Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
File:                     1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft (raw, json)
Hash identifier:          QyISQ3HPuUJOV4MrirvF04cwAypcC+iH8gATOduSat4=
Subject key identifier:   11:C1:C0:58:F9:ED:56:FF:39:C3:31:7D:0F:27:60:8A:A4:0C:1B:2E
Authority key identifier: D5:F6:23:DA:4C:D2:EE:DD:C2:C8:7C:51:5C:62:51:8C:43:1D:3F:B5
Certificate issuer:       /CN=d5f623da4cd2eeddc2c87c515c62518c431d3fb5
Certificate serial:       0199FCC619F2F56401F22E240ECD243DDC6C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
Manifest number:          03FA
Signing time:             Sun 19 Oct 2025 14:01:05 +0000
Manifest this update:     Sun 19 Oct 2025 14:01:05 +0000
Manifest next update:     Mon 20 Oct 2025 14:01:05 +0000
Files and hashes:         1: 1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl (hash: XYmCqCKNkcwmEc9zT/OdQpVHyni29kWDeoloHwOpNe0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:c6:19:f2:f5:64:01:f2:2e:24:0e:cd:24:3d:dc:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5f623da4cd2eeddc2c87c515c62518c431d3fb5
        Validity
            Not Before: Oct 19 14:01:05 2025 GMT
            Not After : Oct 20 14:01:05 2025 GMT
        Subject: CN=11c1c058f9ed56ff39c3317d0f27608aa40c1b2e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:b2:9b:10:9f:d3:d8:58:43:5e:85:5e:61:f9:
                    b2:94:fa:4d:15:d1:2f:b6:03:98:d3:72:0c:7b:c1:
                    bf:66:fc:b9:fb:17:1b:05:08:5a:c3:d7:f3:40:c2:
                    40:ad:1f:e4:b3:a7:ca:7d:df:74:8b:82:cd:be:42:
                    5a:8e:ae:36:3f:03:ce:aa:ff:14:a8:70:6e:4a:8b:
                    a1:5a:bf:62:b8:e9:dc:85:d8:c8:7d:2a:67:28:f5:
                    92:c3:22:89:c2:d4:f8:ea:6f:61:8f:3b:bd:ef:ca:
                    63:0b:18:ee:a3:a9:63:f9:b2:57:18:af:8c:91:fc:
                    19:1a:01:cb:98:05:29:4b:9a:16:37:77:c2:9d:a7:
                    92:e8:52:86:39:54:09:ce:27:4a:34:cb:9b:0a:d5:
                    5d:a1:71:2a:e8:30:3f:c5:3f:01:53:e2:8e:7c:03:
                    fe:6e:c4:e9:0a:17:64:27:f0:3f:d1:f2:da:5c:5f:
                    1b:8b:31:21:7c:92:01:c0:c0:77:80:a6:7f:8f:a3:
                    4f:1e:6f:49:59:d6:2e:15:4e:d2:67:bf:4d:fe:47:
                    80:78:0f:8d:4e:63:91:04:19:24:cb:97:22:1b:bf:
                    0d:11:f3:20:1e:49:fe:e4:a3:8f:dc:f1:d7:48:39:
                    44:0c:5a:b0:b3:dc:2f:f3:85:de:a4:69:f4:1d:28:
                    a8:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:C1:C0:58:F9:ED:56:FF:39:C3:31:7D:0F:27:60:8A:A4:0C:1B:2E
            X509v3 Authority Key Identifier:
                keyid:D5:F6:23:DA:4C:D2:EE:DD:C2:C8:7C:51:5C:62:51:8C:43:1D:3F:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:82:6c:78:04:66:9a:b4:7a:ae:bf:ca:d4:84:0d:4a:5e:1d:
         8e:c4:80:23:8f:5d:47:75:d0:df:80:ed:2b:91:96:ec:8c:ea:
         96:a8:25:5f:98:5a:74:c8:4e:26:b4:45:6a:95:aa:15:5e:69:
         3e:2d:8c:bb:bc:9a:19:ed:dc:13:75:a0:fd:32:72:8f:94:c0:
         91:0b:78:df:31:42:cf:fd:b6:dc:e5:ff:5d:c6:b9:ac:1a:2d:
         91:fe:73:14:2f:07:69:7d:55:d0:ed:3e:55:fe:f8:c8:7c:ee:
         8e:23:ee:57:cd:7d:5a:3a:5a:f2:fd:f3:f9:ca:85:c9:c5:3d:
         bf:12:71:dd:e2:66:9a:52:71:e0:be:12:44:b5:15:03:0c:c5:
         e5:bc:99:95:ee:0c:ca:9e:90:50:3f:96:d6:1b:03:dd:5e:38:
         51:15:45:90:71:b8:13:1b:cd:3b:3d:97:2c:59:14:95:fe:55:
         9a:04:1d:44:2e:c9:57:14:e8:13:c1:9d:13:fe:e9:4e:8b:f1:
         4d:c8:a7:7d:1c:68:dd:15:a0:56:de:c1:0c:9d:53:95:04:ac:
         3e:80:ee:b4:29:b1:ae:fd:5d:16:a5:3e:41:b4:6b:97:c4:68:
         7c:bd:73:9f:fe:80:7c:58:6c:7a:f5:14:c1:9b:06:e3:0a:35:
         a5:5a:ef:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8xhny9WQB8i4kDs0kPdxsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZjYyM2RhNGNkMmVlZGRjMmM4N2M1MTVjNjI1MThjNDMx
ZDNmYjUwHhcNMjUxMDE5MTQwMTA1WhcNMjUxMDIwMTQwMTA1WjAzMTEwLwYDVQQD
EygxMWMxYzA1OGY5ZWQ1NmZmMzljMzMxN2QwZjI3NjA4YWE0MGMxYjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxbKbEJ/T2FhDXoVeYfmylPpNFdEv
tgOY03IMe8G/Zvy5+xcbBQhaw9fzQMJArR/ks6fKfd90i4LNvkJajq42PwPOqv8U
qHBuSouhWr9iuOnchdjIfSpnKPWSwyKJwtT46m9hjzu978pjCxjuo6lj+bJXGK+M
kfwZGgHLmAUpS5oWN3fCnaeS6FKGOVQJzidKNMubCtVdoXEq6DA/xT8BU+KOfAP+
bsTpChdkJ/A/0fLaXF8bizEhfJIBwMB3gKZ/j6NPHm9JWdYuFU7SZ79N/keAeA+N
TmORBBkky5ciG78NEfMgHkn+5KOP3PHXSDlEDFqws9wv84XepGn0HSio0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBHBwFj57Vb/OcMxfQ8nYIqkDBsuMB8GA1UdIwQY
MBaAFNX2I9pM0u7dwsh8UVxiUYxDHT+1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8zMTNjMTEtZGY4Ny00ZDc3LTg3Mzkt
MDRmMWRjZWMzMjBlLzEvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8zMTNjMTEtZGY4Ny00ZDc3LTg3MzktMDRmMWRjZWMzMjBl
LzEvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm4JseARm
mrR6rr/K1IQNSl4djsSAI49dR3XQ34DtK5GW7IzqlqglX5hadMhOJrRFapWqFV5p
Pi2Mu7yaGe3cE3Wg/TJyj5TAkQt43zFCz/223OX/Xca5rBotkf5zFC8HaX1V0O0+
Vf74yHzujiPuV819Wjpa8v3z+cqFycU9vxJx3eJmmlJx4L4SRLUVAwzF5byZle4M
yp6QUD+W1hsD3V44URVFkHG4ExvNOz2XLFkUlf5VmgQdRC7JVxToE8GdE/7pTovx
TcinfRxo3RWgVt7BDJ1TlQSsPoDutCmxrv1dFqU+QbRrl8RofL1zn/6AfFhsevUU
wZsG4wo1pVrvKg==
-----END CERTIFICATE-----