Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/cbd72b-f64b-454e-b58c-2715eb710e80/1/ck8UGJq3EFYgN12vm6qBTW3ZN6I.mft
File:                     ck8UGJq3EFYgN12vm6qBTW3ZN6I.mft (raw, json)
Hash identifier:          JOeoXg47Ppll+qZsrLu+TTi3sONXDW9iWQkQSa8tEfM=
Subject key identifier:   AD:9D:C9:EE:8C:5D:58:92:19:AF:86:F6:4B:DE:ED:04:E2:AB:42:4B
Authority key identifier: 72:4F:14:18:9A:B7:10:56:20:37:5D:AF:9B:AA:81:4D:6D:D9:37:A2
Certificate issuer:       /CN=724f14189ab7105620375daf9baa814d6dd937a2
Certificate serial:       019873E35AC313FC3DF822FCB776C2379489
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ck8UGJq3EFYgN12vm6qBTW3ZN6I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/cbd72b-f64b-454e-b58c-2715eb710e80/1/ck8UGJq3EFYgN12vm6qBTW3ZN6I.mft
Manifest number:          0785
Signing time:             Mon 04 Aug 2025 07:02:16 +0000
Manifest this update:     Mon 04 Aug 2025 07:02:16 +0000
Manifest next update:     Tue 05 Aug 2025 07:02:16 +0000
Files and hashes:         1: ck8UGJq3EFYgN12vm6qBTW3ZN6I.crl (hash: dPTUc0GKJAcKRgq4aCePX+KmFy3kRGH9DTmKB2Y5Uak=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c0/cbd72b-f64b-454e-b58c-2715eb710e80/1/ck8UGJq3EFYgN12vm6qBTW3ZN6I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c0/cbd72b-f64b-454e-b58c-2715eb710e80/1/ck8UGJq3EFYgN12vm6qBTW3ZN6I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ck8UGJq3EFYgN12vm6qBTW3ZN6I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:e3:5a:c3:13:fc:3d:f8:22:fc:b7:76:c2:37:94:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=724f14189ab7105620375daf9baa814d6dd937a2
        Validity
            Not Before: Aug  4 07:02:16 2025 GMT
            Not After : Aug  5 07:02:16 2025 GMT
        Subject: CN=ad9dc9ee8c5d589219af86f64bdeed04e2ab424b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:38:d8:63:a7:08:a4:84:04:3f:67:d6:c7:a1:
                    df:b2:9b:21:ab:0e:00:db:4c:31:82:59:dc:02:a9:
                    7e:12:79:0a:85:b9:50:eb:0d:c5:74:1d:62:6f:9f:
                    f8:6f:df:02:7d:e5:08:8c:35:f7:b9:af:92:0a:9b:
                    07:eb:bf:e8:70:45:58:02:b1:8f:9e:3f:b6:2c:f9:
                    a9:bb:42:e3:35:5c:fb:1c:a4:b1:30:9a:37:54:c9:
                    d4:9d:72:ed:76:89:5f:03:75:b7:14:1d:43:7e:79:
                    42:e6:f2:74:15:ee:31:2b:7f:c7:df:07:11:95:2e:
                    7e:f8:d9:89:ae:f7:8e:df:cd:7f:24:a5:a7:51:a9:
                    2c:58:ad:39:f6:a7:2f:a5:f6:5f:75:5e:f9:b6:e5:
                    81:5d:1f:89:9e:09:66:92:26:47:fe:1c:2f:88:3a:
                    be:28:03:38:c2:57:c0:c8:76:66:15:3b:bc:18:89:
                    a9:80:9e:ca:a6:99:22:87:ce:59:e6:74:0a:ed:b9:
                    a9:77:1e:0d:90:72:c0:50:95:63:ba:5b:0e:ee:34:
                    fd:d0:f7:d2:bd:26:c5:b6:db:13:5e:f5:32:2b:9d:
                    cf:b4:b7:b6:19:40:b6:6c:3a:3f:e3:c2:c6:ff:07:
                    fb:c3:94:fc:25:cb:dc:fb:1a:2a:9a:fe:93:40:db:
                    77:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:9D:C9:EE:8C:5D:58:92:19:AF:86:F6:4B:DE:ED:04:E2:AB:42:4B
            X509v3 Authority Key Identifier:
                keyid:72:4F:14:18:9A:B7:10:56:20:37:5D:AF:9B:AA:81:4D:6D:D9:37:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ck8UGJq3EFYgN12vm6qBTW3ZN6I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/cbd72b-f64b-454e-b58c-2715eb710e80/1/ck8UGJq3EFYgN12vm6qBTW3ZN6I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/cbd72b-f64b-454e-b58c-2715eb710e80/1/ck8UGJq3EFYgN12vm6qBTW3ZN6I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:42:75:b1:19:9c:e5:83:a5:b8:04:45:c2:5a:cd:58:0f:4e:
         e0:32:d2:80:a5:7c:a6:14:bd:95:31:c2:05:ba:db:06:8f:29:
         e2:df:52:7d:52:00:44:61:fe:07:1e:b7:9f:88:0e:e0:7e:3a:
         3b:66:95:65:83:8b:57:8d:f8:e2:fc:f2:8b:25:4d:95:e7:f3:
         df:ea:a1:b3:78:b1:4f:43:aa:47:40:ea:55:6f:c1:c8:a7:8d:
         e9:e8:7d:6b:52:5e:49:96:f4:41:52:c8:36:2f:9f:36:25:b9:
         d7:bc:c6:8f:e7:14:75:96:35:88:0a:64:94:3e:39:c6:2d:9c:
         0e:f8:2e:9d:44:07:58:66:ca:0e:ca:49:05:2e:c4:fb:f5:98:
         e3:96:4b:fc:a7:fe:8a:fa:74:2c:73:96:46:8f:3e:b7:f6:c3:
         9d:70:7a:97:9e:5b:30:99:ff:71:ce:2b:9f:17:e4:32:c1:bf:
         14:f5:41:38:85:ab:85:0b:15:5f:f7:c3:35:89:69:5c:13:14:
         ec:af:ca:07:86:4c:68:7f:38:d0:1f:74:44:21:98:1b:4e:54:
         c2:80:44:8f:c0:09:43:71:d4:be:db:96:17:b3:1f:38:ef:fb:
         db:12:7e:6f:96:ff:2b:fb:5e:67:1b:21:6d:40:4a:ac:4b:62:
         a5:61:4e:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz41rDE/w9+CL8t3bCN5SJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNGYxNDE4OWFiNzEwNTYyMDM3NWRhZjliYWE4MTRkNmRk
OTM3YTIwHhcNMjUwODA0MDcwMjE2WhcNMjUwODA1MDcwMjE2WjAzMTEwLwYDVQQD
EyhhZDlkYzllZThjNWQ1ODkyMTlhZjg2ZjY0YmRlZWQwNGUyYWI0MjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDjYY6cIpIQEP2fWx6Hfspshqw4A
20wxglncAql+EnkKhblQ6w3FdB1ib5/4b98CfeUIjDX3ua+SCpsH67/ocEVYArGP
nj+2LPmpu0LjNVz7HKSxMJo3VMnUnXLtdolfA3W3FB1DfnlC5vJ0Fe4xK3/H3wcR
lS5++NmJrveO381/JKWnUaksWK059qcvpfZfdV75tuWBXR+JnglmkiZH/hwviDq+
KAM4wlfAyHZmFTu8GImpgJ7Kppkih85Z5nQK7bmpdx4NkHLAUJVjulsO7jT90PfS
vSbFttsTXvUyK53PtLe2GUC2bDo/48LG/wf7w5T8Jcvc+xoqmv6TQNt3CQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK2dye6MXViSGa+G9kve7QTiq0JLMB8GA1UdIwQY
MBaAFHJPFBiatxBWIDddr5uqgU1t2TeiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2s4VUdKcTNFRllnTjEydm02cUJUVzNaTjZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9jYmQ3MmItZjY0Yi00NTRlLWI1OGMt
MjcxNWViNzEwZTgwLzEvY2s4VUdKcTNFRllnTjEydm02cUJUVzNaTjZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9jYmQ3MmItZjY0Yi00NTRlLWI1OGMtMjcxNWViNzEwZTgw
LzEvY2s4VUdKcTNFRllnTjEydm02cUJUVzNaTjZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABEJ1sRmc
5YOluARFwlrNWA9O4DLSgKV8phS9lTHCBbrbBo8p4t9SfVIARGH+Bx63n4gO4H46
O2aVZYOLV4344vzyiyVNlefz3+qhs3ixT0OqR0DqVW/ByKeN6eh9a1JeSZb0QVLI
Ni+fNiW517zGj+cUdZY1iApklD45xi2cDvgunUQHWGbKDspJBS7E+/WY45ZL/Kf+
ivp0LHOWRo8+t/bDnXB6l55bMJn/cc4rnxfkMsG/FPVBOIWrhQsVX/fDNYlpXBMU
7K/KB4ZMaH840B90RCGYG05UwoBEj8AJQ3HUvtuWF7MfOO/72xJ+b5b/K/teZxsh
bUBKrEtipWFORQ==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:06:09 2025 by rpki-client