Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/c4fb00-39c5-48a5-903b-252fd967bfcc/1/U3XfISulmO4KW_aAsh9QxPx9aOE.mft
File:                     U3XfISulmO4KW_aAsh9QxPx9aOE.mft (raw, json)
Hash identifier:          ssA9LBQFrGEh5NXiUC9YH9Ip+VDj+42xTGJB5Pu0/Co=
Subject key identifier:   1D:EF:BF:87:7F:C0:2E:2E:16:F6:D4:35:9C:A0:A9:A1:E5:BD:3C:89
Authority key identifier: 53:75:DF:21:2B:A5:98:EE:0A:5B:F6:80:B2:1F:50:C4:FC:7D:68:E1
Certificate issuer:       /CN=5375df212ba598ee0a5bf680b21f50c4fc7d68e1
Certificate serial:       0199FC58502A2A923DE2FB379D98F4057770
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U3XfISulmO4KW_aAsh9QxPx9aOE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/c4fb00-39c5-48a5-903b-252fd967bfcc/1/U3XfISulmO4KW_aAsh9QxPx9aOE.mft
Manifest number:          0E7C
Signing time:             Sun 19 Oct 2025 12:01:09 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:09 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:09 +0000
Files and hashes:         1: U3XfISulmO4KW_aAsh9QxPx9aOE.crl (hash: sxjCBw1xh/LlYddN6rHRA5ON3kn0dDgUZDoxOCBoPrU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/00/c4fb00-39c5-48a5-903b-252fd967bfcc/1/U3XfISulmO4KW_aAsh9QxPx9aOE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/00/c4fb00-39c5-48a5-903b-252fd967bfcc/1/U3XfISulmO4KW_aAsh9QxPx9aOE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U3XfISulmO4KW_aAsh9QxPx9aOE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:50:2a:2a:92:3d:e2:fb:37:9d:98:f4:05:77:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5375df212ba598ee0a5bf680b21f50c4fc7d68e1
        Validity
            Not Before: Oct 19 12:01:09 2025 GMT
            Not After : Oct 20 12:01:09 2025 GMT
        Subject: CN=1defbf877fc02e2e16f6d4359ca0a9a1e5bd3c89
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:d6:4c:13:1a:d9:da:f7:af:ec:55:16:77:8d:
                    71:58:15:a3:0d:bb:b0:ef:75:88:36:05:6d:c9:fe:
                    e2:91:c1:fb:a7:17:78:3e:40:c5:ce:68:90:7a:63:
                    11:04:65:a3:5d:fd:4d:7a:f1:cd:40:d5:df:c6:b1:
                    c0:65:b2:07:88:50:b1:f4:72:eb:72:03:48:8b:0b:
                    87:4e:5c:7b:57:e1:de:47:72:ba:8f:6d:d6:d7:97:
                    6a:22:6f:16:ce:d6:a8:39:17:84:a4:32:33:88:b3:
                    af:93:da:76:61:f4:39:43:70:3b:22:40:1f:7f:c0:
                    7a:3a:11:47:2e:e9:ed:86:6a:08:eb:4c:ed:91:fe:
                    0d:59:a2:5c:a2:f7:7f:8e:5f:c7:0b:c2:0c:b8:5e:
                    c0:44:b9:b9:52:c3:fa:51:61:f9:db:3b:6d:ab:7f:
                    84:12:73:8b:40:e5:46:ec:e1:22:81:dd:9e:be:66:
                    16:99:75:32:bb:3d:42:70:d2:9c:f3:54:f6:9a:7f:
                    eb:c2:d2:5a:58:74:6d:f5:e6:74:91:6e:ba:15:f5:
                    a3:e3:cf:e2:e3:c1:53:57:78:f7:44:b2:f1:9d:4f:
                    1a:16:b3:76:5a:2e:7d:76:38:41:e2:70:0a:36:77:
                    ab:88:de:56:88:36:c2:dc:c2:34:4e:11:a0:b4:a2:
                    82:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:EF:BF:87:7F:C0:2E:2E:16:F6:D4:35:9C:A0:A9:A1:E5:BD:3C:89
            X509v3 Authority Key Identifier:
                keyid:53:75:DF:21:2B:A5:98:EE:0A:5B:F6:80:B2:1F:50:C4:FC:7D:68:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U3XfISulmO4KW_aAsh9QxPx9aOE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c4fb00-39c5-48a5-903b-252fd967bfcc/1/U3XfISulmO4KW_aAsh9QxPx9aOE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c4fb00-39c5-48a5-903b-252fd967bfcc/1/U3XfISulmO4KW_aAsh9QxPx9aOE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:23:2e:c6:c7:ec:f9:b9:7f:5e:b5:4f:e7:5f:a7:17:c7:16:
         0d:97:9d:30:e9:35:75:c7:73:aa:cb:fb:05:c8:6e:84:c0:e2:
         12:5b:7f:1a:78:87:3c:4a:e4:e7:c2:ea:d2:6f:3a:cd:27:51:
         4c:26:46:4a:12:21:8d:8b:d1:25:a3:58:29:92:11:24:9a:73:
         6b:7d:3d:7f:9c:70:2f:8d:35:94:51:ba:03:8f:69:f0:29:44:
         f6:f9:f9:43:0a:61:ae:95:d6:7a:be:5d:78:9d:e4:17:04:02:
         77:2d:35:4e:b0:f2:93:17:a1:87:f8:58:b2:3b:99:0b:31:3e:
         38:c4:50:7d:99:1a:f2:58:3a:dc:92:e1:b1:c0:9c:9e:36:bf:
         95:20:e7:b9:3a:8a:09:53:b8:1d:53:ec:59:a2:dd:0a:96:a1:
         c5:77:9a:de:87:37:d8:ef:d4:46:14:33:9f:39:d9:bc:03:72:
         76:3d:12:75:14:ef:d5:d6:c6:91:3e:0a:e7:96:f8:97:60:7a:
         0a:2a:e8:88:ad:e7:ef:ec:81:21:89:35:1a:4c:61:0a:6b:86:
         e1:27:fa:a3:99:95:5c:2a:c4:b1:c9:7e:af:0b:63:23:21:7c:
         56:4d:9e:1f:ca:71:35:f7:58:ef:5f:8b:e3:83:c7:15:29:11:
         44:92:44:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WFAqKpI94vs3nZj0BXdwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNzVkZjIxMmJhNTk4ZWUwYTViZjY4MGIyMWY1MGM0ZmM3
ZDY4ZTEwHhcNMjUxMDE5MTIwMTA5WhcNMjUxMDIwMTIwMTA5WjAzMTEwLwYDVQQD
EygxZGVmYmY4NzdmYzAyZTJlMTZmNmQ0MzU5Y2EwYTlhMWU1YmQzYzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNZMExrZ2vev7FUWd41xWBWjDbuw
73WINgVtyf7ikcH7pxd4PkDFzmiQemMRBGWjXf1NevHNQNXfxrHAZbIHiFCx9HLr
cgNIiwuHTlx7V+HeR3K6j23W15dqIm8WztaoOReEpDIziLOvk9p2YfQ5Q3A7IkAf
f8B6OhFHLunthmoI60ztkf4NWaJcovd/jl/HC8IMuF7ARLm5UsP6UWH52zttq3+E
EnOLQOVG7OEigd2evmYWmXUyuz1CcNKc81T2mn/rwtJaWHRt9eZ0kW66FfWj48/i
48FTV3j3RLLxnU8aFrN2Wi59djhB4nAKNneriN5WiDbC3MI0ThGgtKKCrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB3vv4d/wC4uFvbUNZygqaHlvTyJMB8GA1UdIwQY
MBaAFFN13yErpZjuClv2gLIfUMT8fWjhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTNYZklTdWxtTzRLV19hQXNoOVF4UHg5YU9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9jNGZiMDAtMzljNS00OGE1LTkwM2It
MjUyZmQ5NjdiZmNjLzEvVTNYZklTdWxtTzRLV19hQXNoOVF4UHg5YU9FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9jNGZiMDAtMzljNS00OGE1LTkwM2ItMjUyZmQ5NjdiZmNj
LzEvVTNYZklTdWxtTzRLV19hQXNoOVF4UHg5YU9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATSMuxsfs
+bl/XrVP51+nF8cWDZedMOk1dcdzqsv7BchuhMDiElt/GniHPErk58Lq0m86zSdR
TCZGShIhjYvRJaNYKZIRJJpza309f5xwL401lFG6A49p8ClE9vn5QwphrpXWer5d
eJ3kFwQCdy01TrDykxehh/hYsjuZCzE+OMRQfZka8lg63JLhscCcnja/lSDnuTqK
CVO4HVPsWaLdCpahxXea3oc32O/URhQznznZvANydj0SdRTv1dbGkT4K55b4l2B6
CiroiK3n7+yBIYk1GkxhCmuG4Sf6o5mVXCrEscl+rwtjIyF8Vk2eH8pxNfdY71+L
44PHFSkRRJJEQQ==
-----END CERTIFICATE-----