vxk2FYe7bPJdpKv/UGuPkakiiVjH/wQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEfQwKT1Ydn/aWeflhooz9RJhuyGMB8GA1UdIwQY
MBaAFFzfMBrAFSbQjN7CQsxaFAFB+xU9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9jMjRjYmUtMzM3NS00NGMzLWJhNjMt
Yzk2NDIyMGJhZTgwLzEvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9jMjRjYmUtMzM3NS00NGMzLWJhNjMtYzk2NDIyMGJhZTgw
LzEvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPe9xYWBB
OI45p19zCWWv4bz/8ZUAp+GFMGX2DHsn7QhJ5qSJd8UA45D67D+voT2r0yu+J1NF
0ff+UYFZp4sCdWRqF7nn9eKwY8e+ycrUce+JJRBKywpiGBrcdLCMt7hNJh4fgpwv
W/cvumcW7h4FdPcz3TAzfe6QprKkG3sDE1MD5obOvzf5hSVF5awSAcEUCYm4Mkpr
mDD9PEYgs3yF/WV/7VdL/v6SOSdSnxiBo+nQuKd5+elLX8YgdoCug77XEgTm8lUO
xvitdP7nIYIX9zX5Nb6WO6f99/QEN7G3bRcjJNycD9QQ6hDVO992kj53tEJIKTO9
6RNxDR7H8ZcIOg==
-----END CERTIFICATE-----