Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.mft
File:                     s_sdIFBvVM-5oflFH6EKiP87L2Q.mft (raw, json)
Hash identifier:          L0fBvuwLSLC40mOD2i2q+JA73YvFEJgx8PtaWy0sJ8A=
Subject key identifier:   D5:59:7B:13:08:C9:A9:02:D2:0D:48:BD:73:C5:6E:9C:B6:79:4A:B1
Authority key identifier: B3:FB:1D:20:50:6F:54:CF:B9:A1:F9:45:1F:A1:0A:88:FF:3B:2F:64
Certificate issuer:       /CN=b3fb1d20506f54cfb9a1f9451fa10a88ff3b2f64
Certificate serial:       0198744FF1504D0A7F71B385CB56B60739A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s_sdIFBvVM-5oflFH6EKiP87L2Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.mft
Manifest number:          0CBC
Signing time:             Mon 04 Aug 2025 09:00:52 +0000
Manifest this update:     Mon 04 Aug 2025 09:00:52 +0000
Manifest next update:     Tue 05 Aug 2025 09:00:52 +0000
Files and hashes:         1: s_sdIFBvVM-5oflFH6EKiP87L2Q.crl (hash: AUWWUjOQCBpU9K+RHKPxyxAevds61DhYvUQz37kjf1U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/s_sdIFBvVM-5oflFH6EKiP87L2Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 09:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:74:4f:f1:50:4d:0a:7f:71:b3:85:cb:56:b6:07:39:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b3fb1d20506f54cfb9a1f9451fa10a88ff3b2f64
        Validity
            Not Before: Aug  4 09:00:52 2025 GMT
            Not After : Aug  5 09:00:52 2025 GMT
        Subject: CN=d5597b1308c9a902d20d48bd73c56e9cb6794ab1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:cb:5d:65:a4:7d:54:05:54:64:e9:4e:b3:83:
                    5c:e4:31:78:4a:e6:7f:de:4f:5a:8a:98:a2:b8:be:
                    ea:12:35:4e:76:d3:39:de:c6:34:b7:9c:bc:76:52:
                    3e:18:20:67:ed:dc:e2:8b:bd:f4:20:ee:66:53:60:
                    10:fb:35:6d:23:8a:e2:45:fa:8b:d3:0f:d7:ea:d9:
                    4c:e4:f0:05:81:d5:59:63:40:04:ef:c4:47:09:cf:
                    a8:b5:57:6d:96:72:54:4c:fd:39:86:4a:c5:92:f1:
                    16:20:84:b4:0f:d9:6e:5a:64:10:a5:fe:a7:c3:c4:
                    88:fe:b4:c1:9b:7c:2e:37:4b:3d:71:6c:99:e3:14:
                    65:6f:ee:cf:34:ae:6c:d3:a5:7e:5f:74:9f:4f:ef:
                    93:a6:7b:91:e9:fa:ad:6e:48:e0:62:63:1e:6f:11:
                    ba:e9:73:4f:66:b5:99:9b:d8:41:ac:6d:c7:84:b6:
                    8f:cb:88:17:0b:e0:07:94:72:6b:a3:1c:6b:7c:51:
                    7d:7b:c3:b7:da:fb:ec:44:46:0f:35:a8:be:58:fe:
                    51:0e:20:e9:9c:e0:25:f2:e6:7d:b5:5f:b5:52:96:
                    ce:68:0d:18:41:25:cf:6b:27:41:9a:30:31:d7:a7:
                    26:a4:58:73:4e:a7:32:83:fe:01:7d:50:0a:6d:88:
                    8f:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:59:7B:13:08:C9:A9:02:D2:0D:48:BD:73:C5:6E:9C:B6:79:4A:B1
            X509v3 Authority Key Identifier:
                keyid:B3:FB:1D:20:50:6F:54:CF:B9:A1:F9:45:1F:A1:0A:88:FF:3B:2F:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s_sdIFBvVM-5oflFH6EKiP87L2Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:b0:29:34:01:c5:65:50:96:1c:c3:ca:b1:66:ed:74:c4:bd:
         19:b2:50:6e:ae:0e:24:ea:b5:9d:6a:1a:da:d3:5c:5d:8f:ae:
         46:93:91:40:ff:f4:15:c4:2a:fb:d1:ec:02:77:20:9b:fb:a7:
         0f:e2:2f:86:bd:bc:23:1e:15:8c:ed:98:4a:41:fa:66:87:77:
         ca:10:6e:25:e3:e1:c6:78:61:13:e9:b0:17:ed:ad:6c:10:a3:
         2e:e4:17:1d:da:73:6a:6a:c1:a1:d5:f8:9c:ae:09:a3:92:d7:
         b1:fb:d1:b8:d1:bb:f3:0a:e5:91:de:a0:59:ab:cd:32:2c:c1:
         12:3a:37:90:ea:9b:8d:3d:95:a8:ed:50:41:f4:f1:c8:08:d9:
         1c:41:7c:35:2f:1d:1b:60:f8:4b:d1:8e:d1:2b:0a:11:a4:03:
         b9:b9:87:7a:40:b5:ca:79:55:9a:61:b1:7e:94:29:ce:b9:76:
         37:28:83:af:ea:bb:66:5c:62:12:7d:b1:69:35:92:ac:bc:7b:
         9d:dc:c7:ea:df:4d:eb:d8:d4:7b:b3:a7:f3:42:ff:65:20:7a:
         28:93:89:40:00:d9:67:99:28:28:35:e5:ae:40:f5:07:a5:f0:
         13:b9:a5:72:e8:cb:34:4f:69:7f:da:54:6d:d6:cf:cb:52:d2:
         22:18:84:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0T/FQTQp/cbOFy1a2BzmoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZmIxZDIwNTA2ZjU0Y2ZiOWExZjk0NTFmYTEwYTg4ZmYz
YjJmNjQwHhcNMjUwODA0MDkwMDUyWhcNMjUwODA1MDkwMDUyWjAzMTEwLwYDVQQD
EyhkNTU5N2IxMzA4YzlhOTAyZDIwZDQ4YmQ3M2M1NmU5Y2I2Nzk0YWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8tdZaR9VAVUZOlOs4Nc5DF4SuZ/
3k9aipiiuL7qEjVOdtM53sY0t5y8dlI+GCBn7dzii730IO5mU2AQ+zVtI4riRfqL
0w/X6tlM5PAFgdVZY0AE78RHCc+otVdtlnJUTP05hkrFkvEWIIS0D9luWmQQpf6n
w8SI/rTBm3wuN0s9cWyZ4xRlb+7PNK5s06V+X3SfT++TpnuR6fqtbkjgYmMebxG6
6XNPZrWZm9hBrG3HhLaPy4gXC+AHlHJroxxrfFF9e8O32vvsREYPNai+WP5RDiDp
nOAl8uZ9tV+1UpbOaA0YQSXPaydBmjAx16cmpFhzTqcyg/4BfVAKbYiPUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNVZexMIyakC0g1IvXPFbpy2eUqxMB8GA1UdIwQY
MBaAFLP7HSBQb1TPuaH5RR+hCoj/Oy9kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc19zZElGQnZWTS01b2ZsRkg2RUtpUDg3TDJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9jNDJkZjUtNGY5Mi00NDdkLWJkMjUt
ODZkNmUyZjQ2NjQyLzEvc19zZElGQnZWTS01b2ZsRkg2RUtpUDg3TDJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9jNDJkZjUtNGY5Mi00NDdkLWJkMjUtODZkNmUyZjQ2NjQy
LzEvc19zZElGQnZWTS01b2ZsRkg2RUtpUDg3TDJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhrApNAHF
ZVCWHMPKsWbtdMS9GbJQbq4OJOq1nWoa2tNcXY+uRpORQP/0FcQq+9HsAncgm/un
D+Ivhr28Ix4VjO2YSkH6Zod3yhBuJePhxnhhE+mwF+2tbBCjLuQXHdpzamrBodX4
nK4Jo5LXsfvRuNG78wrlkd6gWavNMizBEjo3kOqbjT2VqO1QQfTxyAjZHEF8NS8d
G2D4S9GO0SsKEaQDubmHekC1ynlVmmGxfpQpzrl2NyiDr+q7ZlxiEn2xaTWSrLx7
ndzH6t9N69jUe7On80L/ZSB6KJOJQADZZ5koKDXlrkD1B6XwE7mlcujLNE9pf9pU
bdbPy1LSIhiErg==
-----END CERTIFICATE-----