Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.mft
File:                     aPw7CfVvin8ea-PJTw8IikKiy1s.mft (raw, json)
Hash identifier:          IWHr+9IPKe8M9H6PUDqctgTtgL930bvO9XECyT8e5DU=
Subject key identifier:   22:97:C6:9A:AE:2E:EF:DA:4B:97:BD:BD:AA:6A:B1:67:B6:79:8B:0B
Authority key identifier: 68:FC:3B:09:F5:6F:8A:7F:1E:6B:E3:C9:4F:0F:08:8A:42:A2:CB:5B
Certificate issuer:       /CN=68fc3b09f56f8a7f1e6be3c94f0f088a42a2cb5b
Certificate serial:       0199FCC65218B5C57B5A928204DAA8EDAFA9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aPw7CfVvin8ea-PJTw8IikKiy1s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.mft
Manifest number:          08A0
Signing time:             Sun 19 Oct 2025 14:01:19 +0000
Manifest this update:     Sun 19 Oct 2025 14:01:19 +0000
Manifest next update:     Mon 20 Oct 2025 14:01:19 +0000
Files and hashes:         1: aPw7CfVvin8ea-PJTw8IikKiy1s.crl (hash: aG6eAqYCFAmjdFpRPk25ZLc4vMb3DFpFuZMgfwnOQA0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aPw7CfVvin8ea-PJTw8IikKiy1s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:c6:52:18:b5:c5:7b:5a:92:82:04:da:a8:ed:af:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68fc3b09f56f8a7f1e6be3c94f0f088a42a2cb5b
        Validity
            Not Before: Oct 19 14:01:19 2025 GMT
            Not After : Oct 20 14:01:19 2025 GMT
        Subject: CN=2297c69aae2eefda4b97bdbdaa6ab167b6798b0b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:cb:ca:b7:f0:a5:bb:4a:72:5a:da:22:35:dd:
                    6c:dd:9c:cf:94:bc:3b:03:a4:c4:5c:11:f1:7c:59:
                    5c:85:a8:b5:91:70:79:18:f1:cd:54:fa:73:fe:ed:
                    e3:96:6e:04:85:53:75:fe:e3:c4:93:06:b7:c7:77:
                    ce:4c:10:ef:ef:df:32:99:93:cd:75:bb:5b:5b:7f:
                    7b:0a:a1:cc:35:19:15:bd:4e:7d:b2:29:90:d0:5c:
                    d1:3b:60:b6:4c:d3:42:78:78:7a:25:88:d6:e1:5d:
                    6c:eb:e9:9e:60:46:1d:3b:f0:a6:01:a2:fe:cb:1c:
                    f7:82:b9:18:41:30:51:c0:c5:c9:df:17:ac:1d:50:
                    35:ba:1b:d7:b2:8d:4b:28:a0:7b:d1:b4:fe:2c:0d:
                    62:51:d1:23:8e:ca:31:19:ff:9a:6e:09:cb:34:80:
                    57:45:10:01:b2:a3:79:eb:e6:80:1f:af:af:5a:ca:
                    87:53:65:bb:42:88:8c:4e:0d:bf:e5:a6:03:ff:1e:
                    4b:3e:a0:1d:3c:8c:f0:19:08:b0:e2:d1:4c:94:7d:
                    0d:b4:02:13:d1:6f:9d:e3:36:3a:a7:0b:ae:ae:07:
                    b4:af:37:ea:64:3f:e5:51:8d:4a:98:20:66:27:d8:
                    d5:78:ba:e9:ed:13:d2:57:69:14:d2:41:ef:93:86:
                    de:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:97:C6:9A:AE:2E:EF:DA:4B:97:BD:BD:AA:6A:B1:67:B6:79:8B:0B
            X509v3 Authority Key Identifier:
                keyid:68:FC:3B:09:F5:6F:8A:7F:1E:6B:E3:C9:4F:0F:08:8A:42:A2:CB:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aPw7CfVvin8ea-PJTw8IikKiy1s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:e9:8d:2f:c3:fe:54:50:d4:59:95:b8:91:c8:d6:7a:28:10:
         f7:fa:0d:43:c8:31:59:4a:ad:1e:da:bf:f1:b0:99:4b:ef:ca:
         0a:5c:6f:40:f2:c2:96:ce:9c:6d:ad:ce:1c:68:13:65:30:61:
         45:f3:89:88:90:31:71:8a:9c:f3:9d:8a:44:43:05:9e:9b:c8:
         7b:ea:93:74:e4:32:c3:2b:86:ac:ae:f5:cb:66:1c:ae:a8:72:
         0a:1a:60:c0:a6:a9:04:63:5b:82:ff:1b:58:25:41:55:16:db:
         88:4e:b7:fc:8d:5b:8b:5d:2d:3d:1f:75:21:17:06:f7:a5:5b:
         d1:4c:f4:17:8b:5f:21:8b:14:6e:42:f2:64:9f:a5:01:bf:b8:
         48:a2:80:c9:54:a4:d9:56:70:28:04:57:ac:79:67:47:af:83:
         b4:bf:0d:df:b9:1f:cc:a5:86:a5:65:48:43:50:ac:60:2f:13:
         33:37:62:b0:f3:4b:66:ca:8b:a8:8b:4a:8c:d5:c5:68:a9:0b:
         9a:23:5d:9a:ea:0b:d8:b0:ea:f4:7e:1c:34:30:23:44:bf:f3:
         0c:35:be:a0:db:2a:ed:7d:9a:f4:8a:bf:dd:91:c5:d3:8c:6d:
         48:86:92:ea:cb:31:84:3b:96:b7:ba:6d:51:94:5b:23:10:65:
         9b:83:35:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8xlIYtcV7WpKCBNqo7a+pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZmMzYjA5ZjU2ZjhhN2YxZTZiZTNjOTRmMGYwODhhNDJh
MmNiNWIwHhcNMjUxMDE5MTQwMTE5WhcNMjUxMDIwMTQwMTE5WjAzMTEwLwYDVQQD
EygyMjk3YzY5YWFlMmVlZmRhNGI5N2JkYmRhYTZhYjE2N2I2Nzk4YjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcvKt/Clu0pyWtoiNd1s3ZzPlLw7
A6TEXBHxfFlchai1kXB5GPHNVPpz/u3jlm4EhVN1/uPEkwa3x3fOTBDv798ymZPN
dbtbW397CqHMNRkVvU59simQ0FzRO2C2TNNCeHh6JYjW4V1s6+meYEYdO/CmAaL+
yxz3grkYQTBRwMXJ3xesHVA1uhvXso1LKKB70bT+LA1iUdEjjsoxGf+abgnLNIBX
RRABsqN56+aAH6+vWsqHU2W7QoiMTg2/5aYD/x5LPqAdPIzwGQiw4tFMlH0NtAIT
0W+d4zY6pwuurge0rzfqZD/lUY1KmCBmJ9jVeLrp7RPSV2kU0kHvk4beAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCKXxpquLu/aS5e9vapqsWe2eYsLMB8GA1UdIwQY
MBaAFGj8Own1b4p/HmvjyU8PCIpCostbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVB3N0NmVnZpbjhlYS1QSlR3OElpa0tpeTFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zNmI5YjEtNmFiNi00NzBlLWFhNDMt
Yzg1MzRhM2M5NDk4LzEvYVB3N0NmVnZpbjhlYS1QSlR3OElpa0tpeTFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zNmI5YjEtNmFiNi00NzBlLWFhNDMtYzg1MzRhM2M5NDk4
LzEvYVB3N0NmVnZpbjhlYS1QSlR3OElpa0tpeTFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAumNL8P+
VFDUWZW4kcjWeigQ9/oNQ8gxWUqtHtq/8bCZS+/KClxvQPLCls6cba3OHGgTZTBh
RfOJiJAxcYqc852KREMFnpvIe+qTdOQywyuGrK71y2YcrqhyChpgwKapBGNbgv8b
WCVBVRbbiE63/I1bi10tPR91IRcG96Vb0Uz0F4tfIYsUbkLyZJ+lAb+4SKKAyVSk
2VZwKARXrHlnR6+DtL8N37kfzKWGpWVIQ1CsYC8TMzdisPNLZsqLqItKjNXFaKkL
miNdmuoL2LDq9H4cNDAjRL/zDDW+oNsq7X2a9Iq/3ZHF04xtSIaS6ssxhDuWt7pt
UZRbIxBlm4M13w==
-----END CERTIFICATE-----