Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.mft
File:                     8QMX8k1xpRbXUEO-kPWr4_ocklk.mft (raw, json)
Hash identifier:          6NY+SoEusS/ewkk8IKQAhBU0iT73FKwfb+DBBkYjhcg=
Subject key identifier:   79:CF:B9:60:72:05:CD:6F:BA:79:A9:82:6E:2A:D5:EF:17:D8:1E:03
Authority key identifier: F1:03:17:F2:4D:71:A5:16:D7:50:43:BE:90:F5:AB:E3:FA:1C:92:59
Certificate issuer:       /CN=f10317f24d71a516d75043be90f5abe3fa1c9259
Certificate serial:       01989335B8166DE710B23284C7F551064805
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8QMX8k1xpRbXUEO-kPWr4_ocklk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.mft
Manifest number:          11DB
Signing time:             Sun 10 Aug 2025 09:00:27 +0000
Manifest this update:     Sun 10 Aug 2025 09:00:27 +0000
Manifest next update:     Mon 11 Aug 2025 09:00:27 +0000
Files and hashes:         1: 8QMX8k1xpRbXUEO-kPWr4_ocklk.crl (hash: CpyQ07tGToJv196/R7U85YpgYlJV8jt7vUFiWWZ6H/c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8QMX8k1xpRbXUEO-kPWr4_ocklk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 08:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:93:35:b8:16:6d:e7:10:b2:32:84:c7:f5:51:06:48:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f10317f24d71a516d75043be90f5abe3fa1c9259
        Validity
            Not Before: Aug 10 09:00:27 2025 GMT
            Not After : Aug 11 09:00:27 2025 GMT
        Subject: CN=79cfb9607205cd6fba79a9826e2ad5ef17d81e03
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:0d:9c:2f:5c:56:69:b8:51:2a:f1:8b:cc:96:
                    6f:92:b1:5e:0d:e6:99:4a:c8:37:fb:8c:52:61:af:
                    d6:89:5d:5c:0f:5d:84:62:b4:5c:80:75:8d:e1:1a:
                    57:da:2a:e4:de:2f:ff:04:83:9f:ea:4e:b2:e9:2e:
                    c8:8d:65:9b:06:cd:da:2b:df:0f:17:98:db:26:9a:
                    f3:2e:8f:14:a2:69:eb:bd:48:54:35:f4:7d:78:b0:
                    47:5c:8a:bf:4c:3b:38:da:7c:4b:af:01:9c:1d:d3:
                    86:5b:59:24:d9:02:77:56:0a:0b:fc:6c:ed:5b:fc:
                    72:f6:8e:41:d3:30:d3:1f:bf:c9:fe:85:23:9c:28:
                    1f:d5:13:fb:2b:3b:d5:e2:3e:a5:38:0b:77:a7:8a:
                    44:89:0d:92:06:6e:60:6f:b2:84:c8:f0:9f:a9:52:
                    8e:6d:d5:96:74:c6:cd:cf:70:1b:5a:c9:50:50:75:
                    6d:98:b5:21:cc:d2:7a:3d:81:fa:4e:da:18:2a:29:
                    67:15:5a:88:8c:0a:c5:bd:2d:93:6d:9d:12:bf:dc:
                    b2:0b:60:93:9d:44:db:b9:34:b8:5e:4b:35:73:28:
                    63:c0:97:01:9c:f3:9f:5b:b1:7e:85:92:cb:05:43:
                    ce:3b:b2:42:da:61:7e:98:f8:77:81:e7:ea:21:19:
                    63:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:CF:B9:60:72:05:CD:6F:BA:79:A9:82:6E:2A:D5:EF:17:D8:1E:03
            X509v3 Authority Key Identifier:
                keyid:F1:03:17:F2:4D:71:A5:16:D7:50:43:BE:90:F5:AB:E3:FA:1C:92:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8QMX8k1xpRbXUEO-kPWr4_ocklk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:72:7e:11:7f:f8:4c:6a:e1:8e:5c:b8:32:20:e7:c2:2b:c2:
         03:8d:ab:c8:ef:64:48:88:48:49:39:ca:16:c9:31:89:e0:90:
         d2:f6:89:11:bf:47:01:f3:b5:be:6e:85:9f:bd:63:14:8a:2a:
         8b:29:d1:ef:7c:ba:22:04:44:fe:5d:f1:c5:d9:41:46:03:81:
         5b:57:b4:81:dc:d5:8e:38:cb:05:fb:fb:47:71:73:9a:f2:30:
         03:d5:99:83:82:9b:39:91:70:e9:d5:2a:30:36:6f:94:03:9b:
         60:57:b6:54:f1:36:0e:f5:7e:c7:af:83:07:cd:80:b9:4f:0f:
         94:89:af:f9:5b:3c:de:f5:74:64:7c:70:65:8d:92:e5:7d:b1:
         bb:1e:62:25:0d:5d:89:04:67:2c:f8:70:6d:20:70:a8:60:99:
         fc:02:da:21:58:ba:1d:5d:38:58:33:1d:c3:32:ad:89:5d:b2:
         d6:58:52:54:92:10:98:d8:dd:14:bc:ea:22:c1:41:97:4e:4b:
         b2:b9:ae:87:ed:f1:f8:d8:c8:4e:86:5b:c7:b6:11:50:c0:9e:
         28:93:49:2e:e6:96:06:18:bd:07:c3:e4:58:9c:49:51:d5:af:
         20:36:b6:b5:46:2b:a1:61:8b:17:a2:db:35:4b:6a:9a:71:27:
         07:e6:c8:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiTNbgWbecQsjKEx/VRBkgFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMDMxN2YyNGQ3MWE1MTZkNzUwNDNiZTkwZjVhYmUzZmEx
YzkyNTkwHhcNMjUwODEwMDkwMDI3WhcNMjUwODExMDkwMDI3WjAzMTEwLwYDVQQD
Eyg3OWNmYjk2MDcyMDVjZDZmYmE3OWE5ODI2ZTJhZDVlZjE3ZDgxZTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuA2cL1xWabhRKvGLzJZvkrFeDeaZ
Ssg3+4xSYa/WiV1cD12EYrRcgHWN4RpX2irk3i//BIOf6k6y6S7IjWWbBs3aK98P
F5jbJprzLo8UomnrvUhUNfR9eLBHXIq/TDs42nxLrwGcHdOGW1kk2QJ3VgoL/Gzt
W/xy9o5B0zDTH7/J/oUjnCgf1RP7KzvV4j6lOAt3p4pEiQ2SBm5gb7KEyPCfqVKO
bdWWdMbNz3AbWslQUHVtmLUhzNJ6PYH6TtoYKilnFVqIjArFvS2TbZ0Sv9yyC2CT
nUTbuTS4Xks1cyhjwJcBnPOfW7F+hZLLBUPOO7JC2mF+mPh3gefqIRljXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHnPuWByBc1vunmpgm4q1e8X2B4DMB8GA1UdIwQY
MBaAFPEDF/JNcaUW11BDvpD1q+P6HJJZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFFNWDhrMXhwUmJYVUVPLWtQV3I0X29ja2xrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8xMzVhMDMtZTExYS00NzBhLTg0NmMt
NjZkNDlkZjUzZWYxLzEvOFFNWDhrMXhwUmJYVUVPLWtQV3I0X29ja2xrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8xMzVhMDMtZTExYS00NzBhLTg0NmMtNjZkNDlkZjUzZWYx
LzEvOFFNWDhrMXhwUmJYVUVPLWtQV3I0X29ja2xrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlnJ+EX/4
TGrhjly4MiDnwivCA42ryO9kSIhISTnKFskxieCQ0vaJEb9HAfO1vm6Fn71jFIoq
iynR73y6IgRE/l3xxdlBRgOBW1e0gdzVjjjLBfv7R3FzmvIwA9WZg4KbOZFw6dUq
MDZvlAObYFe2VPE2DvV+x6+DB82AuU8PlImv+Vs83vV0ZHxwZY2S5X2xux5iJQ1d
iQRnLPhwbSBwqGCZ/ALaIVi6HV04WDMdwzKtiV2y1lhSVJIQmNjdFLzqIsFBl05L
srmuh+3x+NjIToZbx7YRUMCeKJNJLuaWBhi9B8PkWJxJUdWvIDa2tUYroWGLF6Lb
NUtqmnEnB+bIUw==
-----END CERTIFICATE-----