Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft
File:                     PHQZW9u2a2A65joVGPBm-gsRUfU.mft (raw, json)
Hash identifier:          Dgs0AMKUoB0D4Tej7E9x5vSo2iloyqDqSykbK25BByY=
Subject key identifier:   A0:17:99:34:7E:01:B1:76:E2:DE:2C:3C:3B:DE:EF:87:52:DD:51:DD
Authority key identifier: 3C:74:19:5B:DB:B6:6B:60:3A:E6:3A:15:18:F0:66:FA:0B:11:51:F5
Certificate issuer:       /CN=3c74195bdbb66b603ae63a1518f066fa0b1151f5
Certificate serial:       01988B0FCBC486F2C4D6106A1985D3BECC07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PHQZW9u2a2A65joVGPBm-gsRUfU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft
Manifest number:          0955
Signing time:             Fri 08 Aug 2025 19:02:04 +0000
Manifest this update:     Fri 08 Aug 2025 19:02:04 +0000
Manifest next update:     Sat 09 Aug 2025 19:02:04 +0000
Files and hashes:         1: PHQZW9u2a2A65joVGPBm-gsRUfU.crl (hash: nz5L+NIamNnRzOrrkWI3Cr2SZbn30K+rG9iisOBfSnE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PHQZW9u2a2A65joVGPBm-gsRUfU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 19:02:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:0f:cb:c4:86:f2:c4:d6:10:6a:19:85:d3:be:cc:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c74195bdbb66b603ae63a1518f066fa0b1151f5
        Validity
            Not Before: Aug  8 19:02:04 2025 GMT
            Not After : Aug  9 19:02:04 2025 GMT
        Subject: CN=a01799347e01b176e2de2c3c3bdeef8752dd51dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:33:f3:a4:72:92:a9:c0:5d:25:04:58:90:28:
                    9e:ad:79:ec:25:c2:64:5a:b3:66:20:d6:f4:05:7c:
                    e2:8d:46:11:61:ab:9e:e9:6a:bb:6d:e3:ee:4a:ca:
                    04:55:a3:13:72:fc:16:f8:29:04:ef:d5:f9:3e:37:
                    fe:a8:98:7f:9a:4b:18:68:43:56:81:70:78:60:e4:
                    41:4a:59:11:da:46:c9:42:e2:6a:9e:59:32:97:aa:
                    7e:10:99:ef:0d:8b:e6:d0:98:69:ea:0a:7b:51:51:
                    eb:06:b2:dd:c2:8c:74:9e:b1:40:8c:56:f9:25:5b:
                    53:63:6c:df:e4:14:cc:fd:c9:f0:ab:eb:ed:e6:03:
                    71:6b:64:ce:33:d4:14:0f:c8:71:95:ab:c8:d0:d7:
                    c5:c5:16:f8:c3:40:2b:9f:65:19:ee:46:ce:06:6a:
                    4c:bd:1b:de:fd:6b:29:a4:45:8f:23:74:4d:65:02:
                    65:75:80:7f:c1:10:36:6f:5f:68:e7:88:aa:9f:46:
                    a0:a0:38:59:7f:f7:f2:70:3c:a7:be:b3:37:2d:54:
                    2b:3f:72:25:b5:97:46:0f:f4:56:8d:86:73:45:2a:
                    0c:9e:dd:cf:3f:7c:db:df:4c:89:b2:90:ea:55:57:
                    a6:6f:67:7e:a5:8b:f4:b6:84:46:89:be:e6:67:6f:
                    93:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:17:99:34:7E:01:B1:76:E2:DE:2C:3C:3B:DE:EF:87:52:DD:51:DD
            X509v3 Authority Key Identifier:
                keyid:3C:74:19:5B:DB:B6:6B:60:3A:E6:3A:15:18:F0:66:FA:0B:11:51:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PHQZW9u2a2A65joVGPBm-gsRUfU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         49:ed:8e:3a:63:98:38:7f:4a:59:5f:c4:f2:48:1f:e4:6c:e2:
         5e:79:5d:c4:c8:08:03:0d:40:ca:2e:e7:d3:1e:e9:97:7c:0a:
         af:ac:69:25:0e:6e:f4:8e:7b:19:da:05:37:79:a2:a5:5f:1b:
         e9:ef:fc:95:78:19:67:9b:e3:d1:41:52:be:34:29:99:bb:24:
         92:68:16:a3:c7:84:3e:8f:99:50:ce:f6:61:2f:a4:8c:82:18:
         b7:a6:8e:fa:ca:0c:3f:93:cc:e7:a4:df:cd:9a:f6:22:a2:af:
         ea:d6:a3:fc:e2:af:c7:e5:e8:eb:d3:af:0f:89:f4:36:b3:a8:
         2f:e8:0e:73:7d:4f:43:93:d3:4d:a0:2a:1f:1c:ad:e4:58:44:
         6f:33:fc:58:42:e5:a6:61:4f:62:5e:27:6c:34:27:ec:58:76:
         1a:e1:9c:1c:f6:20:13:0a:11:6f:4f:53:be:92:4d:65:f0:c8:
         f0:b3:0f:94:4b:6b:e8:42:b7:0d:28:9a:92:52:aa:2f:df:c3:
         13:31:72:93:d0:07:67:f9:95:99:1d:84:2c:64:5b:b4:44:71:
         0e:4a:00:1e:56:d0:2d:7e:ec:a4:9b:42:f3:61:ce:6e:69:fd:
         02:81:89:41:42:74:38:fa:6c:49:76:58:87:d6:8d:a7:32:3f:
         47:a9:0d:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLD8vEhvLE1hBqGYXTvswHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNzQxOTViZGJiNjZiNjAzYWU2M2ExNTE4ZjA2NmZhMGIx
MTUxZjUwHhcNMjUwODA4MTkwMjA0WhcNMjUwODA5MTkwMjA0WjAzMTEwLwYDVQQD
EyhhMDE3OTkzNDdlMDFiMTc2ZTJkZTJjM2MzYmRlZWY4NzUyZGQ1MWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDPzpHKSqcBdJQRYkCierXnsJcJk
WrNmINb0BXzijUYRYaue6Wq7bePuSsoEVaMTcvwW+CkE79X5Pjf+qJh/mksYaENW
gXB4YORBSlkR2kbJQuJqnlkyl6p+EJnvDYvm0Jhp6gp7UVHrBrLdwox0nrFAjFb5
JVtTY2zf5BTM/cnwq+vt5gNxa2TOM9QUD8hxlavI0NfFxRb4w0Arn2UZ7kbOBmpM
vRve/WsppEWPI3RNZQJldYB/wRA2b19o54iqn0agoDhZf/fycDynvrM3LVQrP3Il
tZdGD/RWjYZzRSoMnt3PP3zb30yJspDqVVemb2d+pYv0toRGib7mZ2+TeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKAXmTR+AbF24t4sPDve74dS3VHdMB8GA1UdIwQY
MBaAFDx0GVvbtmtgOuY6FRjwZvoLEVH1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEhRWlc5dTJhMkE2NWpvVkdQQm0tZ3NSVWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC83ODU4YTQtMmUzMy00M2M0LWIzM2Qt
MWUwNGIyMGQ4NTY3LzEvUEhRWlc5dTJhMkE2NWpvVkdQQm0tZ3NSVWZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC83ODU4YTQtMmUzMy00M2M0LWIzM2QtMWUwNGIyMGQ4NTY3
LzEvUEhRWlc5dTJhMkE2NWpvVkdQQm0tZ3NSVWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASe2OOmOY
OH9KWV/E8kgf5GziXnldxMgIAw1Ayi7n0x7pl3wKr6xpJQ5u9I57GdoFN3mipV8b
6e/8lXgZZ5vj0UFSvjQpmbskkmgWo8eEPo+ZUM72YS+kjIIYt6aO+soMP5PM56Tf
zZr2IqKv6taj/OKvx+Xo69OvD4n0NrOoL+gOc31PQ5PTTaAqHxyt5FhEbzP8WELl
pmFPYl4nbDQn7Fh2GuGcHPYgEwoRb09TvpJNZfDI8LMPlEtr6EK3DSiaklKqL9/D
EzFyk9AHZ/mVmR2ELGRbtERxDkoAHlbQLX7spJtC82HObmn9AoGJQUJ0OPpsSXZY
h9aNpzI/R6kNhQ==
-----END CERTIFICATE-----