Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.mft
File:                     sxwNSGRgtxY3A-X_TYre2XiIx00.mft (raw, json)
Hash identifier:          NpUKUvFB4Rqbg48qgN+xw9i//2iIoiV8ngSGGlZPNcc=
Subject key identifier:   EF:85:9F:23:B7:26:33:25:09:A7:6C:68:63:C7:D7:E2:00:88:17:40
Authority key identifier: B3:1C:0D:48:64:60:B7:16:37:03:E5:FF:4D:8A:DE:D9:78:88:C7:4D
Certificate issuer:       /CN=b31c0d486460b7163703e5ff4d8aded97888c74d
Certificate serial:       01988A6A69F443E045FEF749C959C43E2970
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sxwNSGRgtxY3A-X_TYre2XiIx00.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.mft
Manifest number:          07D7
Signing time:             Fri 08 Aug 2025 16:01:26 +0000
Manifest this update:     Fri 08 Aug 2025 16:01:26 +0000
Manifest next update:     Sat 09 Aug 2025 16:01:26 +0000
Files and hashes:         1: sxwNSGRgtxY3A-X_TYre2XiIx00.crl (hash: wvgxKr+DZKZV6bz8MLUYq2S2R0cdCqNBevLfIMD3Se8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sxwNSGRgtxY3A-X_TYre2XiIx00.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 16:01:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8a:6a:69:f4:43:e0:45:fe:f7:49:c9:59:c4:3e:29:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b31c0d486460b7163703e5ff4d8aded97888c74d
        Validity
            Not Before: Aug  8 16:01:26 2025 GMT
            Not After : Aug  9 16:01:26 2025 GMT
        Subject: CN=ef859f23b726332509a76c6863c7d7e200881740
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:fc:d5:66:29:2e:d9:61:4e:d5:32:ab:fb:5d:
                    85:45:52:6a:d8:f0:e8:25:7d:98:29:66:ef:73:67:
                    54:1a:72:ef:ea:64:75:57:aa:f5:18:ec:0a:6f:02:
                    fc:86:92:b8:63:04:64:8f:20:14:92:44:a3:a1:ad:
                    1e:71:9a:dc:5d:dc:e5:98:53:7f:23:c5:0c:b5:46:
                    c5:f0:58:1d:9b:77:86:21:54:60:51:2a:de:70:2a:
                    dd:b1:ef:4c:8f:6d:f1:f3:e1:72:d6:89:c8:ef:b5:
                    28:88:74:50:cd:d4:60:76:2f:4c:8e:62:b4:ee:bc:
                    ac:d7:dd:71:87:4c:5e:41:8e:b0:d1:94:47:7e:7f:
                    39:04:ad:56:5d:4c:2a:2c:26:04:18:ed:91:ff:67:
                    12:42:d2:d7:e2:81:ce:e6:5c:55:aa:66:d5:4f:1f:
                    99:15:84:25:94:45:cf:9e:2a:4b:dc:d3:89:a2:7b:
                    ef:f5:f4:39:24:40:08:28:48:de:75:5b:66:4a:df:
                    52:00:77:76:c2:0f:31:fc:6f:7a:43:29:59:dc:f2:
                    d9:a4:9d:02:a5:b7:f3:7d:63:a2:fe:ac:88:e7:ff:
                    e2:25:a1:c3:1b:be:33:22:a0:fb:7f:eb:68:ef:80:
                    ae:de:4c:e1:6d:d2:d5:2d:41:48:53:81:6e:d2:3c:
                    3e:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:85:9F:23:B7:26:33:25:09:A7:6C:68:63:C7:D7:E2:00:88:17:40
            X509v3 Authority Key Identifier:
                keyid:B3:1C:0D:48:64:60:B7:16:37:03:E5:FF:4D:8A:DE:D9:78:88:C7:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sxwNSGRgtxY3A-X_TYre2XiIx00.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:45:4b:83:fa:6c:49:c7:4b:69:47:95:03:b3:89:52:e3:ad:
         f1:86:ce:26:db:58:84:be:f4:19:9b:f7:6e:6a:e3:f3:3e:11:
         a2:53:96:c0:27:18:50:d1:b3:8a:10:e5:90:c3:2a:9e:9d:0d:
         a1:df:9d:af:4c:e6:5a:28:18:c5:1c:c3:77:1a:de:57:f5:8c:
         c2:f2:bc:5f:c1:1e:32:66:dc:01:b3:fd:90:29:f1:17:f5:72:
         96:01:67:cc:20:79:e8:dd:2b:e8:99:8d:cf:6c:83:ea:5b:f7:
         b6:2a:6f:34:b9:b8:88:97:1e:4f:52:78:5a:7f:2f:63:3c:cb:
         fe:af:df:5f:27:3b:40:c8:6f:1a:69:49:d2:d8:bf:47:3e:44:
         5d:1e:7e:20:8f:db:f5:dd:f8:b9:68:7c:f0:a2:3d:c9:da:dc:
         c5:7c:ca:2c:bc:fe:1d:d9:67:b6:2b:bc:70:e2:91:2b:02:0c:
         0a:26:53:4e:58:ea:57:38:7b:35:3b:dd:60:9a:67:2c:8d:c2:
         6f:0a:8c:cd:1a:0b:f8:9a:15:16:e3:4e:8d:0b:45:29:34:a2:
         f8:7f:09:ce:64:0b:8b:b2:af:8d:85:91:e0:53:03:34:ee:aa:
         0a:b5:f3:6d:37:c0:c5:0a:6d:37:81:67:87:d3:f7:19:d3:c6:
         69:1e:fc:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiKamn0Q+BF/vdJyVnEPilwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMWMwZDQ4NjQ2MGI3MTYzNzAzZTVmZjRkOGFkZWQ5Nzg4
OGM3NGQwHhcNMjUwODA4MTYwMTI2WhcNMjUwODA5MTYwMTI2WjAzMTEwLwYDVQQD
EyhlZjg1OWYyM2I3MjYzMzI1MDlhNzZjNjg2M2M3ZDdlMjAwODgxNzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPzVZiku2WFO1TKr+12FRVJq2PDo
JX2YKWbvc2dUGnLv6mR1V6r1GOwKbwL8hpK4YwRkjyAUkkSjoa0ecZrcXdzlmFN/
I8UMtUbF8Fgdm3eGIVRgUSrecCrdse9Mj23x8+Fy1onI77UoiHRQzdRgdi9MjmK0
7rys191xh0xeQY6w0ZRHfn85BK1WXUwqLCYEGO2R/2cSQtLX4oHO5lxVqmbVTx+Z
FYQllEXPnipL3NOJonvv9fQ5JEAIKEjedVtmSt9SAHd2wg8x/G96QylZ3PLZpJ0C
pbfzfWOi/qyI5//iJaHDG74zIqD7f+to74Cu3kzhbdLVLUFIU4Fu0jw+YQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO+FnyO3JjMlCadsaGPH1+IAiBdAMB8GA1UdIwQY
MBaAFLMcDUhkYLcWNwPl/02K3tl4iMdNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3h3TlNHUmd0eFkzQS1YX1RZcmUyWGlJeDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8yOTQ0MWMtMjgxYy00ZTAyLTlhOTEt
ODI0M2I3ZGIxMDVlLzEvc3h3TlNHUmd0eFkzQS1YX1RZcmUyWGlJeDAwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8yOTQ0MWMtMjgxYy00ZTAyLTlhOTEtODI0M2I3ZGIxMDVl
LzEvc3h3TlNHUmd0eFkzQS1YX1RZcmUyWGlJeDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhEVLg/ps
ScdLaUeVA7OJUuOt8YbOJttYhL70GZv3bmrj8z4RolOWwCcYUNGzihDlkMMqnp0N
od+dr0zmWigYxRzDdxreV/WMwvK8X8EeMmbcAbP9kCnxF/VylgFnzCB56N0r6JmN
z2yD6lv3tipvNLm4iJceT1J4Wn8vYzzL/q/fXyc7QMhvGmlJ0ti/Rz5EXR5+II/b
9d34uWh88KI9ydrcxXzKLLz+Hdlntiu8cOKRKwIMCiZTTljqVzh7NTvdYJpnLI3C
bwqMzRoL+JoVFuNOjQtFKTSi+H8JzmQLi7KvjYWR4FMDNO6qCrXzbTfAxQptN4Fn
h9P3GdPGaR78Ig==
-----END CERTIFICATE-----