Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/ee1127-f99c-4aea-b2fa-40cc16f2afa4/1/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.mft
File:                     ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.mft (raw, json)
Hash identifier:          3fNeh9xYB1akjpJKQVY+UTAyssmiWbEW070QRdl05Xk=
Subject key identifier:   16:0E:10:3E:44:D2:3F:0A:4F:B5:FA:47:B2:13:14:FA:7A:90:96:95
Authority key identifier: 72:20:2E:64:5F:72:CD:70:AA:81:43:B7:3B:CC:0D:DD:93:BF:E9:1A
Certificate issuer:       /CN=72202e645f72cd70aa8143b73bcc0ddd93bfe91a
Certificate serial:       0199FBEA9A6F6D9DEED26930819590C5DE87
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/ee1127-f99c-4aea-b2fa-40cc16f2afa4/1/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.mft
Manifest number:          0431
Signing time:             Sun 19 Oct 2025 10:01:20 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:20 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:20 +0000
Files and hashes:         1: ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.crl (hash: wDX2PCMz7zijv+UnuRMht+J3mQCIo2yI44N2GDyeIqM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2d/ee1127-f99c-4aea-b2fa-40cc16f2afa4/1/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2d/ee1127-f99c-4aea-b2fa-40cc16f2afa4/1/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:01:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ea:9a:6f:6d:9d:ee:d2:69:30:81:95:90:c5:de:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72202e645f72cd70aa8143b73bcc0ddd93bfe91a
        Validity
            Not Before: Oct 19 10:01:20 2025 GMT
            Not After : Oct 20 10:01:20 2025 GMT
        Subject: CN=160e103e44d23f0a4fb5fa47b21314fa7a909695
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:6d:b1:d1:41:66:fa:b6:de:60:01:b1:90:5c:
                    43:5d:00:01:40:59:cb:20:f7:06:40:d9:72:b5:40:
                    e4:63:24:bf:e0:7a:7f:14:e5:e9:42:3d:de:6a:03:
                    9f:7d:4a:6f:c4:9f:fe:97:7c:d8:98:a2:e9:46:89:
                    89:3a:df:14:cc:55:24:f3:4c:5e:98:71:75:92:f7:
                    c5:ec:08:6f:5f:8f:81:ed:1c:c3:97:f2:91:bb:87:
                    44:1d:80:8e:4e:40:f8:76:aa:81:5e:c7:28:67:79:
                    fe:6f:a8:84:b6:88:34:65:18:aa:18:58:ab:41:c6:
                    92:54:99:b0:cc:f5:fa:b0:28:9e:b1:27:9d:3e:f9:
                    64:68:48:a7:f7:9a:20:01:54:ea:b5:3f:3d:62:10:
                    86:c8:72:8c:3f:0c:aa:c6:d9:18:18:eb:6c:74:f8:
                    a9:26:cd:24:cd:20:b3:e8:5c:e8:2c:0e:a0:1a:33:
                    9e:12:7f:78:1d:e9:4f:a1:4c:25:25:8a:5a:05:72:
                    c7:28:6e:5a:6a:5a:31:78:9b:8f:70:1f:ca:a5:c5:
                    76:16:03:05:52:d0:87:12:7b:c7:d9:cb:16:50:f9:
                    a0:b0:ce:be:68:d0:7c:b9:58:dc:40:ff:0f:0d:04:
                    c8:a4:69:ec:d4:1c:d7:b0:67:40:cc:e6:89:71:84:
                    0f:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:0E:10:3E:44:D2:3F:0A:4F:B5:FA:47:B2:13:14:FA:7A:90:96:95
            X509v3 Authority Key Identifier:
                keyid:72:20:2E:64:5F:72:CD:70:AA:81:43:B7:3B:CC:0D:DD:93:BF:E9:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/ee1127-f99c-4aea-b2fa-40cc16f2afa4/1/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/ee1127-f99c-4aea-b2fa-40cc16f2afa4/1/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:e3:6d:ef:a4:4b:2d:64:14:76:6c:bd:7d:df:80:8e:6f:6c:
         7c:56:50:62:cd:d3:78:b6:26:09:03:70:d1:33:7a:6e:7f:eb:
         3c:2f:10:55:fa:f6:6a:d5:08:af:7b:96:e8:02:a5:3e:e8:f2:
         ec:ee:81:4c:cf:ae:13:70:2c:3e:a8:9d:fe:e4:ef:3d:16:2c:
         be:87:55:d0:1e:38:ff:4b:bf:be:aa:79:ba:f3:18:7b:e2:bd:
         0c:30:08:e4:8d:44:10:2a:9a:77:48:71:87:07:2b:49:59:d8:
         61:6b:3e:5d:39:a1:f7:3f:dc:73:f7:d8:ea:5f:0b:a3:30:0c:
         b5:cd:46:e1:1e:fa:f2:1e:bd:ed:46:c8:32:ee:11:a2:fc:a8:
         da:58:70:68:b3:d9:69:be:6f:af:24:87:82:c4:f1:9c:32:bb:
         88:e2:52:6a:f3:8b:88:cc:9a:fa:e4:d3:02:59:88:a5:9a:a2:
         6b:04:33:d8:06:58:07:8a:67:54:69:6f:d0:12:80:a6:84:c8:
         0e:ab:e0:3c:a4:c9:67:75:d4:4e:ae:86:e3:5b:1d:64:d7:bc:
         8b:60:a7:97:ac:a3:2d:b7:b4:9c:9a:4c:87:01:02:48:62:b7:
         00:2a:52:8a:eb:a3:37:82:2c:58:58:86:a8:78:f2:c8:3f:99:
         ff:63:4f:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76ppvbZ3u0mkwgZWQxd6HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMjAyZTY0NWY3MmNkNzBhYTgxNDNiNzNiY2MwZGRkOTNi
ZmU5MWEwHhcNMjUxMDE5MTAwMTIwWhcNMjUxMDIwMTAwMTIwWjAzMTEwLwYDVQQD
EygxNjBlMTAzZTQ0ZDIzZjBhNGZiNWZhNDdiMjEzMTRmYTdhOTA5Njk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs22x0UFm+rbeYAGxkFxDXQABQFnL
IPcGQNlytUDkYyS/4Hp/FOXpQj3eagOffUpvxJ/+l3zYmKLpRomJOt8UzFUk80xe
mHF1kvfF7AhvX4+B7RzDl/KRu4dEHYCOTkD4dqqBXscoZ3n+b6iEtog0ZRiqGFir
QcaSVJmwzPX6sCiesSedPvlkaEin95ogAVTqtT89YhCGyHKMPwyqxtkYGOtsdPip
Js0kzSCz6FzoLA6gGjOeEn94HelPoUwlJYpaBXLHKG5aaloxeJuPcB/KpcV2FgMF
UtCHEnvH2csWUPmgsM6+aNB8uVjcQP8PDQTIpGns1BzXsGdAzOaJcYQPeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBYOED5E0j8KT7X6R7ITFPp6kJaVMB8GA1UdIwQY
MBaAFHIgLmRfcs1wqoFDtzvMDd2Tv+kaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lBdVpGOXl6WENxZ1VPM084d04zWk9fNlJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lZTExMjctZjk5Yy00YWVhLWIyZmEt
NDBjYzE2ZjJhZmE0LzEvY2lBdVpGOXl6WENxZ1VPM084d04zWk9fNlJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lZTExMjctZjk5Yy00YWVhLWIyZmEtNDBjYzE2ZjJhZmE0
LzEvY2lBdVpGOXl6WENxZ1VPM084d04zWk9fNlJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABeNt76RL
LWQUdmy9fd+Ajm9sfFZQYs3TeLYmCQNw0TN6bn/rPC8QVfr2atUIr3uW6AKlPujy
7O6BTM+uE3AsPqid/uTvPRYsvodV0B44/0u/vqp5uvMYe+K9DDAI5I1EECqad0hx
hwcrSVnYYWs+XTmh9z/cc/fY6l8LozAMtc1G4R768h697UbIMu4Rovyo2lhwaLPZ
ab5vrySHgsTxnDK7iOJSavOLiMya+uTTAlmIpZqiawQz2AZYB4pnVGlv0BKApoTI
DqvgPKTJZ3XUTq6G41sdZNe8i2Cnl6yjLbe0nJpMhwECSGK3ACpSiuujN4IsWFiG
qHjyyD+Z/2NPhA==
-----END CERTIFICATE-----