Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.mft
File:                     U1zc9HjqgOsXXEwwd-efy3DF0jA.mft (raw, json)
Hash identifier:          oXl05VQiqEdDkTkE/gvT0i9c2PkImPIsOypmshAkCCE=
Subject key identifier:   04:60:C5:3D:2F:D3:6E:EC:8C:4F:5B:59:11:46:37:D7:AE:84:DB:5D
Authority key identifier: 53:5C:DC:F4:78:EA:80:EB:17:5C:4C:30:77:E7:9F:CB:70:C5:D2:30
Certificate issuer:       /CN=535cdcf478ea80eb175c4c3077e79fcb70c5d230
Certificate serial:       019896A4A310D104AA74FC77D805732ACA23
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U1zc9HjqgOsXXEwwd-efy3DF0jA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.mft
Manifest number:          0A80
Signing time:             Mon 11 Aug 2025 01:00:28 +0000
Manifest this update:     Mon 11 Aug 2025 01:00:28 +0000
Manifest next update:     Tue 12 Aug 2025 01:00:28 +0000
Files and hashes:         1: U1zc9HjqgOsXXEwwd-efy3DF0jA.crl (hash: MuySaarUW5XHB7u8JY7fu2pQD/3wcnV/XgIQYANo8zA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U1zc9HjqgOsXXEwwd-efy3DF0jA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 12 Aug 2025 01:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:96:a4:a3:10:d1:04:aa:74:fc:77:d8:05:73:2a:ca:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=535cdcf478ea80eb175c4c3077e79fcb70c5d230
        Validity
            Not Before: Aug 11 01:00:28 2025 GMT
            Not After : Aug 12 01:00:28 2025 GMT
        Subject: CN=0460c53d2fd36eec8c4f5b59114637d7ae84db5d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:ca:d9:ac:6f:6f:13:09:9e:e2:e3:54:e1:fd:
                    6f:86:46:f2:1d:2b:e7:e2:ff:7a:dd:cd:b8:bc:bb:
                    2a:36:50:53:0d:96:00:97:4f:df:e7:89:28:54:99:
                    3a:68:80:5f:c3:bd:ed:ec:ea:37:23:72:9b:06:94:
                    ec:0f:e5:95:02:71:d3:cc:e8:b4:9a:0a:13:47:c2:
                    17:a3:af:af:9f:08:43:ba:b7:d0:5d:61:71:56:2d:
                    bb:07:1a:f3:90:ee:16:4e:b9:c4:28:87:49:57:b3:
                    c6:0a:f1:74:29:f4:59:28:00:d1:73:b6:95:69:d2:
                    37:eb:2d:c7:5d:aa:ae:1d:ef:21:bd:12:53:ae:36:
                    a0:08:a8:1d:0a:5f:ec:20:92:50:aa:40:c7:22:13:
                    72:5c:43:ea:6c:02:8a:c4:05:cb:fe:0b:0a:df:c9:
                    8d:23:05:c5:0e:8d:67:de:68:7a:a2:46:4a:39:8b:
                    13:4d:fa:8a:f0:1b:06:72:c3:ff:3d:b7:6d:0d:f2:
                    6c:f2:c4:65:7b:94:29:ea:16:bc:a2:cc:a4:7b:d7:
                    14:54:12:b3:b8:34:ed:bc:2d:a2:0e:68:2a:52:51:
                    05:93:72:ba:59:03:8a:a3:78:29:fa:a5:36:ce:ee:
                    d1:78:48:6e:f5:00:e0:0c:35:67:75:70:32:93:4d:
                    dc:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:60:C5:3D:2F:D3:6E:EC:8C:4F:5B:59:11:46:37:D7:AE:84:DB:5D
            X509v3 Authority Key Identifier:
                keyid:53:5C:DC:F4:78:EA:80:EB:17:5C:4C:30:77:E7:9F:CB:70:C5:D2:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U1zc9HjqgOsXXEwwd-efy3DF0jA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b4:d4:1f:83:ef:4f:b8:23:89:1c:55:df:71:c9:44:8f:e0:95:
         ff:a2:12:1c:78:53:7a:db:59:8b:34:c5:16:01:fb:88:95:9b:
         83:b4:b4:f8:ca:85:b7:68:10:59:17:c9:d0:4e:23:8c:6a:93:
         80:b7:a9:68:75:ab:55:c5:3d:6b:ae:19:58:94:0a:cd:40:40:
         8d:b9:06:93:c5:fd:31:d3:31:0f:2a:9a:aa:ef:56:2f:f2:37:
         c7:f4:bd:2a:4c:37:dc:15:42:e9:73:25:48:3c:2f:80:f7:bd:
         3a:db:8f:2e:4a:92:9d:0f:97:74:42:93:4f:79:c2:4d:18:14:
         22:56:5e:60:a6:5b:aa:7d:90:be:f9:51:aa:1a:54:ba:7f:47:
         d1:5e:93:1a:db:21:4c:0f:30:91:50:2b:70:89:38:02:4b:da:
         70:91:a4:16:eb:5e:27:74:e2:5f:b2:2e:46:dc:24:0e:72:40:
         fa:aa:fa:77:46:cc:be:0f:34:d5:ee:61:1b:29:0a:3f:30:75:
         49:25:ba:bc:25:f8:5f:68:bd:80:56:00:1b:b3:21:93:ab:4e:
         0a:02:2c:36:4b:06:72:a0:e1:04:58:10:e3:c2:31:4a:30:83:
         49:72:7b:4f:13:f1:8d:d4:4b:c4:15:00:5f:73:0b:ad:f1:45:
         66:bf:a4:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiWpKMQ0QSqdPx32AVzKsojMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNWNkY2Y0NzhlYTgwZWIxNzVjNGMzMDc3ZTc5ZmNiNzBj
NWQyMzAwHhcNMjUwODExMDEwMDI4WhcNMjUwODEyMDEwMDI4WjAzMTEwLwYDVQQD
EygwNDYwYzUzZDJmZDM2ZWVjOGM0ZjViNTkxMTQ2MzdkN2FlODRkYjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA28rZrG9vEwme4uNU4f1vhkbyHSvn
4v963c24vLsqNlBTDZYAl0/f54koVJk6aIBfw73t7Oo3I3KbBpTsD+WVAnHTzOi0
mgoTR8IXo6+vnwhDurfQXWFxVi27BxrzkO4WTrnEKIdJV7PGCvF0KfRZKADRc7aV
adI36y3HXaquHe8hvRJTrjagCKgdCl/sIJJQqkDHIhNyXEPqbAKKxAXL/gsK38mN
IwXFDo1n3mh6okZKOYsTTfqK8BsGcsP/PbdtDfJs8sRle5Qp6ha8osyke9cUVBKz
uDTtvC2iDmgqUlEFk3K6WQOKo3gp+qU2zu7ReEhu9QDgDDVndXAyk03cRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFARgxT0v027sjE9bWRFGN9euhNtdMB8GA1UdIwQY
MBaAFFNc3PR46oDrF1xMMHfnn8twxdIwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTF6YzlIanFnT3NYWEV3d2QtZWZ5M0RGMGpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9hMjNjNzctZjRhZC00MGJhLWI4NTAt
OTg5ZjUzYjJjYWUwLzEvVTF6YzlIanFnT3NYWEV3d2QtZWZ5M0RGMGpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9hMjNjNzctZjRhZC00MGJhLWI4NTAtOTg5ZjUzYjJjYWUw
LzEvVTF6YzlIanFnT3NYWEV3d2QtZWZ5M0RGMGpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtNQfg+9P
uCOJHFXfcclEj+CV/6ISHHhTettZizTFFgH7iJWbg7S0+MqFt2gQWRfJ0E4jjGqT
gLepaHWrVcU9a64ZWJQKzUBAjbkGk8X9MdMxDyqaqu9WL/I3x/S9Kkw33BVC6XMl
SDwvgPe9OtuPLkqSnQ+XdEKTT3nCTRgUIlZeYKZbqn2QvvlRqhpUun9H0V6TGtsh
TA8wkVArcIk4AkvacJGkFuteJ3TiX7IuRtwkDnJA+qr6d0bMvg801e5hGykKPzB1
SSW6vCX4X2i9gFYAG7Mhk6tOCgIsNksGcqDhBFgQ48IxSjCDSXJ7TxPxjdRLxBUA
X3MLrfFFZr+k/Q==
-----END CERTIFICATE-----