Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/6b8ea6-f907-40d1-9e7d-d94e601843d1/1/r4poziKkwZ8XcA9izPi7bC2vUeE.mft
File:                     r4poziKkwZ8XcA9izPi7bC2vUeE.mft (raw, json)
Hash identifier:          MZFLjmkP/llxvHxn+vILEnvmdmO3KqxlOzgeql/BkO8=
Subject key identifier:   55:F5:18:F7:20:51:DF:E8:B4:AE:27:71:CE:F1:2E:77:46:D8:69:65
Authority key identifier: AF:8A:68:CE:22:A4:C1:9F:17:70:0F:62:CC:F8:BB:6C:2D:AF:51:E1
Certificate issuer:       /CN=af8a68ce22a4c19f17700f62ccf8bb6c2daf51e1
Certificate serial:       019872CF5042F01768C5E1688AFDEAF78000
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r4poziKkwZ8XcA9izPi7bC2vUeE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/6b8ea6-f907-40d1-9e7d-d94e601843d1/1/r4poziKkwZ8XcA9izPi7bC2vUeE.mft
Manifest number:          0F92
Signing time:             Mon 04 Aug 2025 02:00:45 +0000
Manifest this update:     Mon 04 Aug 2025 02:00:45 +0000
Manifest next update:     Tue 05 Aug 2025 02:00:45 +0000
Files and hashes:         1: r4poziKkwZ8XcA9izPi7bC2vUeE.crl (hash: QBizt0J6XyRKzKARjr/cc63voOAaCT5vA388uu67aec=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1f/6b8ea6-f907-40d1-9e7d-d94e601843d1/1/r4poziKkwZ8XcA9izPi7bC2vUeE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1f/6b8ea6-f907-40d1-9e7d-d94e601843d1/1/r4poziKkwZ8XcA9izPi7bC2vUeE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r4poziKkwZ8XcA9izPi7bC2vUeE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 02:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:72:cf:50:42:f0:17:68:c5:e1:68:8a:fd:ea:f7:80:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af8a68ce22a4c19f17700f62ccf8bb6c2daf51e1
        Validity
            Not Before: Aug  4 02:00:45 2025 GMT
            Not After : Aug  5 02:00:45 2025 GMT
        Subject: CN=55f518f72051dfe8b4ae2771cef12e7746d86965
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:5e:74:f5:ee:6f:91:38:1f:e5:2b:a7:e4:c3:
                    6f:df:92:2d:b8:b3:29:35:5a:c2:09:55:f8:2b:ac:
                    01:83:9a:0c:ba:40:6c:16:c5:7a:94:b0:d4:0c:3d:
                    66:ce:a2:12:18:f0:97:6c:82:34:46:91:5a:19:a4:
                    5c:65:3d:37:bf:32:17:66:ab:72:3b:d2:78:59:36:
                    96:3b:4f:d9:29:8a:59:19:46:61:d3:87:3d:68:f4:
                    81:69:23:8a:ee:06:61:e3:da:aa:c7:8f:a2:3d:57:
                    26:42:5d:17:a5:cc:e9:24:7b:e3:03:fc:e6:96:9a:
                    6a:98:22:96:98:17:61:e1:12:2d:98:28:a5:80:c2:
                    54:43:b8:ba:0c:17:8f:48:d8:01:64:cd:8b:af:cc:
                    71:02:a2:33:bb:b5:fa:59:60:eb:1d:e4:2b:89:16:
                    82:a1:d3:6b:42:58:a8:08:2f:32:7b:dc:e6:ad:43:
                    42:2c:ef:4f:40:0f:4f:18:08:32:47:2e:de:83:09:
                    ef:c5:16:6c:1a:5f:53:4f:f3:81:aa:f1:64:54:e7:
                    3f:d9:a3:0d:46:ca:ed:52:c0:b9:38:95:16:f5:d9:
                    f9:c1:6b:83:36:d7:7b:04:79:36:4e:a2:3e:a4:94:
                    a6:b0:4a:39:be:07:12:b1:b7:42:80:38:83:40:af:
                    8e:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:F5:18:F7:20:51:DF:E8:B4:AE:27:71:CE:F1:2E:77:46:D8:69:65
            X509v3 Authority Key Identifier:
                keyid:AF:8A:68:CE:22:A4:C1:9F:17:70:0F:62:CC:F8:BB:6C:2D:AF:51:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4poziKkwZ8XcA9izPi7bC2vUeE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/6b8ea6-f907-40d1-9e7d-d94e601843d1/1/r4poziKkwZ8XcA9izPi7bC2vUeE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/6b8ea6-f907-40d1-9e7d-d94e601843d1/1/r4poziKkwZ8XcA9izPi7bC2vUeE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:1f:c8:62:1e:22:fb:23:e7:b6:e4:ec:bd:16:19:4f:e2:aa:
         bf:55:3d:5f:31:ac:43:2f:cc:d5:0f:56:fa:a7:e7:35:7f:dc:
         ba:59:f7:21:f8:c3:59:7f:b8:63:e1:c2:52:78:a1:ab:cc:a7:
         27:ae:ce:9e:cf:d9:d7:03:24:bb:e8:63:f3:4d:33:d2:e5:f0:
         ed:5e:5f:85:a7:d7:14:7a:d6:ab:bc:79:18:e0:fb:bc:6d:42:
         f2:70:fc:e7:ac:a7:f0:53:52:45:21:e8:b8:ac:8d:5b:97:09:
         09:29:24:21:aa:d6:77:b1:e2:21:3c:92:b7:d6:5e:db:8b:25:
         fb:8b:5c:32:70:42:49:65:10:4f:6b:2e:b9:78:a9:e5:87:d1:
         50:08:5a:75:7c:91:f4:1a:ef:dc:b4:09:9d:71:6e:79:43:5c:
         f8:a6:56:b4:31:9b:9a:1e:c4:47:b9:87:2b:79:5b:76:6e:f4:
         6b:12:43:83:12:c0:6e:b2:da:70:6c:65:4a:16:af:c9:e3:3a:
         2f:1d:cd:c2:ab:c8:6e:65:b7:c0:03:af:02:a6:0b:ad:95:26:
         45:5b:60:b8:68:33:e6:cb:20:63:89:64:bf:b0:4d:98:27:6c:
         df:e7:da:b1:b3:e0:09:62:25:27:07:92:a6:e9:a6:30:ae:fe:
         82:bf:85:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhyz1BC8BdoxeFoiv3q94AAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOGE2OGNlMjJhNGMxOWYxNzcwMGY2MmNjZjhiYjZjMmRh
ZjUxZTEwHhcNMjUwODA0MDIwMDQ1WhcNMjUwODA1MDIwMDQ1WjAzMTEwLwYDVQQD
Eyg1NWY1MThmNzIwNTFkZmU4YjRhZTI3NzFjZWYxMmU3NzQ2ZDg2OTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1509e5vkTgf5Sun5MNv35ItuLMp
NVrCCVX4K6wBg5oMukBsFsV6lLDUDD1mzqISGPCXbII0RpFaGaRcZT03vzIXZqty
O9J4WTaWO0/ZKYpZGUZh04c9aPSBaSOK7gZh49qqx4+iPVcmQl0XpczpJHvjA/zm
lppqmCKWmBdh4RItmCilgMJUQ7i6DBePSNgBZM2Lr8xxAqIzu7X6WWDrHeQriRaC
odNrQlioCC8ye9zmrUNCLO9PQA9PGAgyRy7egwnvxRZsGl9TT/OBqvFkVOc/2aMN
RsrtUsC5OJUW9dn5wWuDNtd7BHk2TqI+pJSmsEo5vgcSsbdCgDiDQK+OpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFX1GPcgUd/otK4ncc7xLndG2GllMB8GA1UdIwQY
MBaAFK+KaM4ipMGfF3APYsz4u2wtr1HhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjRwb3ppS2t3WjhYY0E5aXpQaTdiQzJ2VWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi82YjhlYTYtZjkwNy00MGQxLTllN2Qt
ZDk0ZTYwMTg0M2QxLzEvcjRwb3ppS2t3WjhYY0E5aXpQaTdiQzJ2VWVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi82YjhlYTYtZjkwNy00MGQxLTllN2QtZDk0ZTYwMTg0M2Qx
LzEvcjRwb3ppS2t3WjhYY0E5aXpQaTdiQzJ2VWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJR/IYh4i
+yPntuTsvRYZT+Kqv1U9XzGsQy/M1Q9W+qfnNX/culn3IfjDWX+4Y+HCUnihq8yn
J67Ons/Z1wMku+hj800z0uXw7V5fhafXFHrWq7x5GOD7vG1C8nD856yn8FNSRSHo
uKyNW5cJCSkkIarWd7HiITySt9Ze24sl+4tcMnBCSWUQT2suuXip5YfRUAhadXyR
9Brv3LQJnXFueUNc+KZWtDGbmh7ER7mHK3lbdm70axJDgxLAbrLacGxlShavyeM6
Lx3NwqvIbmW3wAOvAqYLrZUmRVtguGgz5ssgY4lkv7BNmCds3+fasbPgCWIlJweS
pummMK7+gr+FBQ==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:03:54 2025 by rpki-client