Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/dc5159-45f0-426f-9ef1-96e0c1c44483/1/g_65rfwvZVEiBb1IETJMnX9qAiI.mft
File:                     g_65rfwvZVEiBb1IETJMnX9qAiI.mft (raw, json)
Hash identifier:          sMRrZXEpznN3iQbNeYAl+2eFyyFFO5OIip2CqMRk2HM=
Subject key identifier:   73:AC:B9:91:19:7C:2F:E3:DB:D7:33:14:2F:84:A0:82:ED:EA:6C:CC
Authority key identifier: 83:FE:B9:AD:FC:2F:65:51:22:05:BD:48:11:32:4C:9D:7F:6A:02:22
Certificate issuer:       /CN=83feb9adfc2f65512205bd4811324c9d7f6a0222
Certificate serial:       0199FBEB785BAC48FB1979826E48C5CF39EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/g_65rfwvZVEiBb1IETJMnX9qAiI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/dc5159-45f0-426f-9ef1-96e0c1c44483/1/g_65rfwvZVEiBb1IETJMnX9qAiI.mft
Manifest number:          04DB
Signing time:             Sun 19 Oct 2025 10:02:16 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:16 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:16 +0000
Files and hashes:         1: g_65rfwvZVEiBb1IETJMnX9qAiI.crl (hash: FUDZsmaBbsU5dPk9dZXgqUIQIBnMQDpu3LPTKBK4PVg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/dc5159-45f0-426f-9ef1-96e0c1c44483/1/g_65rfwvZVEiBb1IETJMnX9qAiI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/dc5159-45f0-426f-9ef1-96e0c1c44483/1/g_65rfwvZVEiBb1IETJMnX9qAiI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/g_65rfwvZVEiBb1IETJMnX9qAiI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:02:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:78:5b:ac:48:fb:19:79:82:6e:48:c5:cf:39:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=83feb9adfc2f65512205bd4811324c9d7f6a0222
        Validity
            Not Before: Oct 19 10:02:16 2025 GMT
            Not After : Oct 20 10:02:16 2025 GMT
        Subject: CN=73acb991197c2fe3dbd733142f84a082edea6ccc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:ed:5e:db:b5:78:3f:f2:e0:d1:21:13:64:52:
                    1b:b7:12:f3:a9:a1:f1:21:81:39:49:a3:93:a6:3a:
                    54:a0:8b:1c:01:0b:d2:57:23:bb:70:b9:94:60:0f:
                    ac:3e:58:2f:af:a7:17:fd:03:67:f1:da:b5:f2:c1:
                    32:d6:bb:db:3b:b8:73:8e:28:59:ce:3a:f7:3a:7c:
                    2a:06:d5:05:cd:36:b0:45:41:a9:4e:e9:96:19:72:
                    bb:39:b2:09:61:70:46:58:42:ae:27:cb:b7:6c:93:
                    28:77:c5:04:3d:3c:6a:f7:f4:77:cc:58:72:ad:33:
                    d6:eb:75:af:ae:e9:0d:92:96:af:52:24:6b:8f:70:
                    94:7b:93:b4:f7:a5:2e:84:cd:4c:ec:31:fd:a7:74:
                    7b:a7:6b:21:e5:4d:3c:38:45:92:d6:c6:82:99:ae:
                    7f:e3:d2:9a:b0:e3:c4:8a:df:f5:0e:15:ab:c9:e6:
                    71:02:26:4c:60:cd:a5:76:7f:6d:8e:19:31:7c:4e:
                    57:8c:71:7e:12:54:cc:13:f1:f3:72:f1:02:11:9d:
                    09:1e:66:20:13:1f:4a:b8:1a:ed:f3:d9:76:ec:7c:
                    2f:8e:ac:fa:54:8c:24:1e:40:a3:83:8b:8a:e8:28:
                    71:9f:8a:4a:2f:5c:11:39:68:a4:47:28:25:af:75:
                    ad:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:AC:B9:91:19:7C:2F:E3:DB:D7:33:14:2F:84:A0:82:ED:EA:6C:CC
            X509v3 Authority Key Identifier:
                keyid:83:FE:B9:AD:FC:2F:65:51:22:05:BD:48:11:32:4C:9D:7F:6A:02:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g_65rfwvZVEiBb1IETJMnX9qAiI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/dc5159-45f0-426f-9ef1-96e0c1c44483/1/g_65rfwvZVEiBb1IETJMnX9qAiI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/dc5159-45f0-426f-9ef1-96e0c1c44483/1/g_65rfwvZVEiBb1IETJMnX9qAiI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:af:b9:b5:c9:0f:0a:f6:70:fb:e2:9e:7f:9e:6d:c9:19:a7:
         b1:d6:86:f7:40:aa:35:49:f5:fd:51:2c:5e:28:42:28:09:5c:
         53:f6:32:d5:d1:9f:66:fa:67:ff:ce:29:c0:40:1b:4c:5c:99:
         d0:06:55:5b:56:ae:57:32:16:1e:1b:ea:b8:af:fb:55:06:f6:
         92:5f:d6:43:cd:b3:ec:28:9b:9c:06:bd:65:38:c2:01:fa:56:
         e7:26:29:29:dd:db:d3:ab:3c:f6:79:67:88:02:69:3d:29:44:
         0e:40:21:8e:38:e6:ce:9a:d1:a4:2e:85:05:e4:58:5e:59:16:
         0d:f1:4e:7d:83:95:98:3f:7f:d2:40:70:ee:55:e7:84:89:d4:
         a3:86:ff:39:5e:0b:b5:79:dd:c3:0e:9a:ac:a8:a7:26:0f:d6:
         8a:f7:d5:c8:df:82:d7:9f:83:3b:2d:0d:af:e4:87:df:94:d7:
         23:13:b7:d0:91:f7:86:19:12:78:d1:1a:d0:8a:d5:f2:64:1f:
         18:5f:5b:7c:52:1e:54:99:d1:6d:a8:87:b4:4f:85:a3:9c:ad:
         72:31:46:04:22:88:20:b8:04:97:a0:a6:44:e0:32:60:ac:1b:
         5a:10:2c:6c:89:f6:3e:e8:a0:d2:82:a5:6a:d5:eb:03:e2:0b:
         d5:96:f4:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn763hbrEj7GXmCbkjFzznuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzZmViOWFkZmMyZjY1NTEyMjA1YmQ0ODExMzI0YzlkN2Y2
YTAyMjIwHhcNMjUxMDE5MTAwMjE2WhcNMjUxMDIwMTAwMjE2WjAzMTEwLwYDVQQD
Eyg3M2FjYjk5MTE5N2MyZmUzZGJkNzMzMTQyZjg0YTA4MmVkZWE2Y2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzu1e27V4P/Lg0SETZFIbtxLzqaHx
IYE5SaOTpjpUoIscAQvSVyO7cLmUYA+sPlgvr6cX/QNn8dq18sEy1rvbO7hzjihZ
zjr3OnwqBtUFzTawRUGpTumWGXK7ObIJYXBGWEKuJ8u3bJMod8UEPTxq9/R3zFhy
rTPW63WvrukNkpavUiRrj3CUe5O096UuhM1M7DH9p3R7p2sh5U08OEWS1saCma5/
49KasOPEit/1DhWryeZxAiZMYM2ldn9tjhkxfE5XjHF+ElTME/HzcvECEZ0JHmYg
Ex9KuBrt89l27Hwvjqz6VIwkHkCjg4uK6Chxn4pKL1wROWikRyglr3WtYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHOsuZEZfC/j29czFC+EoILt6mzMMB8GA1UdIwQY
MBaAFIP+ua38L2VRIgW9SBEyTJ1/agIiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ182NXJmd3ZaVkVpQmIxSUVUSk1uWDlxQWlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9kYzUxNTktNDVmMC00MjZmLTllZjEt
OTZlMGMxYzQ0NDgzLzEvZ182NXJmd3ZaVkVpQmIxSUVUSk1uWDlxQWlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9kYzUxNTktNDVmMC00MjZmLTllZjEtOTZlMGMxYzQ0NDgz
LzEvZ182NXJmd3ZaVkVpQmIxSUVUSk1uWDlxQWlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG6+5tckP
CvZw++Kef55tyRmnsdaG90CqNUn1/VEsXihCKAlcU/Yy1dGfZvpn/84pwEAbTFyZ
0AZVW1auVzIWHhvquK/7VQb2kl/WQ82z7CibnAa9ZTjCAfpW5yYpKd3b06s89nln
iAJpPSlEDkAhjjjmzprRpC6FBeRYXlkWDfFOfYOVmD9/0kBw7lXnhInUo4b/OV4L
tXndww6arKinJg/WivfVyN+C15+DOy0Nr+SH35TXIxO30JH3hhkSeNEa0IrV8mQf
GF9bfFIeVJnRbaiHtE+Fo5ytcjFGBCKIILgEl6CmROAyYKwbWhAsbIn2Puig0oKl
atXrA+IL1Zb0ug==
-----END CERTIFICATE-----