Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/90ba17-09dc-4b7d-a453-f606ace4acc2/1/DE8Lml_gOJ-ty7-x-hxAxKS6DSs.mft
File:                     DE8Lml_gOJ-ty7-x-hxAxKS6DSs.mft (raw, json)
Hash identifier:          gURiTIjffAiJSzBjbO2Yu6iLk7qy+4e4kZz1d15dT1I=
Subject key identifier:   BF:F5:C5:96:4C:56:78:34:5E:7A:E6:4E:9F:0E:3B:51:53:8D:84:A9
Authority key identifier: 0C:4F:0B:9A:5F:E0:38:9F:AD:CB:BF:B1:FA:1C:40:C4:A4:BA:0D:2B
Certificate issuer:       /CN=0c4f0b9a5fe0389fadcbbfb1fa1c40c4a4ba0d2b
Certificate serial:       0199FAD7ED9C624D5414B22C17153D07EF9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DE8Lml_gOJ-ty7-x-hxAxKS6DSs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/90ba17-09dc-4b7d-a453-f606ace4acc2/1/DE8Lml_gOJ-ty7-x-hxAxKS6DSs.mft
Manifest number:          13BC
Signing time:             Sun 19 Oct 2025 05:01:19 +0000
Manifest this update:     Sun 19 Oct 2025 05:01:19 +0000
Manifest next update:     Mon 20 Oct 2025 05:01:19 +0000
Files and hashes:         1: DE8Lml_gOJ-ty7-x-hxAxKS6DSs.crl (hash: SSi2Ux07T2+fsnUMBgTjA78jjSMVC4U9daeuKZIuqLs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/49/90ba17-09dc-4b7d-a453-f606ace4acc2/1/DE8Lml_gOJ-ty7-x-hxAxKS6DSs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/49/90ba17-09dc-4b7d-a453-f606ace4acc2/1/DE8Lml_gOJ-ty7-x-hxAxKS6DSs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DE8Lml_gOJ-ty7-x-hxAxKS6DSs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 05:01:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fa:d7:ed:9c:62:4d:54:14:b2:2c:17:15:3d:07:ef:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0c4f0b9a5fe0389fadcbbfb1fa1c40c4a4ba0d2b
        Validity
            Not Before: Oct 19 05:01:19 2025 GMT
            Not After : Oct 20 05:01:19 2025 GMT
        Subject: CN=bff5c5964c5678345e7ae64e9f0e3b51538d84a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:81:e8:10:ee:bb:31:69:60:55:b1:0b:17:a0:
                    fe:b8:92:26:1f:44:45:f2:f6:ed:16:79:1b:24:52:
                    b8:cc:50:c5:df:2f:2e:f9:9f:c8:01:25:db:01:95:
                    71:e2:c7:fe:f3:72:ac:e6:f9:7c:78:e7:e3:40:b9:
                    9b:bb:1d:3d:76:8d:dc:37:ce:1b:5f:c4:77:18:f1:
                    72:ed:73:d9:0e:4e:dd:08:f1:3a:d1:be:59:63:0f:
                    01:d5:cb:a4:68:e4:87:55:21:76:00:5f:f8:58:14:
                    ec:9b:01:70:c1:31:71:09:85:77:d8:62:98:12:0d:
                    66:f0:83:c8:a0:df:c0:9a:44:ca:ce:88:ec:1f:bb:
                    3b:ca:00:ac:79:ae:c4:28:30:b4:a2:f5:25:5e:2f:
                    ab:b0:0a:31:d8:89:9f:3b:ca:3d:a2:09:e3:0e:c9:
                    af:89:07:dd:34:34:fb:73:f4:e6:c0:83:d1:77:36:
                    70:9b:a4:98:17:e3:b7:f2:4d:6b:40:bd:83:43:e4:
                    e0:6f:7a:cc:63:fc:c7:c7:47:0c:e6:bb:c3:ca:85:
                    ec:39:6e:cf:b6:70:ef:53:92:10:a5:20:4a:c0:90:
                    ef:0d:c7:bf:31:14:c0:2a:5d:9e:bd:99:28:19:a4:
                    f2:a5:2b:09:97:8f:79:07:e1:7c:a4:7a:7f:ec:8e:
                    5b:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:F5:C5:96:4C:56:78:34:5E:7A:E6:4E:9F:0E:3B:51:53:8D:84:A9
            X509v3 Authority Key Identifier:
                keyid:0C:4F:0B:9A:5F:E0:38:9F:AD:CB:BF:B1:FA:1C:40:C4:A4:BA:0D:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DE8Lml_gOJ-ty7-x-hxAxKS6DSs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/90ba17-09dc-4b7d-a453-f606ace4acc2/1/DE8Lml_gOJ-ty7-x-hxAxKS6DSs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/90ba17-09dc-4b7d-a453-f606ace4acc2/1/DE8Lml_gOJ-ty7-x-hxAxKS6DSs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:c7:f5:03:62:36:c4:2a:87:58:5c:bf:9f:85:61:8b:c9:c4:
         4e:d9:c9:9c:89:46:18:5c:12:6d:f0:ef:fc:15:9a:3b:60:37:
         6e:3a:27:46:cc:08:06:53:08:85:4d:7e:15:8e:4f:9e:df:15:
         80:e8:fc:5e:0a:47:b6:ec:29:bb:57:db:d2:31:eb:fe:dc:13:
         f6:91:f5:3a:89:af:b7:79:58:a2:e3:fd:d0:b8:db:79:9c:6a:
         37:8c:e5:06:18:b0:18:0d:d2:df:03:70:fd:85:df:eb:a0:09:
         46:26:d5:00:36:87:cc:93:33:af:26:99:90:57:f4:39:f9:4e:
         49:f8:d7:57:9a:a3:4b:32:29:94:62:ea:1d:a6:03:1e:6e:43:
         98:9c:90:da:17:b2:b0:75:06:c6:7c:62:73:3c:92:8f:b8:9f:
         2e:b0:86:36:f9:0a:df:34:ff:e1:d6:45:3a:c2:6b:9b:ec:e5:
         19:9f:90:f1:dc:82:fc:c3:57:36:41:0e:aa:76:b8:66:16:43:
         cb:09:52:88:72:37:8f:06:69:f5:57:84:13:97:e4:e7:35:83:
         24:55:e6:a5:70:03:18:59:b5:90:38:a4:46:f7:b5:7c:9d:d8:
         fc:a3:99:f5:64:a3:04:bd:c1:d8:9f:00:ab:b6:07:c3:a4:db:
         9e:57:19:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn61+2cYk1UFLIsFxU9B++fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNGYwYjlhNWZlMDM4OWZhZGNiYmZiMWZhMWM0MGM0YTRi
YTBkMmIwHhcNMjUxMDE5MDUwMTE5WhcNMjUxMDIwMDUwMTE5WjAzMTEwLwYDVQQD
EyhiZmY1YzU5NjRjNTY3ODM0NWU3YWU2NGU5ZjBlM2I1MTUzOGQ4NGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsoHoEO67MWlgVbELF6D+uJImH0RF
8vbtFnkbJFK4zFDF3y8u+Z/IASXbAZVx4sf+83Ks5vl8eOfjQLmbux09do3cN84b
X8R3GPFy7XPZDk7dCPE60b5ZYw8B1cukaOSHVSF2AF/4WBTsmwFwwTFxCYV32GKY
Eg1m8IPIoN/AmkTKzojsH7s7ygCsea7EKDC0ovUlXi+rsAox2ImfO8o9ognjDsmv
iQfdNDT7c/TmwIPRdzZwm6SYF+O38k1rQL2DQ+Tgb3rMY/zHx0cM5rvDyoXsOW7P
tnDvU5IQpSBKwJDvDce/MRTAKl2evZkoGaTypSsJl495B+F8pHp/7I5bKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL/1xZZMVng0XnrmTp8OO1FTjYSpMB8GA1UdIwQY
MBaAFAxPC5pf4Difrcu/sfocQMSkug0rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREU4TG1sX2dPSi10eTcteC1oeEF4S1M2RFNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS85MGJhMTctMDlkYy00YjdkLWE0NTMt
ZjYwNmFjZTRhY2MyLzEvREU4TG1sX2dPSi10eTcteC1oeEF4S1M2RFNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS85MGJhMTctMDlkYy00YjdkLWE0NTMtZjYwNmFjZTRhY2My
LzEvREU4TG1sX2dPSi10eTcteC1oeEF4S1M2RFNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdcf1A2I2
xCqHWFy/n4Vhi8nETtnJnIlGGFwSbfDv/BWaO2A3bjonRswIBlMIhU1+FY5Pnt8V
gOj8XgpHtuwpu1fb0jHr/twT9pH1Oomvt3lYouP90LjbeZxqN4zlBhiwGA3S3wNw
/YXf66AJRibVADaHzJMzryaZkFf0OflOSfjXV5qjSzIplGLqHaYDHm5DmJyQ2hey
sHUGxnxiczySj7ifLrCGNvkK3zT/4dZFOsJrm+zlGZ+Q8dyC/MNXNkEOqna4ZhZD
ywlSiHI3jwZp9VeEE5fk5zWDJFXmpXADGFm1kDikRve1fJ3Y/KOZ9WSjBL3B2J8A
q7YHw6TbnlcZAg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:22:08 2025 by rpki-client