Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/2db4d0-9882-4563-a578-772c9177d529/1/7ix0WZPMS28UcK6rRhTwhdSuQKk.mft
File:                     7ix0WZPMS28UcK6rRhTwhdSuQKk.mft (raw, json)
Hash identifier:          K3wApBp2/CS2MhIGBQ26DxQ/DODg2hz472n5B7IvtkY=
Subject key identifier:   2D:4C:48:9E:89:AB:5B:93:C6:00:F6:D7:49:53:C6:AA:1A:54:58:87
Authority key identifier: EE:2C:74:59:93:CC:4B:6F:14:70:AE:AB:46:14:F0:85:D4:AE:40:A9
Certificate issuer:       /CN=ee2c745993cc4b6f1470aeab4614f085d4ae40a9
Certificate serial:       0198880E1EC2068A42931AD353F3BCAEA5F9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7ix0WZPMS28UcK6rRhTwhdSuQKk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/2db4d0-9882-4563-a578-772c9177d529/1/7ix0WZPMS28UcK6rRhTwhdSuQKk.mft
Manifest number:          12B4
Signing time:             Fri 08 Aug 2025 05:01:23 +0000
Manifest this update:     Fri 08 Aug 2025 05:01:23 +0000
Manifest next update:     Sat 09 Aug 2025 05:01:23 +0000
Files and hashes:         1: 7ix0WZPMS28UcK6rRhTwhdSuQKk.crl (hash: m0ewYM6ANUyTRA+Yb4mcpd0HHGbkpfVM4XQVFAvAhW0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/2db4d0-9882-4563-a578-772c9177d529/1/7ix0WZPMS28UcK6rRhTwhdSuQKk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/2db4d0-9882-4563-a578-772c9177d529/1/7ix0WZPMS28UcK6rRhTwhdSuQKk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7ix0WZPMS28UcK6rRhTwhdSuQKk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 05:01:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:88:0e:1e:c2:06:8a:42:93:1a:d3:53:f3:bc:ae:a5:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ee2c745993cc4b6f1470aeab4614f085d4ae40a9
        Validity
            Not Before: Aug  8 05:01:23 2025 GMT
            Not After : Aug  9 05:01:23 2025 GMT
        Subject: CN=2d4c489e89ab5b93c600f6d74953c6aa1a545887
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:4c:b3:61:13:60:de:93:ab:42:27:ed:16:24:
                    c5:10:fa:7d:27:53:53:92:37:36:3e:4a:00:c5:69:
                    08:36:bd:6f:df:7e:52:aa:11:ce:ad:7f:4f:99:53:
                    b8:54:c7:14:4b:ca:b5:89:7f:dc:ce:ad:29:01:b1:
                    a0:de:a0:5e:35:67:16:9a:30:e6:12:8b:5a:b4:e3:
                    0b:20:e8:94:a6:7f:d6:bd:7e:d4:f4:4d:d7:4a:62:
                    44:57:53:46:09:de:94:57:29:f2:56:58:46:a8:05:
                    12:b6:b0:a7:55:78:fd:8a:7d:1f:4a:1d:47:7a:09:
                    ca:b6:a0:3d:d8:1a:46:60:be:29:cf:84:60:1c:23:
                    93:ea:af:93:76:66:54:ff:ce:38:53:85:a8:f4:72:
                    7a:e4:f7:cb:77:47:07:33:b4:11:b4:23:98:cd:5d:
                    bc:c2:21:ab:b4:ef:58:2d:bb:93:8f:c1:e7:ea:78:
                    64:aa:62:29:64:18:cd:95:c7:47:26:06:5a:ef:84:
                    1d:67:df:9b:f6:ca:2f:ce:9b:64:19:39:2c:21:11:
                    b8:07:bd:66:9a:d8:ec:f6:58:63:72:67:aa:d9:3f:
                    a7:f5:1d:2a:bf:a5:8d:a6:12:2f:e8:5e:ce:69:88:
                    a6:bf:9a:04:6a:f2:a5:5b:ce:c2:cd:2f:7a:c3:c8:
                    63:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:4C:48:9E:89:AB:5B:93:C6:00:F6:D7:49:53:C6:AA:1A:54:58:87
            X509v3 Authority Key Identifier:
                keyid:EE:2C:74:59:93:CC:4B:6F:14:70:AE:AB:46:14:F0:85:D4:AE:40:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7ix0WZPMS28UcK6rRhTwhdSuQKk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/2db4d0-9882-4563-a578-772c9177d529/1/7ix0WZPMS28UcK6rRhTwhdSuQKk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/2db4d0-9882-4563-a578-772c9177d529/1/7ix0WZPMS28UcK6rRhTwhdSuQKk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:1b:bb:c2:21:3d:20:72:f2:fb:ed:3d:36:91:b0:54:e3:ab:
         1f:bf:1c:b8:30:8c:61:66:47:4b:86:c8:99:67:cf:bb:fa:ca:
         bb:b3:be:b2:7f:20:00:c8:85:f9:77:b7:7c:a6:04:9e:66:83:
         83:27:a2:8a:7b:a5:bb:8e:fd:3f:11:48:b8:1b:38:26:6c:bc:
         a9:d9:9f:27:4b:63:65:78:50:8c:00:7c:71:3c:e4:be:65:18:
         50:22:63:24:f0:98:9c:9a:76:e5:86:85:69:c2:2e:eb:6d:fc:
         35:cc:e0:f0:31:46:ee:c4:fc:ae:04:5c:1d:e6:94:a0:1d:c2:
         9b:cb:c2:c7:95:e4:a7:32:ce:b4:df:bb:78:e5:ec:f2:35:30:
         d6:78:bc:89:e6:5d:18:0d:86:2d:10:f9:a0:4e:ea:86:63:ca:
         d3:4f:26:45:b4:68:8f:7f:2d:36:f5:07:95:c3:ff:95:46:cb:
         f5:4c:5d:f9:20:62:e9:9b:75:ff:c4:a1:a9:d4:dc:38:ec:14:
         9b:78:d3:8b:2a:a6:35:aa:d4:35:13:b9:c1:7f:5d:f0:9d:2a:
         9c:10:d9:0f:50:63:37:4d:d3:ed:3c:67:af:c0:dd:4d:73:ad:
         b5:16:ea:3f:f4:3d:7d:7d:87:a9:bd:24:74:81:6d:df:1b:de:
         1d:8a:fa:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiIDh7CBopCkxrTU/O8rqX5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMmM3NDU5OTNjYzRiNmYxNDcwYWVhYjQ2MTRmMDg1ZDRh
ZTQwYTkwHhcNMjUwODA4MDUwMTIzWhcNMjUwODA5MDUwMTIzWjAzMTEwLwYDVQQD
EygyZDRjNDg5ZTg5YWI1YjkzYzYwMGY2ZDc0OTUzYzZhYTFhNTQ1ODg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0yzYRNg3pOrQiftFiTFEPp9J1NT
kjc2PkoAxWkINr1v335SqhHOrX9PmVO4VMcUS8q1iX/czq0pAbGg3qBeNWcWmjDm
EotatOMLIOiUpn/WvX7U9E3XSmJEV1NGCd6UVynyVlhGqAUStrCnVXj9in0fSh1H
egnKtqA92BpGYL4pz4RgHCOT6q+TdmZU/844U4Wo9HJ65PfLd0cHM7QRtCOYzV28
wiGrtO9YLbuTj8Hn6nhkqmIpZBjNlcdHJgZa74QdZ9+b9sovzptkGTksIRG4B71m
mtjs9lhjcmeq2T+n9R0qv6WNphIv6F7OaYimv5oEavKlW87CzS96w8hj/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC1MSJ6Jq1uTxgD210lTxqoaVFiHMB8GA1UdIwQY
MBaAFO4sdFmTzEtvFHCuq0YU8IXUrkCpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2l4MFdaUE1TMjhVY0s2clJoVHdoZFN1UUtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8yZGI0ZDAtOTg4Mi00NTYzLWE1Nzgt
NzcyYzkxNzdkNTI5LzEvN2l4MFdaUE1TMjhVY0s2clJoVHdoZFN1UUtrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8yZGI0ZDAtOTg4Mi00NTYzLWE1NzgtNzcyYzkxNzdkNTI5
LzEvN2l4MFdaUE1TMjhVY0s2clJoVHdoZFN1UUtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALxu7wiE9
IHLy++09NpGwVOOrH78cuDCMYWZHS4bImWfPu/rKu7O+sn8gAMiF+Xe3fKYEnmaD
gyeiinulu479PxFIuBs4Jmy8qdmfJ0tjZXhQjAB8cTzkvmUYUCJjJPCYnJp25YaF
acIu6238Nczg8DFG7sT8rgRcHeaUoB3Cm8vCx5XkpzLOtN+7eOXs8jUw1ni8ieZd
GA2GLRD5oE7qhmPK008mRbRoj38tNvUHlcP/lUbL9Uxd+SBi6Zt1/8ShqdTcOOwU
m3jTiyqmNarUNRO5wX9d8J0qnBDZD1BjN03T7Txnr8DdTXOttRbqP/Q9fX2Hqb0k
dIFt3xveHYr6lw==
-----END CERTIFICATE-----