Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bc5e2f-a4ab-4bdc-9a07-6fb10eeaf627/1/u0OX5un46iWRVggDysuzI5Ytn64.mft
File:                     u0OX5un46iWRVggDysuzI5Ytn64.mft (raw, json)
Hash identifier:          qmgrEoro2FLsCM/yg1yBKqeBlO+fy5LMy5v8wCWBXA4=
Subject key identifier:   10:16:8E:FB:20:2F:5B:9F:DA:19:55:3E:E0:89:B9:A5:99:28:F3:7B
Authority key identifier: BB:43:97:E6:E9:F8:EA:25:91:56:08:03:CA:CB:B3:23:96:2D:9F:AE
Certificate issuer:       /CN=bb4397e6e9f8ea2591560803cacbb323962d9fae
Certificate serial:       0199FDD939CC5F54066D829C2EC1C86AFB38
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u0OX5un46iWRVggDysuzI5Ytn64.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/bc5e2f-a4ab-4bdc-9a07-6fb10eeaf627/1/u0OX5un46iWRVggDysuzI5Ytn64.mft
Manifest number:          1123
Signing time:             Sun 19 Oct 2025 19:01:35 +0000
Manifest this update:     Sun 19 Oct 2025 19:01:35 +0000
Manifest next update:     Mon 20 Oct 2025 19:01:35 +0000
Files and hashes:         1: u0OX5un46iWRVggDysuzI5Ytn64.crl (hash: VwMComQjBtP3M1H3KOkrwwkxDLZVKkMBMGACCs0eH+k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/bc5e2f-a4ab-4bdc-9a07-6fb10eeaf627/1/u0OX5un46iWRVggDysuzI5Ytn64.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/bc5e2f-a4ab-4bdc-9a07-6fb10eeaf627/1/u0OX5un46iWRVggDysuzI5Ytn64.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/u0OX5un46iWRVggDysuzI5Ytn64.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 19:01:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d9:39:cc:5f:54:06:6d:82:9c:2e:c1:c8:6a:fb:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bb4397e6e9f8ea2591560803cacbb323962d9fae
        Validity
            Not Before: Oct 19 19:01:35 2025 GMT
            Not After : Oct 20 19:01:35 2025 GMT
        Subject: CN=10168efb202f5b9fda19553ee089b9a59928f37b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:3f:73:48:43:4c:a8:61:dd:fb:b0:77:2a:e5:
                    37:0a:3e:ce:17:6e:e4:48:62:fe:b6:49:bc:b7:42:
                    79:db:7d:62:cd:51:8d:85:9b:f5:f7:4b:8a:17:ac:
                    a5:cf:33:74:7b:9d:c5:75:3a:58:6d:11:cf:ae:2e:
                    04:9e:e1:ee:19:4b:2a:9b:23:4f:6f:e9:78:0d:00:
                    08:0d:72:9d:96:c0:e0:e8:86:05:f2:fc:9a:f7:3d:
                    d0:64:ce:d2:46:95:96:76:25:e9:6b:07:80:51:7d:
                    a5:2d:e5:23:89:ac:07:f3:e6:75:53:12:f5:a9:4e:
                    9a:24:74:56:26:e6:45:4d:71:d3:16:55:3b:e2:7d:
                    32:5b:f5:fd:48:0c:db:dc:e1:56:35:5a:72:a1:83:
                    4b:b9:69:64:f0:30:65:0a:90:9e:9a:27:f5:fa:58:
                    ae:b2:2c:53:ce:64:06:33:e4:cb:86:42:83:9c:0e:
                    20:02:b5:90:bd:2b:f1:d8:72:7b:78:6e:c2:4a:b1:
                    6a:49:2d:eb:b3:be:19:e2:0d:8b:44:d6:6b:75:d2:
                    73:e2:61:51:62:51:9b:89:2a:d8:23:24:ce:d1:14:
                    6c:d1:4b:4e:31:c7:e6:50:dd:b2:13:82:fc:91:c3:
                    27:26:42:f2:bf:d6:89:be:f5:6f:02:a5:30:c0:98:
                    5b:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:16:8E:FB:20:2F:5B:9F:DA:19:55:3E:E0:89:B9:A5:99:28:F3:7B
            X509v3 Authority Key Identifier:
                keyid:BB:43:97:E6:E9:F8:EA:25:91:56:08:03:CA:CB:B3:23:96:2D:9F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u0OX5un46iWRVggDysuzI5Ytn64.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bc5e2f-a4ab-4bdc-9a07-6fb10eeaf627/1/u0OX5un46iWRVggDysuzI5Ytn64.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bc5e2f-a4ab-4bdc-9a07-6fb10eeaf627/1/u0OX5un46iWRVggDysuzI5Ytn64.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:e4:94:a3:ae:f5:61:94:e8:1a:93:14:9b:3f:24:9f:b9:4f:
         d7:62:5e:b3:ed:61:fc:b0:4d:a6:93:c7:5b:51:41:7d:6b:b5:
         4e:e8:e7:cb:06:69:1e:fe:ae:ce:f2:67:3b:aa:ca:30:c3:9e:
         9f:5f:b0:9f:a4:1b:26:69:54:8b:44:73:4f:48:42:da:dc:21:
         66:92:6f:4f:69:25:6e:f6:9a:70:4b:12:c3:27:b5:4b:e8:e0:
         66:aa:ec:1d:68:1a:a1:d2:11:06:92:5b:a4:f9:80:f7:4e:81:
         0b:d5:77:c6:df:7f:20:8a:05:3c:13:f9:96:88:1b:23:ea:b4:
         ff:b6:b0:c0:f1:4b:42:81:52:a6:0d:28:b4:e8:52:d2:e1:0d:
         cc:e9:52:7a:e0:81:5f:77:b7:98:5b:89:9a:de:af:6f:69:50:
         e6:7a:38:db:6e:b1:2b:95:45:20:a9:2d:19:f0:1b:0f:08:c7:
         1b:d2:05:03:e4:c6:84:47:c8:12:90:98:df:c1:3d:a8:75:34:
         b8:79:4e:a1:27:cc:e0:cc:f7:cf:c3:c6:79:84:85:15:87:8e:
         e5:b8:60:06:40:00:1b:31:13:14:e4:53:0c:af:81:db:84:a3:
         88:3d:09:0b:64:15:0b:bc:d2:c3:1a:2f:99:7d:a0:88:17:36:
         f2:c2:b5:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92TnMX1QGbYKcLsHIavs4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiNDM5N2U2ZTlmOGVhMjU5MTU2MDgwM2NhY2JiMzIzOTYy
ZDlmYWUwHhcNMjUxMDE5MTkwMTM1WhcNMjUxMDIwMTkwMTM1WjAzMTEwLwYDVQQD
EygxMDE2OGVmYjIwMmY1YjlmZGExOTU1M2VlMDg5YjlhNTk5MjhmMzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6j9zSENMqGHd+7B3KuU3Cj7OF27k
SGL+tkm8t0J5231izVGNhZv190uKF6ylzzN0e53FdTpYbRHPri4EnuHuGUsqmyNP
b+l4DQAIDXKdlsDg6IYF8vya9z3QZM7SRpWWdiXpaweAUX2lLeUjiawH8+Z1UxL1
qU6aJHRWJuZFTXHTFlU74n0yW/X9SAzb3OFWNVpyoYNLuWlk8DBlCpCemif1+liu
sixTzmQGM+TLhkKDnA4gArWQvSvx2HJ7eG7CSrFqSS3rs74Z4g2LRNZrddJz4mFR
YlGbiSrYIyTO0RRs0UtOMcfmUN2yE4L8kcMnJkLyv9aJvvVvAqUwwJhbyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBAWjvsgL1uf2hlVPuCJuaWZKPN7MB8GA1UdIwQY
MBaAFLtDl+bp+OolkVYIA8rLsyOWLZ+uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTBPWDV1bjQ2aVdSVmdnRHlzdXpJNVl0bjY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iYzVlMmYtYTRhYi00YmRjLTlhMDct
NmZiMTBlZWFmNjI3LzEvdTBPWDV1bjQ2aVdSVmdnRHlzdXpJNVl0bjY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iYzVlMmYtYTRhYi00YmRjLTlhMDctNmZiMTBlZWFmNjI3
LzEvdTBPWDV1bjQ2aVdSVmdnRHlzdXpJNVl0bjY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY+SUo671
YZToGpMUmz8kn7lP12Jes+1h/LBNppPHW1FBfWu1TujnywZpHv6uzvJnO6rKMMOe
n1+wn6QbJmlUi0RzT0hC2twhZpJvT2klbvaacEsSwye1S+jgZqrsHWgaodIRBpJb
pPmA906BC9V3xt9/IIoFPBP5logbI+q0/7awwPFLQoFSpg0otOhS0uENzOlSeuCB
X3e3mFuJmt6vb2lQ5no4226xK5VFIKktGfAbDwjHG9IFA+TGhEfIEpCY38E9qHU0
uHlOoSfM4Mz3z8PGeYSFFYeO5bhgBkAAGzETFORTDK+B24SjiD0JC2QVC7zSwxov
mX2giBc28sK1FQ==
-----END CERTIFICATE-----