Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft
File:                     0kvL9emk_kMp8iPBFFBykFOPnMI.mft (raw, json)
Hash identifier:          Oim63hAbhsk1nJzn/CwSu3V1znppRv3PuvPwoVIqwlQ=
Subject key identifier:   8B:A5:49:B5:82:12:01:FC:BA:2E:3B:F9:8B:96:B9:0D:78:63:B3:A3
Authority key identifier: D2:4B:CB:F5:E9:A4:FE:43:29:F2:23:C1:14:50:72:90:53:8F:9C:C2
Certificate issuer:       /CN=d24bcbf5e9a4fe4329f223c114507290538f9cc2
Certificate serial:       0199FFC892A8C51859E0B597B5FA8C79D280
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0kvL9emk_kMp8iPBFFBykFOPnMI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft
Manifest number:          122F
Signing time:             Mon 20 Oct 2025 04:02:38 +0000
Manifest this update:     Mon 20 Oct 2025 04:02:38 +0000
Manifest next update:     Tue 21 Oct 2025 04:02:38 +0000
Files and hashes:         1: 0kvL9emk_kMp8iPBFFBykFOPnMI.crl (hash: aN6Kk67vE1V1RaNVCeyCfPC6ne75kaV/7loErgL/+JA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0kvL9emk_kMp8iPBFFBykFOPnMI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c8:92:a8:c5:18:59:e0:b5:97:b5:fa:8c:79:d2:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d24bcbf5e9a4fe4329f223c114507290538f9cc2
        Validity
            Not Before: Oct 20 04:02:38 2025 GMT
            Not After : Oct 21 04:02:38 2025 GMT
        Subject: CN=8ba549b5821201fcba2e3bf98b96b90d7863b3a3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:ac:7d:97:49:c8:df:4a:06:43:f7:ec:57:6e:
                    f4:ee:41:37:62:c1:9d:2d:8f:e8:7a:db:19:9e:76:
                    68:e0:de:9e:7e:5f:6d:3e:2e:9f:98:56:5b:03:d3:
                    fe:1e:bc:dc:35:54:eb:2d:c0:50:62:64:f7:3d:72:
                    61:2b:57:91:cc:b5:48:b3:f0:6e:07:1d:af:1a:0d:
                    10:fc:54:08:dc:4c:c0:cd:0c:9f:7a:81:1b:5f:bc:
                    b9:ad:4d:33:bb:1d:5b:7a:58:37:42:99:43:03:0a:
                    5b:33:71:64:58:ab:3b:a6:7c:f8:e1:e6:c5:37:87:
                    6e:8a:69:ec:af:86:99:86:cd:6c:2f:ae:15:4e:0b:
                    5a:a8:1d:0b:8a:67:e7:24:50:da:33:23:9f:83:d6:
                    47:d5:49:fd:4a:fd:99:a3:53:a7:87:19:69:7a:34:
                    9a:c8:8d:72:fa:85:04:ef:5e:c0:fa:ef:17:0a:59:
                    2e:53:9f:bb:9d:df:18:fa:aa:3a:eb:88:66:b9:12:
                    8f:69:0c:24:82:35:d2:64:6a:1c:d1:5a:7d:5c:81:
                    b3:d7:0f:5a:d1:48:fd:84:b4:a8:74:43:91:4c:67:
                    f7:e7:5d:de:c0:ef:21:3f:1e:c4:5b:1d:d6:fc:30:
                    0d:51:5c:fb:09:98:82:87:3c:4c:06:c1:ce:c1:7c:
                    a7:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:A5:49:B5:82:12:01:FC:BA:2E:3B:F9:8B:96:B9:0D:78:63:B3:A3
            X509v3 Authority Key Identifier:
                keyid:D2:4B:CB:F5:E9:A4:FE:43:29:F2:23:C1:14:50:72:90:53:8F:9C:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0kvL9emk_kMp8iPBFFBykFOPnMI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:bf:47:9e:a1:91:28:fe:19:74:bf:05:5b:47:ad:6b:27:5e:
         30:9f:20:22:d1:b3:64:59:93:35:8b:00:d6:b3:64:c2:23:a7:
         7d:59:13:93:3d:5e:d0:53:14:8c:81:db:1f:f9:ad:8b:62:6b:
         07:ab:f3:52:6f:40:e4:d0:bf:56:a0:4a:33:0a:63:12:be:28:
         3a:0e:6d:fe:a0:65:64:44:15:b1:2e:db:77:58:79:83:b8:14:
         de:b7:40:ff:2c:94:31:ab:07:a1:19:01:72:ef:1e:c3:0d:fa:
         d3:f4:d6:1d:8d:8d:43:ff:db:e7:43:08:43:15:89:f7:c5:c6:
         34:24:62:5c:7c:76:a9:da:ba:08:fc:8d:fb:79:51:04:21:36:
         6a:61:e2:7e:91:ee:4e:bf:71:3d:9b:55:7a:0b:aa:93:80:61:
         d4:3a:97:2e:49:1d:18:20:99:d6:ad:4d:ac:b7:4f:af:ce:d3:
         13:c0:49:10:fa:e0:78:df:a1:06:7e:c0:5c:7c:4e:84:56:88:
         86:fd:96:d6:e2:a7:19:51:e7:7b:d6:06:df:94:92:5b:6a:c9:
         4a:17:c4:97:01:33:9c:42:45:83:ee:5a:ae:a4:4b:29:0f:fc:
         4b:2a:ab:f3:e4:8a:a3:3e:8b:94:4e:d2:d1:02:6a:70:ab:c6:
         df:4e:93:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/yJKoxRhZ4LWXtfqMedKAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNGJjYmY1ZTlhNGZlNDMyOWYyMjNjMTE0NTA3MjkwNTM4
ZjljYzIwHhcNMjUxMDIwMDQwMjM4WhcNMjUxMDIxMDQwMjM4WjAzMTEwLwYDVQQD
Eyg4YmE1NDliNTgyMTIwMWZjYmEyZTNiZjk4Yjk2YjkwZDc4NjNiM2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA46x9l0nI30oGQ/fsV2707kE3YsGd
LY/oetsZnnZo4N6efl9tPi6fmFZbA9P+HrzcNVTrLcBQYmT3PXJhK1eRzLVIs/Bu
Bx2vGg0Q/FQI3EzAzQyfeoEbX7y5rU0zux1belg3QplDAwpbM3FkWKs7pnz44ebF
N4duimnsr4aZhs1sL64VTgtaqB0LimfnJFDaMyOfg9ZH1Un9Sv2Zo1OnhxlpejSa
yI1y+oUE717A+u8XClkuU5+7nd8Y+qo664hmuRKPaQwkgjXSZGoc0Vp9XIGz1w9a
0Uj9hLSodEORTGf3513ewO8hPx7EWx3W/DANUVz7CZiChzxMBsHOwXynUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIulSbWCEgH8ui47+YuWuQ14Y7OjMB8GA1UdIwQY
MBaAFNJLy/XppP5DKfIjwRRQcpBTj5zCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGt2TDllbWtfa01wOGlQQkZGQnlrRk9Qbk1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9iYzQxYTQtZmM5MS00OTZmLWEyMjUt
MmU2ZTVlNWY1ZDliLzEvMGt2TDllbWtfa01wOGlQQkZGQnlrRk9Qbk1JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9iYzQxYTQtZmM5MS00OTZmLWEyMjUtMmU2ZTVlNWY1ZDli
LzEvMGt2TDllbWtfa01wOGlQQkZGQnlrRk9Qbk1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK79HnqGR
KP4ZdL8FW0etaydeMJ8gItGzZFmTNYsA1rNkwiOnfVkTkz1e0FMUjIHbH/mti2Jr
B6vzUm9A5NC/VqBKMwpjEr4oOg5t/qBlZEQVsS7bd1h5g7gU3rdA/yyUMasHoRkB
cu8eww360/TWHY2NQ//b50MIQxWJ98XGNCRiXHx2qdq6CPyN+3lRBCE2amHifpHu
Tr9xPZtVeguqk4Bh1DqXLkkdGCCZ1q1NrLdPr87TE8BJEPrgeN+hBn7AXHxOhFaI
hv2W1uKnGVHne9YG35SSW2rJShfElwEznEJFg+5arqRLKQ/8Syqr8+SKoz6LlE7S
0QJqcKvG306T7g==
-----END CERTIFICATE-----