Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.mft
File:                     7bKno-y66qV0GCMdsLYkq797pkU.mft (raw, json)
Hash identifier:          38mVrvxMQ6cgQWdFtOtqfNYWwckVNC+5Qt23ajg3xLw=
Subject key identifier:   53:CF:D8:40:71:B9:4C:FF:89:63:05:DC:BC:3E:20:58:B0:E2:85:15
Authority key identifier: ED:B2:A7:A3:EC:BA:EA:A5:74:18:23:1D:B0:B6:24:AB:BF:7B:A6:45
Certificate issuer:       /CN=edb2a7a3ecbaeaa57418231db0b624abbf7ba645
Certificate serial:       0199FA6A019D48A3EFB6EA602D65CFDD69BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7bKno-y66qV0GCMdsLYkq797pkU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.mft
Manifest number:          16DD
Signing time:             Sun 19 Oct 2025 03:01:15 +0000
Manifest this update:     Sun 19 Oct 2025 03:01:15 +0000
Manifest next update:     Mon 20 Oct 2025 03:01:15 +0000
Files and hashes:         1: 7bKno-y66qV0GCMdsLYkq797pkU.crl (hash: sCJBTVkOhWAIBx7a0hovTKYXcoMLJSQhE/3je1v2cJU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7bKno-y66qV0GCMdsLYkq797pkU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 03:01:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fa:6a:01:9d:48:a3:ef:b6:ea:60:2d:65:cf:dd:69:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=edb2a7a3ecbaeaa57418231db0b624abbf7ba645
        Validity
            Not Before: Oct 19 03:01:15 2025 GMT
            Not After : Oct 20 03:01:15 2025 GMT
        Subject: CN=53cfd84071b94cff896305dcbc3e2058b0e28515
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:da:89:62:48:c1:3d:bd:9b:62:1d:e1:d2:b6:
                    42:b9:e4:5a:3a:25:58:9b:92:f0:0d:73:c2:df:ee:
                    12:0c:ff:da:cc:e1:64:01:eb:38:8a:0f:21:69:45:
                    53:91:6d:8a:33:e5:49:92:1c:12:3a:ad:ad:02:a8:
                    36:7c:87:dd:02:e5:8a:fb:c1:66:56:42:e7:f7:ea:
                    c2:4e:ce:f7:1b:8e:bf:d9:51:a6:59:7c:d3:d1:3b:
                    d2:b3:5a:13:a2:04:6c:62:4d:4e:48:05:c8:30:eb:
                    d7:81:fd:15:4a:ca:44:78:ff:2f:c1:5a:8f:f1:46:
                    66:7a:a7:7b:c4:66:04:d1:dc:d3:c5:ed:28:b9:3a:
                    5b:69:0c:73:0a:84:7d:91:d7:db:af:23:8e:e9:aa:
                    d3:84:97:5d:3f:4e:13:aa:c9:99:a3:32:37:03:a8:
                    d0:d3:4c:45:5e:27:99:ba:9a:2c:ae:3a:67:e0:35:
                    bd:7c:77:4d:3e:88:74:15:7c:22:97:a8:f1:7e:18:
                    91:62:96:b4:57:9e:05:04:51:06:d5:14:72:25:78:
                    08:41:52:1a:b6:ee:22:c1:eb:04:45:32:14:7c:e5:
                    8b:1b:b5:61:c5:ea:07:2c:10:b7:92:c2:4f:61:58:
                    6c:61:97:97:f4:1a:15:01:10:d6:74:cd:81:31:30:
                    1b:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:CF:D8:40:71:B9:4C:FF:89:63:05:DC:BC:3E:20:58:B0:E2:85:15
            X509v3 Authority Key Identifier:
                keyid:ED:B2:A7:A3:EC:BA:EA:A5:74:18:23:1D:B0:B6:24:AB:BF:7B:A6:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7bKno-y66qV0GCMdsLYkq797pkU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bf:0d:2b:d7:65:d9:92:aa:b4:dd:e2:1a:81:b8:b1:00:98:2d:
         bb:3a:f3:bb:6c:2c:de:72:45:69:02:eb:39:00:1f:dd:a2:73:
         b4:f1:fa:0b:0f:5f:f0:75:b4:b4:7f:e2:17:9e:0b:15:b4:b8:
         81:47:98:e6:53:96:1d:9f:87:7e:ae:45:d1:fb:ee:de:2d:6c:
         54:e1:2f:6d:1d:ad:0a:11:20:61:87:78:4a:62:a0:d0:13:3a:
         9b:4e:09:6a:77:85:7c:43:70:e9:73:cb:e1:dd:e9:0f:d1:9f:
         76:51:b3:bd:a7:98:8b:c1:6e:50:3b:72:48:16:72:2c:aa:a9:
         cb:7d:88:0e:73:5c:86:30:e1:a5:32:30:80:2f:13:6a:48:47:
         8d:01:b9:bd:1b:0b:c0:89:cc:cf:c0:8b:98:9b:85:22:5c:6f:
         fd:d7:65:13:b5:a3:8a:0e:46:39:5b:3f:eb:e7:2f:98:a7:60:
         d7:e9:54:cd:a1:ed:50:fd:84:45:5d:75:61:b0:a0:24:6d:e7:
         95:a6:50:88:7c:2b:15:5c:f5:c9:ee:e4:ea:25:91:8b:a3:27:
         1e:e1:93:69:a5:96:b4:94:48:ec:c8:22:0a:f6:09:5f:e1:3c:
         df:b1:23:b2:89:3f:b4:33:09:9b:27:8e:48:ac:1c:9a:55:3b:
         f1:44:7c:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn6agGdSKPvtupgLWXP3Wm9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkYjJhN2EzZWNiYWVhYTU3NDE4MjMxZGIwYjYyNGFiYmY3
YmE2NDUwHhcNMjUxMDE5MDMwMTE1WhcNMjUxMDIwMDMwMTE1WjAzMTEwLwYDVQQD
Eyg1M2NmZDg0MDcxYjk0Y2ZmODk2MzA1ZGNiYzNlMjA1OGIwZTI4NTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtqJYkjBPb2bYh3h0rZCueRaOiVY
m5LwDXPC3+4SDP/azOFkAes4ig8haUVTkW2KM+VJkhwSOq2tAqg2fIfdAuWK+8Fm
VkLn9+rCTs73G46/2VGmWXzT0TvSs1oTogRsYk1OSAXIMOvXgf0VSspEeP8vwVqP
8UZmeqd7xGYE0dzTxe0ouTpbaQxzCoR9kdfbryOO6arThJddP04TqsmZozI3A6jQ
00xFXieZuposrjpn4DW9fHdNPoh0FXwil6jxfhiRYpa0V54FBFEG1RRyJXgIQVIa
tu4iwesERTIUfOWLG7VhxeoHLBC3ksJPYVhsYZeX9BoVARDWdM2BMTAbVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFPP2EBxuUz/iWMF3Lw+IFiw4oUVMB8GA1UdIwQY
MBaAFO2yp6PsuuqldBgjHbC2JKu/e6ZFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2JLbm8teTY2cVYwR0NNZHNMWWtxNzk3cGtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS80M2VkMWMtZmY1MC00MmUwLWI3ZDQt
YWYyNTRjZTNmZTY5LzEvN2JLbm8teTY2cVYwR0NNZHNMWWtxNzk3cGtVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS80M2VkMWMtZmY1MC00MmUwLWI3ZDQtYWYyNTRjZTNmZTY5
LzEvN2JLbm8teTY2cVYwR0NNZHNMWWtxNzk3cGtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvw0r12XZ
kqq03eIagbixAJgtuzrzu2ws3nJFaQLrOQAf3aJztPH6Cw9f8HW0tH/iF54LFbS4
gUeY5lOWHZ+Hfq5F0fvu3i1sVOEvbR2tChEgYYd4SmKg0BM6m04JaneFfENw6XPL
4d3pD9GfdlGzvaeYi8FuUDtySBZyLKqpy32IDnNchjDhpTIwgC8TakhHjQG5vRsL
wInMz8CLmJuFIlxv/ddlE7Wjig5GOVs/6+cvmKdg1+lUzaHtUP2ERV11YbCgJG3n
laZQiHwrFVz1ye7k6iWRi6MnHuGTaaWWtJRI7MgiCvYJX+E837Ejsok/tDMJmyeO
SKwcmlU78UR8zw==
-----END CERTIFICATE-----