Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft
File:                     a5HhwatXAlaAjt-5y3VZxV3PrWE.mft (raw, json)
Hash identifier:          ovQ0z5iQtQFqsFs9feNVHt+T2idl+xeDqIgVNMr1DiE=
Subject key identifier:   B9:D6:51:D2:91:A0:95:77:FB:17:54:22:FC:BD:BB:C8:6C:2B:20:C3
Authority key identifier: 6B:91:E1:C1:AB:57:02:56:80:8E:DF:B9:CB:75:59:C5:5D:CF:AD:61
Certificate issuer:       /CN=6b91e1c1ab570256808edfb9cb7559c55dcfad61
Certificate serial:       0199FB460FF5FC21B9214B1E3F2338BF1E62
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft
Manifest number:          0AA1
Signing time:             Sun 19 Oct 2025 07:01:36 +0000
Manifest this update:     Sun 19 Oct 2025 07:01:36 +0000
Manifest next update:     Mon 20 Oct 2025 07:01:36 +0000
Files and hashes:         1: a5HhwatXAlaAjt-5y3VZxV3PrWE.crl (hash: Z+4hm38pPKyQMmMA3d+5NlA4I4UlkKJ9WUU1hq/2qfE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:46:0f:f5:fc:21:b9:21:4b:1e:3f:23:38:bf:1e:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b91e1c1ab570256808edfb9cb7559c55dcfad61
        Validity
            Not Before: Oct 19 07:01:36 2025 GMT
            Not After : Oct 20 07:01:36 2025 GMT
        Subject: CN=b9d651d291a09577fb175422fcbdbbc86c2b20c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:a2:7c:5a:28:1f:b8:fe:bf:71:d2:c0:84:cc:
                    f7:55:c9:be:2e:14:25:ef:c1:eb:36:97:a7:fd:9e:
                    1f:b8:55:bf:25:d8:af:ce:24:95:02:79:bf:08:df:
                    c3:44:d4:9b:5f:74:0b:fc:d2:db:02:24:26:7e:c0:
                    74:3d:f2:f1:32:b4:96:71:9c:ab:32:6d:fb:23:e9:
                    47:57:c5:2b:bf:6a:bb:61:b6:f0:bb:b8:f7:34:95:
                    f1:e8:0f:4f:be:6b:20:65:a1:bd:e8:b0:76:ee:48:
                    c1:22:27:17:d1:cb:2d:05:9b:b6:af:17:aa:34:6a:
                    51:c5:74:bc:ac:7e:20:dc:1d:38:fe:a2:2e:26:0a:
                    fe:1c:ce:bf:39:fa:9a:35:84:10:31:7f:2e:3c:72:
                    28:41:50:d8:d8:a3:ce:5c:d5:fd:63:e5:d9:da:b8:
                    7b:9c:30:c7:2e:e4:38:07:d3:cb:8a:6b:f5:e7:db:
                    c4:f8:a6:13:8c:04:01:fe:3f:be:7b:20:76:8a:6f:
                    57:3d:03:35:20:ad:6f:ee:c8:55:d0:3d:43:15:f7:
                    d7:9e:0a:b4:8b:2a:9d:19:2a:2e:0b:c6:c7:4f:c0:
                    0d:cf:48:00:b8:33:4f:be:5e:9a:a8:ff:34:b3:ab:
                    51:8e:68:3d:c5:8d:9b:64:1e:f8:fa:4f:68:3b:e0:
                    5f:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:D6:51:D2:91:A0:95:77:FB:17:54:22:FC:BD:BB:C8:6C:2B:20:C3
            X509v3 Authority Key Identifier:
                keyid:6B:91:E1:C1:AB:57:02:56:80:8E:DF:B9:CB:75:59:C5:5D:CF:AD:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:d6:b0:c3:77:b5:5c:45:53:43:8e:6c:05:19:43:5d:db:89:
         7a:41:8b:ee:20:00:c3:80:07:8e:69:f5:6e:70:5a:4b:f4:47:
         66:cc:f3:5a:22:40:99:7b:f7:b7:fb:c8:30:8d:78:65:33:4b:
         58:9b:15:be:cd:8c:a1:57:c3:16:ce:52:ac:11:1d:4d:a7:3e:
         ba:29:a8:7f:d0:ee:52:f4:47:1d:01:c9:ab:d5:91:cc:64:4a:
         08:9c:84:b6:2d:d7:9d:fd:b1:9c:1f:12:f0:99:c9:03:fa:5a:
         2b:cb:52:1f:86:b7:e0:ef:f8:26:e1:b3:22:04:80:1a:e2:b4:
         8e:7c:56:b1:0d:a8:3e:cc:4e:f3:b7:92:90:fe:68:3b:dd:99:
         12:9d:57:d2:37:1d:98:85:c8:de:8d:63:d3:85:eb:6b:63:f9:
         62:55:82:09:13:29:0f:e6:35:2f:c1:f7:ab:44:64:21:9c:45:
         da:28:bb:26:f2:94:a6:44:48:bc:18:9a:16:d0:97:ac:64:6f:
         47:c2:ad:d8:22:cd:b4:6c:2c:ec:c6:c1:d3:e7:80:24:7f:c1:
         72:eb:7c:6c:09:3f:d6:ae:88:87:a3:80:3f:01:42:c1:fa:30:
         a6:18:f7:47:6a:af:c8:a7:04:e1:c4:39:ed:b9:56:81:30:c9:
         38:8d:f9:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7Rg/1/CG5IUsePyM4vx5iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiOTFlMWMxYWI1NzAyNTY4MDhlZGZiOWNiNzU1OWM1NWRj
ZmFkNjEwHhcNMjUxMDE5MDcwMTM2WhcNMjUxMDIwMDcwMTM2WjAzMTEwLwYDVQQD
EyhiOWQ2NTFkMjkxYTA5NTc3ZmIxNzU0MjJmY2JkYmJjODZjMmIyMGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqJ8WigfuP6/cdLAhMz3Vcm+LhQl
78HrNpen/Z4fuFW/JdivziSVAnm/CN/DRNSbX3QL/NLbAiQmfsB0PfLxMrSWcZyr
Mm37I+lHV8Urv2q7Ybbwu7j3NJXx6A9PvmsgZaG96LB27kjBIicX0cstBZu2rxeq
NGpRxXS8rH4g3B04/qIuJgr+HM6/OfqaNYQQMX8uPHIoQVDY2KPOXNX9Y+XZ2rh7
nDDHLuQ4B9PLimv159vE+KYTjAQB/j++eyB2im9XPQM1IK1v7shV0D1DFffXngq0
iyqdGSouC8bHT8ANz0gAuDNPvl6aqP80s6tRjmg9xY2bZB74+k9oO+Bf+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLnWUdKRoJV3+xdUIvy9u8hsKyDDMB8GA1UdIwQY
MBaAFGuR4cGrVwJWgI7fuct1WcVdz61hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9hNWQzYzEtYmQ1ZS00MzU2LTk3MWMt
MDk4YTAyOTI5MDg5LzEvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9hNWQzYzEtYmQ1ZS00MzU2LTk3MWMtMDk4YTAyOTI5MDg5
LzEvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ9aww3e1
XEVTQ45sBRlDXduJekGL7iAAw4AHjmn1bnBaS/RHZszzWiJAmXv3t/vIMI14ZTNL
WJsVvs2MoVfDFs5SrBEdTac+uimof9DuUvRHHQHJq9WRzGRKCJyEti3Xnf2xnB8S
8JnJA/paK8tSH4a34O/4JuGzIgSAGuK0jnxWsQ2oPsxO87eSkP5oO92ZEp1X0jcd
mIXI3o1j04Xra2P5YlWCCRMpD+Y1L8H3q0RkIZxF2ii7JvKUpkRIvBiaFtCXrGRv
R8Kt2CLNtGws7MbB0+eAJH/Bcut8bAk/1q6Ih6OAPwFCwfowphj3R2qvyKcE4cQ5
7blWgTDJOI35Ag==
-----END CERTIFICATE-----