Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/bf9999-2341-4acf-84e9-b8866e941963/1/frYDcECoYM2RunejcY7VgMrfXdg.mft
File:                     frYDcECoYM2RunejcY7VgMrfXdg.mft (raw, json)
Hash identifier:          D3fzss80n5CywTRD+dEjWWFxjNLKcHe1jMz7vncJXWg=
Subject key identifier:   08:D7:6A:55:44:BF:F3:F0:7A:47:12:BA:F8:91:B9:E6:B6:1F:2B:55
Authority key identifier: 7E:B6:03:70:40:A8:60:CD:91:BA:77:A3:71:8E:D5:80:CA:DF:5D:D8
Certificate issuer:       /CN=7eb6037040a860cd91ba77a3718ed580cadf5dd8
Certificate serial:       019889FBDC657F1042C16E3F1F2D3E3D6C53
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/frYDcECoYM2RunejcY7VgMrfXdg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/bf9999-2341-4acf-84e9-b8866e941963/1/frYDcECoYM2RunejcY7VgMrfXdg.mft
Manifest number:          0604
Signing time:             Fri 08 Aug 2025 14:00:41 +0000
Manifest this update:     Fri 08 Aug 2025 14:00:41 +0000
Manifest next update:     Sat 09 Aug 2025 14:00:41 +0000
Files and hashes:         1: frYDcECoYM2RunejcY7VgMrfXdg.crl (hash: uS6pVLzTTAj+CO7av5r4MxeKPCs0E3PQBB81zOe6J+o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7d/bf9999-2341-4acf-84e9-b8866e941963/1/frYDcECoYM2RunejcY7VgMrfXdg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7d/bf9999-2341-4acf-84e9-b8866e941963/1/frYDcECoYM2RunejcY7VgMrfXdg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/frYDcECoYM2RunejcY7VgMrfXdg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 11:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:89:fb:dc:65:7f:10:42:c1:6e:3f:1f:2d:3e:3d:6c:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7eb6037040a860cd91ba77a3718ed580cadf5dd8
        Validity
            Not Before: Aug  8 14:00:41 2025 GMT
            Not After : Aug  9 14:00:41 2025 GMT
        Subject: CN=08d76a5544bff3f07a4712baf891b9e6b61f2b55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:d1:d3:e3:3c:0f:aa:37:05:bc:73:9a:12:e3:
                    04:0d:7c:81:9b:b3:3c:7e:41:b3:6c:5c:dd:9d:ee:
                    f1:a9:3c:d6:5d:d5:c8:cb:4c:b8:01:a6:fe:e2:79:
                    b9:02:5b:aa:79:91:b6:97:21:4a:ac:18:94:b9:4d:
                    7b:2b:c3:5f:6a:b1:70:dd:5c:fc:e5:47:0e:53:c0:
                    77:71:88:3f:ef:76:4c:41:a5:f0:8b:24:20:1f:a3:
                    35:ea:8e:34:1a:99:b0:42:c2:f9:1f:0b:54:9b:5b:
                    41:07:ff:62:3b:fd:ae:61:23:54:ca:4a:43:a4:d1:
                    9d:5a:39:7f:63:e3:d1:83:85:ea:58:8e:13:09:1c:
                    7e:aa:fd:b1:cf:16:78:d6:e3:ff:15:73:21:ea:5d:
                    50:a4:9f:7f:b9:9c:e2:ad:78:70:f3:64:4c:bf:6d:
                    f6:a6:cc:ad:88:0e:52:01:53:cb:fc:34:77:34:f7:
                    9c:01:64:b0:e5:f2:7a:dd:5a:82:1b:26:73:b3:af:
                    a9:2e:40:8b:ad:72:c5:eb:e9:4c:ad:fe:5b:32:6c:
                    5b:93:09:f3:cf:61:f4:94:29:2e:2d:42:ce:9c:7c:
                    6d:e4:68:62:b1:95:28:03:58:df:b5:09:df:e7:47:
                    62:8e:3b:6e:16:44:a4:7d:cf:14:9d:d1:e3:ee:27:
                    f1:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:D7:6A:55:44:BF:F3:F0:7A:47:12:BA:F8:91:B9:E6:B6:1F:2B:55
            X509v3 Authority Key Identifier:
                keyid:7E:B6:03:70:40:A8:60:CD:91:BA:77:A3:71:8E:D5:80:CA:DF:5D:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/frYDcECoYM2RunejcY7VgMrfXdg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/bf9999-2341-4acf-84e9-b8866e941963/1/frYDcECoYM2RunejcY7VgMrfXdg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/bf9999-2341-4acf-84e9-b8866e941963/1/frYDcECoYM2RunejcY7VgMrfXdg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         aa:e1:12:18:da:e4:34:93:7d:43:77:df:d3:ce:19:6d:3d:09:
         e6:b8:ed:8e:00:95:8d:b2:24:31:67:0f:61:53:6d:a5:d9:65:
         2b:f5:ff:50:be:b0:11:65:45:5a:28:b5:7f:a5:bc:e8:04:a4:
         27:9e:05:ee:bb:22:46:31:a9:fe:40:66:aa:91:05:3e:88:f1:
         68:8e:22:77:44:ca:58:be:f0:24:40:7b:27:56:1e:b6:43:e9:
         89:de:c0:14:a5:c0:e8:bc:24:f5:69:0d:b9:a4:9b:7e:c8:72:
         ac:7e:b1:6b:20:b5:97:84:6c:04:69:61:97:93:e6:05:01:c5:
         b6:bf:34:19:31:0a:51:71:8a:3b:a9:2a:d4:08:81:a3:45:d3:
         61:89:02:19:86:2d:c8:c8:64:ec:6a:bc:04:72:b6:05:ee:a2:
         23:52:e5:a9:ba:55:cb:39:d1:e5:06:7d:8e:ba:8d:cb:a6:a8:
         84:27:d3:81:a4:f2:2b:d4:43:e7:82:68:22:31:e6:d7:26:fb:
         c9:76:a9:4e:35:2d:d1:0a:d6:e3:c5:3d:66:5e:5d:a9:0f:bf:
         13:e8:dc:15:a2:2c:d1:d6:4c:61:a0:26:45:d9:d1:4b:9f:16:
         e8:ab:3e:11:8c:46:e2:83:52:fc:e2:cd:bc:26:81:5a:74:c5:
         ce:5a:46:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiJ+9xlfxBCwW4/Hy0+PWxTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlYjYwMzcwNDBhODYwY2Q5MWJhNzdhMzcxOGVkNTgwY2Fk
ZjVkZDgwHhcNMjUwODA4MTQwMDQxWhcNMjUwODA5MTQwMDQxWjAzMTEwLwYDVQQD
EygwOGQ3NmE1NTQ0YmZmM2YwN2E0NzEyYmFmODkxYjllNmI2MWYyYjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdHT4zwPqjcFvHOaEuMEDXyBm7M8
fkGzbFzdne7xqTzWXdXIy0y4Aab+4nm5AluqeZG2lyFKrBiUuU17K8NfarFw3Vz8
5UcOU8B3cYg/73ZMQaXwiyQgH6M16o40GpmwQsL5HwtUm1tBB/9iO/2uYSNUykpD
pNGdWjl/Y+PRg4XqWI4TCRx+qv2xzxZ41uP/FXMh6l1QpJ9/uZzirXhw82RMv232
psytiA5SAVPL/DR3NPecAWSw5fJ63VqCGyZzs6+pLkCLrXLF6+lMrf5bMmxbkwnz
z2H0lCkuLULOnHxt5GhisZUoA1jftQnf50dijjtuFkSkfc8UndHj7ifxkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAjXalVEv/PwekcSuviRuea2HytVMB8GA1UdIwQY
MBaAFH62A3BAqGDNkbp3o3GO1YDK313YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnJZRGNFQ29ZTTJSdW5lamNZN1ZnTXJmWGRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9iZjk5OTktMjM0MS00YWNmLTg0ZTkt
Yjg4NjZlOTQxOTYzLzEvZnJZRGNFQ29ZTTJSdW5lamNZN1ZnTXJmWGRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9iZjk5OTktMjM0MS00YWNmLTg0ZTktYjg4NjZlOTQxOTYz
LzEvZnJZRGNFQ29ZTTJSdW5lamNZN1ZnTXJmWGRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAquESGNrk
NJN9Q3ff084ZbT0J5rjtjgCVjbIkMWcPYVNtpdllK/X/UL6wEWVFWii1f6W86ASk
J54F7rsiRjGp/kBmqpEFPojxaI4id0TKWL7wJEB7J1YetkPpid7AFKXA6Lwk9WkN
uaSbfshyrH6xayC1l4RsBGlhl5PmBQHFtr80GTEKUXGKO6kq1AiBo0XTYYkCGYYt
yMhk7Gq8BHK2Be6iI1LlqbpVyznR5QZ9jrqNy6aohCfTgaTyK9RD54JoIjHm1yb7
yXapTjUt0QrW48U9Zl5dqQ+/E+jcFaIs0dZMYaAmRdnRS58W6Ks+EYxG4oNS/OLN
vCaBWnTFzlpGsA==
-----END CERTIFICATE-----