Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft
File:                     4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft (raw, json)
Hash identifier:          IDRwR5qjc24SGxszLyRiv9lEkIRKBs1evmSnG6tNPEQ=
Subject key identifier:   4A:D3:65:40:F5:A5:60:E0:44:FE:8D:7A:4E:13:9E:C7:C5:28:D8:69
Authority key identifier: E0:C4:3C:A4:C4:9C:F6:52:D6:0C:CD:F3:66:E6:01:15:0D:0F:00:B9
Certificate issuer:       /CN=e0c43ca4c49cf652d60ccdf366e601150d0f00b9
Certificate serial:       01988AA069B270194AC678BCF37E257384EF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft
Manifest number:          04FC
Signing time:             Fri 08 Aug 2025 17:00:25 +0000
Manifest this update:     Fri 08 Aug 2025 17:00:25 +0000
Manifest next update:     Sat 09 Aug 2025 17:00:25 +0000
Files and hashes:         1: 4MQ8pMSc9lLWDM3zZuYBFQ0PALk.crl (hash: yT1RYXVHaOljT3vBM0XZqSGzw93SDMNMOoqMn0s8Zo0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 17:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8a:a0:69:b2:70:19:4a:c6:78:bc:f3:7e:25:73:84:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e0c43ca4c49cf652d60ccdf366e601150d0f00b9
        Validity
            Not Before: Aug  8 17:00:25 2025 GMT
            Not After : Aug  9 17:00:25 2025 GMT
        Subject: CN=4ad36540f5a560e044fe8d7a4e139ec7c528d869
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:10:6d:0d:8c:02:ca:70:fe:74:b3:da:47:5c:
                    5e:99:bf:7e:2a:d4:eb:9d:8b:6c:1e:b3:3b:b1:c9:
                    61:8b:0e:da:b6:93:bb:f5:a0:f6:7a:f2:85:35:bc:
                    8c:63:d1:f9:bf:fa:9f:ff:69:3a:36:f3:dd:50:0f:
                    c2:28:9c:80:b0:62:33:86:f2:10:ee:29:51:f5:e8:
                    96:3c:79:5c:d4:9d:ce:f4:3d:e8:45:59:1b:e7:44:
                    26:64:d6:b6:e5:6d:02:37:f3:fc:b4:75:0a:e4:c6:
                    23:ab:99:5b:a9:ce:c0:6a:85:90:8b:f8:8d:cd:88:
                    d4:0b:eb:f4:39:2e:0b:ad:b8:ff:25:25:3a:17:2e:
                    48:32:b3:10:1c:3f:0a:ce:fb:42:0e:fb:87:a1:94:
                    96:62:0a:4a:62:f7:a8:a0:17:33:1a:9f:b1:87:9e:
                    fb:f1:f2:fe:02:1b:61:75:90:61:eb:7d:b4:70:d5:
                    1f:07:23:4f:cf:3b:b1:a2:3a:a0:aa:a3:31:f5:c4:
                    a3:09:d4:21:8e:ff:87:d0:45:00:97:ac:4b:44:60:
                    44:39:01:a0:f0:5a:24:a3:2a:f7:07:8a:92:d1:3e:
                    43:09:e3:b4:1f:80:4d:c8:cc:2f:70:7e:e6:d7:ec:
                    03:54:75:0a:2e:f0:5f:1a:fc:8f:19:15:8e:27:7a:
                    ab:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:D3:65:40:F5:A5:60:E0:44:FE:8D:7A:4E:13:9E:C7:C5:28:D8:69
            X509v3 Authority Key Identifier:
                keyid:E0:C4:3C:A4:C4:9C:F6:52:D6:0C:CD:F3:66:E6:01:15:0D:0F:00:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:97:39:46:1f:5e:95:7e:95:69:13:20:b3:54:87:9b:b8:1f:
         1a:de:da:2d:b5:75:0c:4f:d4:a0:21:1a:2f:e3:61:83:f7:ac:
         55:69:4c:b1:7a:50:b8:49:f6:a9:a9:0b:c6:75:50:d8:4b:c3:
         da:82:36:d6:09:4b:10:e7:9f:7c:2a:7c:54:5f:0b:40:94:01:
         c6:df:d9:a4:80:a1:fd:03:b9:1f:f7:4b:22:b4:ce:78:b8:4a:
         79:be:12:1f:a3:1e:02:69:ad:c6:67:93:60:bd:d3:b6:fc:d8:
         41:58:8e:eb:d7:a7:e0:e3:7a:64:fc:67:79:84:c0:dc:54:45:
         65:38:d4:fa:5c:89:94:b2:2a:70:23:84:ee:2c:c9:bf:f2:79:
         39:d0:75:b9:ab:b7:13:2f:54:ce:2a:f5:16:c1:b1:27:d4:3d:
         c6:9a:45:47:0e:ed:0e:73:39:e3:f4:74:0a:4e:84:9e:ae:64:
         17:13:67:ab:a3:ac:7a:69:0d:6d:7f:43:a3:93:dd:9b:e5:00:
         49:01:e4:62:2e:66:5c:0a:b6:7e:86:72:c8:7a:d7:92:d2:18:
         f5:b1:4b:41:8e:e3:ac:0c:0c:c3:6d:d4:80:d1:dd:11:cb:a9:
         36:09:7c:3c:12:10:e0:a7:cf:9e:47:38:20:33:5f:04:47:5b:
         17:d6:5f:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiKoGmycBlKxni8834lc4TvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwYzQzY2E0YzQ5Y2Y2NTJkNjBjY2RmMzY2ZTYwMTE1MGQw
ZjAwYjkwHhcNMjUwODA4MTcwMDI1WhcNMjUwODA5MTcwMDI1WjAzMTEwLwYDVQQD
Eyg0YWQzNjU0MGY1YTU2MGUwNDRmZThkN2E0ZTEzOWVjN2M1MjhkODY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyhBtDYwCynD+dLPaR1xemb9+KtTr
nYtsHrM7sclhiw7atpO79aD2evKFNbyMY9H5v/qf/2k6NvPdUA/CKJyAsGIzhvIQ
7ilR9eiWPHlc1J3O9D3oRVkb50QmZNa25W0CN/P8tHUK5MYjq5lbqc7AaoWQi/iN
zYjUC+v0OS4Lrbj/JSU6Fy5IMrMQHD8KzvtCDvuHoZSWYgpKYveooBczGp+xh577
8fL+AhthdZBh6320cNUfByNPzzuxojqgqqMx9cSjCdQhjv+H0EUAl6xLRGBEOQGg
8Fokoyr3B4qS0T5DCeO0H4BNyMwvcH7m1+wDVHUKLvBfGvyPGRWOJ3qrowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFErTZUD1pWDgRP6Nek4TnsfFKNhpMB8GA1UdIwQY
MBaAFODEPKTEnPZS1gzN82bmARUNDwC5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNE1ROHBNU2M5bExXRE0zelp1WUJGUTBQQUxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9lODFmOGYtNmRmZi00OTdmLTgxMjUt
MDVmYTQ5MThjNDEwLzEvNE1ROHBNU2M5bExXRE0zelp1WUJGUTBQQUxrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9lODFmOGYtNmRmZi00OTdmLTgxMjUtMDVmYTQ5MThjNDEw
LzEvNE1ROHBNU2M5bExXRE0zelp1WUJGUTBQQUxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAopc5Rh9e
lX6VaRMgs1SHm7gfGt7aLbV1DE/UoCEaL+Nhg/esVWlMsXpQuEn2qakLxnVQ2EvD
2oI21glLEOeffCp8VF8LQJQBxt/ZpICh/QO5H/dLIrTOeLhKeb4SH6MeAmmtxmeT
YL3TtvzYQViO69en4ON6ZPxneYTA3FRFZTjU+lyJlLIqcCOE7izJv/J5OdB1uau3
Ey9Uzir1FsGxJ9Q9xppFRw7tDnM54/R0Ck6Enq5kFxNnq6OsemkNbX9Do5Pdm+UA
SQHkYi5mXAq2foZyyHrXktIY9bFLQY7jrAwMw23UgNHdEcupNgl8PBIQ4KfPnkc4
IDNfBEdbF9Zf1w==
-----END CERTIFICATE-----
Generated at Sat Aug 9 01:24:10 2025 by rpki-client