Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft
File:                     oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft (raw, json)
Hash identifier:          YL9L1cZoqHQJteZsziZXX91cZw5vVY2dWAQLJaXQiPg=
Subject key identifier:   06:E2:FE:B6:83:AE:78:61:1E:B9:7F:F0:AF:9E:10:9A:87:51:CF:67
Authority key identifier: A3:23:E0:41:DD:45:96:53:33:E2:B1:47:4F:C5:0B:E2:F0:FA:95:0E
Certificate issuer:       /CN=a323e041dd45965333e2b1474fc50be2f0fa950e
Certificate serial:       019A02FEF00508A5B7F174B8BD9D35A888A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oyPgQd1FllMz4rFHT8UL4vD6lQ4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft
Manifest number:          0AF6
Signing time:             Mon 20 Oct 2025 19:00:53 +0000
Manifest this update:     Mon 20 Oct 2025 19:00:53 +0000
Manifest next update:     Tue 21 Oct 2025 19:00:53 +0000
Files and hashes:         1: oyPgQd1FllMz4rFHT8UL4vD6lQ4.crl (hash: 4WFwUm5aagnaDxcaLVDMHb1PHK/9JABhU5jAib/4jGU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oyPgQd1FllMz4rFHT8UL4vD6lQ4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 19:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:02:fe:f0:05:08:a5:b7:f1:74:b8:bd:9d:35:a8:88:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a323e041dd45965333e2b1474fc50be2f0fa950e
        Validity
            Not Before: Oct 20 19:00:53 2025 GMT
            Not After : Oct 21 19:00:53 2025 GMT
        Subject: CN=06e2feb683ae78611eb97ff0af9e109a8751cf67
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:f9:41:e6:ac:7b:26:81:21:5b:a1:77:44:ff:
                    dd:63:87:9a:1d:c4:e8:2a:8b:59:5d:c2:1a:b7:57:
                    fd:3b:13:fb:c3:45:e8:b8:50:cc:77:ae:74:95:d0:
                    1c:71:1b:ec:d4:94:d5:45:de:a8:fd:7b:f0:01:b1:
                    31:6c:fa:4d:8f:b9:97:a7:a5:9b:e0:d2:08:40:e3:
                    42:c4:65:63:cf:d9:d7:3c:7f:aa:2f:d5:c5:27:fd:
                    94:0c:8b:d9:b9:b1:62:2c:86:90:79:e5:e9:be:1e:
                    24:4f:a8:e8:6f:65:56:1d:97:01:1b:95:d5:e4:b0:
                    75:88:dd:fe:fc:4f:9d:11:68:54:4d:60:71:ed:5c:
                    ea:c4:1b:61:0a:90:2a:20:ff:eb:51:e5:fa:ff:96:
                    3e:c7:ac:5c:84:e6:d4:d1:1b:a0:7e:35:9d:b1:5a:
                    79:74:8c:76:78:97:30:01:b4:54:b5:fe:e1:7a:40:
                    7e:a6:61:ec:dd:7a:88:1c:68:19:84:96:e8:62:75:
                    d7:af:ab:1e:ae:ae:ff:99:63:4b:c5:07:9e:6f:d1:
                    9e:34:a9:5e:bb:de:19:18:62:53:25:df:6c:c7:07:
                    f1:a4:80:5b:31:6a:63:95:7c:69:9a:a3:f4:bd:7d:
                    eb:7d:36:95:19:19:41:58:70:46:df:e4:8f:10:7a:
                    fa:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:E2:FE:B6:83:AE:78:61:1E:B9:7F:F0:AF:9E:10:9A:87:51:CF:67
            X509v3 Authority Key Identifier:
                keyid:A3:23:E0:41:DD:45:96:53:33:E2:B1:47:4F:C5:0B:E2:F0:FA:95:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oyPgQd1FllMz4rFHT8UL4vD6lQ4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:63:50:00:97:d0:89:e5:d6:54:56:de:be:58:71:21:9d:0f:
         ce:de:91:54:7b:11:02:26:b9:b2:62:7e:8d:e6:f0:12:3a:7b:
         e7:c5:b8:93:e0:00:49:ae:75:7f:b8:a4:c2:43:73:87:a9:0c:
         7f:7d:25:0c:74:69:4d:b5:38:a9:a1:47:50:f1:f8:4a:b5:76:
         b1:06:a8:ca:07:14:72:c9:04:63:81:c1:48:df:78:71:fe:c1:
         bf:bd:c3:bd:32:53:1c:1e:92:64:31:0f:8e:7b:50:2b:95:07:
         68:f5:f3:da:f6:9d:f9:66:3f:75:65:6a:da:15:a3:45:d3:d7:
         47:7c:09:c3:fd:3a:1e:c4:45:5c:ad:98:9d:d4:33:cb:87:a6:
         e5:e4:61:79:a7:2c:15:10:5e:ca:35:36:36:1a:2c:a5:78:60:
         40:68:1f:22:38:b2:cc:47:21:9b:6c:21:aa:6f:44:a8:ac:f1:
         2e:d5:42:a2:8f:f3:94:73:4e:e6:81:3d:3f:64:24:3a:0a:df:
         1a:99:d0:01:ae:4d:ba:eb:1e:85:24:4b:bd:2f:37:63:19:4c:
         80:1c:36:1c:64:20:26:ca:76:24:33:75:01:94:a1:f4:30:c2:
         39:4b:9f:4e:88:82:c5:12:b9:d3:70:f6:c0:6e:0c:4b:d5:ae:
         16:87:20:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoC/vAFCKW38XS4vZ01qIikMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMjNlMDQxZGQ0NTk2NTMzM2UyYjE0NzRmYzUwYmUyZjBm
YTk1MGUwHhcNMjUxMDIwMTkwMDUzWhcNMjUxMDIxMTkwMDUzWjAzMTEwLwYDVQQD
EygwNmUyZmViNjgzYWU3ODYxMWViOTdmZjBhZjllMTA5YTg3NTFjZjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvlB5qx7JoEhW6F3RP/dY4eaHcTo
KotZXcIat1f9OxP7w0XouFDMd650ldAccRvs1JTVRd6o/XvwAbExbPpNj7mXp6Wb
4NIIQONCxGVjz9nXPH+qL9XFJ/2UDIvZubFiLIaQeeXpvh4kT6job2VWHZcBG5XV
5LB1iN3+/E+dEWhUTWBx7VzqxBthCpAqIP/rUeX6/5Y+x6xchObU0RugfjWdsVp5
dIx2eJcwAbRUtf7hekB+pmHs3XqIHGgZhJboYnXXr6serq7/mWNLxQeeb9GeNKle
u94ZGGJTJd9sxwfxpIBbMWpjlXxpmqP0vX3rfTaVGRlBWHBG3+SPEHr6sQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAbi/raDrnhhHrl/8K+eEJqHUc9nMB8GA1UdIwQY
MBaAFKMj4EHdRZZTM+KxR0/FC+Lw+pUOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3lQZ1FkMUZsbE16NHJGSFQ4VUw0dkQ2bFE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9lODMzOWUtZmQ2ZC00MDRkLWE2NGMt
Y2FkYzUxNGFjZTcyLzEvb3lQZ1FkMUZsbE16NHJGSFQ4VUw0dkQ2bFE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9lODMzOWUtZmQ2ZC00MDRkLWE2NGMtY2FkYzUxNGFjZTcy
LzEvb3lQZ1FkMUZsbE16NHJGSFQ4VUw0dkQ2bFE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASGNQAJfQ
ieXWVFbevlhxIZ0Pzt6RVHsRAia5smJ+jebwEjp758W4k+AASa51f7ikwkNzh6kM
f30lDHRpTbU4qaFHUPH4SrV2sQaoygcUcskEY4HBSN94cf7Bv73DvTJTHB6SZDEP
jntQK5UHaPXz2vad+WY/dWVq2hWjRdPXR3wJw/06HsRFXK2YndQzy4em5eRheacs
FRBeyjU2NhospXhgQGgfIjiyzEchm2whqm9EqKzxLtVCoo/zlHNO5oE9P2QkOgrf
GpnQAa5NuusehSRLvS83YxlMgBw2HGQgJsp2JDN1AZSh9DDCOUufToiCxRK503D2
wG4MS9WuFocguQ==
-----END CERTIFICATE-----