Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/f7f214-1db2-436a-95c6-643f0da849fa/1/rxFguAPrImHBP4yK3JU9O1r7V8w.mft
File:                     rxFguAPrImHBP4yK3JU9O1r7V8w.mft (raw, json)
Hash identifier:          5UCBFwoPqFM0326QmnSYZ0zHJNggQ91RoNkP1blaXWU=
Subject key identifier:   FF:60:46:21:56:98:AB:B5:E7:48:5F:A6:03:60:D6:3F:D7:E3:F1:6F
Authority key identifier: AF:11:60:B8:03:EB:22:61:C1:3F:8C:8A:DC:95:3D:3B:5A:FB:57:CC
Certificate issuer:       /CN=af1160b803eb2261c13f8c8adc953d3b5afb57cc
Certificate serial:       0199FCFD76BA030BDEA400A33E9C1DACB918
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rxFguAPrImHBP4yK3JU9O1r7V8w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/f7f214-1db2-436a-95c6-643f0da849fa/1/rxFguAPrImHBP4yK3JU9O1r7V8w.mft
Manifest number:          0201
Signing time:             Sun 19 Oct 2025 15:01:33 +0000
Manifest this update:     Sun 19 Oct 2025 15:01:33 +0000
Manifest next update:     Mon 20 Oct 2025 15:01:33 +0000
Files and hashes:         1: rxFguAPrImHBP4yK3JU9O1r7V8w.crl (hash: j6iL9Kjy38q+7vBLd/OHey94tAMRcQdkQRIQ/yuQzwE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2d/f7f214-1db2-436a-95c6-643f0da849fa/1/rxFguAPrImHBP4yK3JU9O1r7V8w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2d/f7f214-1db2-436a-95c6-643f0da849fa/1/rxFguAPrImHBP4yK3JU9O1r7V8w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rxFguAPrImHBP4yK3JU9O1r7V8w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:fd:76:ba:03:0b:de:a4:00:a3:3e:9c:1d:ac:b9:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af1160b803eb2261c13f8c8adc953d3b5afb57cc
        Validity
            Not Before: Oct 19 15:01:33 2025 GMT
            Not After : Oct 20 15:01:33 2025 GMT
        Subject: CN=ff6046215698abb5e7485fa60360d63fd7e3f16f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:e7:e5:d1:97:14:fc:dc:19:b8:bc:bb:df:21:
                    07:31:b7:24:5b:32:54:6b:35:f9:60:87:96:76:9c:
                    08:84:31:8d:dd:b6:89:26:ce:4e:86:c6:e2:eb:22:
                    87:c0:19:2e:94:ba:7d:0c:33:f5:0c:b2:7a:6a:4b:
                    9c:da:67:51:a4:52:c9:e3:79:b1:48:63:4f:47:c0:
                    35:c5:cf:ee:9d:a3:26:29:32:be:c2:fe:a8:7d:aa:
                    67:c1:be:41:2f:f2:9f:5b:77:20:86:df:a8:45:8d:
                    db:d3:d1:e7:b4:47:3d:fe:a6:78:f0:d8:01:a0:b8:
                    85:77:1c:12:1f:6b:57:64:13:71:01:72:7e:a9:e5:
                    a7:62:a2:09:d0:f2:ed:46:97:0a:a9:e7:39:03:26:
                    fd:d8:a3:54:04:c0:d9:45:b7:19:86:58:24:c4:db:
                    25:46:2a:fa:a5:bd:75:61:c5:6c:fa:ea:98:26:ee:
                    ab:93:53:9e:83:d2:7c:c9:e2:33:cb:33:07:7c:0f:
                    85:73:fa:6f:e4:90:4d:c0:03:48:dc:de:d7:df:60:
                    69:4d:4a:67:bc:09:49:f1:7c:bd:b9:6e:86:4f:8d:
                    72:c1:8f:47:57:1c:96:30:8d:3f:b2:2a:7a:a1:33:
                    8a:74:aa:1c:f9:03:fb:2f:56:e3:99:59:e6:d4:1c:
                    5b:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:60:46:21:56:98:AB:B5:E7:48:5F:A6:03:60:D6:3F:D7:E3:F1:6F
            X509v3 Authority Key Identifier:
                keyid:AF:11:60:B8:03:EB:22:61:C1:3F:8C:8A:DC:95:3D:3B:5A:FB:57:CC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rxFguAPrImHBP4yK3JU9O1r7V8w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/f7f214-1db2-436a-95c6-643f0da849fa/1/rxFguAPrImHBP4yK3JU9O1r7V8w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/f7f214-1db2-436a-95c6-643f0da849fa/1/rxFguAPrImHBP4yK3JU9O1r7V8w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6b:6c:5a:71:07:55:5b:6c:5d:e8:6f:37:9e:33:bd:34:17:07:
         9a:62:af:c2:6f:fb:cc:ee:8e:ef:68:f4:1f:2a:c6:69:ba:47:
         6d:a6:c7:80:a9:56:dc:ef:58:42:36:fc:cf:a1:dc:f9:3e:a7:
         d1:af:3b:7b:c2:de:26:c0:59:c5:b8:f6:1d:93:a2:ba:d7:06:
         02:94:e2:29:72:f7:45:e1:66:d7:79:bf:d7:3a:c4:f2:55:cc:
         d4:f2:c1:13:4e:5c:83:cf:6b:1d:eb:90:df:56:00:de:a9:51:
         62:48:8e:6b:93:76:2a:f0:cf:e7:16:d1:03:28:bf:56:55:08:
         d9:be:f6:ef:bd:5e:79:2e:93:9f:76:f0:19:87:b8:8f:d4:1e:
         1b:11:7b:74:0d:a5:49:b7:1f:63:ea:0d:44:12:a4:cf:f6:f0:
         77:7d:50:f0:1b:c5:36:0a:ce:7c:7a:39:7b:fa:8b:28:a8:e6:
         12:15:50:0c:f0:d6:08:17:fb:ea:31:ed:aa:eb:fb:df:72:cf:
         54:2a:bf:2a:65:78:7a:28:f3:1a:64:51:31:82:5f:e8:a0:88:
         e1:1d:fc:f7:88:bf:06:f4:8b:a5:ba:32:44:df:ac:f7:3e:ac:
         70:2f:08:91:f6:40:e2:38:26:7c:65:85:90:ab:23:74:22:c5:
         41:c2:6c:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8/Xa6AwvepACjPpwdrLkYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMTE2MGI4MDNlYjIyNjFjMTNmOGM4YWRjOTUzZDNiNWFm
YjU3Y2MwHhcNMjUxMDE5MTUwMTMzWhcNMjUxMDIwMTUwMTMzWjAzMTEwLwYDVQQD
EyhmZjYwNDYyMTU2OThhYmI1ZTc0ODVmYTYwMzYwZDYzZmQ3ZTNmMTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Ofl0ZcU/NwZuLy73yEHMbckWzJU
azX5YIeWdpwIhDGN3baJJs5Ohsbi6yKHwBkulLp9DDP1DLJ6akuc2mdRpFLJ43mx
SGNPR8A1xc/unaMmKTK+wv6ofapnwb5BL/KfW3cght+oRY3b09HntEc9/qZ48NgB
oLiFdxwSH2tXZBNxAXJ+qeWnYqIJ0PLtRpcKqec5Ayb92KNUBMDZRbcZhlgkxNsl
Rir6pb11YcVs+uqYJu6rk1Oeg9J8yeIzyzMHfA+Fc/pv5JBNwANI3N7X32BpTUpn
vAlJ8Xy9uW6GT41ywY9HVxyWMI0/sip6oTOKdKoc+QP7L1bjmVnm1BxbzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP9gRiFWmKu150hfpgNg1j/X4/FvMB8GA1UdIwQY
MBaAFK8RYLgD6yJhwT+MityVPTta+1fMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnhGZ3VBUHJJbUhCUDR5SzNKVTlPMXI3Vjh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9mN2YyMTQtMWRiMi00MzZhLTk1YzYt
NjQzZjBkYTg0OWZhLzEvcnhGZ3VBUHJJbUhCUDR5SzNKVTlPMXI3Vjh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9mN2YyMTQtMWRiMi00MzZhLTk1YzYtNjQzZjBkYTg0OWZh
LzEvcnhGZ3VBUHJJbUhCUDR5SzNKVTlPMXI3Vjh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa2xacQdV
W2xd6G83njO9NBcHmmKvwm/7zO6O72j0HyrGabpHbabHgKlW3O9YQjb8z6Hc+T6n
0a87e8LeJsBZxbj2HZOiutcGApTiKXL3ReFm13m/1zrE8lXM1PLBE05cg89rHeuQ
31YA3qlRYkiOa5N2KvDP5xbRAyi/VlUI2b72771eeS6Tn3bwGYe4j9QeGxF7dA2l
SbcfY+oNRBKkz/bwd31Q8BvFNgrOfHo5e/qLKKjmEhVQDPDWCBf76jHtquv733LP
VCq/KmV4eijzGmRRMYJf6KCI4R3894i/BvSLpboyRN+s9z6scC8IkfZA4jgmfGWF
kKsjdCLFQcJs0Q==
-----END CERTIFICATE-----