Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft
File:                     pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft (raw, json)
Hash identifier:          SgngAsq2Qebf14OI84GFMl1HbH9G130xQit29IzTd2o=
Subject key identifier:   4E:BD:83:63:0D:FD:58:C9:4B:61:F3:9B:15:78:65:A0:B9:4F:7A:C5
Authority key identifier: A4:D3:80:41:AE:4E:73:15:77:24:AA:9F:3E:E0:43:05:E5:F1:28:34
Certificate issuer:       /CN=a4d38041ae4e73157724aa9f3ee04305e5f12834
Certificate serial:       0199FBEB069C8D6568C86707E75BB051F634
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft
Manifest number:          16B2
Signing time:             Sun 19 Oct 2025 10:01:47 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:47 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:47 +0000
Files and hashes:         1: pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl (hash: 33zOoTmA9M733GlikivKo34fIr7PqMgm4QoumkRJ1t8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:01:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:06:9c:8d:65:68:c8:67:07:e7:5b:b0:51:f6:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a4d38041ae4e73157724aa9f3ee04305e5f12834
        Validity
            Not Before: Oct 19 10:01:47 2025 GMT
            Not After : Oct 20 10:01:47 2025 GMT
        Subject: CN=4ebd83630dfd58c94b61f39b157865a0b94f7ac5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:08:73:42:e1:10:cd:0c:df:6c:34:18:db:ec:
                    25:b5:6c:66:5f:5c:67:d3:03:f7:f7:f9:28:b4:a9:
                    8f:d2:5f:53:60:a7:c7:d1:1b:c1:a9:03:6e:4c:3b:
                    9a:f0:a3:9a:f7:85:ec:a1:5e:9a:7f:d8:2e:0e:fd:
                    06:9b:97:4b:e5:d4:52:1e:da:c0:e4:1c:85:96:27:
                    47:b7:d8:18:47:98:31:ed:89:3b:1e:a8:49:1a:34:
                    06:7b:ec:2f:a6:e0:2b:ff:05:98:23:9b:ef:a0:83:
                    8b:3d:ec:66:d9:30:fa:73:6d:38:6c:d8:50:18:04:
                    9d:6e:b6:fa:5c:a4:49:a6:44:e2:db:ff:09:b7:1b:
                    69:de:b3:a9:4a:cd:c8:5c:8c:5d:7f:8a:09:d3:7f:
                    54:b1:19:b3:c0:92:48:c1:04:d9:af:2a:ce:9e:ed:
                    56:25:39:17:96:13:6c:31:b1:f3:e0:d0:2b:07:8e:
                    ab:82:46:28:25:0d:03:8e:74:b0:d0:42:36:63:ce:
                    42:3c:e9:23:b0:b8:6c:c6:76:1f:dd:92:1e:ff:14:
                    59:2e:a6:e5:12:8b:41:19:27:f2:95:fa:d7:9a:a0:
                    ea:80:26:ba:f7:7e:74:29:53:6b:dd:3a:c3:6f:d5:
                    38:94:a5:54:8e:c3:0f:b9:7d:ed:e5:bf:2d:0e:9e:
                    bf:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:BD:83:63:0D:FD:58:C9:4B:61:F3:9B:15:78:65:A0:B9:4F:7A:C5
            X509v3 Authority Key Identifier:
                keyid:A4:D3:80:41:AE:4E:73:15:77:24:AA:9F:3E:E0:43:05:E5:F1:28:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:af:9c:9d:f0:bc:00:09:bf:59:51:e3:5c:46:51:a1:8f:92:
         02:5f:32:17:3a:7d:a1:18:c8:d1:19:44:83:92:4e:f5:64:65:
         44:d2:6d:0b:85:fb:35:32:3d:80:81:96:54:1b:3b:1a:8a:28:
         21:81:74:e5:c1:53:ce:91:aa:4b:8a:bf:24:91:27:57:99:b9:
         53:47:c7:c5:4e:5d:68:20:6e:3d:f5:a0:3f:f2:54:ca:5b:94:
         4c:31:70:d0:13:62:3c:ac:d1:9d:f2:5d:4b:ed:90:65:0b:18:
         22:f1:07:92:db:fe:a0:8b:4e:f4:01:31:b7:54:6b:74:70:1c:
         e2:70:bd:fd:a2:a0:d8:3f:5f:18:8e:47:15:fa:9c:fe:f7:94:
         ec:a7:2e:81:a7:e5:e2:35:5c:ff:27:05:03:22:de:6a:03:c1:
         0e:8f:b9:78:fa:86:9a:a0:3f:39:2e:53:bc:b5:0b:c6:02:65:
         22:03:5f:a1:07:b7:40:7d:e6:15:eb:d1:48:de:94:b6:67:32:
         20:3f:f4:d2:1a:c1:95:e9:ef:47:27:0b:8b:08:7e:b5:cb:69:
         96:04:bd:70:23:92:82:59:70:2b:58:7b:c6:dd:cc:35:cd:eb:
         f9:a4:e8:6d:67:06:a1:6a:42:f7:c1:71:52:87:8e:23:65:9c:
         f9:ff:c2:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76wacjWVoyGcH51uwUfY0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZDM4MDQxYWU0ZTczMTU3NzI0YWE5ZjNlZTA0MzA1ZTVm
MTI4MzQwHhcNMjUxMDE5MTAwMTQ3WhcNMjUxMDIwMTAwMTQ3WjAzMTEwLwYDVQQD
Eyg0ZWJkODM2MzBkZmQ1OGM5NGI2MWYzOWIxNTc4NjVhMGI5NGY3YWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQhzQuEQzQzfbDQY2+wltWxmX1xn
0wP39/kotKmP0l9TYKfH0RvBqQNuTDua8KOa94XsoV6af9guDv0Gm5dL5dRSHtrA
5ByFlidHt9gYR5gx7Yk7HqhJGjQGe+wvpuAr/wWYI5vvoIOLPexm2TD6c204bNhQ
GASdbrb6XKRJpkTi2/8Jtxtp3rOpSs3IXIxdf4oJ039UsRmzwJJIwQTZryrOnu1W
JTkXlhNsMbHz4NArB46rgkYoJQ0DjnSw0EI2Y85CPOkjsLhsxnYf3ZIe/xRZLqbl
EotBGSfylfrXmqDqgCa69350KVNr3TrDb9U4lKVUjsMPuX3t5b8tDp6/mwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE69g2MN/VjJS2HzmxV4ZaC5T3rFMB8GA1UdIwQY
MBaAFKTTgEGuTnMVdySqnz7gQwXl8Sg0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi80YjQ4ZjMtODgwOC00NzNkLWE3ZTYt
MTg2YjI4Njg1NGJlLzEvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi80YjQ4ZjMtODgwOC00NzNkLWE3ZTYtMTg2YjI4Njg1NGJl
LzEvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALq+cnfC8
AAm/WVHjXEZRoY+SAl8yFzp9oRjI0RlEg5JO9WRlRNJtC4X7NTI9gIGWVBs7Gooo
IYF05cFTzpGqS4q/JJEnV5m5U0fHxU5daCBuPfWgP/JUyluUTDFw0BNiPKzRnfJd
S+2QZQsYIvEHktv+oItO9AExt1RrdHAc4nC9/aKg2D9fGI5HFfqc/veU7Kcugafl
4jVc/ycFAyLeagPBDo+5ePqGmqA/OS5TvLULxgJlIgNfoQe3QH3mFevRSN6Utmcy
ID/00hrBlenvRycLiwh+tctplgS9cCOSgllwK1h7xt3MNc3r+aTobWcGoWpC98Fx
UoeOI2Wc+f/CDA==
-----END CERTIFICATE-----