Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/6be7af-97b8-4777-bbdd-30117c20bf42/1/r4yBlkcmb7yxOeZyqPuaV89Ysog.mft
File:                     r4yBlkcmb7yxOeZyqPuaV89Ysog.mft (raw, json)
Hash identifier:          HlUf/ThCIAdOGhbW9j9Gx3aEeRMwsVc4pZDPGp8l82Q=
Subject key identifier:   E6:CC:E2:30:FB:1D:CE:CF:46:2F:21:66:85:C8:F0:85:58:28:30:47
Authority key identifier: AF:8C:81:96:47:26:6F:BC:B1:39:E6:72:A8:FB:9A:57:CF:58:B2:88
Certificate issuer:       /CN=af8c819647266fbcb139e672a8fb9a57cf58b288
Certificate serial:       01988F59748F7684735AD27D511AC8E6DF77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r4yBlkcmb7yxOeZyqPuaV89Ysog.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/6be7af-97b8-4777-bbdd-30117c20bf42/1/r4yBlkcmb7yxOeZyqPuaV89Ysog.mft
Manifest number:          0437
Signing time:             Sat 09 Aug 2025 15:01:01 +0000
Manifest this update:     Sat 09 Aug 2025 15:01:01 +0000
Manifest next update:     Sun 10 Aug 2025 15:01:01 +0000
Files and hashes:         1: r4yBlkcmb7yxOeZyqPuaV89Ysog.crl (hash: 9yWf02f5rKfTQ80PEFW+UsPAuuCjJAmIm07f0y4O45Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f8/6be7af-97b8-4777-bbdd-30117c20bf42/1/r4yBlkcmb7yxOeZyqPuaV89Ysog.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f8/6be7af-97b8-4777-bbdd-30117c20bf42/1/r4yBlkcmb7yxOeZyqPuaV89Ysog.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r4yBlkcmb7yxOeZyqPuaV89Ysog.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 10 Aug 2025 14:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8f:59:74:8f:76:84:73:5a:d2:7d:51:1a:c8:e6:df:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af8c819647266fbcb139e672a8fb9a57cf58b288
        Validity
            Not Before: Aug  9 15:01:01 2025 GMT
            Not After : Aug 10 15:01:01 2025 GMT
        Subject: CN=e6cce230fb1dcecf462f216685c8f08558283047
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:e2:e8:67:97:87:a2:15:70:86:ee:70:0f:6d:
                    80:f7:63:05:a9:30:39:69:c7:8b:a2:76:b0:6e:80:
                    48:68:46:bc:a8:f4:05:14:58:50:e4:62:e3:78:82:
                    03:77:1e:97:b3:e7:bc:f4:66:44:92:82:44:d8:76:
                    ef:28:0b:a5:88:c8:49:b7:1d:58:1e:dd:c5:fc:32:
                    56:be:0d:11:78:4d:1a:cd:cd:9d:3f:93:3e:85:c2:
                    48:b1:29:b7:93:8b:e3:e6:09:7f:50:26:25:d6:13:
                    b6:3c:d8:a4:b4:1b:3b:99:f8:85:9e:ed:d4:0d:10:
                    d5:5c:00:9c:01:86:91:10:0d:41:b1:af:8d:e2:b4:
                    bc:58:ac:da:f5:1b:e0:85:10:69:d4:f9:a6:c2:90:
                    bf:15:0e:74:cc:c5:11:10:68:b1:55:95:7e:ee:1b:
                    63:4e:b6:a5:65:2c:4b:39:ea:8e:ea:b8:68:70:be:
                    12:66:43:00:09:5e:49:07:e6:1f:5f:6e:ac:43:3d:
                    d4:5d:9d:61:5d:60:c5:d0:b8:14:61:07:6f:c9:23:
                    28:57:e1:6a:31:26:e0:f3:1d:17:9e:b9:da:a1:66:
                    65:41:49:25:a0:aa:44:e6:cb:b4:ce:e5:44:f5:1d:
                    7c:08:c6:84:dd:dc:31:4e:c9:db:60:3a:80:ba:57:
                    f0:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:CC:E2:30:FB:1D:CE:CF:46:2F:21:66:85:C8:F0:85:58:28:30:47
            X509v3 Authority Key Identifier:
                keyid:AF:8C:81:96:47:26:6F:BC:B1:39:E6:72:A8:FB:9A:57:CF:58:B2:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4yBlkcmb7yxOeZyqPuaV89Ysog.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/6be7af-97b8-4777-bbdd-30117c20bf42/1/r4yBlkcmb7yxOeZyqPuaV89Ysog.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/6be7af-97b8-4777-bbdd-30117c20bf42/1/r4yBlkcmb7yxOeZyqPuaV89Ysog.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:24:d3:c0:37:2f:77:8e:1d:a8:b3:99:e4:93:f2:a0:6a:58:
         d8:f4:f9:cc:40:22:95:94:cf:53:87:4b:1b:63:16:2a:2a:5f:
         1a:1e:61:e0:86:17:a6:4b:4b:dd:41:ef:34:f3:3f:09:73:1b:
         b7:02:c7:17:77:8c:1b:af:07:a2:bd:5d:4b:89:26:d3:70:87:
         dd:28:56:ae:9f:b9:23:ab:e8:9e:f1:45:26:93:21:5e:70:6c:
         93:f2:a3:d0:7c:7c:b8:32:0e:85:42:2d:1b:77:ae:3b:cd:a5:
         bc:38:bd:63:66:7f:9c:dc:16:37:4a:03:f6:ed:36:d8:c9:79:
         ac:90:21:0b:f1:d7:ad:97:e7:b9:78:60:b7:f6:bb:bf:42:94:
         b0:b8:22:6e:43:34:12:66:c8:36:c0:f1:97:b5:a1:2e:d5:6f:
         ec:9b:f2:7f:16:14:fe:40:5a:85:b2:16:8a:d3:6b:8a:a7:df:
         f1:57:a6:c8:c4:da:b7:d5:67:d3:d2:46:85:c3:be:e6:bb:07:
         1c:39:4a:36:b3:43:38:d6:ba:40:ba:97:a8:03:78:10:79:cc:
         be:9d:62:ca:5f:dd:80:64:3c:5b:a8:6e:ca:97:59:95:8a:aa:
         ce:44:9f:9a:04:37:14:c6:ad:3f:6a:b0:e1:61:ee:97:10:b2:
         46:35:7d:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiPWXSPdoRzWtJ9URrI5t93MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOGM4MTk2NDcyNjZmYmNiMTM5ZTY3MmE4ZmI5YTU3Y2Y1
OGIyODgwHhcNMjUwODA5MTUwMTAxWhcNMjUwODEwMTUwMTAxWjAzMTEwLwYDVQQD
EyhlNmNjZTIzMGZiMWRjZWNmNDYyZjIxNjY4NWM4ZjA4NTU4MjgzMDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+LoZ5eHohVwhu5wD22A92MFqTA5
aceLonawboBIaEa8qPQFFFhQ5GLjeIIDdx6Xs+e89GZEkoJE2HbvKAuliMhJtx1Y
Ht3F/DJWvg0ReE0azc2dP5M+hcJIsSm3k4vj5gl/UCYl1hO2PNiktBs7mfiFnu3U
DRDVXACcAYaREA1Bsa+N4rS8WKza9RvghRBp1PmmwpC/FQ50zMUREGixVZV+7htj
TralZSxLOeqO6rhocL4SZkMACV5JB+YfX26sQz3UXZ1hXWDF0LgUYQdvySMoV+Fq
MSbg8x0XnrnaoWZlQUkloKpE5su0zuVE9R18CMaE3dwxTsnbYDqAulfw/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFObM4jD7Hc7PRi8hZoXI8IVYKDBHMB8GA1UdIwQY
MBaAFK+MgZZHJm+8sTnmcqj7mlfPWLKIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjR5QmxrY21iN3l4T2VaeXFQdWFWODlZc29nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC82YmU3YWYtOTdiOC00Nzc3LWJiZGQt
MzAxMTdjMjBiZjQyLzEvcjR5QmxrY21iN3l4T2VaeXFQdWFWODlZc29nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC82YmU3YWYtOTdiOC00Nzc3LWJiZGQtMzAxMTdjMjBiZjQy
LzEvcjR5QmxrY21iN3l4T2VaeXFQdWFWODlZc29nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlyTTwDcv
d44dqLOZ5JPyoGpY2PT5zEAilZTPU4dLG2MWKipfGh5h4IYXpktL3UHvNPM/CXMb
twLHF3eMG68Hor1dS4km03CH3ShWrp+5I6vonvFFJpMhXnBsk/Kj0Hx8uDIOhUIt
G3euO82lvDi9Y2Z/nNwWN0oD9u022Ml5rJAhC/HXrZfnuXhgt/a7v0KUsLgibkM0
EmbINsDxl7WhLtVv7JvyfxYU/kBahbIWitNriqff8VemyMTat9Vn09JGhcO+5rsH
HDlKNrNDONa6QLqXqAN4EHnMvp1iyl/dgGQ8W6huypdZlYqqzkSfmgQ3FMatP2qw
4WHulxCyRjV9eQ==
-----END CERTIFICATE-----