Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/579f0f-070e-443d-8ecd-6872355838a2/1/mtVmfEEoFBE5zKfFBH_BclC_Y68.mft
File:                     mtVmfEEoFBE5zKfFBH_BclC_Y68.mft (raw, json)
Hash identifier:          8hm8m9JNFQMOP10wEOqt5HQm3wL5GSX4iZ98IBrPX5c=
Subject key identifier:   D2:00:4D:8E:C8:6E:0B:37:B2:C2:CF:13:4E:5E:7E:16:D7:48:DC:42
Authority key identifier: 9A:D5:66:7C:41:28:14:11:39:CC:A7:C5:04:7F:C1:72:50:BF:63:AF
Certificate issuer:       /CN=9ad5667c4128141139cca7c5047fc17250bf63af
Certificate serial:       0199FC584D12D74956CCB42764F1C9D1A7BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mtVmfEEoFBE5zKfFBH_BclC_Y68.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/579f0f-070e-443d-8ecd-6872355838a2/1/mtVmfEEoFBE5zKfFBH_BclC_Y68.mft
Manifest number:          16DF
Signing time:             Sun 19 Oct 2025 12:01:09 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:09 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:09 +0000
Files and hashes:         1: mtVmfEEoFBE5zKfFBH_BclC_Y68.crl (hash: VmGD2P4mPYOcjVw8mnnw2E3qleeAxah7LSoGOuUT3cU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/579f0f-070e-443d-8ecd-6872355838a2/1/mtVmfEEoFBE5zKfFBH_BclC_Y68.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/579f0f-070e-443d-8ecd-6872355838a2/1/mtVmfEEoFBE5zKfFBH_BclC_Y68.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mtVmfEEoFBE5zKfFBH_BclC_Y68.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:4d:12:d7:49:56:cc:b4:27:64:f1:c9:d1:a7:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ad5667c4128141139cca7c5047fc17250bf63af
        Validity
            Not Before: Oct 19 12:01:09 2025 GMT
            Not After : Oct 20 12:01:09 2025 GMT
        Subject: CN=d2004d8ec86e0b37b2c2cf134e5e7e16d748dc42
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:99:b5:51:b2:17:63:b8:a8:af:47:d0:da:03:
                    ec:12:c3:cb:27:91:36:f7:30:74:20:1b:9f:8d:88:
                    f8:c9:86:9b:2e:5b:05:18:87:be:af:f5:f8:b3:a8:
                    f3:53:b3:50:d5:81:a1:b3:1a:ba:53:a2:0e:b2:2f:
                    65:16:52:54:66:6a:93:1d:89:0d:26:98:af:09:f5:
                    05:09:5c:f0:76:dd:d2:b8:ce:8c:73:23:da:a5:21:
                    80:9a:5e:ab:77:28:80:77:07:34:26:fe:38:d1:c2:
                    f5:6b:14:35:ae:c9:df:67:ae:a9:a7:5f:0d:f1:8e:
                    39:bb:92:35:9f:8a:8b:59:8a:7a:f7:d2:8d:e7:25:
                    ce:23:1d:49:1c:7a:25:75:1b:33:1f:23:09:c4:22:
                    89:36:ed:59:a5:cd:da:b8:7e:c6:4d:d3:00:f6:ed:
                    a4:8d:ad:fe:0c:ee:29:2e:b4:cb:26:49:2d:3a:82:
                    e4:f8:c5:91:bf:44:6f:f0:0c:d9:a0:20:b6:a7:0e:
                    be:d0:3c:26:29:98:ea:94:a1:a1:cb:de:60:91:ff:
                    15:d2:fb:fc:54:3f:64:41:b0:1b:7c:5b:46:32:af:
                    9e:e3:c1:d1:0f:79:02:8a:f6:aa:b6:f6:ab:22:67:
                    43:9b:56:de:d0:3e:b9:51:c6:f4:d8:b1:79:18:1e:
                    98:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:00:4D:8E:C8:6E:0B:37:B2:C2:CF:13:4E:5E:7E:16:D7:48:DC:42
            X509v3 Authority Key Identifier:
                keyid:9A:D5:66:7C:41:28:14:11:39:CC:A7:C5:04:7F:C1:72:50:BF:63:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mtVmfEEoFBE5zKfFBH_BclC_Y68.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/579f0f-070e-443d-8ecd-6872355838a2/1/mtVmfEEoFBE5zKfFBH_BclC_Y68.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/579f0f-070e-443d-8ecd-6872355838a2/1/mtVmfEEoFBE5zKfFBH_BclC_Y68.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:71:a4:29:60:9d:64:b7:3f:98:b0:1e:4e:e6:a5:17:d3:ca:
         96:22:72:68:cb:ba:02:c9:9b:b0:8d:55:9b:c0:03:67:f9:90:
         ba:2b:52:c3:ed:82:dc:c9:8e:82:71:a6:8e:a9:1a:b4:1e:4a:
         81:f2:bd:a0:49:e5:65:8f:8e:6c:bf:e6:ac:00:a0:d5:f7:99:
         e7:e7:28:5a:5e:96:ee:16:54:cb:e0:3b:f8:15:0d:bd:11:68:
         8c:06:75:af:68:ca:c1:2a:ab:00:f9:04:ae:2f:84:f2:fc:5f:
         33:ca:82:d2:06:c3:e7:a9:91:ee:96:85:99:ca:6f:d4:0c:f3:
         c9:53:22:0d:ba:24:d6:f1:54:fe:bf:7c:9c:07:3b:01:5b:8d:
         c3:30:6a:68:e5:cf:4a:41:8a:e0:52:e5:6d:02:83:dc:6d:01:
         59:87:ce:a0:e0:8e:23:3c:74:e8:41:15:37:61:08:31:c4:79:
         09:c8:7a:02:1c:2d:65:c4:4d:b3:50:9d:ca:d2:bf:11:12:5c:
         5e:fa:35:ee:bb:13:ec:ec:85:e1:7c:f4:90:af:4d:24:ac:06:
         29:83:92:fe:89:9a:a7:d5:14:ab:01:c4:ae:46:f3:41:10:ce:
         53:f1:ea:d0:09:76:9a:de:57:c9:e2:23:d5:51:ef:20:2d:42:
         17:96:df:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WE0S10lWzLQnZPHJ0ae/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZDU2NjdjNDEyODE0MTEzOWNjYTdjNTA0N2ZjMTcyNTBi
ZjYzYWYwHhcNMjUxMDE5MTIwMTA5WhcNMjUxMDIwMTIwMTA5WjAzMTEwLwYDVQQD
EyhkMjAwNGQ4ZWM4NmUwYjM3YjJjMmNmMTM0ZTVlN2UxNmQ3NDhkYzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA05m1UbIXY7ior0fQ2gPsEsPLJ5E2
9zB0IBufjYj4yYabLlsFGIe+r/X4s6jzU7NQ1YGhsxq6U6IOsi9lFlJUZmqTHYkN
JpivCfUFCVzwdt3SuM6McyPapSGAml6rdyiAdwc0Jv440cL1axQ1rsnfZ66pp18N
8Y45u5I1n4qLWYp699KN5yXOIx1JHHoldRszHyMJxCKJNu1Zpc3auH7GTdMA9u2k
ja3+DO4pLrTLJkktOoLk+MWRv0Rv8AzZoCC2pw6+0DwmKZjqlKGhy95gkf8V0vv8
VD9kQbAbfFtGMq+e48HRD3kCivaqtvarImdDm1be0D65Ucb02LF5GB6Y1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNIATY7Ibgs3ssLPE05efhbXSNxCMB8GA1UdIwQY
MBaAFJrVZnxBKBQROcynxQR/wXJQv2OvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXRWbWZFRW9GQkU1ektmRkJIX0JjbENfWTY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NzlmMGYtMDcwZS00NDNkLThlY2Qt
Njg3MjM1NTgzOGEyLzEvbXRWbWZFRW9GQkU1ektmRkJIX0JjbENfWTY4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NzlmMGYtMDcwZS00NDNkLThlY2QtNjg3MjM1NTgzOGEy
LzEvbXRWbWZFRW9GQkU1ektmRkJIX0JjbENfWTY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhHGkKWCd
ZLc/mLAeTualF9PKliJyaMu6AsmbsI1Vm8ADZ/mQuitSw+2C3MmOgnGmjqkatB5K
gfK9oEnlZY+ObL/mrACg1feZ5+coWl6W7hZUy+A7+BUNvRFojAZ1r2jKwSqrAPkE
ri+E8vxfM8qC0gbD56mR7paFmcpv1AzzyVMiDbok1vFU/r98nAc7AVuNwzBqaOXP
SkGK4FLlbQKD3G0BWYfOoOCOIzx06EEVN2EIMcR5Cch6AhwtZcRNs1CdytK/ERJc
Xvo17rsT7OyF4Xz0kK9NJKwGKYOS/omap9UUqwHErkbzQRDOU/Hq0Al2mt5XyeIj
1VHvIC1CF5bfXA==
-----END CERTIFICATE-----