Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft
File:                     Afp6rPiShM693j1MEkYvxE3rw4Q.mft (raw, json)
Hash identifier:          SOY6oZGfYicnxi7EaLH716EjayremEAQVy9DNInbVSo=
Subject key identifier:   74:AE:84:81:C3:BD:00:15:6B:35:9F:AB:1A:63:4B:F4:AE:AB:C8:DB
Authority key identifier: 01:FA:7A:AC:F8:92:84:CE:BD:DE:3D:4C:12:46:2F:C4:4D:EB:C3:84
Certificate issuer:       /CN=01fa7aacf89284cebdde3d4c12462fc44debc384
Certificate serial:       019893A47EEFC687257DB6A7622E0C01BA0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Afp6rPiShM693j1MEkYvxE3rw4Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft
Manifest number:          0BC3
Signing time:             Sun 10 Aug 2025 11:01:27 +0000
Manifest this update:     Sun 10 Aug 2025 11:01:27 +0000
Manifest next update:     Mon 11 Aug 2025 11:01:27 +0000
Files and hashes:         1: Afp6rPiShM693j1MEkYvxE3rw4Q.crl (hash: K9CRxPD/BsalOaYNWMV1lNRZRGHzyCy1l0hIX6Ersk0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Afp6rPiShM693j1MEkYvxE3rw4Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 08:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:93:a4:7e:ef:c6:87:25:7d:b6:a7:62:2e:0c:01:ba:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01fa7aacf89284cebdde3d4c12462fc44debc384
        Validity
            Not Before: Aug 10 11:01:27 2025 GMT
            Not After : Aug 11 11:01:27 2025 GMT
        Subject: CN=74ae8481c3bd00156b359fab1a634bf4aeabc8db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:52:fd:65:4a:9f:96:d3:41:be:7d:2f:dc:75:
                    5a:43:57:c8:7d:33:6d:69:76:d2:65:95:f2:d1:17:
                    66:a8:4f:a1:49:49:fd:b2:d7:2e:4a:80:38:eb:5a:
                    f9:e7:33:bd:8e:6b:55:14:49:00:1d:b4:4c:36:1f:
                    f2:ae:3c:18:c2:c4:bb:f4:0c:9b:85:05:bb:7a:f8:
                    1d:ce:36:75:1e:19:1e:23:03:d7:3e:10:bc:70:ff:
                    5e:44:75:1b:b9:0f:48:91:b0:05:dd:27:9c:7d:d2:
                    74:0f:48:db:53:6e:c5:b1:f3:d8:cd:3b:3c:22:dd:
                    f2:e1:cb:8c:49:d4:b6:33:3e:29:dd:88:eb:66:c0:
                    56:f0:fd:0c:62:40:a1:bd:a1:2a:ca:d1:81:d6:67:
                    41:32:4d:fb:05:73:ce:d4:73:69:ef:e6:14:d6:15:
                    00:3c:1c:6b:0d:27:f8:c7:88:06:48:df:3f:2d:dd:
                    ba:15:2f:72:f4:af:44:ea:78:78:ec:5c:4b:7f:3f:
                    11:bd:c0:09:de:2d:f3:d3:82:d3:b1:29:cb:e1:93:
                    ad:a9:51:36:82:b8:d1:61:29:41:65:b6:45:61:a9:
                    c8:c2:2c:2c:49:d7:07:29:d6:8a:a5:a2:f9:48:6c:
                    81:a4:bf:6a:16:29:bd:9f:e4:4f:60:c8:85:ef:c7:
                    68:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:AE:84:81:C3:BD:00:15:6B:35:9F:AB:1A:63:4B:F4:AE:AB:C8:DB
            X509v3 Authority Key Identifier:
                keyid:01:FA:7A:AC:F8:92:84:CE:BD:DE:3D:4C:12:46:2F:C4:4D:EB:C3:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Afp6rPiShM693j1MEkYvxE3rw4Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:31:6f:47:e6:e0:fc:c3:a1:12:2c:dc:64:4b:76:41:bd:50:
         ec:70:dd:1e:1c:63:93:41:8d:c2:9b:19:d2:b3:f5:e1:46:72:
         f0:07:b6:5c:7e:8d:96:29:56:61:28:4d:94:d9:98:fb:18:48:
         1e:be:8c:2b:52:f6:01:28:43:ed:b9:85:4b:a1:53:d4:d8:70:
         56:1a:7d:ed:e5:99:02:d5:51:1c:53:be:48:42:f3:1b:bb:7e:
         62:fc:e8:c9:17:aa:8e:05:c5:16:21:f2:72:29:5b:eb:3a:a0:
         ea:1c:26:28:74:49:9c:dc:dc:61:eb:3e:e3:06:11:67:60:70:
         aa:39:a0:65:98:c1:84:a6:7c:c6:c2:d3:63:73:46:3b:e3:ba:
         30:b3:5d:55:85:48:1f:4e:56:77:f9:e3:81:5c:e6:0e:42:e1:
         af:9f:d1:37:4b:a3:b4:9e:44:06:16:fe:c1:d8:a7:da:d4:e5:
         8f:da:11:39:e4:26:57:ec:5b:3d:71:02:14:1b:1d:e4:95:94:
         04:56:1c:50:80:ea:12:0e:bf:6b:1b:e4:14:f6:96:3c:8e:ac:
         ec:4f:4f:91:74:96:58:b3:d7:49:6f:3a:62:bc:67:e4:f7:5d:
         c4:6d:a2:ab:67:d8:8f:74:65:e3:43:b9:8d:ba:46:64:e8:b2:
         ac:f2:e1:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiTpH7vxoclfbanYi4MAboKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZmE3YWFjZjg5Mjg0Y2ViZGRlM2Q0YzEyNDYyZmM0NGRl
YmMzODQwHhcNMjUwODEwMTEwMTI3WhcNMjUwODExMTEwMTI3WjAzMTEwLwYDVQQD
Eyg3NGFlODQ4MWMzYmQwMDE1NmIzNTlmYWIxYTYzNGJmNGFlYWJjOGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVL9ZUqfltNBvn0v3HVaQ1fIfTNt
aXbSZZXy0RdmqE+hSUn9stcuSoA461r55zO9jmtVFEkAHbRMNh/yrjwYwsS79Ayb
hQW7evgdzjZ1HhkeIwPXPhC8cP9eRHUbuQ9IkbAF3SecfdJ0D0jbU27FsfPYzTs8
It3y4cuMSdS2Mz4p3YjrZsBW8P0MYkChvaEqytGB1mdBMk37BXPO1HNp7+YU1hUA
PBxrDSf4x4gGSN8/Ld26FS9y9K9E6nh47FxLfz8RvcAJ3i3z04LTsSnL4ZOtqVE2
grjRYSlBZbZFYanIwiwsSdcHKdaKpaL5SGyBpL9qFim9n+RPYMiF78doPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHSuhIHDvQAVazWfqxpjS/Suq8jbMB8GA1UdIwQY
MBaAFAH6eqz4koTOvd49TBJGL8RN68OEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWZwNnJQaVNoTTY5M2oxTUVrWXZ4RTNydzRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy82NDVlMWEtZWY3Mi00OTIyLWFhOWEt
N2JlNDNlZGRmMmNhLzEvQWZwNnJQaVNoTTY5M2oxTUVrWXZ4RTNydzRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy82NDVlMWEtZWY3Mi00OTIyLWFhOWEtN2JlNDNlZGRmMmNh
LzEvQWZwNnJQaVNoTTY5M2oxTUVrWXZ4RTNydzRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWzFvR+bg
/MOhEizcZEt2Qb1Q7HDdHhxjk0GNwpsZ0rP14UZy8Ae2XH6NlilWYShNlNmY+xhI
Hr6MK1L2AShD7bmFS6FT1NhwVhp97eWZAtVRHFO+SELzG7t+YvzoyReqjgXFFiHy
cilb6zqg6hwmKHRJnNzcYes+4wYRZ2BwqjmgZZjBhKZ8xsLTY3NGO+O6MLNdVYVI
H05Wd/njgVzmDkLhr5/RN0ujtJ5EBhb+wdin2tTlj9oROeQmV+xbPXECFBsd5JWU
BFYcUIDqEg6/axvkFPaWPI6s7E9PkXSWWLPXSW86Yrxn5PddxG2iq2fYj3Rl40O5
jbpGZOiyrPLhZw==
-----END CERTIFICATE-----