Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.mft
File:                     Ou5vE-TaDy5DIqGnWqfn189xekI.mft (raw, json)
Hash identifier:          spvYJM3OGTWccUm+aKfE7sbv6L69u7WIWklIth6fvL0=
Subject key identifier:   72:B5:58:57:E2:8E:35:35:30:AE:84:09:9B:58:4C:DC:70:FC:37:7A
Authority key identifier: 3A:EE:6F:13:E4:DA:0F:2E:43:22:A1:A7:5A:A7:E7:D7:CF:71:7A:42
Certificate issuer:       /CN=3aee6f13e4da0f2e4322a1a75aa7e7d7cf717a42
Certificate serial:       0199FDD8B4403EDD745C14DE31E5752EA28D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ou5vE-TaDy5DIqGnWqfn189xekI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.mft
Manifest number:          16E1
Signing time:             Sun 19 Oct 2025 19:01:01 +0000
Manifest this update:     Sun 19 Oct 2025 19:01:01 +0000
Manifest next update:     Mon 20 Oct 2025 19:01:01 +0000
Files and hashes:         1: Ou5vE-TaDy5DIqGnWqfn189xekI.crl (hash: i28BpQwgKI/D9LAEKAxhFnpe18Dvg2S7+NRG7hoh/pk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ou5vE-TaDy5DIqGnWqfn189xekI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d8:b4:40:3e:dd:74:5c:14:de:31:e5:75:2e:a2:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3aee6f13e4da0f2e4322a1a75aa7e7d7cf717a42
        Validity
            Not Before: Oct 19 19:01:01 2025 GMT
            Not After : Oct 20 19:01:01 2025 GMT
        Subject: CN=72b55857e28e353530ae84099b584cdc70fc377a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:dd:8f:3b:67:59:8d:a1:98:6f:d5:ec:3d:b2:
                    14:02:30:dc:79:3c:67:60:a3:ba:48:fd:aa:a3:9e:
                    57:bf:74:45:a1:c0:1b:a0:c7:3b:08:fd:d9:42:86:
                    45:4c:83:96:e9:59:7f:90:35:7e:1a:31:e4:7f:6d:
                    14:41:40:ff:7c:5a:bb:82:be:9d:e6:03:6a:07:aa:
                    2c:d6:e1:f7:ba:f1:af:2e:a1:e8:8f:ab:a3:4a:0d:
                    97:85:4e:43:ca:3f:ba:be:9f:9b:6a:17:49:bf:ae:
                    15:ae:00:a5:d5:5f:fd:cc:bf:ab:74:95:b8:d5:63:
                    6e:c9:49:ba:75:cd:bc:04:f6:08:e9:3e:d5:6d:2e:
                    0d:b2:c6:c9:84:a7:a5:44:47:c5:67:10:cd:ad:14:
                    1b:e1:8e:ba:4e:a7:0e:b2:89:ba:7e:d6:b5:b1:8e:
                    78:e2:8c:1d:a3:db:75:39:26:fa:da:a1:48:a8:31:
                    76:47:e8:d6:7c:6b:31:09:be:ef:c7:8a:99:63:1b:
                    1a:21:14:82:7f:fd:c6:8e:07:26:fb:95:c4:ff:94:
                    28:c3:82:92:19:b2:f9:1d:ba:de:ff:f1:e0:8c:76:
                    9b:f9:1c:07:6a:59:1b:8f:7b:a6:3b:eb:fa:3c:f3:
                    96:4d:b8:b5:bc:79:df:4e:c4:f8:28:7e:52:25:95:
                    16:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:B5:58:57:E2:8E:35:35:30:AE:84:09:9B:58:4C:DC:70:FC:37:7A
            X509v3 Authority Key Identifier:
                keyid:3A:EE:6F:13:E4:DA:0F:2E:43:22:A1:A7:5A:A7:E7:D7:CF:71:7A:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ou5vE-TaDy5DIqGnWqfn189xekI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:07:92:ca:ed:4b:e7:6c:64:56:12:f2:1b:85:a8:43:a9:de:
         2c:c1:b5:b4:f8:5b:86:b7:8f:34:d8:f6:ea:87:4d:fe:4f:32:
         9b:b9:bc:0a:42:d2:6c:3a:dc:83:f7:07:f3:dd:ef:36:41:e4:
         94:8b:f0:fc:43:7c:5d:9d:d8:c9:4e:42:2c:54:bd:4f:e7:d5:
         ae:b7:4f:9b:08:75:54:0e:67:42:67:00:01:36:d5:42:50:d7:
         fc:1a:93:0e:fb:67:23:6e:19:63:78:2f:bd:dc:63:1e:98:04:
         fe:e3:36:b5:7b:a0:7d:1c:a2:69:6d:56:ed:af:47:85:9d:67:
         cc:f6:70:a3:7c:a1:b5:fb:bb:ca:81:e9:de:3f:3d:7a:20:14:
         0c:99:a7:59:32:5d:95:3b:d6:36:22:03:00:64:96:e2:81:46:
         ee:1a:d8:06:ca:3e:6a:1a:82:fb:12:d0:83:3d:64:a9:42:01:
         fd:b5:3e:22:32:e5:b3:fd:b0:c8:6a:51:6c:3e:15:df:4b:cc:
         09:66:9a:94:fb:76:d1:c4:72:dd:6f:22:f5:8a:b8:bb:2b:88:
         13:ce:c2:e0:a6:7f:2f:a4:ff:4f:6e:62:3f:d6:d7:ee:d3:49:
         f9:0e:e3:52:0a:c0:61:8f:5a:93:1e:50:81:26:49:17:fc:15:
         f2:c3:4e:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92LRAPt10XBTeMeV1LqKNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZWU2ZjEzZTRkYTBmMmU0MzIyYTFhNzVhYTdlN2Q3Y2Y3
MTdhNDIwHhcNMjUxMDE5MTkwMTAxWhcNMjUxMDIwMTkwMTAxWjAzMTEwLwYDVQQD
Eyg3MmI1NTg1N2UyOGUzNTM1MzBhZTg0MDk5YjU4NGNkYzcwZmMzNzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwt2PO2dZjaGYb9XsPbIUAjDceTxn
YKO6SP2qo55Xv3RFocAboMc7CP3ZQoZFTIOW6Vl/kDV+GjHkf20UQUD/fFq7gr6d
5gNqB6os1uH3uvGvLqHoj6ujSg2XhU5Dyj+6vp+bahdJv64VrgCl1V/9zL+rdJW4
1WNuyUm6dc28BPYI6T7VbS4NssbJhKelREfFZxDNrRQb4Y66TqcOsom6fta1sY54
4owdo9t1OSb62qFIqDF2R+jWfGsxCb7vx4qZYxsaIRSCf/3Gjgcm+5XE/5Qow4KS
GbL5Hbre//HgjHab+RwHalkbj3umO+v6PPOWTbi1vHnfTsT4KH5SJZUWgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHK1WFfijjU1MK6ECZtYTNxw/Dd6MB8GA1UdIwQY
MBaAFDrubxPk2g8uQyKhp1qn59fPcXpCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3U1dkUtVGFEeTVESXFHbldxZm4xODl4ZWtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9iYTBiMGUtN2NlYS00YjlhLTliNmQt
MGMwMjkyMTY3Zjk1LzEvT3U1dkUtVGFEeTVESXFHbldxZm4xODl4ZWtJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9iYTBiMGUtN2NlYS00YjlhLTliNmQtMGMwMjkyMTY3Zjk1
LzEvT3U1dkUtVGFEeTVESXFHbldxZm4xODl4ZWtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcAeSyu1L
52xkVhLyG4WoQ6neLMG1tPhbhrePNNj26odN/k8ym7m8CkLSbDrcg/cH893vNkHk
lIvw/EN8XZ3YyU5CLFS9T+fVrrdPmwh1VA5nQmcAATbVQlDX/BqTDvtnI24ZY3gv
vdxjHpgE/uM2tXugfRyiaW1W7a9HhZ1nzPZwo3yhtfu7yoHp3j89eiAUDJmnWTJd
lTvWNiIDAGSW4oFG7hrYBso+ahqC+xLQgz1kqUIB/bU+IjLls/2wyGpRbD4V30vM
CWaalPt20cRy3W8i9Yq4uyuIE87C4KZ/L6T/T25iP9bX7tNJ+Q7jUgrAYY9akx5Q
gSZJF/wV8sNOyA==
-----END CERTIFICATE-----