Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/4ef8b4-7e06-4768-b47a-970fb0e44c47/1/pL9-XCjULmcUGeYsMmBJ5cedSOA.mft
File:                     pL9-XCjULmcUGeYsMmBJ5cedSOA.mft (raw, json)
Hash identifier:          Ky4WkKvy3GnXxnaslmKpqvrZxdOHXBdsdzRY/5O8Bkc=
Subject key identifier:   BC:71:8E:2A:92:ED:A7:DC:C3:DF:14:C1:BE:6D:9D:D6:27:24:11:B0
Authority key identifier: A4:BF:7E:5C:28:D4:2E:67:14:19:E6:2C:32:60:49:E5:C7:9D:48:E0
Certificate issuer:       /CN=a4bf7e5c28d42e671419e62c326049e5c79d48e0
Certificate serial:       0199FB7C9C9CD155710AAF8AC1911858954A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pL9-XCjULmcUGeYsMmBJ5cedSOA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/4ef8b4-7e06-4768-b47a-970fb0e44c47/1/pL9-XCjULmcUGeYsMmBJ5cedSOA.mft
Manifest number:          EA
Signing time:             Sun 19 Oct 2025 08:01:11 +0000
Manifest this update:     Sun 19 Oct 2025 08:01:11 +0000
Manifest next update:     Mon 20 Oct 2025 08:01:11 +0000
Files and hashes:         1: pL9-XCjULmcUGeYsMmBJ5cedSOA.crl (hash: QfkSl7HsHxcH6DHJbY+ed8flNSzsKDrl4oPHtmBQvhc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/4ef8b4-7e06-4768-b47a-970fb0e44c47/1/pL9-XCjULmcUGeYsMmBJ5cedSOA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/4ef8b4-7e06-4768-b47a-970fb0e44c47/1/pL9-XCjULmcUGeYsMmBJ5cedSOA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pL9-XCjULmcUGeYsMmBJ5cedSOA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 08:01:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:7c:9c:9c:d1:55:71:0a:af:8a:c1:91:18:58:95:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a4bf7e5c28d42e671419e62c326049e5c79d48e0
        Validity
            Not Before: Oct 19 08:01:11 2025 GMT
            Not After : Oct 20 08:01:11 2025 GMT
        Subject: CN=bc718e2a92eda7dcc3df14c1be6d9dd6272411b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:19:78:0d:cc:04:60:bb:8c:f5:b0:6c:d5:f8:
                    be:9e:ed:cf:07:40:13:a6:6f:9b:87:64:ea:80:f3:
                    d3:9f:70:c3:5a:d8:de:bd:05:ac:17:f7:2f:28:b4:
                    61:94:c1:d1:2d:15:55:b9:77:fd:df:5b:84:24:83:
                    ea:c0:2f:d8:f8:4f:2e:7e:08:d5:73:f4:dc:a0:5e:
                    c9:96:ef:c9:34:a3:1f:4f:c8:de:14:2b:ab:5b:b5:
                    09:95:f3:bc:71:12:d8:3a:e4:69:2d:ab:25:92:37:
                    cb:0e:a1:2c:3f:55:44:13:21:08:73:20:77:b9:32:
                    3d:34:38:c3:f8:64:9d:9d:f9:3b:b5:d5:89:6c:e4:
                    bc:22:ff:6e:56:a4:fc:a3:ac:bc:86:d4:c6:1f:95:
                    82:c4:32:8c:c6:b3:f6:46:b4:7c:86:33:aa:70:eb:
                    8e:40:48:8d:82:e5:1b:c3:d0:98:bc:67:f1:40:a9:
                    b3:52:54:c4:f2:68:5a:f1:29:b1:ac:85:73:37:7b:
                    cf:a3:de:59:de:57:6a:56:99:70:a3:ed:ab:55:c5:
                    5e:8f:35:3c:36:08:e7:0d:04:62:f1:aa:c4:47:b7:
                    fe:65:75:88:1c:88:99:5a:56:aa:7a:e5:57:35:77:
                    cd:41:66:40:17:8a:1b:ac:ce:5f:13:fb:4a:3f:6a:
                    60:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:71:8E:2A:92:ED:A7:DC:C3:DF:14:C1:BE:6D:9D:D6:27:24:11:B0
            X509v3 Authority Key Identifier:
                keyid:A4:BF:7E:5C:28:D4:2E:67:14:19:E6:2C:32:60:49:E5:C7:9D:48:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pL9-XCjULmcUGeYsMmBJ5cedSOA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/4ef8b4-7e06-4768-b47a-970fb0e44c47/1/pL9-XCjULmcUGeYsMmBJ5cedSOA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/4ef8b4-7e06-4768-b47a-970fb0e44c47/1/pL9-XCjULmcUGeYsMmBJ5cedSOA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:37:48:f7:a4:c4:b6:54:92:ff:f6:6f:a7:f0:49:ac:8e:31:
         3c:e1:0d:c6:80:f2:76:49:3f:86:5d:4c:9d:fa:55:f0:91:f5:
         83:0c:b0:48:a3:06:3c:78:1d:1a:03:31:19:d0:4c:a1:e1:7e:
         78:26:a1:39:c4:e7:3b:81:70:d0:64:ac:8c:35:8f:73:b2:b5:
         ba:81:c0:3a:1d:7d:fb:35:b0:5f:c4:60:1a:cd:11:e0:72:0b:
         e1:54:60:a0:1c:49:a1:04:41:e0:e0:5f:54:92:0d:c1:cc:80:
         91:48:ea:a3:d6:58:54:6b:2e:8c:27:e3:f5:69:fc:67:0c:ea:
         42:e4:8a:a5:d0:6b:5e:16:24:2a:84:01:e0:f5:c8:af:1f:c5:
         ed:19:c4:29:6e:64:d2:b9:cb:12:36:a7:12:ec:b1:a1:59:48:
         82:43:94:36:ec:5a:49:00:f8:13:f6:3d:e9:12:2d:08:28:9b:
         de:df:9f:c4:07:82:e2:39:67:26:85:eb:2a:a0:e1:ff:f8:7c:
         95:ff:3d:6e:d8:b6:22:dc:47:f3:5d:eb:20:cd:38:01:e8:2d:
         98:76:ed:67:12:f1:a0:a8:de:27:df:00:3e:24:d6:1d:f1:4c:
         ae:dd:dc:e0:5c:2d:54:e6:46:de:00:f8:23:cb:cc:81:26:93:
         ce:4d:0d:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7fJyc0VVxCq+KwZEYWJVKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0YmY3ZTVjMjhkNDJlNjcxNDE5ZTYyYzMyNjA0OWU1Yzc5
ZDQ4ZTAwHhcNMjUxMDE5MDgwMTExWhcNMjUxMDIwMDgwMTExWjAzMTEwLwYDVQQD
EyhiYzcxOGUyYTkyZWRhN2RjYzNkZjE0YzFiZTZkOWRkNjI3MjQxMWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBl4DcwEYLuM9bBs1fi+nu3PB0AT
pm+bh2TqgPPTn3DDWtjevQWsF/cvKLRhlMHRLRVVuXf931uEJIPqwC/Y+E8ufgjV
c/TcoF7Jlu/JNKMfT8jeFCurW7UJlfO8cRLYOuRpLaslkjfLDqEsP1VEEyEIcyB3
uTI9NDjD+GSdnfk7tdWJbOS8Iv9uVqT8o6y8htTGH5WCxDKMxrP2RrR8hjOqcOuO
QEiNguUbw9CYvGfxQKmzUlTE8mha8SmxrIVzN3vPo95Z3ldqVplwo+2rVcVejzU8
NgjnDQRi8arER7f+ZXWIHIiZWlaqeuVXNXfNQWZAF4obrM5fE/tKP2pgUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLxxjiqS7afcw98Uwb5tndYnJBGwMB8GA1UdIwQY
MBaAFKS/flwo1C5nFBnmLDJgSeXHnUjgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEw5LVhDalVMbWNVR2VZc01tQko1Y2VkU09BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS80ZWY4YjQtN2UwNi00NzY4LWI0N2Et
OTcwZmIwZTQ0YzQ3LzEvcEw5LVhDalVMbWNVR2VZc01tQko1Y2VkU09BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS80ZWY4YjQtN2UwNi00NzY4LWI0N2EtOTcwZmIwZTQ0YzQ3
LzEvcEw5LVhDalVMbWNVR2VZc01tQko1Y2VkU09BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANjdI96TE
tlSS//Zvp/BJrI4xPOENxoDydkk/hl1MnfpV8JH1gwywSKMGPHgdGgMxGdBMoeF+
eCahOcTnO4Fw0GSsjDWPc7K1uoHAOh19+zWwX8RgGs0R4HIL4VRgoBxJoQRB4OBf
VJINwcyAkUjqo9ZYVGsujCfj9Wn8ZwzqQuSKpdBrXhYkKoQB4PXIrx/F7RnEKW5k
0rnLEjanEuyxoVlIgkOUNuxaSQD4E/Y96RItCCib3t+fxAeC4jlnJoXrKqDh//h8
lf89bti2ItxH813rIM04AegtmHbtZxLxoKjeJ98APiTWHfFMrt3c4FwtVOZG3gD4
I8vMgSaTzk0Ntw==
-----END CERTIFICATE-----