Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/688943-713d-491e-a721-eca59f82018a/1/8DpbV31dnm0cX9O-1ADpacC-fDQ.mft
File:                     8DpbV31dnm0cX9O-1ADpacC-fDQ.mft (raw, json)
Hash identifier:          e9i3Qru9KnefXK9Qmyf+N2ipU4KPLkEELa6PfKQIE+w=
Subject key identifier:   2C:0E:F9:02:08:DB:10:AF:E9:14:AA:83:AA:81:26:0A:49:C9:2D:FA
Authority key identifier: F0:3A:5B:57:7D:5D:9E:6D:1C:5F:D3:BE:D4:00:E9:69:C0:BE:7C:34
Certificate issuer:       /CN=f03a5b577d5d9e6d1c5fd3bed400e969c0be7c34
Certificate serial:       019872CF756688EC31CDBFC2E0692BD7D992
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8DpbV31dnm0cX9O-1ADpacC-fDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/688943-713d-491e-a721-eca59f82018a/1/8DpbV31dnm0cX9O-1ADpacC-fDQ.mft
Manifest number:          1611
Signing time:             Mon 04 Aug 2025 02:00:55 +0000
Manifest this update:     Mon 04 Aug 2025 02:00:55 +0000
Manifest next update:     Tue 05 Aug 2025 02:00:55 +0000
Files and hashes:         1: 8DpbV31dnm0cX9O-1ADpacC-fDQ.crl (hash: nvA6vJdxii39aLAT6ejfgMbEmOueeG6N6KMGNGCJ2po=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/688943-713d-491e-a721-eca59f82018a/1/8DpbV31dnm0cX9O-1ADpacC-fDQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/688943-713d-491e-a721-eca59f82018a/1/8DpbV31dnm0cX9O-1ADpacC-fDQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8DpbV31dnm0cX9O-1ADpacC-fDQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 02:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:72:cf:75:66:88:ec:31:cd:bf:c2:e0:69:2b:d7:d9:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f03a5b577d5d9e6d1c5fd3bed400e969c0be7c34
        Validity
            Not Before: Aug  4 02:00:55 2025 GMT
            Not After : Aug  5 02:00:55 2025 GMT
        Subject: CN=2c0ef90208db10afe914aa83aa81260a49c92dfa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:bb:cb:0b:f0:7b:7c:6a:f0:98:02:59:9c:58:
                    63:af:50:46:ae:04:2c:d4:38:d8:13:ab:e8:bf:6f:
                    cd:6d:5d:e6:b6:9c:0e:84:8a:ef:51:90:17:35:36:
                    2f:87:0a:26:15:31:92:65:f0:0a:98:b8:01:ac:be:
                    ad:cc:03:eb:2d:ca:c5:9a:24:93:93:d4:94:dd:2a:
                    7c:5f:af:30:f9:0c:cc:a6:98:15:ea:39:54:02:72:
                    70:5d:6a:3f:08:3b:c9:32:36:a5:b5:de:1f:b9:26:
                    3f:7a:1d:38:8b:2f:84:25:9a:89:33:af:75:45:0c:
                    c9:41:a0:92:ae:54:51:19:9b:e0:a6:18:12:09:74:
                    0e:9c:74:ac:ef:be:65:7b:ad:d3:f2:bd:2b:27:0e:
                    41:c0:06:84:c9:0e:8c:26:45:61:f2:1d:32:c0:aa:
                    d5:3e:30:83:0a:ae:ee:1d:9d:1b:62:51:62:0d:28:
                    e4:43:55:04:ef:b1:4f:26:6c:eb:11:f6:ee:62:83:
                    16:ad:e6:10:b4:2e:16:2c:1b:dd:37:38:3b:93:d4:
                    9f:fa:b5:00:3d:bd:20:07:26:23:48:c0:68:5f:06:
                    1b:d4:83:ff:b1:2e:5f:8f:10:9d:f8:de:a2:c5:d4:
                    c1:4c:8c:93:2b:86:56:30:9c:93:29:c1:13:19:b5:
                    57:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:0E:F9:02:08:DB:10:AF:E9:14:AA:83:AA:81:26:0A:49:C9:2D:FA
            X509v3 Authority Key Identifier:
                keyid:F0:3A:5B:57:7D:5D:9E:6D:1C:5F:D3:BE:D4:00:E9:69:C0:BE:7C:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8DpbV31dnm0cX9O-1ADpacC-fDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/688943-713d-491e-a721-eca59f82018a/1/8DpbV31dnm0cX9O-1ADpacC-fDQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/688943-713d-491e-a721-eca59f82018a/1/8DpbV31dnm0cX9O-1ADpacC-fDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:91:a0:6b:d5:a9:33:db:4c:4e:25:a4:28:f9:34:0d:57:23:
         88:c1:ac:7f:76:04:65:f6:da:5c:4c:3e:c1:2e:75:90:40:f6:
         2e:e0:2a:9a:32:91:92:53:9f:9a:28:d2:fd:29:6b:64:90:3d:
         f9:7e:50:9f:0d:09:36:14:34:a5:d9:57:bc:73:c7:cd:95:ac:
         ec:3b:7d:b4:1a:07:2b:2e:a9:1d:96:1a:1f:3c:cf:fa:53:5e:
         11:73:de:74:b8:96:56:13:bd:f1:ac:7a:83:2a:05:e5:3d:73:
         b4:0c:07:f7:6a:cf:a6:2f:8a:51:6c:36:b1:b8:2b:27:72:6a:
         ea:1c:d6:e0:42:17:52:f3:a6:e5:b8:61:93:57:ff:8c:81:1a:
         5a:6b:f5:b4:fd:4d:99:f1:f1:d2:95:dc:75:c2:9d:d6:9f:82:
         b7:f9:a0:1c:55:a3:cd:c9:62:c6:42:2b:9f:08:37:73:b4:16:
         43:69:db:79:23:0a:fe:ae:aa:3b:c2:b3:5f:82:10:39:54:36:
         11:ee:7f:63:2c:c0:6e:16:82:74:2a:a9:9f:9d:d1:aa:3b:0c:
         ac:42:f8:23:c8:c5:f3:af:41:9f:da:0c:b5:d8:9f:0c:61:b9:
         84:68:3c:9d:9c:a6:a4:50:de:06:29:34:66:67:f4:f1:62:50:
         29:d6:36:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhyz3VmiOwxzb/C4Gkr19mSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwM2E1YjU3N2Q1ZDllNmQxYzVmZDNiZWQ0MDBlOTY5YzBi
ZTdjMzQwHhcNMjUwODA0MDIwMDU1WhcNMjUwODA1MDIwMDU1WjAzMTEwLwYDVQQD
EygyYzBlZjkwMjA4ZGIxMGFmZTkxNGFhODNhYTgxMjYwYTQ5YzkyZGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbvLC/B7fGrwmAJZnFhjr1BGrgQs
1DjYE6vov2/NbV3mtpwOhIrvUZAXNTYvhwomFTGSZfAKmLgBrL6tzAPrLcrFmiST
k9SU3Sp8X68w+QzMppgV6jlUAnJwXWo/CDvJMjaltd4fuSY/eh04iy+EJZqJM691
RQzJQaCSrlRRGZvgphgSCXQOnHSs775le63T8r0rJw5BwAaEyQ6MJkVh8h0ywKrV
PjCDCq7uHZ0bYlFiDSjkQ1UE77FPJmzrEfbuYoMWreYQtC4WLBvdNzg7k9Sf+rUA
Pb0gByYjSMBoXwYb1IP/sS5fjxCd+N6ixdTBTIyTK4ZWMJyTKcETGbVXIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCwO+QII2xCv6RSqg6qBJgpJyS36MB8GA1UdIwQY
MBaAFPA6W1d9XZ5tHF/TvtQA6WnAvnw0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOERwYlYzMWRubTBjWDlPLTFBRHBhY0MtZkRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS82ODg5NDMtNzEzZC00OTFlLWE3MjEt
ZWNhNTlmODIwMThhLzEvOERwYlYzMWRubTBjWDlPLTFBRHBhY0MtZkRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS82ODg5NDMtNzEzZC00OTFlLWE3MjEtZWNhNTlmODIwMThh
LzEvOERwYlYzMWRubTBjWDlPLTFBRHBhY0MtZkRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ5Gga9Wp
M9tMTiWkKPk0DVcjiMGsf3YEZfbaXEw+wS51kED2LuAqmjKRklOfmijS/SlrZJA9
+X5Qnw0JNhQ0pdlXvHPHzZWs7Dt9tBoHKy6pHZYaHzzP+lNeEXPedLiWVhO98ax6
gyoF5T1ztAwH92rPpi+KUWw2sbgrJ3Jq6hzW4EIXUvOm5bhhk1f/jIEaWmv1tP1N
mfHx0pXcdcKd1p+Ct/mgHFWjzclixkIrnwg3c7QWQ2nbeSMK/q6qO8KzX4IQOVQ2
Ee5/YyzAbhaCdCqpn53RqjsMrEL4I8jF869Bn9oMtdifDGG5hGg8nZympFDeBik0
Zmf08WJQKdY2mg==
-----END CERTIFICATE-----