Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft
File:                     tNkMTfZ2phH1alrtWAmwV-msV5E.mft (raw, json)
Hash identifier:          4ziMNIC/9+39bO5DhZ19S1aO+VLMmWIirBK4FzpN13g=
Subject key identifier:   F0:90:1E:8E:2A:7C:7B:64:18:79:F8:40:C0:CB:7C:00:F7:60:D1:C0
Authority key identifier: B4:D9:0C:4D:F6:76:A6:11:F5:6A:5A:ED:58:09:B0:57:E9:AC:57:91
Certificate issuer:       /CN=b4d90c4df676a611f56a5aed5809b057e9ac5791
Certificate serial:       019874501C96A18733A5322ECC95D29ABA73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft
Manifest number:          089E
Signing time:             Mon 04 Aug 2025 09:01:03 +0000
Manifest this update:     Mon 04 Aug 2025 09:01:03 +0000
Manifest next update:     Tue 05 Aug 2025 09:01:03 +0000
Files and hashes:         1: tNkMTfZ2phH1alrtWAmwV-msV5E.crl (hash: ERb3AJJaVXE6ruFZOZv/ckQNYU3WkVWPqVz2OoTKpIw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:74:50:1c:96:a1:87:33:a5:32:2e:cc:95:d2:9a:ba:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4d90c4df676a611f56a5aed5809b057e9ac5791
        Validity
            Not Before: Aug  4 09:01:03 2025 GMT
            Not After : Aug  5 09:01:03 2025 GMT
        Subject: CN=f0901e8e2a7c7b641879f840c0cb7c00f760d1c0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:3a:46:29:ac:c8:f1:cf:ea:8e:81:75:8f:a1:
                    04:a4:b8:0d:9a:8a:20:5c:ef:4d:99:66:04:67:5b:
                    44:02:e3:d2:a0:49:ea:54:b8:78:1b:20:6d:f1:d2:
                    2c:65:6b:86:64:84:59:81:ee:bc:82:f1:3b:8a:9d:
                    4b:b3:bf:f1:c5:93:df:93:24:b0:fa:a9:5d:0e:71:
                    7e:1b:c5:8c:cd:c2:c8:04:22:e2:9d:9d:a2:f6:98:
                    dc:3e:f1:53:fe:fa:dc:53:82:04:8f:75:1b:08:49:
                    a7:34:2c:86:fe:b8:7f:5b:44:e9:48:33:a8:d3:67:
                    d8:85:a2:7b:fb:3a:b7:7c:2a:6d:bd:00:1b:9e:44:
                    2f:ea:1d:08:6a:3b:e5:c5:29:30:b6:f5:24:a3:c3:
                    85:f5:cd:1f:d9:a2:b1:a4:53:5a:ac:42:5a:8e:e5:
                    d0:a6:9d:5e:00:91:76:ba:7d:d8:69:c4:0c:8e:a8:
                    16:d3:64:33:93:9e:96:5a:5f:e5:c4:2a:a3:3d:4b:
                    3c:14:f7:0d:ad:cb:d6:b7:5b:75:67:ae:da:7a:71:
                    f1:02:44:5b:39:c1:85:79:a9:ee:2b:e4:9f:fe:0b:
                    bc:c8:07:b0:ac:4a:6e:93:0a:e0:a9:46:e7:ce:52:
                    7b:3d:1c:9e:2d:7a:41:7f:b6:a4:f9:b0:a6:05:5e:
                    dd:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:90:1E:8E:2A:7C:7B:64:18:79:F8:40:C0:CB:7C:00:F7:60:D1:C0
            X509v3 Authority Key Identifier:
                keyid:B4:D9:0C:4D:F6:76:A6:11:F5:6A:5A:ED:58:09:B0:57:E9:AC:57:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:2d:ab:20:c3:05:8f:f5:a7:c3:87:03:dd:12:9f:0b:c0:4e:
         45:39:86:1c:6e:42:0f:70:7f:22:bc:cf:a4:d0:48:10:43:0f:
         b9:37:94:1f:1b:44:48:6c:8a:c0:f2:5d:a9:68:7b:3e:17:78:
         6e:84:15:77:ac:c9:5f:09:3e:83:73:64:e5:7a:90:d9:36:93:
         7f:81:a4:9f:89:0c:81:08:49:86:66:a8:4f:a4:47:36:73:bc:
         66:90:e4:99:02:fd:cf:30:26:a1:a9:a6:f8:5b:19:67:cd:c8:
         20:cf:51:70:af:8e:79:0d:24:ae:1b:59:8d:d9:1c:e7:5e:12:
         6f:ac:29:fa:51:2e:69:f4:19:b0:2a:99:a4:63:25:29:b5:de:
         dc:41:f2:71:c7:70:8c:a0:7d:2e:7d:d0:56:9d:c9:c5:ae:7a:
         5f:6a:bd:cd:fe:aa:b2:06:d1:95:67:32:3a:da:10:31:a7:e0:
         1f:74:5e:78:b6:ab:67:38:ab:ee:eb:47:de:ba:a5:25:e2:35:
         05:5c:ff:2c:3b:ff:96:d1:79:f2:3d:d3:15:03:f1:2d:3a:ee:
         48:25:ad:38:60:07:c1:cd:00:c3:3d:b0:ad:7e:6b:17:eb:fe:
         ae:f9:31:94:34:67:39:2e:da:4e:a7:c5:a6:3f:b1:66:be:b5:
         d6:77:af:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0UByWoYczpTIuzJXSmrpzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZDkwYzRkZjY3NmE2MTFmNTZhNWFlZDU4MDliMDU3ZTlh
YzU3OTEwHhcNMjUwODA0MDkwMTAzWhcNMjUwODA1MDkwMTAzWjAzMTEwLwYDVQQD
EyhmMDkwMWU4ZTJhN2M3YjY0MTg3OWY4NDBjMGNiN2MwMGY3NjBkMWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTpGKazI8c/qjoF1j6EEpLgNmoog
XO9NmWYEZ1tEAuPSoEnqVLh4GyBt8dIsZWuGZIRZge68gvE7ip1Ls7/xxZPfkySw
+qldDnF+G8WMzcLIBCLinZ2i9pjcPvFT/vrcU4IEj3UbCEmnNCyG/rh/W0TpSDOo
02fYhaJ7+zq3fCptvQAbnkQv6h0IajvlxSkwtvUko8OF9c0f2aKxpFNarEJajuXQ
pp1eAJF2un3YacQMjqgW02Qzk56WWl/lxCqjPUs8FPcNrcvWt1t1Z67aenHxAkRb
OcGFeanuK+Sf/gu8yAewrEpukwrgqUbnzlJ7PRyeLXpBf7ak+bCmBV7dmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPCQHo4qfHtkGHn4QMDLfAD3YNHAMB8GA1UdIwQY
MBaAFLTZDE32dqYR9Wpa7VgJsFfprFeRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8yYWFmNGEtZTAzZi00ZDYxLWI2NTIt
NDM1ZTU3ZmNjZGM5LzEvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC8yYWFmNGEtZTAzZi00ZDYxLWI2NTItNDM1ZTU3ZmNjZGM5
LzEvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACi2rIMMF
j/Wnw4cD3RKfC8BORTmGHG5CD3B/IrzPpNBIEEMPuTeUHxtESGyKwPJdqWh7Phd4
boQVd6zJXwk+g3Nk5XqQ2TaTf4Gkn4kMgQhJhmaoT6RHNnO8ZpDkmQL9zzAmoamm
+FsZZ83IIM9RcK+OeQ0krhtZjdkc514Sb6wp+lEuafQZsCqZpGMlKbXe3EHyccdw
jKB9Ln3QVp3Jxa56X2q9zf6qsgbRlWcyOtoQMafgH3ReeLarZzir7utH3rqlJeI1
BVz/LDv/ltF58j3TFQPxLTruSCWtOGAHwc0Awz2wrX5rF+v+rvkxlDRnOS7aTqfF
pj+xZr611nev4w==
-----END CERTIFICATE-----