Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bc5e2f-a4ab-4bdc-9a07-6fb10eeaf627/1/u0OX5un46iWRVggDysuzI5Ytn64.mft
File:                     u0OX5un46iWRVggDysuzI5Ytn64.mft (raw, json)
Hash identifier:          ZMVeGDtuoxnRjIPiSGKaBOGtqi7h69CtX6QsrZ8ba9A=
Subject key identifier:   5D:67:EA:7D:10:A4:51:A2:82:55:22:0A:01:32:11:F6:87:C1:3B:58
Authority key identifier: BB:43:97:E6:E9:F8:EA:25:91:56:08:03:CA:CB:B3:23:96:2D:9F:AE
Certificate issuer:       /CN=bb4397e6e9f8ea2591560803cacbb323962d9fae
Certificate serial:       0198A04D5DF2F1836CF980F6B24DA4C8CDD4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u0OX5un46iWRVggDysuzI5Ytn64.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/bc5e2f-a4ab-4bdc-9a07-6fb10eeaf627/1/u0OX5un46iWRVggDysuzI5Ytn64.mft
Manifest number:          106E
Signing time:             Tue 12 Aug 2025 22:01:21 +0000
Manifest this update:     Tue 12 Aug 2025 22:01:21 +0000
Manifest next update:     Wed 13 Aug 2025 22:01:21 +0000
Files and hashes:         1: u0OX5un46iWRVggDysuzI5Ytn64.crl (hash: du1Zr+DjzTAQC5FyU/iKEJKKjfuZK9BNN5aGUnaofO4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/bc5e2f-a4ab-4bdc-9a07-6fb10eeaf627/1/u0OX5un46iWRVggDysuzI5Ytn64.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/bc5e2f-a4ab-4bdc-9a07-6fb10eeaf627/1/u0OX5un46iWRVggDysuzI5Ytn64.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/u0OX5un46iWRVggDysuzI5Ytn64.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 22:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:a0:4d:5d:f2:f1:83:6c:f9:80:f6:b2:4d:a4:c8:cd:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bb4397e6e9f8ea2591560803cacbb323962d9fae
        Validity
            Not Before: Aug 12 22:01:21 2025 GMT
            Not After : Aug 13 22:01:21 2025 GMT
        Subject: CN=5d67ea7d10a451a28255220a013211f687c13b58
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:58:c8:dc:5b:8e:1b:17:ab:42:30:2e:63:98:
                    e8:48:d2:e1:c8:17:43:8f:d9:dd:e5:77:ae:0a:56:
                    b1:c3:95:f9:24:f6:02:53:8a:d1:f0:5c:32:d7:0b:
                    2a:cd:96:05:85:6f:a9:85:27:01:6b:dd:64:22:88:
                    80:2f:4d:07:5f:58:db:d4:07:49:59:f1:41:69:45:
                    02:95:4b:52:01:ee:9f:46:87:9b:e1:0a:6c:2a:c7:
                    6f:6e:28:65:e9:f5:2a:1b:d2:32:49:27:83:86:fa:
                    ff:74:31:a2:72:f7:50:22:eb:14:f4:d9:75:51:40:
                    b5:0a:4c:74:4c:5f:20:90:7e:b7:9a:69:64:d9:00:
                    13:2b:dc:59:34:5c:bb:e1:31:af:71:3e:c7:5a:1f:
                    89:5e:89:92:f0:28:1a:dd:fb:58:a3:69:30:8f:fb:
                    69:ce:fa:ed:20:b4:52:7a:cc:fb:69:c6:e6:bd:54:
                    3e:7a:b7:c7:f9:16:a9:0c:2b:88:eb:4b:b9:6d:04:
                    ea:fd:0e:5f:ce:1f:e2:03:c7:47:2e:b8:00:18:2f:
                    66:4e:7b:b9:3a:9a:ad:c9:a5:1b:1a:06:0c:8b:0c:
                    60:ff:44:d4:b1:aa:eb:5e:d2:9a:b7:80:29:df:3d:
                    7b:41:7d:b7:c1:2c:6d:0b:8b:22:4e:0c:8d:29:36:
                    c8:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:67:EA:7D:10:A4:51:A2:82:55:22:0A:01:32:11:F6:87:C1:3B:58
            X509v3 Authority Key Identifier:
                keyid:BB:43:97:E6:E9:F8:EA:25:91:56:08:03:CA:CB:B3:23:96:2D:9F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u0OX5un46iWRVggDysuzI5Ytn64.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bc5e2f-a4ab-4bdc-9a07-6fb10eeaf627/1/u0OX5un46iWRVggDysuzI5Ytn64.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bc5e2f-a4ab-4bdc-9a07-6fb10eeaf627/1/u0OX5un46iWRVggDysuzI5Ytn64.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:88:98:7d:1b:ec:5e:62:57:a7:ea:5e:fd:a4:55:f2:1b:18:
         ae:bd:9d:9b:47:2a:7b:54:ae:de:5b:fa:3e:3c:c8:e3:62:c2:
         b7:88:9e:ec:10:7d:45:70:d4:54:28:7e:a1:0e:fa:e7:39:64:
         c5:66:36:85:d1:69:16:af:b5:56:4f:a3:43:d5:f9:5c:95:03:
         6f:ee:9c:54:fb:29:1a:05:bb:a0:b9:9e:0f:d8:c2:52:b5:68:
         0c:f0:e4:0b:d3:38:4f:a4:52:74:50:34:bb:a1:6a:64:b8:52:
         e5:28:ad:2e:e2:12:35:bb:9a:3d:fd:a2:bc:9d:d2:47:39:5b:
         53:fd:8a:6f:34:3d:2e:e3:8e:a6:65:c7:05:a0:ad:b3:c3:9f:
         b4:80:cb:33:d7:44:bd:0d:00:db:e6:bc:1c:6f:9b:f6:a4:00:
         0e:d2:0b:12:f5:f1:f9:61:64:a1:cd:ba:65:33:07:06:dd:fa:
         32:a8:39:b9:b2:50:9a:56:07:6e:c4:2b:c0:ab:77:aa:ed:eb:
         43:2e:71:e5:87:7a:f4:ac:95:d3:52:5f:14:99:fc:41:53:b5:
         0c:c0:96:7b:30:4b:98:58:66:ee:bf:a1:3a:4c:2c:b1:ba:01:
         af:04:a0:18:2e:9c:d0:57:a5:5c:bc:6f:ca:88:ab:d3:23:03:
         3d:6a:a3:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZigTV3y8YNs+YD2sk2kyM3UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiNDM5N2U2ZTlmOGVhMjU5MTU2MDgwM2NhY2JiMzIzOTYy
ZDlmYWUwHhcNMjUwODEyMjIwMTIxWhcNMjUwODEzMjIwMTIxWjAzMTEwLwYDVQQD
Eyg1ZDY3ZWE3ZDEwYTQ1MWEyODI1NTIyMGEwMTMyMTFmNjg3YzEzYjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1jI3FuOGxerQjAuY5joSNLhyBdD
j9nd5XeuClaxw5X5JPYCU4rR8Fwy1wsqzZYFhW+phScBa91kIoiAL00HX1jb1AdJ
WfFBaUUClUtSAe6fRoeb4QpsKsdvbihl6fUqG9IySSeDhvr/dDGicvdQIusU9Nl1
UUC1Ckx0TF8gkH63mmlk2QATK9xZNFy74TGvcT7HWh+JXomS8Cga3ftYo2kwj/tp
zvrtILRSesz7acbmvVQ+erfH+RapDCuI60u5bQTq/Q5fzh/iA8dHLrgAGC9mTnu5
OpqtyaUbGgYMiwxg/0TUsarrXtKat4Ap3z17QX23wSxtC4siTgyNKTbIMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF1n6n0QpFGiglUiCgEyEfaHwTtYMB8GA1UdIwQY
MBaAFLtDl+bp+OolkVYIA8rLsyOWLZ+uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTBPWDV1bjQ2aVdSVmdnRHlzdXpJNVl0bjY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iYzVlMmYtYTRhYi00YmRjLTlhMDct
NmZiMTBlZWFmNjI3LzEvdTBPWDV1bjQ2aVdSVmdnRHlzdXpJNVl0bjY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iYzVlMmYtYTRhYi00YmRjLTlhMDctNmZiMTBlZWFmNjI3
LzEvdTBPWDV1bjQ2aVdSVmdnRHlzdXpJNVl0bjY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAIiYfRvs
XmJXp+pe/aRV8hsYrr2dm0cqe1Su3lv6PjzI42LCt4ie7BB9RXDUVCh+oQ765zlk
xWY2hdFpFq+1Vk+jQ9X5XJUDb+6cVPspGgW7oLmeD9jCUrVoDPDkC9M4T6RSdFA0
u6FqZLhS5SitLuISNbuaPf2ivJ3SRzlbU/2KbzQ9LuOOpmXHBaCts8OftIDLM9dE
vQ0A2+a8HG+b9qQADtILEvXx+WFkoc26ZTMHBt36Mqg5ubJQmlYHbsQrwKt3qu3r
Qy5x5Yd69KyV01JfFJn8QVO1DMCWezBLmFhm7r+hOkwssboBrwSgGC6c0FelXLxv
yoir0yMDPWqjpw==
-----END CERTIFICATE-----