Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
File:                     2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft (raw, json)
Hash identifier:          kP4Btecmo2FOYfbwF5tlToGowXdsGFfonGqDOioHj/Q=
Subject key identifier:   FE:42:52:50:79:A8:48:31:57:74:87:6D:49:86:BE:A4:CF:7E:37:A6
Authority key identifier: D9:A2:34:85:FE:D8:C8:50:74:52:32:E3:DC:51:CC:EA:D4:72:54:A4
Certificate issuer:       /CN=d9a23485fed8c850745232e3dc51ccead47254a4
Certificate serial:       019873E24CB7DB27168CDB54BF199393AD2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
Manifest number:          0A25
Signing time:             Mon 04 Aug 2025 07:01:07 +0000
Manifest this update:     Mon 04 Aug 2025 07:01:07 +0000
Manifest next update:     Tue 05 Aug 2025 07:01:07 +0000
Files and hashes:         1: 2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl (hash: h67kWl0ZYSFawnak0LKRIJQGqc1G6m8HFahLEqxSVB4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:e2:4c:b7:db:27:16:8c:db:54:bf:19:93:93:ad:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9a23485fed8c850745232e3dc51ccead47254a4
        Validity
            Not Before: Aug  4 07:01:07 2025 GMT
            Not After : Aug  5 07:01:07 2025 GMT
        Subject: CN=fe42525079a848315774876d4986bea4cf7e37a6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:b5:33:fb:fd:83:76:84:e1:ac:34:b8:8d:61:
                    9d:77:ff:ad:37:1c:20:84:7f:5d:2d:f5:c5:25:9d:
                    5f:1f:bf:25:b8:4b:a5:8b:d2:25:25:56:d5:ff:fd:
                    d8:06:6f:f2:bb:62:ee:a5:90:b3:6a:46:a3:06:58:
                    f7:d8:a6:d2:91:c9:6d:74:34:60:49:b4:ea:75:76:
                    27:8b:a2:dd:95:6c:c2:37:28:1a:47:73:1f:d4:ab:
                    1e:e1:2a:93:48:75:7a:83:2a:4d:c3:b7:d6:63:a7:
                    88:67:35:91:d5:1a:f7:ef:d7:3f:ec:5b:1d:fe:23:
                    e7:eb:60:f6:5c:2e:38:15:b1:fe:df:67:f9:34:ef:
                    07:00:8f:2f:8c:34:ad:c3:14:cf:fe:e6:6d:ec:ac:
                    31:c1:6a:e8:c0:0b:ae:80:0e:07:11:5e:d8:90:06:
                    4b:a4:9f:55:81:60:09:48:e1:b0:35:75:d5:b9:27:
                    cd:ba:17:82:3a:0c:2f:a5:98:1b:a4:82:1c:ed:8d:
                    5c:b3:6d:87:9f:7a:17:a4:bd:89:14:ff:cd:9a:0c:
                    08:0d:67:be:8a:29:08:94:c9:75:b2:7d:cb:9d:38:
                    b6:92:7a:ea:e0:f4:a0:c2:6a:b5:1c:de:fe:01:65:
                    3e:39:85:47:23:33:59:cf:1f:3f:93:fc:84:a7:37:
                    91:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:42:52:50:79:A8:48:31:57:74:87:6D:49:86:BE:A4:CF:7E:37:A6
            X509v3 Authority Key Identifier:
                keyid:D9:A2:34:85:FE:D8:C8:50:74:52:32:E3:DC:51:CC:EA:D4:72:54:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:76:b4:28:98:51:be:f5:78:f4:90:d8:4d:18:ff:04:97:0a:
         cb:ed:e6:a6:23:c2:52:5e:47:6e:7e:77:5f:2e:2f:f8:68:f1:
         2c:65:45:8e:6e:c0:d6:19:26:44:eb:0b:dc:98:f8:6e:8f:47:
         2f:a0:0d:74:2b:7d:27:91:f2:4f:72:b3:10:4f:a0:f7:7e:dc:
         40:a7:c8:16:6c:2c:3c:35:b5:6a:0e:61:e8:98:78:9f:d7:5b:
         e0:18:0f:8e:3c:2d:70:c9:f3:37:20:cf:ae:b3:cc:96:6f:8e:
         cf:7b:e5:74:60:e7:60:4d:fa:30:ed:3b:eb:04:1d:3c:a6:be:
         3c:11:55:a5:be:8e:67:f1:f9:1b:88:40:54:ac:6d:5e:93:60:
         5b:f3:e7:ba:d1:d0:a5:31:c0:67:f7:10:87:bb:e1:29:68:ee:
         1a:e2:3e:53:c1:90:af:86:3f:95:85:ed:73:f1:61:6d:67:2f:
         3a:e4:67:a2:b9:21:59:09:8d:10:0d:1f:a3:b9:59:5f:8d:d7:
         b8:e3:1c:35:14:98:b7:39:b5:d2:1b:db:39:89:0d:ab:40:1a:
         99:7d:f8:7d:65:35:a9:94:69:bb:9f:78:b0:d1:f9:e2:10:4c:
         85:0b:ad:28:7e:52:dd:75:31:d5:ed:19:9c:de:ce:ee:7d:d5:
         30:cc:7f:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz4ky32ycWjNtUvxmTk60vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YTIzNDg1ZmVkOGM4NTA3NDUyMzJlM2RjNTFjY2VhZDQ3
MjU0YTQwHhcNMjUwODA0MDcwMTA3WhcNMjUwODA1MDcwMTA3WjAzMTEwLwYDVQQD
EyhmZTQyNTI1MDc5YTg0ODMxNTc3NDg3NmQ0OTg2YmVhNGNmN2UzN2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4rUz+/2DdoThrDS4jWGdd/+tNxwg
hH9dLfXFJZ1fH78luEuli9IlJVbV//3YBm/yu2LupZCzakajBlj32KbSkcltdDRg
SbTqdXYni6LdlWzCNygaR3Mf1Kse4SqTSHV6gypNw7fWY6eIZzWR1Rr379c/7Fsd
/iPn62D2XC44FbH+32f5NO8HAI8vjDStwxTP/uZt7KwxwWrowAuugA4HEV7YkAZL
pJ9VgWAJSOGwNXXVuSfNuheCOgwvpZgbpIIc7Y1cs22Hn3oXpL2JFP/NmgwIDWe+
iikIlMl1sn3LnTi2knrq4PSgwmq1HN7+AWU+OYVHIzNZzx8/k/yEpzeRNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP5CUlB5qEgxV3SHbUmGvqTPfjemMB8GA1UdIwQY
MBaAFNmiNIX+2MhQdFIy49xRzOrUclSkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9lZGEzZWYtY2RhNi00M2ZhLWI4YTYt
YTI0NjFlNDMxYzQ0LzEvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9lZGEzZWYtY2RhNi00M2ZhLWI4YTYtYTI0NjFlNDMxYzQ0
LzEvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe3a0KJhR
vvV49JDYTRj/BJcKy+3mpiPCUl5Hbn53Xy4v+GjxLGVFjm7A1hkmROsL3Jj4bo9H
L6ANdCt9J5HyT3KzEE+g937cQKfIFmwsPDW1ag5h6Jh4n9db4BgPjjwtcMnzNyDP
rrPMlm+Oz3vldGDnYE36MO076wQdPKa+PBFVpb6OZ/H5G4hAVKxtXpNgW/PnutHQ
pTHAZ/cQh7vhKWjuGuI+U8GQr4Y/lYXtc/FhbWcvOuRnorkhWQmNEA0fo7lZX43X
uOMcNRSYtzm10hvbOYkNq0AamX34fWU1qZRpu594sNH54hBMhQutKH5S3XUx1e0Z
nN7O7n3VMMx/3g==
-----END CERTIFICATE-----