Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/6de2dc-ecd2-4af8-bb0a-3d08aabd5e9b/1/UtlINdtX9r4TjoZPWT7mrai4PtA.mft
File:                     UtlINdtX9r4TjoZPWT7mrai4PtA.mft (raw, json)
Hash identifier:          V4WIV/YgtEKXzBksARDgjqp1R4Yh/JFNmfOWMnXBB9Q=
Subject key identifier:   0D:E2:E6:DD:D0:D5:0E:7B:86:BC:E2:56:06:09:8C:17:59:CD:58:BE
Authority key identifier: 52:D9:48:35:DB:57:F6:BE:13:8E:86:4F:59:3E:E6:AD:A8:B8:3E:D0
Certificate issuer:       /CN=52d94835db57f6be138e864f593ee6ada8b83ed0
Certificate serial:       0198D65FD74A5F02D756BCC1624BF70F4BC2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UtlINdtX9r4TjoZPWT7mrai4PtA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/6de2dc-ecd2-4af8-bb0a-3d08aabd5e9b/1/UtlINdtX9r4TjoZPWT7mrai4PtA.mft
Manifest number:          FE
Signing time:             Sat 23 Aug 2025 10:01:01 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:01 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:01 +0000
Files and hashes:         1: UtlINdtX9r4TjoZPWT7mrai4PtA.crl (hash: Ui56sSgZYwxVXhuq8iFcR3yYFuaP3gDI0IhGuOcxxTc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f1/6de2dc-ecd2-4af8-bb0a-3d08aabd5e9b/1/UtlINdtX9r4TjoZPWT7mrai4PtA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f1/6de2dc-ecd2-4af8-bb0a-3d08aabd5e9b/1/UtlINdtX9r4TjoZPWT7mrai4PtA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UtlINdtX9r4TjoZPWT7mrai4PtA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 10:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:d7:4a:5f:02:d7:56:bc:c1:62:4b:f7:0f:4b:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=52d94835db57f6be138e864f593ee6ada8b83ed0
        Validity
            Not Before: Aug 23 10:01:01 2025 GMT
            Not After : Aug 24 10:01:01 2025 GMT
        Subject: CN=0de2e6ddd0d50e7b86bce25606098c1759cd58be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:e8:6c:20:f1:bf:11:5e:67:65:e1:11:93:6c:
                    76:57:f0:c0:06:65:7e:5f:7e:ff:e3:f5:dc:14:06:
                    c7:c4:02:12:63:1c:9a:ba:f7:06:95:67:1e:66:dc:
                    c4:74:7e:f9:66:9d:5c:5c:c3:ed:c4:8c:c9:4b:1e:
                    3c:55:54:a2:75:12:96:10:22:fb:19:41:a2:f0:aa:
                    55:e7:66:56:44:ed:e6:1c:f5:72:70:72:73:bb:d8:
                    2f:d0:6b:b9:00:21:9b:a1:80:5d:9f:e9:5a:3c:89:
                    9c:09:2e:5c:bb:45:1c:25:86:0a:cf:3c:d6:7c:e2:
                    33:cb:20:86:b9:42:68:d8:4b:ab:e2:a3:bc:7e:8f:
                    26:de:83:d7:a8:85:65:7d:a6:df:ad:99:68:a3:bb:
                    41:86:64:1b:3e:d2:c4:7a:18:64:77:5c:0b:9c:89:
                    d2:5b:fc:14:96:8f:4f:43:bb:55:8e:fd:24:92:da:
                    d3:1a:f4:4d:a5:12:23:d0:53:48:2d:33:97:03:0e:
                    d0:fd:7c:38:1e:31:ff:a0:c3:ca:aa:f3:fb:8a:66:
                    ef:f1:ac:d3:33:e1:34:41:fe:4d:e2:42:16:71:1d:
                    87:80:18:75:cf:f6:71:b4:93:e2:d7:92:80:d1:ba:
                    e4:f3:a6:b7:03:85:f4:d6:3c:9b:1c:0c:5d:4d:dc:
                    53:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:E2:E6:DD:D0:D5:0E:7B:86:BC:E2:56:06:09:8C:17:59:CD:58:BE
            X509v3 Authority Key Identifier:
                keyid:52:D9:48:35:DB:57:F6:BE:13:8E:86:4F:59:3E:E6:AD:A8:B8:3E:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UtlINdtX9r4TjoZPWT7mrai4PtA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/6de2dc-ecd2-4af8-bb0a-3d08aabd5e9b/1/UtlINdtX9r4TjoZPWT7mrai4PtA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/6de2dc-ecd2-4af8-bb0a-3d08aabd5e9b/1/UtlINdtX9r4TjoZPWT7mrai4PtA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:17:a0:c7:7c:cc:68:30:3e:1b:3a:e9:59:cb:6c:97:8d:28:
         e4:50:47:22:4b:a3:36:0c:90:6a:fc:02:7a:95:20:be:78:61:
         bc:73:14:fa:de:c6:17:18:50:54:10:b3:98:73:f1:7b:c2:fb:
         16:b7:62:7b:ff:7c:b0:d5:d7:64:3c:d3:8b:d8:04:bc:1f:22:
         68:dc:35:8b:ab:0a:69:dd:14:9d:70:30:db:81:91:a7:31:36:
         c2:5a:af:57:bc:12:f3:0e:a5:de:7f:6e:2c:f6:b9:0f:a3:77:
         e2:9b:ca:ea:e7:dd:62:0d:d9:58:33:bc:f1:c3:59:9c:27:a5:
         a8:8f:84:7b:ae:31:21:63:7b:ad:2e:59:36:f9:19:dc:51:06:
         7e:aa:d6:66:cb:5f:89:e2:c4:f5:b9:8f:f9:eb:39:59:9a:9a:
         44:53:6b:54:97:71:71:84:c0:04:a6:ff:6f:a7:fc:68:a3:cc:
         3d:6a:8d:0f:82:f7:c9:92:13:c7:76:c6:60:e1:6b:c8:ec:5f:
         6e:29:d1:9d:ad:4b:ba:53:01:2e:3d:8b:be:42:fe:f9:b8:89:
         da:17:d8:13:8b:f9:21:9f:96:e4:01:53:75:84:e4:16:af:38:
         be:6a:4b:04:06:8a:a9:f5:68:86:75:0c:a1:93:35:76:06:05:
         1c:b3:22:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWX9dKXwLXVrzBYkv3D0vCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyZDk0ODM1ZGI1N2Y2YmUxMzhlODY0ZjU5M2VlNmFkYThi
ODNlZDAwHhcNMjUwODIzMTAwMTAxWhcNMjUwODI0MTAwMTAxWjAzMTEwLwYDVQQD
EygwZGUyZTZkZGQwZDUwZTdiODZiY2UyNTYwNjA5OGMxNzU5Y2Q1OGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ehsIPG/EV5nZeERk2x2V/DABmV+
X37/4/XcFAbHxAISYxyauvcGlWceZtzEdH75Zp1cXMPtxIzJSx48VVSidRKWECL7
GUGi8KpV52ZWRO3mHPVycHJzu9gv0Gu5ACGboYBdn+laPImcCS5cu0UcJYYKzzzW
fOIzyyCGuUJo2Eur4qO8fo8m3oPXqIVlfabfrZloo7tBhmQbPtLEehhkd1wLnInS
W/wUlo9PQ7tVjv0kktrTGvRNpRIj0FNILTOXAw7Q/Xw4HjH/oMPKqvP7imbv8azT
M+E0Qf5N4kIWcR2HgBh1z/ZxtJPi15KA0brk86a3A4X01jybHAxdTdxTdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA3i5t3Q1Q57hrziVgYJjBdZzVi+MB8GA1UdIwQY
MBaAFFLZSDXbV/a+E46GT1k+5q2ouD7QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXRsSU5kdFg5cjRUam9aUFdUN21yYWk0UHRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS82ZGUyZGMtZWNkMi00YWY4LWJiMGEt
M2QwOGFhYmQ1ZTliLzEvVXRsSU5kdFg5cjRUam9aUFdUN21yYWk0UHRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS82ZGUyZGMtZWNkMi00YWY4LWJiMGEtM2QwOGFhYmQ1ZTli
LzEvVXRsSU5kdFg5cjRUam9aUFdUN21yYWk0UHRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKhegx3zM
aDA+GzrpWctsl40o5FBHIkujNgyQavwCepUgvnhhvHMU+t7GFxhQVBCzmHPxe8L7
Frdie/98sNXXZDzTi9gEvB8iaNw1i6sKad0UnXAw24GRpzE2wlqvV7wS8w6l3n9u
LPa5D6N34pvK6ufdYg3ZWDO88cNZnCelqI+Ee64xIWN7rS5ZNvkZ3FEGfqrWZstf
ieLE9bmP+es5WZqaRFNrVJdxcYTABKb/b6f8aKPMPWqND4L3yZITx3bGYOFryOxf
binRna1LulMBLj2LvkL++biJ2hfYE4v5IZ+W5AFTdYTkFq84vmpLBAaKqfVohnUM
oZM1dgYFHLMieA==
-----END CERTIFICATE-----