Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/566dba-8179-4c13-9d3f-bc895f731695/1/sCBx_ye9CehFJRchNknb9nvK1dE.mft
File:                     sCBx_ye9CehFJRchNknb9nvK1dE.mft (raw, json)
Hash identifier:          SW391fKz7oNKvuTch60tEDdqKPQPdmHK2+ne/V7FomA=
Subject key identifier:   38:18:DD:15:37:68:2C:F0:7B:8E:2A:D3:95:5D:8A:C4:80:6B:22:62
Authority key identifier: B0:20:71:FF:27:BD:09:E8:45:25:17:21:36:49:DB:F6:7B:CA:D5:D1
Certificate issuer:       /CN=b02071ff27bd09e8452517213649dbf67bcad5d1
Certificate serial:       019873E21EC8B0FC62A96160BA65661042CF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sCBx_ye9CehFJRchNknb9nvK1dE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/566dba-8179-4c13-9d3f-bc895f731695/1/sCBx_ye9CehFJRchNknb9nvK1dE.mft
Manifest number:          02A3
Signing time:             Mon 04 Aug 2025 07:00:55 +0000
Manifest this update:     Mon 04 Aug 2025 07:00:55 +0000
Manifest next update:     Tue 05 Aug 2025 07:00:55 +0000
Files and hashes:         1: sCBx_ye9CehFJRchNknb9nvK1dE.crl (hash: XTiPva7Zu5L+mxDhODvhE6q/1beEZ8XcfYvC1xgk/qo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/566dba-8179-4c13-9d3f-bc895f731695/1/sCBx_ye9CehFJRchNknb9nvK1dE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/566dba-8179-4c13-9d3f-bc895f731695/1/sCBx_ye9CehFJRchNknb9nvK1dE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sCBx_ye9CehFJRchNknb9nvK1dE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 07:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:e2:1e:c8:b0:fc:62:a9:61:60:ba:65:66:10:42:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b02071ff27bd09e8452517213649dbf67bcad5d1
        Validity
            Not Before: Aug  4 07:00:55 2025 GMT
            Not After : Aug  5 07:00:55 2025 GMT
        Subject: CN=3818dd1537682cf07b8e2ad3955d8ac4806b2262
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:d0:51:7b:d3:11:c6:bd:3b:4f:0e:ee:7b:d9:
                    0a:0b:96:bb:bb:1b:2c:06:09:08:79:70:4f:c4:dd:
                    cb:88:36:9f:ee:64:c5:fb:b7:a8:33:e4:88:c9:39:
                    5e:cc:b1:01:1f:4b:f1:26:bd:67:09:40:c8:4e:ea:
                    e5:5b:20:0a:05:a4:64:12:52:78:3d:bb:49:2e:ff:
                    2e:ec:29:b1:7e:f8:8e:5c:ed:22:5e:f2:44:75:a2:
                    26:36:1a:5f:4c:e7:ca:9e:58:e0:c7:1a:32:e1:fb:
                    c3:da:ba:80:3d:91:f5:ea:8c:54:54:4a:49:70:06:
                    e4:ee:5e:6b:9f:37:16:f5:85:1a:31:e3:33:eb:97:
                    9b:a2:d8:b2:5f:99:4e:d2:14:bf:ed:d4:b2:b4:b8:
                    d6:e0:20:3c:32:83:25:96:ca:32:26:e3:4f:b0:6b:
                    bb:52:8a:91:75:97:0c:b5:c5:40:ba:c3:59:e1:94:
                    be:13:66:3b:d1:cb:38:0e:66:c5:a4:dd:f8:1d:9d:
                    2e:8e:76:63:d3:90:e5:69:00:d1:dc:7b:74:fd:d4:
                    4e:25:9d:de:f6:99:3b:d7:0b:b7:e1:2c:bd:de:8a:
                    eb:7b:bd:93:fb:00:fa:97:a8:19:a4:5a:66:ba:32:
                    14:e0:79:99:b2:4a:c0:fc:de:00:b6:e2:46:ff:a3:
                    c7:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:18:DD:15:37:68:2C:F0:7B:8E:2A:D3:95:5D:8A:C4:80:6B:22:62
            X509v3 Authority Key Identifier:
                keyid:B0:20:71:FF:27:BD:09:E8:45:25:17:21:36:49:DB:F6:7B:CA:D5:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sCBx_ye9CehFJRchNknb9nvK1dE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/566dba-8179-4c13-9d3f-bc895f731695/1/sCBx_ye9CehFJRchNknb9nvK1dE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/566dba-8179-4c13-9d3f-bc895f731695/1/sCBx_ye9CehFJRchNknb9nvK1dE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:75:8b:1f:f4:37:2d:cb:5d:5a:32:23:65:bd:2f:c1:2f:02:
         45:97:25:24:02:8e:25:93:51:90:aa:1b:0f:b2:e4:10:ae:da:
         76:72:0d:7f:71:2a:7e:73:d4:7b:46:5c:ec:95:d1:2a:0b:a1:
         5e:05:88:c6:81:19:2f:ae:0f:2a:d8:6d:a9:6b:97:4b:8e:b5:
         0d:f1:c6:fc:f4:b8:1f:ae:55:d0:1c:4c:0b:af:db:24:f5:bb:
         dc:e2:bd:a4:08:e7:b8:81:b9:44:4a:fb:16:6a:46:39:bb:6f:
         b1:49:55:3c:c5:0e:4b:39:ff:3e:43:6c:1e:35:bd:77:be:19:
         0f:d0:a8:dc:6d:18:16:c0:2e:7c:73:e9:30:c9:8a:07:d8:c0:
         71:82:59:fe:de:0d:db:ff:a4:63:9b:a0:4c:98:32:5a:ef:df:
         66:4d:5a:07:b0:53:b8:04:e9:31:00:82:75:65:ea:99:36:47:
         46:44:b1:9a:4c:33:26:3f:3b:d6:88:31:0c:76:64:58:15:00:
         d3:4c:eb:0a:29:03:db:39:34:7e:ca:04:7b:be:a1:94:58:9f:
         03:5f:a3:1a:bb:49:ca:34:f8:6e:72:74:db:51:d2:46:3f:2e:
         ec:41:f3:53:78:3a:23:31:41:1a:d7:22:39:8f:6d:f1:65:c5:
         d8:57:7c:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz4h7IsPxiqWFgumVmEELPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwMjA3MWZmMjdiZDA5ZTg0NTI1MTcyMTM2NDlkYmY2N2Jj
YWQ1ZDEwHhcNMjUwODA0MDcwMDU1WhcNMjUwODA1MDcwMDU1WjAzMTEwLwYDVQQD
EygzODE4ZGQxNTM3NjgyY2YwN2I4ZTJhZDM5NTVkOGFjNDgwNmIyMjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz9BRe9MRxr07Tw7ue9kKC5a7uxss
BgkIeXBPxN3LiDaf7mTF+7eoM+SIyTlezLEBH0vxJr1nCUDITurlWyAKBaRkElJ4
PbtJLv8u7CmxfviOXO0iXvJEdaImNhpfTOfKnljgxxoy4fvD2rqAPZH16oxUVEpJ
cAbk7l5rnzcW9YUaMeMz65ebotiyX5lO0hS/7dSytLjW4CA8MoMllsoyJuNPsGu7
UoqRdZcMtcVAusNZ4ZS+E2Y70cs4DmbFpN34HZ0ujnZj05DlaQDR3Ht0/dROJZ3e
9pk71wu34Sy93orre72T+wD6l6gZpFpmujIU4HmZskrA/N4AtuJG/6PHNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDgY3RU3aCzwe44q05VdisSAayJiMB8GA1UdIwQY
MBaAFLAgcf8nvQnoRSUXITZJ2/Z7ytXRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0NCeF95ZTlDZWhGSlJjaE5rbmI5bnZLMWRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC81NjZkYmEtODE3OS00YzEzLTlkM2Yt
YmM4OTVmNzMxNjk1LzEvc0NCeF95ZTlDZWhGSlJjaE5rbmI5bnZLMWRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC81NjZkYmEtODE3OS00YzEzLTlkM2YtYmM4OTVmNzMxNjk1
LzEvc0NCeF95ZTlDZWhGSlJjaE5rbmI5bnZLMWRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARHWLH/Q3
LctdWjIjZb0vwS8CRZclJAKOJZNRkKobD7LkEK7adnINf3EqfnPUe0Zc7JXRKguh
XgWIxoEZL64PKthtqWuXS461DfHG/PS4H65V0BxMC6/bJPW73OK9pAjnuIG5REr7
FmpGObtvsUlVPMUOSzn/PkNsHjW9d74ZD9Co3G0YFsAufHPpMMmKB9jAcYJZ/t4N
2/+kY5ugTJgyWu/fZk1aB7BTuATpMQCCdWXqmTZHRkSxmkwzJj871ogxDHZkWBUA
00zrCikD2zk0fsoEe76hlFifA1+jGrtJyjT4bnJ021HSRj8u7EHzU3g6IzFBGtci
OY9t8WXF2Fd8Mw==
-----END CERTIFICATE-----