Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft
File:                     lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft (raw, json)
Hash identifier:          eV8E45F9ktNYhjoURDmTIAmtb9cjFCc++2dirztf92E=
Subject key identifier:   31:D6:45:F6:0C:50:33:65:58:CD:38:5A:78:84:B1:9F:32:16:B1:5C
Authority key identifier: 94:75:ED:DC:A9:5B:73:66:53:A4:C9:F9:D9:15:40:D2:D3:EF:B5:3D
Certificate issuer:       /CN=9475eddca95b736653a4c9f9d91540d2d3efb53d
Certificate serial:       01988B100BBD159CE5260A6CCC15048E7BDC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lHXt3Klbc2ZTpMn52RVA0tPvtT0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft
Manifest number:          0260
Signing time:             Fri 08 Aug 2025 19:02:21 +0000
Manifest this update:     Fri 08 Aug 2025 19:02:21 +0000
Manifest next update:     Sat 09 Aug 2025 19:02:21 +0000
Files and hashes:         1: lHXt3Klbc2ZTpMn52RVA0tPvtT0.crl (hash: jnZkkffRJ3z8xJdsDz61LlLKoz4aiN0xoEDopERKLWM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lHXt3Klbc2ZTpMn52RVA0tPvtT0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 19:02:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:10:0b:bd:15:9c:e5:26:0a:6c:cc:15:04:8e:7b:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9475eddca95b736653a4c9f9d91540d2d3efb53d
        Validity
            Not Before: Aug  8 19:02:21 2025 GMT
            Not After : Aug  9 19:02:21 2025 GMT
        Subject: CN=31d645f60c50336558cd385a7884b19f3216b15c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:c6:74:38:c7:b8:d7:4e:57:f8:7f:f2:73:6d:
                    d1:21:f7:80:29:cf:76:0a:ea:40:ef:b8:e6:b6:6f:
                    80:99:6e:f3:0a:71:20:df:24:70:71:90:4a:ff:9e:
                    01:d0:2b:60:a4:51:91:da:fc:ad:7f:e6:8a:d4:c2:
                    f2:42:20:49:37:14:df:5a:5d:6a:25:8a:c7:f0:69:
                    97:33:f4:7e:87:79:57:01:ad:31:5e:49:3f:9d:43:
                    af:bc:59:04:83:47:65:a5:ac:78:1f:3f:78:6c:28:
                    df:8d:6d:18:e7:2d:65:0d:62:b2:64:79:b4:d4:a9:
                    5e:1b:75:cb:f7:e1:0a:44:30:45:cc:8f:6a:53:fe:
                    93:1b:30:ec:88:83:77:42:6f:a5:44:2c:83:a9:d7:
                    33:93:d1:ab:29:b1:fe:eb:06:02:c1:24:72:79:5f:
                    92:7c:08:2e:cb:49:60:69:f8:5a:bb:1b:d0:ee:25:
                    25:4d:58:3f:b4:72:c5:bb:3b:b5:15:48:0c:a2:b9:
                    ed:ce:74:86:0c:f6:99:90:71:dc:e0:2a:16:f6:9e:
                    14:64:70:3e:38:10:d7:80:48:25:96:d0:b0:8e:6f:
                    7b:7f:d9:96:e6:5e:31:bb:e8:b3:c9:63:bc:1c:4d:
                    1c:5e:b7:2e:83:41:f4:3f:47:b3:e6:aa:5b:ac:72:
                    f1:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:D6:45:F6:0C:50:33:65:58:CD:38:5A:78:84:B1:9F:32:16:B1:5C
            X509v3 Authority Key Identifier:
                keyid:94:75:ED:DC:A9:5B:73:66:53:A4:C9:F9:D9:15:40:D2:D3:EF:B5:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lHXt3Klbc2ZTpMn52RVA0tPvtT0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:ab:24:f7:18:ff:c6:01:ad:1e:87:6f:a0:10:2f:61:e8:e4:
         a2:3d:19:aa:36:e7:b1:3c:b4:35:42:5e:cb:40:62:1e:30:35:
         9d:42:14:d3:ad:c8:ef:1f:66:53:51:60:84:e2:b4:b6:87:a3:
         d6:a7:1b:ca:34:5e:30:4e:9b:29:f4:84:1b:09:72:52:c0:94:
         93:7e:0b:e8:32:71:45:9d:dd:1f:60:29:13:dd:55:af:61:38:
         9e:ef:63:f0:ef:bc:67:df:c1:a5:c4:e6:c9:9f:e8:6d:f5:75:
         51:72:16:76:83:41:eb:d8:f5:75:26:79:0c:a2:38:52:d6:9c:
         63:b1:32:78:0c:e9:c5:de:96:57:42:81:81:67:07:2c:fb:42:
         6b:31:19:41:76:1d:79:27:e6:74:69:b3:c6:05:0b:02:19:07:
         72:b1:f2:93:df:72:5d:e6:3d:75:fd:ea:03:db:8d:66:da:9c:
         5b:82:1d:14:97:e2:81:4d:e0:65:5e:a8:96:5b:b2:8e:96:d5:
         4f:63:85:61:71:28:a5:85:a6:f6:8b:45:aa:ce:01:30:b8:dc:
         56:fa:65:9a:66:52:dd:99:61:1b:05:a7:00:7f:87:32:ac:aa:
         6b:9e:21:dc:9e:40:14:65:df:c6:7c:fd:a4:4b:ae:96:e8:a6:
         eb:f3:64:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLEAu9FZzlJgpszBUEjnvcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NzVlZGRjYTk1YjczNjY1M2E0YzlmOWQ5MTU0MGQyZDNl
ZmI1M2QwHhcNMjUwODA4MTkwMjIxWhcNMjUwODA5MTkwMjIxWjAzMTEwLwYDVQQD
EygzMWQ2NDVmNjBjNTAzMzY1NThjZDM4NWE3ODg0YjE5ZjMyMTZiMTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8Z0OMe4105X+H/yc23RIfeAKc92
CupA77jmtm+AmW7zCnEg3yRwcZBK/54B0CtgpFGR2vytf+aK1MLyQiBJNxTfWl1q
JYrH8GmXM/R+h3lXAa0xXkk/nUOvvFkEg0dlpax4Hz94bCjfjW0Y5y1lDWKyZHm0
1KleG3XL9+EKRDBFzI9qU/6TGzDsiIN3Qm+lRCyDqdczk9GrKbH+6wYCwSRyeV+S
fAguy0lgafhauxvQ7iUlTVg/tHLFuzu1FUgMorntznSGDPaZkHHc4CoW9p4UZHA+
OBDXgEglltCwjm97f9mW5l4xu+izyWO8HE0cXrcug0H0P0ez5qpbrHLxFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDHWRfYMUDNlWM04WniEsZ8yFrFcMB8GA1UdIwQY
MBaAFJR17dypW3NmU6TJ+dkVQNLT77U9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEhYdDNLbGJjMlpUcE1uNTJSVkEwdFB2dFQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yM2NhMjEtYmNlYi00MzNlLWI3ZDkt
N2IwMDM5ODRiODYzLzEvbEhYdDNLbGJjMlpUcE1uNTJSVkEwdFB2dFQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8yM2NhMjEtYmNlYi00MzNlLWI3ZDktN2IwMDM5ODRiODYz
LzEvbEhYdDNLbGJjMlpUcE1uNTJSVkEwdFB2dFQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApKsk9xj/
xgGtHodvoBAvYejkoj0ZqjbnsTy0NUJey0BiHjA1nUIU063I7x9mU1FghOK0toej
1qcbyjReME6bKfSEGwlyUsCUk34L6DJxRZ3dH2ApE91Vr2E4nu9j8O+8Z9/BpcTm
yZ/obfV1UXIWdoNB69j1dSZ5DKI4UtacY7EyeAzpxd6WV0KBgWcHLPtCazEZQXYd
eSfmdGmzxgULAhkHcrHyk99yXeY9df3qA9uNZtqcW4IdFJfigU3gZV6olluyjpbV
T2OFYXEopYWm9otFqs4BMLjcVvplmmZS3ZlhGwWnAH+HMqyqa54h3J5AFGXfxnz9
pEuuluim6/NkLA==
-----END CERTIFICATE-----