Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/cb88ae-f020-44d9-b462-da6199b82f11/1/v7yKhmj1D9r0lPUoosqv0Ct8Ma0.mft
File:                     v7yKhmj1D9r0lPUoosqv0Ct8Ma0.mft (raw, json)
Hash identifier:          OR6vhuZ+cIE0/8LkQ5mtjLdgstwcnHMIcavhbHkCY3Y=
Subject key identifier:   2D:44:B8:A6:97:12:9F:C8:75:CD:F4:4E:66:CF:CE:0A:4B:D5:8A:18
Authority key identifier: BF:BC:8A:86:68:F5:0F:DA:F4:94:F5:28:A2:CA:AF:D0:2B:7C:31:AD
Certificate issuer:       /CN=bfbc8a8668f50fdaf494f528a2caafd02b7c31ad
Certificate serial:       0198D54E4A3DB508AEC2212A92210DD2B342
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v7yKhmj1D9r0lPUoosqv0Ct8Ma0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/cb88ae-f020-44d9-b462-da6199b82f11/1/v7yKhmj1D9r0lPUoosqv0Ct8Ma0.mft
Manifest number:          0312
Signing time:             Sat 23 Aug 2025 05:02:14 +0000
Manifest this update:     Sat 23 Aug 2025 05:02:14 +0000
Manifest next update:     Sun 24 Aug 2025 05:02:14 +0000
Files and hashes:         1: v7yKhmj1D9r0lPUoosqv0Ct8Ma0.crl (hash: 7jzmACVu5E8ed6Ezcvux1GbMUrHnseY1zbo0rjpxyDc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f5/cb88ae-f020-44d9-b462-da6199b82f11/1/v7yKhmj1D9r0lPUoosqv0Ct8Ma0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f5/cb88ae-f020-44d9-b462-da6199b82f11/1/v7yKhmj1D9r0lPUoosqv0Ct8Ma0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/v7yKhmj1D9r0lPUoosqv0Ct8Ma0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:4e:4a:3d:b5:08:ae:c2:21:2a:92:21:0d:d2:b3:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfbc8a8668f50fdaf494f528a2caafd02b7c31ad
        Validity
            Not Before: Aug 23 05:02:14 2025 GMT
            Not After : Aug 24 05:02:14 2025 GMT
        Subject: CN=2d44b8a697129fc875cdf44e66cfce0a4bd58a18
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:cc:73:4d:30:28:be:50:9e:9a:69:1b:39:77:
                    a5:3d:45:e7:7b:7e:30:d3:68:b1:df:0b:c8:b4:da:
                    15:67:3d:c4:69:b7:1d:55:b8:0e:1a:4c:28:d6:15:
                    84:ec:fd:5c:f9:8f:7e:5e:03:d4:17:51:db:f7:4a:
                    e7:8a:e4:03:fe:00:4e:0a:d7:1b:df:bb:e4:e9:6e:
                    8b:ab:c1:59:1e:53:fe:7e:ac:f7:ab:24:71:60:22:
                    06:5c:b4:d6:7f:b2:75:53:1c:17:40:79:ba:c7:86:
                    95:48:75:46:3b:f4:f9:d5:a5:9d:96:f3:85:37:90:
                    2d:10:5a:ef:30:b6:44:65:4a:b1:4b:70:28:55:b9:
                    f0:33:c9:80:4c:08:54:ab:cc:53:4a:ca:3e:10:fc:
                    31:bd:01:de:c0:74:e1:b3:a3:6f:0f:f8:8e:8f:3f:
                    a8:1c:10:37:5b:bf:8d:e6:35:51:64:e8:1f:e0:ce:
                    e9:39:0a:c2:fa:86:08:c9:76:67:c2:c7:bf:7e:c6:
                    d5:6a:94:89:bd:e6:67:de:ba:05:03:bd:64:85:f5:
                    80:0b:af:e3:1c:59:c8:8e:bd:9a:01:e5:2c:fe:6a:
                    24:dc:2c:30:c1:b6:63:17:96:03:c5:9b:ff:2a:02:
                    96:37:9d:6c:25:d5:83:12:c5:2d:f3:aa:6a:01:6c:
                    50:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:44:B8:A6:97:12:9F:C8:75:CD:F4:4E:66:CF:CE:0A:4B:D5:8A:18
            X509v3 Authority Key Identifier:
                keyid:BF:BC:8A:86:68:F5:0F:DA:F4:94:F5:28:A2:CA:AF:D0:2B:7C:31:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v7yKhmj1D9r0lPUoosqv0Ct8Ma0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/cb88ae-f020-44d9-b462-da6199b82f11/1/v7yKhmj1D9r0lPUoosqv0Ct8Ma0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/cb88ae-f020-44d9-b462-da6199b82f11/1/v7yKhmj1D9r0lPUoosqv0Ct8Ma0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         e0:a3:93:0a:9d:b2:b0:43:a3:8d:79:37:93:be:36:12:b8:84:
         a9:15:b1:7b:35:b9:e6:b3:5b:7a:56:e9:70:0b:71:8c:5f:65:
         95:13:7a:85:96:5a:98:82:64:a8:77:6c:5b:96:89:ce:99:c3:
         c5:a2:4e:76:a9:e9:3b:cd:70:b0:9a:47:bd:8a:d4:47:5f:90:
         31:76:0f:a4:cf:94:28:1e:bd:2f:cf:c7:d2:7c:47:fe:74:ce:
         09:a0:7d:2c:f9:e7:26:5b:49:06:7b:69:87:ee:a5:d4:b7:86:
         31:73:d8:de:0a:7d:40:64:f3:76:fb:f9:c9:b7:bc:40:ae:74:
         7a:31:ec:a5:64:fa:a9:5f:da:6e:f6:64:7d:ec:8c:a6:66:91:
         cc:78:e1:38:71:ab:16:47:6a:87:43:91:00:57:fe:6d:e2:25:
         d7:ea:da:12:c0:80:3f:6c:42:0f:f7:fe:26:77:88:21:ef:1a:
         ad:ce:69:14:61:98:f8:72:70:5c:ba:49:5b:81:73:24:66:3d:
         62:10:fc:05:28:fb:dd:54:ab:c8:c0:d4:c9:40:f6:76:02:98:
         33:09:7a:3c:d7:38:67:cc:58:87:3e:04:af:7b:70:84:70:e1:
         c8:98:e7:80:b2:02:28:a5:7f:33:5a:91:e8:57:cb:d8:2b:b7:
         bb:c7:5e:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTko9tQiuwiEqkiEN0rNCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYmM4YTg2NjhmNTBmZGFmNDk0ZjUyOGEyY2FhZmQwMmI3
YzMxYWQwHhcNMjUwODIzMDUwMjE0WhcNMjUwODI0MDUwMjE0WjAzMTEwLwYDVQQD
EygyZDQ0YjhhNjk3MTI5ZmM4NzVjZGY0NGU2NmNmY2UwYTRiZDU4YTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8xzTTAovlCemmkbOXelPUXne34w
02ix3wvItNoVZz3EabcdVbgOGkwo1hWE7P1c+Y9+XgPUF1Hb90rniuQD/gBOCtcb
37vk6W6Lq8FZHlP+fqz3qyRxYCIGXLTWf7J1UxwXQHm6x4aVSHVGO/T51aWdlvOF
N5AtEFrvMLZEZUqxS3AoVbnwM8mATAhUq8xTSso+EPwxvQHewHThs6NvD/iOjz+o
HBA3W7+N5jVRZOgf4M7pOQrC+oYIyXZnwse/fsbVapSJveZn3roFA71khfWAC6/j
HFnIjr2aAeUs/mok3CwwwbZjF5YDxZv/KgKWN51sJdWDEsUt86pqAWxQJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC1EuKaXEp/Idc30TmbPzgpL1YoYMB8GA1UdIwQY
MBaAFL+8ioZo9Q/a9JT1KKLKr9ArfDGtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjd5S2htajFEOXIwbFBVb29zcXYwQ3Q4TWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9jYjg4YWUtZjAyMC00NGQ5LWI0NjIt
ZGE2MTk5YjgyZjExLzEvdjd5S2htajFEOXIwbFBVb29zcXYwQ3Q4TWEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9jYjg4YWUtZjAyMC00NGQ5LWI0NjItZGE2MTk5YjgyZjEx
LzEvdjd5S2htajFEOXIwbFBVb29zcXYwQ3Q4TWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA4KOTCp2y
sEOjjXk3k742EriEqRWxezW55rNbelbpcAtxjF9llRN6hZZamIJkqHdsW5aJzpnD
xaJOdqnpO81wsJpHvYrUR1+QMXYPpM+UKB69L8/H0nxH/nTOCaB9LPnnJltJBntp
h+6l1LeGMXPY3gp9QGTzdvv5ybe8QK50ejHspWT6qV/abvZkfeyMpmaRzHjhOHGr
Fkdqh0ORAFf+beIl1+raEsCAP2xCD/f+JneIIe8arc5pFGGY+HJwXLpJW4FzJGY9
YhD8BSj73VSryMDUyUD2dgKYMwl6PNc4Z8xYhz4Er3twhHDhyJjngLICKKV/M1qR
6FfL2Cu3u8deyA==
-----END CERTIFICATE-----