Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
File:                     RNvjYmp2sEoSCIlwSViGPUJjLw8.mft (raw, json)
Hash identifier:          CBuswDx3rCWEZ90Qt6gvs2sh/sRn53KRxsurrO3EmsY=
Subject key identifier:   F9:61:84:DC:1D:13:5B:11:2F:6A:EE:0D:53:A4:5E:5F:AF:F4:D5:28
Authority key identifier: 44:DB:E3:62:6A:76:B0:4A:12:08:89:70:49:58:86:3D:42:63:2F:0F
Certificate issuer:       /CN=44dbe3626a76b04a120889704958863d42632f0f
Certificate serial:       0199FC213755BE1FDBE82DD9A298D54FA266
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
Manifest number:          04F1
Signing time:             Sun 19 Oct 2025 11:00:59 +0000
Manifest this update:     Sun 19 Oct 2025 11:00:59 +0000
Manifest next update:     Mon 20 Oct 2025 11:00:59 +0000
Files and hashes:         1: RNvjYmp2sEoSCIlwSViGPUJjLw8.crl (hash: OdU1WwlwBYLGCx4LEC8D4o1DaHqMqxKTq0zdJ3saLvk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:21:37:55:be:1f:db:e8:2d:d9:a2:98:d5:4f:a2:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44dbe3626a76b04a120889704958863d42632f0f
        Validity
            Not Before: Oct 19 11:00:59 2025 GMT
            Not After : Oct 20 11:00:59 2025 GMT
        Subject: CN=f96184dc1d135b112f6aee0d53a45e5faff4d528
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:ef:bd:48:62:9f:55:09:98:45:7e:c8:b1:87:
                    5a:f5:e2:12:55:6b:ce:63:1b:eb:19:08:60:41:e9:
                    36:b1:da:f6:95:63:f1:18:c8:c5:09:49:0a:63:78:
                    f8:19:4d:c2:c5:aa:38:73:80:72:c1:7c:69:19:88:
                    f1:c5:d4:3e:9f:6f:95:64:59:f5:4e:30:f2:d5:54:
                    a1:69:1c:5e:10:3f:12:9f:f2:ce:c1:7a:f6:e5:1b:
                    a5:b4:74:9f:20:1e:1d:e7:13:33:e4:f9:8e:0f:6d:
                    a4:c8:0a:ef:1e:b2:39:66:ad:51:33:6e:02:d0:b5:
                    62:70:7e:e8:87:e3:20:cd:8c:1e:fc:95:36:54:96:
                    8b:6c:7a:a6:cd:86:e8:e5:31:0e:37:e9:a8:44:eb:
                    93:33:b4:20:27:e7:12:a1:ef:ec:f5:40:a6:05:28:
                    87:95:aa:07:75:ce:f5:64:50:5f:2b:f7:03:e5:c5:
                    65:ba:21:84:68:a8:e3:eb:ec:6f:aa:b2:50:eb:d0:
                    1a:fd:d3:36:cc:dd:83:d8:65:13:50:b1:80:91:2d:
                    65:d0:f9:32:84:2c:ca:e2:dc:13:2d:d9:32:e5:bb:
                    2b:99:e0:ca:8d:d7:97:cf:bc:54:12:74:50:9a:5b:
                    56:2b:e1:21:54:12:4e:b1:46:87:d5:8a:c7:d8:b4:
                    f1:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:61:84:DC:1D:13:5B:11:2F:6A:EE:0D:53:A4:5E:5F:AF:F4:D5:28
            X509v3 Authority Key Identifier:
                keyid:44:DB:E3:62:6A:76:B0:4A:12:08:89:70:49:58:86:3D:42:63:2F:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:ff:ac:76:3b:88:dd:04:da:8a:3f:36:06:38:a8:f8:41:c7:
         d3:cd:ad:86:36:ad:08:e3:0e:f6:50:00:d2:89:5d:1c:40:cc:
         54:d0:54:66:b1:31:97:54:89:72:c1:38:7c:05:d4:af:d8:c1:
         01:c9:59:31:f1:cf:d4:5e:cd:8a:79:80:5f:e4:54:8f:88:a8:
         25:a8:72:c6:b7:ec:c9:01:e1:b0:d0:cf:37:f1:3a:53:30:83:
         71:1f:5d:20:e3:d0:cf:fb:bc:8b:9e:3b:14:c2:45:6f:f8:d4:
         ed:44:40:72:19:41:e6:a9:76:a0:16:0a:54:40:15:c4:8a:a9:
         eb:16:f3:f4:32:2d:f9:d6:8b:1d:71:2c:c8:eb:67:ec:34:a5:
         9e:9e:d8:bb:12:25:50:3a:5d:fa:18:e2:a1:4b:b7:39:f6:68:
         a1:c7:7b:1b:70:e8:30:b2:ce:9d:44:e5:a2:12:47:2d:56:ec:
         38:40:c2:f8:27:0c:63:05:28:6f:9c:d2:c1:2f:9a:e3:f3:fd:
         05:18:5c:5b:d8:bc:e6:b9:9d:43:6b:f6:87:66:67:96:e6:24:
         4e:9c:b5:7d:08:f9:27:2e:13:00:5b:68:fa:c7:e4:53:82:17:
         cf:0a:b4:17:44:c8:12:b7:9c:b1:83:68:fb:45:c1:c0:9a:12:
         b1:8e:f5:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8ITdVvh/b6C3ZopjVT6JmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZGJlMzYyNmE3NmIwNGExMjA4ODk3MDQ5NTg4NjNkNDI2
MzJmMGYwHhcNMjUxMDE5MTEwMDU5WhcNMjUxMDIwMTEwMDU5WjAzMTEwLwYDVQQD
EyhmOTYxODRkYzFkMTM1YjExMmY2YWVlMGQ1M2E0NWU1ZmFmZjRkNTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAou+9SGKfVQmYRX7IsYda9eISVWvO
YxvrGQhgQek2sdr2lWPxGMjFCUkKY3j4GU3Cxao4c4BywXxpGYjxxdQ+n2+VZFn1
TjDy1VShaRxeED8Sn/LOwXr25RultHSfIB4d5xMz5PmOD22kyArvHrI5Zq1RM24C
0LVicH7oh+MgzYwe/JU2VJaLbHqmzYbo5TEON+moROuTM7QgJ+cSoe/s9UCmBSiH
laoHdc71ZFBfK/cD5cVluiGEaKjj6+xvqrJQ69Aa/dM2zN2D2GUTULGAkS1l0Pky
hCzK4twTLdky5bsrmeDKjdeXz7xUEnRQmltWK+EhVBJOsUaH1YrH2LTx2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPlhhNwdE1sRL2ruDVOkXl+v9NUoMB8GA1UdIwQY
MBaAFETb42JqdrBKEgiJcElYhj1CYy8PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9jOGU0MTktMDM0Ni00MzNmLTkzMDkt
ZGU4MWY5YWQ3NzljLzEvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9jOGU0MTktMDM0Ni00MzNmLTkzMDktZGU4MWY5YWQ3Nzlj
LzEvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKv+sdjuI
3QTaij82Bjio+EHH082thjatCOMO9lAA0oldHEDMVNBUZrExl1SJcsE4fAXUr9jB
AclZMfHP1F7NinmAX+RUj4ioJahyxrfsyQHhsNDPN/E6UzCDcR9dIOPQz/u8i547
FMJFb/jU7URAchlB5ql2oBYKVEAVxIqp6xbz9DIt+daLHXEsyOtn7DSlnp7YuxIl
UDpd+hjioUu3OfZoocd7G3DoMLLOnUTlohJHLVbsOEDC+CcMYwUob5zSwS+a4/P9
BRhcW9i85rmdQ2v2h2ZnluYkTpy1fQj5Jy4TAFto+sfkU4IXzwq0F0TIErecsYNo
+0XBwJoSsY71FQ==
-----END CERTIFICATE-----