Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/ff58dc-4971-4132-ba17-77ecbbb4f7d8/1/ccWe2rmO-wzTdnYPQGnkxouL2iA.mft
File:                     ccWe2rmO-wzTdnYPQGnkxouL2iA.mft (raw, json)
Hash identifier:          1wTgLc8c1Sk5Nq/0tVESOnvpQdFrb4Ws01EzSbP1WNA=
Subject key identifier:   85:91:01:E3:4B:D2:C9:B8:24:4B:BD:D8:BA:1C:0A:D6:9D:30:89:71
Authority key identifier: 71:C5:9E:DA:B9:8E:FB:0C:D3:76:76:0F:40:69:E4:C6:8B:8B:DA:20
Certificate issuer:       /CN=71c59edab98efb0cd376760f4069e4c68b8bda20
Certificate serial:       0199FDD8F9E098FD8E7765949F0E2CFCF2BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ccWe2rmO-wzTdnYPQGnkxouL2iA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/ff58dc-4971-4132-ba17-77ecbbb4f7d8/1/ccWe2rmO-wzTdnYPQGnkxouL2iA.mft
Manifest number:          0833
Signing time:             Sun 19 Oct 2025 19:01:19 +0000
Manifest this update:     Sun 19 Oct 2025 19:01:19 +0000
Manifest next update:     Mon 20 Oct 2025 19:01:19 +0000
Files and hashes:         1: ccWe2rmO-wzTdnYPQGnkxouL2iA.crl (hash: lYlo4jPWc63OychOGFyTlt+GF48/+8ORpj6qwgLiwsw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/ff58dc-4971-4132-ba17-77ecbbb4f7d8/1/ccWe2rmO-wzTdnYPQGnkxouL2iA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/ff58dc-4971-4132-ba17-77ecbbb4f7d8/1/ccWe2rmO-wzTdnYPQGnkxouL2iA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ccWe2rmO-wzTdnYPQGnkxouL2iA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d8:f9:e0:98:fd:8e:77:65:94:9f:0e:2c:fc:f2:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71c59edab98efb0cd376760f4069e4c68b8bda20
        Validity
            Not Before: Oct 19 19:01:19 2025 GMT
            Not After : Oct 20 19:01:19 2025 GMT
        Subject: CN=859101e34bd2c9b8244bbdd8ba1c0ad69d308971
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:06:13:a4:1b:38:78:cb:85:79:fd:bc:c4:6f:
                    52:83:60:0a:6e:7e:98:13:f4:1f:b1:93:a8:c8:47:
                    22:94:c9:66:ac:cd:f9:76:b3:e3:ab:d1:69:df:4b:
                    73:c2:a4:d5:0c:6a:e2:80:6f:4f:60:c8:32:30:ab:
                    16:a8:f2:41:7b:65:f3:b4:ba:a6:14:89:53:12:34:
                    f7:01:d1:35:14:6e:f7:b7:ae:f3:c8:24:b3:8e:e8:
                    a7:4e:b1:06:89:2d:f1:69:0a:72:7e:31:45:83:3e:
                    bd:59:02:75:90:a6:8b:33:02:b7:76:62:9e:e6:57:
                    45:b2:e8:52:82:17:e2:9a:7a:70:cb:e7:b8:0a:62:
                    f3:fc:35:f6:0a:e0:b7:0b:9d:ea:2d:f9:da:ae:8a:
                    63:f7:64:d7:32:d5:69:47:48:69:e5:30:04:78:81:
                    79:83:12:cd:df:9b:8c:15:53:0e:95:bf:2a:17:63:
                    dc:63:a7:e1:f2:41:60:4e:3d:94:d5:fe:f3:7a:9f:
                    52:74:eb:1b:40:bb:35:8b:ac:6d:a8:c4:a4:ab:ba:
                    e0:dd:48:ff:43:b8:4a:90:8a:a8:a8:17:7b:db:1b:
                    75:a2:60:6d:fa:1d:ce:48:47:0a:9a:c5:3f:a1:4e:
                    38:a1:ee:db:ab:f2:de:86:8e:ed:23:7b:ea:ce:4f:
                    f3:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:91:01:E3:4B:D2:C9:B8:24:4B:BD:D8:BA:1C:0A:D6:9D:30:89:71
            X509v3 Authority Key Identifier:
                keyid:71:C5:9E:DA:B9:8E:FB:0C:D3:76:76:0F:40:69:E4:C6:8B:8B:DA:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ccWe2rmO-wzTdnYPQGnkxouL2iA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/ff58dc-4971-4132-ba17-77ecbbb4f7d8/1/ccWe2rmO-wzTdnYPQGnkxouL2iA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/ff58dc-4971-4132-ba17-77ecbbb4f7d8/1/ccWe2rmO-wzTdnYPQGnkxouL2iA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:a8:50:ba:45:98:ee:14:44:4a:4a:8b:12:f3:77:72:be:99:
         5c:c6:0b:f1:5e:ca:3f:2e:c2:fc:62:93:2e:6d:01:30:4d:05:
         fc:5b:92:eb:07:44:a5:9b:5b:fb:7d:91:2a:86:55:70:79:35:
         d0:af:b2:37:7a:a7:6f:53:0d:15:b2:15:34:f4:22:35:60:1d:
         f9:3c:9b:f7:d0:b4:a2:2b:18:31:ae:1d:f2:c0:a7:9a:89:65:
         bb:75:b0:60:84:f6:22:8c:10:f3:e9:6c:71:65:41:49:aa:17:
         10:04:44:e0:70:1a:8d:17:f0:7c:2e:67:bb:ae:4c:14:03:57:
         f2:06:bb:8c:ce:88:7e:1f:84:fa:2f:43:e8:ea:b5:2a:f4:c6:
         bb:66:5f:d8:41:e1:3d:ed:8d:84:e7:e5:4c:21:2e:eb:ee:da:
         86:d8:ac:f5:06:c7:18:9b:f9:01:7f:4c:e4:e2:c9:a6:a7:2d:
         28:07:8e:ee:cc:e4:6f:14:c8:ec:9c:f0:d4:99:d8:48:07:ff:
         58:8a:e9:e0:97:11:32:2f:c2:d6:9d:cf:e8:c5:1f:30:e9:41:
         5a:98:06:3f:5a:82:31:42:de:ab:b4:69:bb:67:79:a5:b6:88:
         ee:2f:8d:4d:1a:12:ce:cb:a1:ba:0c:e7:ab:0e:f9:fd:6d:22:
         8b:2d:4a:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92PngmP2Od2WUnw4s/PK/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYzU5ZWRhYjk4ZWZiMGNkMzc2NzYwZjQwNjllNGM2OGI4
YmRhMjAwHhcNMjUxMDE5MTkwMTE5WhcNMjUxMDIwMTkwMTE5WjAzMTEwLwYDVQQD
Eyg4NTkxMDFlMzRiZDJjOWI4MjQ0YmJkZDhiYTFjMGFkNjlkMzA4OTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwwYTpBs4eMuFef28xG9Sg2AKbn6Y
E/QfsZOoyEcilMlmrM35drPjq9Fp30tzwqTVDGrigG9PYMgyMKsWqPJBe2XztLqm
FIlTEjT3AdE1FG73t67zyCSzjuinTrEGiS3xaQpyfjFFgz69WQJ1kKaLMwK3dmKe
5ldFsuhSghfimnpwy+e4CmLz/DX2CuC3C53qLfnaropj92TXMtVpR0hp5TAEeIF5
gxLN35uMFVMOlb8qF2PcY6fh8kFgTj2U1f7zep9SdOsbQLs1i6xtqMSkq7rg3Uj/
Q7hKkIqoqBd72xt1omBt+h3OSEcKmsU/oU44oe7bq/Leho7tI3vqzk/ziwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIWRAeNL0sm4JEu92LocCtadMIlxMB8GA1UdIwQY
MBaAFHHFntq5jvsM03Z2D0Bp5MaLi9ogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2NXZTJybU8td3pUZG5ZUFFHbmt4b3VMMmlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mZjU4ZGMtNDk3MS00MTMyLWJhMTct
NzdlY2JiYjRmN2Q4LzEvY2NXZTJybU8td3pUZG5ZUFFHbmt4b3VMMmlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mZjU4ZGMtNDk3MS00MTMyLWJhMTctNzdlY2JiYjRmN2Q4
LzEvY2NXZTJybU8td3pUZG5ZUFFHbmt4b3VMMmlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoqhQukWY
7hRESkqLEvN3cr6ZXMYL8V7KPy7C/GKTLm0BME0F/FuS6wdEpZtb+32RKoZVcHk1
0K+yN3qnb1MNFbIVNPQiNWAd+Tyb99C0oisYMa4d8sCnmollu3WwYIT2IowQ8+ls
cWVBSaoXEARE4HAajRfwfC5nu65MFANX8ga7jM6Ifh+E+i9D6Oq1KvTGu2Zf2EHh
Pe2NhOflTCEu6+7ahtis9QbHGJv5AX9M5OLJpqctKAeO7szkbxTI7Jzw1JnYSAf/
WIrp4JcRMi/C1p3P6MUfMOlBWpgGP1qCMULeq7Rpu2d5pbaI7i+NTRoSzsuhugzn
qw75/W0iiy1KDQ==
-----END CERTIFICATE-----