Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/728a40-e0ee-436b-b1fb-197ec9a115aa/1/avL7pFrWUxpj0XNQFPaZgH9H-9w.mft
File:                     avL7pFrWUxpj0XNQFPaZgH9H-9w.mft (raw, json)
Hash identifier:          dtRrUR3sgIyhzOJCgKlvFsed0MYUJomqfVMUYT+2s6o=
Subject key identifier:   E8:0B:B1:73:54:9D:13:7A:83:1B:3E:20:9D:91:AD:14:A3:D0:96:D9
Authority key identifier: 6A:F2:FB:A4:5A:D6:53:1A:63:D1:73:50:14:F6:99:80:7F:47:FB:DC
Certificate issuer:       /CN=6af2fba45ad6531a63d1735014f699807f47fbdc
Certificate serial:       0199FCC664874B44A89B6F3BFD0D9A041862
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/avL7pFrWUxpj0XNQFPaZgH9H-9w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/728a40-e0ee-436b-b1fb-197ec9a115aa/1/avL7pFrWUxpj0XNQFPaZgH9H-9w.mft
Manifest number:          070C
Signing time:             Sun 19 Oct 2025 14:01:24 +0000
Manifest this update:     Sun 19 Oct 2025 14:01:24 +0000
Manifest next update:     Mon 20 Oct 2025 14:01:24 +0000
Files and hashes:         1: avL7pFrWUxpj0XNQFPaZgH9H-9w.crl (hash: u8hzOZJM81EHAq/wFBboS4OR6MfZyElIgmQGCCCTjVw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/41/728a40-e0ee-436b-b1fb-197ec9a115aa/1/avL7pFrWUxpj0XNQFPaZgH9H-9w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/41/728a40-e0ee-436b-b1fb-197ec9a115aa/1/avL7pFrWUxpj0XNQFPaZgH9H-9w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/avL7pFrWUxpj0XNQFPaZgH9H-9w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:c6:64:87:4b:44:a8:9b:6f:3b:fd:0d:9a:04:18:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6af2fba45ad6531a63d1735014f699807f47fbdc
        Validity
            Not Before: Oct 19 14:01:24 2025 GMT
            Not After : Oct 20 14:01:24 2025 GMT
        Subject: CN=e80bb173549d137a831b3e209d91ad14a3d096d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:76:54:37:53:46:37:22:e0:98:b1:e4:5b:2b:
                    3a:a9:ce:f0:8d:68:0a:62:4d:47:4b:15:5b:a4:89:
                    01:61:78:88:9e:f2:20:2a:66:95:44:da:a7:c3:5e:
                    bd:53:96:09:e2:24:e2:4b:0e:95:27:45:ff:df:d5:
                    ee:4f:ee:f1:5a:25:bb:24:61:20:8f:1a:9b:69:53:
                    76:da:02:b5:19:07:47:11:8d:57:9a:e4:37:ce:1e:
                    0d:4b:b8:72:3f:e6:63:ec:06:67:a8:ab:f5:1e:64:
                    82:a1:a9:fd:d5:14:d3:56:d2:3d:c4:5d:85:f4:ca:
                    19:dc:b3:a7:4a:07:cc:a8:52:82:19:90:80:31:2c:
                    11:34:36:37:12:45:bd:0a:16:25:01:ce:b4:3e:72:
                    33:e4:f9:9f:5d:df:51:e8:ed:9a:bb:28:60:fd:a6:
                    89:dc:e7:da:f6:60:46:7f:af:01:66:73:38:17:49:
                    50:a6:54:31:ad:6a:e2:72:e6:bb:35:6f:9c:34:a9:
                    b8:9a:02:a3:b9:01:ea:13:21:6d:a7:4d:4e:be:09:
                    f0:fe:d2:81:5c:3d:95:32:4c:2c:0f:5a:88:8f:16:
                    0f:4d:e8:0e:59:a5:4b:0d:27:4d:0b:0a:b1:4e:c1:
                    9e:03:f1:75:96:27:da:6b:4f:fc:b1:83:b6:99:e6:
                    24:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:0B:B1:73:54:9D:13:7A:83:1B:3E:20:9D:91:AD:14:A3:D0:96:D9
            X509v3 Authority Key Identifier:
                keyid:6A:F2:FB:A4:5A:D6:53:1A:63:D1:73:50:14:F6:99:80:7F:47:FB:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/avL7pFrWUxpj0XNQFPaZgH9H-9w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/728a40-e0ee-436b-b1fb-197ec9a115aa/1/avL7pFrWUxpj0XNQFPaZgH9H-9w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/728a40-e0ee-436b-b1fb-197ec9a115aa/1/avL7pFrWUxpj0XNQFPaZgH9H-9w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:f3:9d:63:58:4f:2e:db:32:f2:91:0f:6c:df:87:73:1d:8e:
         f9:a3:96:64:99:40:68:f8:a1:21:c4:7e:18:5c:4c:c0:ee:58:
         77:83:ee:fa:f8:27:f4:8b:d8:7a:7b:f8:a6:29:e0:d9:20:78:
         dd:df:b9:c9:41:7e:64:c6:85:42:8e:46:b1:5e:a3:b4:bb:6e:
         ad:a6:36:25:88:b3:69:4f:ec:e8:c1:59:29:52:2c:bf:2f:15:
         c1:4e:14:ce:8a:90:43:e7:01:7b:e0:94:1e:9e:52:9d:60:bb:
         ff:e0:2f:b1:30:e4:45:0a:ef:0b:d4:26:87:47:b5:47:e1:88:
         65:67:2c:b8:d5:1f:28:b7:25:86:ba:8a:6b:2f:18:fa:69:fe:
         36:a1:de:e1:1f:9d:b3:14:b4:f3:fa:b4:cc:46:a7:b7:7c:be:
         57:dc:79:6b:43:f9:66:a7:c5:79:76:20:ae:27:34:ee:0a:79:
         c2:1e:11:ec:78:c7:a8:4f:06:43:ad:d5:ec:44:78:53:73:38:
         75:08:31:a9:20:44:d5:97:18:f7:8d:9f:4c:4c:dc:cd:56:a6:
         0e:33:b2:fa:cd:f5:5c:b4:c7:d2:09:7c:fc:3a:c4:6f:c5:ad:
         47:2d:c1:4b:cb:ce:7b:09:f0:b3:77:88:75:cb:5c:7d:5b:37:
         19:fb:aa:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8xmSHS0Som287/Q2aBBhiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhZjJmYmE0NWFkNjUzMWE2M2QxNzM1MDE0ZjY5OTgwN2Y0
N2ZiZGMwHhcNMjUxMDE5MTQwMTI0WhcNMjUxMDIwMTQwMTI0WjAzMTEwLwYDVQQD
EyhlODBiYjE3MzU0OWQxMzdhODMxYjNlMjA5ZDkxYWQxNGEzZDA5NmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3ZUN1NGNyLgmLHkWys6qc7wjWgK
Yk1HSxVbpIkBYXiInvIgKmaVRNqnw169U5YJ4iTiSw6VJ0X/39XuT+7xWiW7JGEg
jxqbaVN22gK1GQdHEY1XmuQ3zh4NS7hyP+Zj7AZnqKv1HmSCoan91RTTVtI9xF2F
9MoZ3LOnSgfMqFKCGZCAMSwRNDY3EkW9ChYlAc60PnIz5PmfXd9R6O2auyhg/aaJ
3Ofa9mBGf68BZnM4F0lQplQxrWricua7NW+cNKm4mgKjuQHqEyFtp01Ovgnw/tKB
XD2VMkwsD1qIjxYPTegOWaVLDSdNCwqxTsGeA/F1lifaa0/8sYO2meYkNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOgLsXNUnRN6gxs+IJ2RrRSj0JbZMB8GA1UdIwQY
MBaAFGry+6Ra1lMaY9FzUBT2mYB/R/vcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXZMN3BGcldVeHBqMFhOUUZQYVpnSDlILTl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS83MjhhNDAtZTBlZS00MzZiLWIxZmIt
MTk3ZWM5YTExNWFhLzEvYXZMN3BGcldVeHBqMFhOUUZQYVpnSDlILTl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS83MjhhNDAtZTBlZS00MzZiLWIxZmItMTk3ZWM5YTExNWFh
LzEvYXZMN3BGcldVeHBqMFhOUUZQYVpnSDlILTl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPvOdY1hP
Ltsy8pEPbN+Hcx2O+aOWZJlAaPihIcR+GFxMwO5Yd4Pu+vgn9IvYenv4ping2SB4
3d+5yUF+ZMaFQo5GsV6jtLturaY2JYizaU/s6MFZKVIsvy8VwU4UzoqQQ+cBe+CU
Hp5SnWC7/+AvsTDkRQrvC9Qmh0e1R+GIZWcsuNUfKLclhrqKay8Y+mn+NqHe4R+d
sxS08/q0zEant3y+V9x5a0P5ZqfFeXYgric07gp5wh4R7HjHqE8GQ63V7ER4U3M4
dQgxqSBE1ZcY942fTEzczVamDjOy+s31XLTH0gl8/DrEb8WtRy3BS8vOewnws3eI
dctcfVs3Gfuq2w==
-----END CERTIFICATE-----