Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.mft
File:                     IgTxXPMNc4SLB038rCYTgAYVatQ.mft (raw, json)
Hash identifier:          S+8CodRHT7xMlGRM6kKt7Gpmf+NwfIzzheYNoEI++Eg=
Subject key identifier:   3B:0C:21:5C:F8:A3:F6:6E:2E:9E:0E:45:98:F7:FE:11:F6:DA:7A:BF
Authority key identifier: 22:04:F1:5C:F3:0D:73:84:8B:07:4D:FC:AC:26:13:80:06:15:6A:D4
Certificate issuer:       /CN=2204f15cf30d73848b074dfcac26138006156ad4
Certificate serial:       01988B0F060A6F2F29261E3EC112308BD200
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IgTxXPMNc4SLB038rCYTgAYVatQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.mft
Manifest number:          0D30
Signing time:             Fri 08 Aug 2025 19:01:14 +0000
Manifest this update:     Fri 08 Aug 2025 19:01:14 +0000
Manifest next update:     Sat 09 Aug 2025 19:01:14 +0000
Files and hashes:         1: IgTxXPMNc4SLB038rCYTgAYVatQ.crl (hash: FvQe+DGNb6wqxBUU4OZsCYsSosKyNzoBqHRQ5qXgD4U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IgTxXPMNc4SLB038rCYTgAYVatQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 19:01:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:0f:06:0a:6f:2f:29:26:1e:3e:c1:12:30:8b:d2:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2204f15cf30d73848b074dfcac26138006156ad4
        Validity
            Not Before: Aug  8 19:01:14 2025 GMT
            Not After : Aug  9 19:01:14 2025 GMT
        Subject: CN=3b0c215cf8a3f66e2e9e0e4598f7fe11f6da7abf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:74:9a:54:3f:c8:6f:7c:b0:d9:c7:26:f9:b4:
                    cd:a8:a6:36:a9:60:f0:63:00:d6:74:e8:c5:fd:2b:
                    e9:7d:6f:b1:3a:cc:a6:89:2b:cd:d3:15:c7:32:69:
                    6b:d8:25:bd:ff:20:bb:67:ed:a0:0b:8c:51:36:4c:
                    d1:0c:4b:1d:78:87:a7:de:d4:38:27:54:f2:9b:8c:
                    bf:dd:37:1e:8e:be:e9:49:b1:9c:e9:e8:43:ee:b2:
                    b7:17:39:48:1f:de:58:d4:d4:55:93:11:e9:2f:33:
                    0e:d8:2b:eb:db:12:12:ba:d8:9d:06:a9:50:d6:59:
                    3c:92:a6:6e:de:f5:93:f6:b7:da:61:28:9d:bc:1b:
                    84:dd:4e:cc:24:39:c6:e3:98:a5:10:b9:b3:9f:1c:
                    4a:aa:8d:75:fb:29:b0:15:c1:e9:d9:07:0e:26:ba:
                    20:c9:f3:99:18:4a:74:a0:73:3b:78:e9:d6:9f:a7:
                    b0:c8:85:a9:f4:4f:33:a9:9b:c6:d4:44:13:ed:4d:
                    48:a7:b7:d1:0a:9e:bc:8c:65:be:0d:0c:f1:8a:f5:
                    95:56:8e:3e:09:51:5a:20:de:b9:f0:2c:6d:de:13:
                    cc:dd:93:cb:8f:10:36:59:96:af:d7:08:95:1c:fb:
                    96:f9:b2:09:ac:1d:1c:e6:cb:bf:02:d3:e6:cf:a5:
                    45:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:0C:21:5C:F8:A3:F6:6E:2E:9E:0E:45:98:F7:FE:11:F6:DA:7A:BF
            X509v3 Authority Key Identifier:
                keyid:22:04:F1:5C:F3:0D:73:84:8B:07:4D:FC:AC:26:13:80:06:15:6A:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IgTxXPMNc4SLB038rCYTgAYVatQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:16:5e:38:06:87:49:f0:0c:3f:5d:86:5b:3e:52:92:54:bd:
         71:d9:d7:f3:4c:a0:d5:7d:9b:3b:f0:8b:f6:c7:2f:5d:bd:81:
         6b:53:b3:da:8d:57:d8:52:25:f6:92:89:3f:a8:4a:44:7b:f9:
         4f:cf:dc:6f:5e:19:51:78:6f:d1:a1:c7:83:d1:7e:c7:ca:78:
         2f:8d:10:35:ae:62:b6:41:07:92:96:40:4a:79:60:00:ba:3c:
         48:c6:e9:eb:de:a3:11:2d:ac:68:bf:2e:da:82:15:40:18:6b:
         17:3c:5c:10:51:10:24:a6:99:4f:ef:6d:0b:7a:b8:21:8f:59:
         6e:8d:33:b3:a5:f1:f7:7b:ab:0c:4c:4b:62:01:25:a0:65:f4:
         4b:24:33:8f:8d:e3:75:8b:3c:c8:03:ff:2e:ca:83:eb:b0:e3:
         b2:70:15:f0:8c:f7:45:ad:52:58:74:a8:5f:dc:8c:ac:43:f3:
         dd:1a:08:71:3c:a4:e4:9f:d4:eb:4f:90:53:5f:11:06:eb:2b:
         8b:16:18:1d:99:89:cd:81:60:06:f2:13:de:39:6e:48:45:70:
         d2:d4:80:51:64:cb:01:7b:41:1f:c4:a3:5f:ef:73:84:7e:ba:
         d2:63:9f:78:c7:6e:5e:79:fd:a1:5d:ee:f8:aa:a7:f7:b9:f9:
         88:bd:03:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLDwYKby8pJh4+wRIwi9IAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMDRmMTVjZjMwZDczODQ4YjA3NGRmY2FjMjYxMzgwMDYx
NTZhZDQwHhcNMjUwODA4MTkwMTE0WhcNMjUwODA5MTkwMTE0WjAzMTEwLwYDVQQD
EygzYjBjMjE1Y2Y4YTNmNjZlMmU5ZTBlNDU5OGY3ZmUxMWY2ZGE3YWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3SaVD/Ib3yw2ccm+bTNqKY2qWDw
YwDWdOjF/SvpfW+xOsymiSvN0xXHMmlr2CW9/yC7Z+2gC4xRNkzRDEsdeIen3tQ4
J1Tym4y/3Tcejr7pSbGc6ehD7rK3FzlIH95Y1NRVkxHpLzMO2Cvr2xISutidBqlQ
1lk8kqZu3vWT9rfaYSidvBuE3U7MJDnG45ilELmznxxKqo11+ymwFcHp2QcOJrog
yfOZGEp0oHM7eOnWn6ewyIWp9E8zqZvG1EQT7U1Ip7fRCp68jGW+DQzxivWVVo4+
CVFaIN658Cxt3hPM3ZPLjxA2WZav1wiVHPuW+bIJrB0c5su/AtPmz6VFeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDsMIVz4o/ZuLp4ORZj3/hH22nq/MB8GA1UdIwQY
MBaAFCIE8VzzDXOEiwdN/KwmE4AGFWrUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWdUeFhQTU5jNFNMQjAzOHJDWVRnQVlWYXRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8zODcyY2YtYWE1OS00Yzk4LWI3YTMt
YzFiMTAyMzlkZDU4LzEvSWdUeFhQTU5jNFNMQjAzOHJDWVRnQVlWYXRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8zODcyY2YtYWE1OS00Yzk4LWI3YTMtYzFiMTAyMzlkZDU4
LzEvSWdUeFhQTU5jNFNMQjAzOHJDWVRnQVlWYXRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADhZeOAaH
SfAMP12GWz5SklS9cdnX80yg1X2bO/CL9scvXb2Ba1Oz2o1X2FIl9pKJP6hKRHv5
T8/cb14ZUXhv0aHHg9F+x8p4L40QNa5itkEHkpZASnlgALo8SMbp696jES2saL8u
2oIVQBhrFzxcEFEQJKaZT+9tC3q4IY9Zbo0zs6Xx93urDExLYgEloGX0SyQzj43j
dYs8yAP/LsqD67DjsnAV8Iz3Ra1SWHSoX9yMrEPz3RoIcTyk5J/U60+QU18RBusr
ixYYHZmJzYFgBvIT3jluSEVw0tSAUWTLAXtBH8SjX+9zhH660mOfeMduXnn9oV3u
+Kqn97n5iL0Dmw==
-----END CERTIFICATE-----
Generated at Sat Aug 9 01:23:59 2025 by rpki-client