Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
File:                     RNvjYmp2sEoSCIlwSViGPUJjLw8.mft (raw, json)
Hash identifier:          C5R7vwmLJeDiQ+VmCEZXD1uwp2eU845Y24faeNOyWEQ=
Subject key identifier:   11:2B:89:E9:53:C1:98:C4:BC:CA:44:0D:81:92:43:A6:37:36:39:D9
Authority key identifier: 44:DB:E3:62:6A:76:B0:4A:12:08:89:70:49:58:86:3D:42:63:2F:0F
Certificate issuer:       /CN=44dbe3626a76b04a120889704958863d42632f0f
Certificate serial:       01987418E43114030B4F2EC2F30ED255A9B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
Manifest number:          0426
Signing time:             Mon 04 Aug 2025 08:00:45 +0000
Manifest this update:     Mon 04 Aug 2025 08:00:45 +0000
Manifest next update:     Tue 05 Aug 2025 08:00:45 +0000
Files and hashes:         1: RNvjYmp2sEoSCIlwSViGPUJjLw8.crl (hash: Q7vC0E1Jw1Okp3rWUH9brNmOu3MvJvurIPyRy0WWFII=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:74:18:e4:31:14:03:0b:4f:2e:c2:f3:0e:d2:55:a9:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44dbe3626a76b04a120889704958863d42632f0f
        Validity
            Not Before: Aug  4 08:00:45 2025 GMT
            Not After : Aug  5 08:00:45 2025 GMT
        Subject: CN=112b89e953c198c4bcca440d819243a6373639d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:a8:aa:da:c7:85:86:fb:7c:48:1e:07:d3:62:
                    e0:40:2e:06:f4:aa:5d:33:56:c7:9e:09:dd:e4:ca:
                    e9:13:e7:86:53:58:91:1c:78:46:9b:94:37:cd:d2:
                    a3:55:1a:58:30:11:21:ed:ca:8a:90:84:c2:82:4f:
                    f1:e5:b8:8b:2a:24:4d:bc:84:87:0a:98:c2:55:6b:
                    a8:10:0e:dd:be:ef:db:13:c5:7b:9a:01:f2:d9:b2:
                    cc:f8:f4:45:80:7c:d5:a9:29:e6:5a:df:54:56:1c:
                    c8:7e:4f:60:2b:fb:53:e5:c6:db:fb:f7:8b:19:95:
                    1f:44:f4:ec:48:52:45:f1:58:06:fe:6d:8a:07:e6:
                    eb:93:5d:53:b2:dd:98:00:8d:07:ab:ae:a0:9a:9f:
                    6d:00:c0:8d:8a:d6:1e:c2:89:c3:57:6d:ad:2e:9b:
                    44:e4:c3:b7:3f:7c:a5:78:56:32:3d:72:65:e9:e6:
                    d0:43:7d:73:32:3b:30:85:75:d0:b8:2d:ca:e0:f1:
                    07:77:bd:55:5c:f6:56:be:46:07:24:bf:09:1f:ab:
                    f1:99:bb:0d:2d:e6:8b:2d:c4:bd:b4:0b:01:53:95:
                    83:37:50:f8:5a:6b:e3:2e:a0:c6:47:45:64:54:ff:
                    6c:c2:a5:11:6b:11:ac:0e:0f:23:e6:3a:76:bf:73:
                    b5:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:2B:89:E9:53:C1:98:C4:BC:CA:44:0D:81:92:43:A6:37:36:39:D9
            X509v3 Authority Key Identifier:
                keyid:44:DB:E3:62:6A:76:B0:4A:12:08:89:70:49:58:86:3D:42:63:2F:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:27:ea:e1:86:b1:49:9c:07:94:44:f8:7b:23:89:ca:a7:f2:
         76:70:14:fb:c2:95:ea:7e:a3:09:e6:7f:1c:44:1b:33:4e:79:
         50:c7:48:bb:5e:f1:4c:c9:41:65:14:d6:2d:ef:f8:e9:9e:b2:
         9d:c4:f4:e7:15:b3:99:7c:45:f7:6c:95:28:41:1a:79:63:e5:
         75:7b:77:bc:1b:0c:7f:32:d8:4f:51:e6:58:1d:8b:a3:37:ba:
         76:05:b8:af:fe:ff:fa:0f:a6:8a:cc:d5:a7:05:13:48:0d:58:
         6f:16:3f:d6:02:8e:39:c6:6a:c3:e0:73:3e:a7:c3:1f:3a:cf:
         72:2e:48:c7:a4:75:22:35:68:96:0a:ed:ec:b0:9e:5b:f9:ef:
         30:c8:72:1b:0e:04:39:09:f3:52:cb:b0:68:d8:e6:dc:6a:53:
         d6:73:f2:e1:7b:36:44:18:aa:cf:fa:30:07:c0:4c:76:45:61:
         e3:31:78:b7:46:2f:67:e9:6a:26:58:e0:8f:3d:e9:7a:fd:4e:
         7f:bd:c8:f1:90:fe:b0:86:7a:86:de:4f:d7:70:ef:ac:98:75:
         24:5d:4b:83:fd:84:2e:b7:ec:c1:11:4a:1c:7d:f8:09:b4:43:
         26:78:03:8b:6f:1b:69:d1:d2:94:42:f0:2c:c4:f6:6e:a4:8c:
         97:6b:6b:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0GOQxFAMLTy7C8w7SVam0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZGJlMzYyNmE3NmIwNGExMjA4ODk3MDQ5NTg4NjNkNDI2
MzJmMGYwHhcNMjUwODA0MDgwMDQ1WhcNMjUwODA1MDgwMDQ1WjAzMTEwLwYDVQQD
EygxMTJiODllOTUzYzE5OGM0YmNjYTQ0MGQ4MTkyNDNhNjM3MzYzOWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaiq2seFhvt8SB4H02LgQC4G9Kpd
M1bHngnd5MrpE+eGU1iRHHhGm5Q3zdKjVRpYMBEh7cqKkITCgk/x5biLKiRNvISH
CpjCVWuoEA7dvu/bE8V7mgHy2bLM+PRFgHzVqSnmWt9UVhzIfk9gK/tT5cbb+/eL
GZUfRPTsSFJF8VgG/m2KB+brk11Tst2YAI0Hq66gmp9tAMCNitYewonDV22tLptE
5MO3P3yleFYyPXJl6ebQQ31zMjswhXXQuC3K4PEHd71VXPZWvkYHJL8JH6vxmbsN
LeaLLcS9tAsBU5WDN1D4WmvjLqDGR0VkVP9swqURaxGsDg8j5jp2v3O1KQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBErielTwZjEvMpEDYGSQ6Y3NjnZMB8GA1UdIwQY
MBaAFETb42JqdrBKEgiJcElYhj1CYy8PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9jOGU0MTktMDM0Ni00MzNmLTkzMDkt
ZGU4MWY5YWQ3NzljLzEvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9jOGU0MTktMDM0Ni00MzNmLTkzMDktZGU4MWY5YWQ3Nzlj
LzEvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXifq4Yax
SZwHlET4eyOJyqfydnAU+8KV6n6jCeZ/HEQbM055UMdIu17xTMlBZRTWLe/46Z6y
ncT05xWzmXxF92yVKEEaeWPldXt3vBsMfzLYT1HmWB2Loze6dgW4r/7/+g+miszV
pwUTSA1YbxY/1gKOOcZqw+BzPqfDHzrPci5Ix6R1IjVolgrt7LCeW/nvMMhyGw4E
OQnzUsuwaNjm3GpT1nPy4Xs2RBiqz/owB8BMdkVh4zF4t0YvZ+lqJljgjz3pev1O
f73I8ZD+sIZ6ht5P13DvrJh1JF1Lg/2ELrfswRFKHH34CbRDJngDi28badHSlELw
LMT2bqSMl2trag==
-----END CERTIFICATE-----