Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.mft
File:                     w3P66Z1lEpiEXSL4nY0rLh0TvAQ.mft (raw, json)
Hash identifier:          K3YpYhABcz8i4qfGmuUI/zoMAp/yPID1L4DHmq1dF1I=
Subject key identifier:   81:C0:DE:C9:F9:97:B1:6C:7B:BC:AE:98:F7:5A:31:9B:42:BE:8F:C8
Authority key identifier: C3:73:FA:E9:9D:65:12:98:84:5D:22:F8:9D:8D:2B:2E:1D:13:BC:04
Certificate issuer:       /CN=c373fae99d651298845d22f89d8d2b2e1d13bc04
Certificate serial:       0199FDD985048493EA9BCC6EBB3BED30CAC2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.mft
Manifest number:          0996
Signing time:             Sun 19 Oct 2025 19:01:54 +0000
Manifest this update:     Sun 19 Oct 2025 19:01:54 +0000
Manifest next update:     Mon 20 Oct 2025 19:01:54 +0000
Files and hashes:         1: w3P66Z1lEpiEXSL4nY0rLh0TvAQ.crl (hash: sDo/Rpgm/Y5HcC0CHAnlCPQuI/ht0x/pPG2soWJc0GU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d9:85:04:84:93:ea:9b:cc:6e:bb:3b:ed:30:ca:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c373fae99d651298845d22f89d8d2b2e1d13bc04
        Validity
            Not Before: Oct 19 19:01:54 2025 GMT
            Not After : Oct 20 19:01:54 2025 GMT
        Subject: CN=81c0dec9f997b16c7bbcae98f75a319b42be8fc8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:49:1f:5d:0d:92:bb:e7:35:e1:65:58:ed:66:
                    f7:44:5b:7a:65:84:6b:46:a9:d1:e0:82:35:c6:0b:
                    d8:54:05:00:07:9f:df:1a:67:d8:11:6a:ce:c7:15:
                    f5:44:29:4e:ab:08:cb:74:d8:49:5a:b1:07:2a:60:
                    a4:06:da:37:16:83:4d:88:95:fc:ab:c2:fc:8b:eb:
                    8e:92:e3:58:fe:ef:06:09:73:2b:86:ca:5e:60:05:
                    f7:03:23:98:d7:6a:d2:92:b4:44:68:53:64:a0:67:
                    67:05:fb:95:f5:55:74:fc:d9:47:4d:c3:4c:93:f1:
                    b2:e1:e2:d5:70:c7:b2:75:1f:9a:11:f3:bd:c9:81:
                    29:31:f2:b4:8d:be:72:bf:a7:28:9f:88:a8:2f:2c:
                    e5:a8:58:7c:0d:8a:a7:4b:48:69:06:29:6c:15:ae:
                    89:19:2a:49:2f:be:66:16:59:39:d2:cb:29:18:08:
                    21:06:12:6f:dc:8b:d9:aa:af:29:d3:8d:f1:8b:d4:
                    68:f4:72:8c:c1:62:86:a0:c5:33:3f:0b:b1:17:e2:
                    24:e1:9d:ca:ef:7c:c9:9b:2b:72:d9:fb:94:00:94:
                    d3:e7:08:a1:9d:08:85:70:c8:f0:77:03:5a:91:d7:
                    26:96:9c:ac:a1:b8:01:5a:3d:8f:c3:3b:95:c8:aa:
                    4d:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:C0:DE:C9:F9:97:B1:6C:7B:BC:AE:98:F7:5A:31:9B:42:BE:8F:C8
            X509v3 Authority Key Identifier:
                keyid:C3:73:FA:E9:9D:65:12:98:84:5D:22:F8:9D:8D:2B:2E:1D:13:BC:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:83:28:ce:ae:90:fb:12:68:c4:da:a1:4f:2e:8d:96:0f:9f:
         57:6d:7f:21:c1:c1:b8:48:d7:1a:f7:cb:2b:9c:ad:56:86:5b:
         c3:90:f9:52:32:93:2b:64:67:dd:3f:a3:c0:b1:7e:59:76:e4:
         e7:d5:a8:12:7a:20:45:bf:75:4a:6b:8c:ba:99:8e:62:09:56:
         50:c2:4b:63:32:75:2d:f0:b9:c2:32:ec:61:b3:90:ee:cc:a0:
         90:ee:38:16:ae:9d:3d:b5:91:8d:03:a2:31:2a:98:a2:72:30:
         49:2a:ac:e4:3e:34:ca:11:8f:04:29:5f:da:0e:dc:43:9f:c6:
         4f:a2:56:89:ec:88:77:95:2b:a0:b0:c2:95:55:b5:82:6b:69:
         04:e0:99:5e:80:a3:69:30:ea:ff:b3:d6:ae:e8:b6:4f:fc:4f:
         ba:b0:41:11:47:1e:18:71:c6:bf:87:45:10:06:b3:2d:09:45:
         2d:28:f3:27:40:fc:eb:96:b6:60:2b:78:7b:1c:71:5a:47:7b:
         82:a2:0d:d3:45:df:04:a0:17:ec:de:21:b8:b6:b4:01:01:10:
         27:0d:ee:fd:01:bc:67:69:3f:a8:95:fe:9b:e6:11:21:07:2f:
         8a:58:78:87:11:56:aa:b9:99:43:60:6d:2a:41:60:e4:00:61:
         5d:f5:51:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92YUEhJPqm8xuuzvtMMrCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNzNmYWU5OWQ2NTEyOTg4NDVkMjJmODlkOGQyYjJlMWQx
M2JjMDQwHhcNMjUxMDE5MTkwMTU0WhcNMjUxMDIwMTkwMTU0WjAzMTEwLwYDVQQD
Eyg4MWMwZGVjOWY5OTdiMTZjN2JiY2FlOThmNzVhMzE5YjQyYmU4ZmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUkfXQ2Su+c14WVY7Wb3RFt6ZYRr
RqnR4II1xgvYVAUAB5/fGmfYEWrOxxX1RClOqwjLdNhJWrEHKmCkBto3FoNNiJX8
q8L8i+uOkuNY/u8GCXMrhspeYAX3AyOY12rSkrREaFNkoGdnBfuV9VV0/NlHTcNM
k/Gy4eLVcMeydR+aEfO9yYEpMfK0jb5yv6con4ioLyzlqFh8DYqnS0hpBilsFa6J
GSpJL75mFlk50sspGAghBhJv3IvZqq8p043xi9Ro9HKMwWKGoMUzPwuxF+Ik4Z3K
73zJmyty2fuUAJTT5wihnQiFcMjwdwNakdcmlpysobgBWj2PwzuVyKpNBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIHA3sn5l7Fse7yumPdaMZtCvo/IMB8GA1UdIwQY
MBaAFMNz+umdZRKYhF0i+J2NKy4dE7wEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzNQNjZaMWxFcGlFWFNMNG5ZMHJMaDBUdkFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC84Y2U3OTUtM2ZhOS00Y2I3LTgzMWEt
MWRlNTZlNDc1ZmJmLzEvdzNQNjZaMWxFcGlFWFNMNG5ZMHJMaDBUdkFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC84Y2U3OTUtM2ZhOS00Y2I3LTgzMWEtMWRlNTZlNDc1ZmJm
LzEvdzNQNjZaMWxFcGlFWFNMNG5ZMHJMaDBUdkFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYoMozq6Q
+xJoxNqhTy6Nlg+fV21/IcHBuEjXGvfLK5ytVoZbw5D5UjKTK2Rn3T+jwLF+WXbk
59WoEnogRb91SmuMupmOYglWUMJLYzJ1LfC5wjLsYbOQ7sygkO44Fq6dPbWRjQOi
MSqYonIwSSqs5D40yhGPBClf2g7cQ5/GT6JWieyId5UroLDClVW1gmtpBOCZXoCj
aTDq/7PWrui2T/xPurBBEUceGHHGv4dFEAazLQlFLSjzJ0D865a2YCt4exxxWkd7
gqIN00XfBKAX7N4huLa0AQEQJw3u/QG8Z2k/qJX+m+YRIQcvilh4hxFWqrmZQ2Bt
KkFg5ABhXfVRsQ==
-----END CERTIFICATE-----