Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft
File:                     PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft (raw, json)
Hash identifier:          pZFhrICzhdZLeViLNyHmRr2I5ttheCIFD0ArqFKncoI=
Subject key identifier:   11:F6:CD:2C:6E:1A:79:FD:B9:58:A7:96:1A:41:63:73:FC:7F:CB:EF
Authority key identifier: 3C:0F:ED:6E:0D:14:2A:2F:09:C0:40:C9:9A:F1:C9:35:60:20:92:91
Certificate issuer:       /CN=3c0fed6e0d142a2f09c040c99af1c93560209291
Certificate serial:       0199FC8F25629A67694439418F1E88D5F9EF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PA_tbg0UKi8JwEDJmvHJNWAgkpE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft
Manifest number:          1165
Signing time:             Sun 19 Oct 2025 13:01:03 +0000
Manifest this update:     Sun 19 Oct 2025 13:01:03 +0000
Manifest next update:     Mon 20 Oct 2025 13:01:03 +0000
Files and hashes:         1: PA_tbg0UKi8JwEDJmvHJNWAgkpE.crl (hash: IfkU+zUk+7h/1SRO5vrhoLs0Gd7dxkcZRdz5WlQHEws=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PA_tbg0UKi8JwEDJmvHJNWAgkpE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:8f:25:62:9a:67:69:44:39:41:8f:1e:88:d5:f9:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c0fed6e0d142a2f09c040c99af1c93560209291
        Validity
            Not Before: Oct 19 13:01:03 2025 GMT
            Not After : Oct 20 13:01:03 2025 GMT
        Subject: CN=11f6cd2c6e1a79fdb958a7961a416373fc7fcbef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:f3:27:d6:a1:6c:fb:05:33:66:b7:a4:f2:79:
                    91:73:00:b1:b3:6e:9a:9d:6f:ef:07:8a:6c:14:39:
                    1c:f2:06:b2:b9:2b:5d:77:8a:42:2f:7e:7c:11:e3:
                    37:9b:ab:ef:69:1b:e8:c6:96:13:3c:da:4d:71:eb:
                    02:6c:24:76:d5:ef:14:49:8b:45:c3:07:af:3f:a1:
                    f3:9b:ab:cb:dc:a9:76:ed:72:45:fc:ea:f9:95:2a:
                    88:b7:04:3c:aa:42:5a:9b:64:ba:a2:78:eb:8b:4e:
                    8a:bb:7e:b9:b9:59:a9:b0:f7:e7:9b:3d:98:93:2a:
                    ab:f5:60:42:0d:d9:14:21:ef:20:0d:37:e8:2a:13:
                    0c:68:91:5a:3b:9c:72:4d:66:3e:77:7c:ef:7b:59:
                    66:4a:ae:a5:f5:c6:34:19:ab:62:5c:a0:4f:ce:ed:
                    1b:f8:a0:c6:e2:0c:5f:52:71:b4:c5:af:5b:23:38:
                    80:98:50:5f:fe:a8:67:7b:a7:04:f1:64:5f:eb:8d:
                    15:39:57:61:6c:93:8a:3b:fa:fa:b1:fa:67:4c:b3:
                    cf:3d:61:f5:0d:6e:60:b8:86:9b:a2:34:29:97:a3:
                    09:00:4b:78:c1:32:be:8e:5c:77:ec:6e:bd:be:d7:
                    fc:69:a7:47:00:41:a0:ed:e0:36:ac:60:7c:6a:fd:
                    05:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:F6:CD:2C:6E:1A:79:FD:B9:58:A7:96:1A:41:63:73:FC:7F:CB:EF
            X509v3 Authority Key Identifier:
                keyid:3C:0F:ED:6E:0D:14:2A:2F:09:C0:40:C9:9A:F1:C9:35:60:20:92:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PA_tbg0UKi8JwEDJmvHJNWAgkpE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:5a:a9:32:81:f3:bb:76:01:46:a4:9b:41:79:20:0e:c7:f3:
         3d:bf:4b:cc:15:ad:d7:59:b1:7b:88:99:98:79:fc:a1:37:7b:
         73:ea:6e:65:bd:40:45:7a:43:de:10:fe:6e:26:c1:98:8b:24:
         e0:ee:a2:cb:cd:7e:a2:f5:82:c1:7c:36:db:71:c9:d2:14:8c:
         ea:70:22:a8:93:fc:18:b2:93:71:69:85:b2:ee:a8:f0:06:50:
         5f:1c:31:39:77:cc:77:4c:69:9a:05:bd:03:7d:1c:e8:89:12:
         95:1d:32:b5:f4:df:fb:0f:23:c1:bf:b8:ec:6a:03:fb:54:96:
         a0:f9:df:18:8a:ee:9f:b0:5f:31:4d:5a:52:c8:70:ca:65:90:
         dc:b5:ef:e1:0b:79:7e:1c:2e:7e:21:6b:6b:d3:d6:b0:0f:a0:
         10:bb:9c:18:b9:94:9f:86:b0:da:5b:b1:f6:36:4f:6d:2d:47:
         ff:4c:18:f2:7d:0b:d7:f0:93:a3:bd:b7:1a:a8:fe:58:6a:a1:
         d0:e7:1a:17:10:59:15:40:7a:60:68:22:1c:49:0e:37:94:58:
         be:5e:22:59:72:03:8b:48:fa:c8:9a:4c:e7:1f:e0:03:5a:83:
         6b:fa:e7:e0:3c:c3:90:05:74:b1:a3:31:a9:cc:94:60:f8:06:
         ca:96:5a:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8jyVimmdpRDlBjx6I1fnvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMGZlZDZlMGQxNDJhMmYwOWMwNDBjOTlhZjFjOTM1NjAy
MDkyOTEwHhcNMjUxMDE5MTMwMTAzWhcNMjUxMDIwMTMwMTAzWjAzMTEwLwYDVQQD
EygxMWY2Y2QyYzZlMWE3OWZkYjk1OGE3OTYxYTQxNjM3M2ZjN2ZjYmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPMn1qFs+wUzZrek8nmRcwCxs26a
nW/vB4psFDkc8gayuStdd4pCL358EeM3m6vvaRvoxpYTPNpNcesCbCR21e8USYtF
wwevP6Hzm6vL3Kl27XJF/Or5lSqItwQ8qkJam2S6onjri06Ku365uVmpsPfnmz2Y
kyqr9WBCDdkUIe8gDTfoKhMMaJFaO5xyTWY+d3zve1lmSq6l9cY0GatiXKBPzu0b
+KDG4gxfUnG0xa9bIziAmFBf/qhne6cE8WRf640VOVdhbJOKO/r6sfpnTLPPPWH1
DW5guIabojQpl6MJAEt4wTK+jlx37G69vtf8aadHAEGg7eA2rGB8av0FxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBH2zSxuGnn9uVinlhpBY3P8f8vvMB8GA1UdIwQY
MBaAFDwP7W4NFCovCcBAyZrxyTVgIJKRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEFfdGJnMFVLaThKd0VESm12SEpOV0Fna3BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8xOGE1YzItMjVmNC00NWZjLWJiNDEt
OWFmZGMzNDVlM2QzLzEvUEFfdGJnMFVLaThKd0VESm12SEpOV0Fna3BFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8xOGE1YzItMjVmNC00NWZjLWJiNDEtOWFmZGMzNDVlM2Qz
LzEvUEFfdGJnMFVLaThKd0VESm12SEpOV0Fna3BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKVqpMoHz
u3YBRqSbQXkgDsfzPb9LzBWt11mxe4iZmHn8oTd7c+puZb1ARXpD3hD+bibBmIsk
4O6iy81+ovWCwXw223HJ0hSM6nAiqJP8GLKTcWmFsu6o8AZQXxwxOXfMd0xpmgW9
A30c6IkSlR0ytfTf+w8jwb+47GoD+1SWoPnfGIrun7BfMU1aUshwymWQ3LXv4Qt5
fhwufiFra9PWsA+gELucGLmUn4aw2lux9jZPbS1H/0wY8n0L1/CTo723Gqj+WGqh
0OcaFxBZFUB6YGgiHEkON5RYvl4iWXIDi0j6yJpM5x/gA1qDa/rn4DzDkAV0saMx
qcyUYPgGypZaWA==
-----END CERTIFICATE-----