Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/9f2fc8-8f2c-47e0-97da-ed07ecf2dc36/1/gz8MJRPUNTtAzvg5F57r-HOCRcY.mft
File:                     gz8MJRPUNTtAzvg5F57r-HOCRcY.mft (raw, json)
Hash identifier:          OZv1c+upbuRF2TM88qEcakajCw2mn5F6RWDWW6XAHtQ=
Subject key identifier:   1E:1D:9F:67:D5:10:DE:B8:62:59:03:76:FC:CE:F8:5A:51:B5:71:1A
Authority key identifier: 83:3F:0C:25:13:D4:35:3B:40:CE:F8:39:17:9E:EB:F8:73:82:45:C6
Certificate issuer:       /CN=833f0c2513d4353b40cef839179eebf8738245c6
Certificate serial:       0198D6605412BE9B8D1C1ADDAAE88448B3A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gz8MJRPUNTtAzvg5F57r-HOCRcY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/9f2fc8-8f2c-47e0-97da-ed07ecf2dc36/1/gz8MJRPUNTtAzvg5F57r-HOCRcY.mft
Manifest number:          111E
Signing time:             Sat 23 Aug 2025 10:01:33 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:33 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:33 +0000
Files and hashes:         1: gz8MJRPUNTtAzvg5F57r-HOCRcY.crl (hash: 86hvzWxaeYnckttRiPoFQJjAysX7cGMeqFN+xSPDQ+k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ef/9f2fc8-8f2c-47e0-97da-ed07ecf2dc36/1/gz8MJRPUNTtAzvg5F57r-HOCRcY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ef/9f2fc8-8f2c-47e0-97da-ed07ecf2dc36/1/gz8MJRPUNTtAzvg5F57r-HOCRcY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gz8MJRPUNTtAzvg5F57r-HOCRcY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:54:12:be:9b:8d:1c:1a:dd:aa:e8:84:48:b3:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=833f0c2513d4353b40cef839179eebf8738245c6
        Validity
            Not Before: Aug 23 10:01:33 2025 GMT
            Not After : Aug 24 10:01:33 2025 GMT
        Subject: CN=1e1d9f67d510deb862590376fccef85a51b5711a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:18:73:ae:fa:a2:ef:2a:6d:bf:97:f5:be:18:
                    fc:02:8d:88:ff:a4:0b:ce:6b:aa:7e:44:dd:b5:b7:
                    28:90:9c:55:43:bb:5e:b8:44:77:87:d2:9b:a5:e1:
                    3b:90:b4:3e:90:de:12:e6:74:f3:af:c6:f7:26:3c:
                    26:63:32:6e:99:73:e2:0a:ec:cf:20:fd:60:b0:7d:
                    32:02:ab:0d:4e:c2:52:86:91:d9:5b:cb:5e:f3:80:
                    0a:7d:bb:2b:86:91:d3:20:92:8e:a1:58:4b:0e:69:
                    c3:9a:63:1d:71:cb:f9:1d:3b:2f:71:df:6b:54:92:
                    01:2a:92:04:f2:1c:09:42:89:ce:43:0f:9b:60:41:
                    bc:31:68:57:0a:65:25:ee:93:09:3b:75:e4:76:4a:
                    a3:79:4e:c3:58:8d:d8:b0:27:e3:62:f5:9c:49:90:
                    f3:cb:6b:e6:09:1c:39:d8:3a:f3:74:8b:89:da:a0:
                    44:07:17:2f:45:4c:e5:9b:0f:17:b6:5d:c0:28:f9:
                    ba:60:96:ae:9d:69:7f:fa:7f:45:cf:ef:74:05:2c:
                    8a:0e:d2:d1:c9:04:0f:7d:3d:69:a3:7f:48:54:fa:
                    b4:e5:cd:72:a1:ef:e4:52:23:ff:35:64:e3:6b:f5:
                    db:bf:b0:e7:2d:0e:00:ba:2a:61:85:c4:19:b3:d6:
                    8a:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:1D:9F:67:D5:10:DE:B8:62:59:03:76:FC:CE:F8:5A:51:B5:71:1A
            X509v3 Authority Key Identifier:
                keyid:83:3F:0C:25:13:D4:35:3B:40:CE:F8:39:17:9E:EB:F8:73:82:45:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz8MJRPUNTtAzvg5F57r-HOCRcY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/9f2fc8-8f2c-47e0-97da-ed07ecf2dc36/1/gz8MJRPUNTtAzvg5F57r-HOCRcY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/9f2fc8-8f2c-47e0-97da-ed07ecf2dc36/1/gz8MJRPUNTtAzvg5F57r-HOCRcY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:13:3e:96:b3:86:b1:19:40:68:77:db:28:b3:db:57:ee:41:
         e5:3b:d1:f1:ea:1e:36:d4:79:b8:5d:c9:3a:e6:33:70:c8:9b:
         eb:ad:44:a8:e4:59:d2:94:c7:d4:85:64:2b:0f:5d:59:bb:f7:
         43:7b:87:c0:97:ab:ba:26:73:8b:0c:21:74:fd:7e:6f:c3:83:
         48:d3:51:df:15:b0:26:14:9a:d7:2f:e1:56:14:54:08:ed:90:
         86:f2:5f:d6:fb:de:4b:05:d6:01:9f:ff:43:de:41:c1:aa:f4:
         9b:1a:04:68:92:52:ac:b2:f9:30:26:c5:c5:70:78:30:e3:53:
         26:26:7e:1c:29:d5:1d:10:e4:5a:2e:b3:d9:29:0c:8c:92:7c:
         4d:4b:c2:be:26:c6:76:5c:0a:35:da:d7:c9:32:04:20:2a:71:
         94:04:2b:62:ba:64:a6:57:c8:20:1f:98:f0:10:40:e5:a9:82:
         33:31:43:dc:23:89:7c:8f:28:08:9c:d8:31:04:e6:d7:50:15:
         01:bb:27:c1:ad:27:b8:86:f1:03:7c:1a:cd:9c:41:32:00:dc:
         37:21:ee:74:78:ff:0a:fe:4a:29:b6:70:e9:11:5c:80:84:4c:
         8f:4d:4d:c7:b3:e9:3e:06:bb:1b:aa:1d:a5:fc:09:9d:7b:bd:
         bb:50:77:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYFQSvpuNHBrdquiESLOkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2YwYzI1MTNkNDM1M2I0MGNlZjgzOTE3OWVlYmY4NzM4
MjQ1YzYwHhcNMjUwODIzMTAwMTMzWhcNMjUwODI0MTAwMTMzWjAzMTEwLwYDVQQD
EygxZTFkOWY2N2Q1MTBkZWI4NjI1OTAzNzZmY2NlZjg1YTUxYjU3MTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxhzrvqi7yptv5f1vhj8Ao2I/6QL
zmuqfkTdtbcokJxVQ7teuER3h9KbpeE7kLQ+kN4S5nTzr8b3JjwmYzJumXPiCuzP
IP1gsH0yAqsNTsJShpHZW8te84AKfbsrhpHTIJKOoVhLDmnDmmMdccv5HTsvcd9r
VJIBKpIE8hwJQonOQw+bYEG8MWhXCmUl7pMJO3XkdkqjeU7DWI3YsCfjYvWcSZDz
y2vmCRw52DrzdIuJ2qBEBxcvRUzlmw8Xtl3AKPm6YJaunWl/+n9Fz+90BSyKDtLR
yQQPfT1po39IVPq05c1yoe/kUiP/NWTja/Xbv7DnLQ4AuiphhcQZs9aKwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB4dn2fVEN64YlkDdvzO+FpRtXEaMB8GA1UdIwQY
MBaAFIM/DCUT1DU7QM74ORee6/hzgkXGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o4TUpSUFVOVHRBenZnNUY1N3ItSE9DUmNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi85ZjJmYzgtOGYyYy00N2UwLTk3ZGEt
ZWQwN2VjZjJkYzM2LzEvZ3o4TUpSUFVOVHRBenZnNUY1N3ItSE9DUmNZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi85ZjJmYzgtOGYyYy00N2UwLTk3ZGEtZWQwN2VjZjJkYzM2
LzEvZ3o4TUpSUFVOVHRBenZnNUY1N3ItSE9DUmNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAphM+lrOG
sRlAaHfbKLPbV+5B5TvR8eoeNtR5uF3JOuYzcMib661EqORZ0pTH1IVkKw9dWbv3
Q3uHwJeruiZziwwhdP1+b8ODSNNR3xWwJhSa1y/hVhRUCO2QhvJf1vveSwXWAZ//
Q95Bwar0mxoEaJJSrLL5MCbFxXB4MONTJiZ+HCnVHRDkWi6z2SkMjJJ8TUvCvibG
dlwKNdrXyTIEICpxlAQrYrpkplfIIB+Y8BBA5amCMzFD3COJfI8oCJzYMQTm11AV
Absnwa0nuIbxA3wazZxBMgDcNyHudHj/Cv5KKbZw6RFcgIRMj01Nx7PpPga7G6od
pfwJnXu9u1B3fQ==
-----END CERTIFICATE-----