Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft
File:                     I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft (raw, json)
Hash identifier:          EXC4tcn1xwc5xF1TocOjwmM24mT1JbPeTyvIfyLbmZY=
Subject key identifier:   98:9E:F9:9B:AF:FC:1B:B4:C5:F2:38:38:9C:06:B1:6F:B1:BB:03:64
Authority key identifier: 23:F9:10:84:05:88:19:88:9A:4A:8F:32:EA:34:77:59:54:31:34:F0
Certificate issuer:       /CN=23f91084058819889a4a8f32ea347759543134f0
Certificate serial:       0199FC5913A1CBE84DF9644FB90D03BA2B66
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft
Manifest number:          16DF
Signing time:             Sun 19 Oct 2025 12:02:00 +0000
Manifest this update:     Sun 19 Oct 2025 12:02:00 +0000
Manifest next update:     Mon 20 Oct 2025 12:02:00 +0000
Files and hashes:         1: I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl (hash: YDMnYFXjw/yuP2eFWY3v2aZjAbuMX6/qS+OVAu2Q/bU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:59:13:a1:cb:e8:4d:f9:64:4f:b9:0d:03:ba:2b:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23f91084058819889a4a8f32ea347759543134f0
        Validity
            Not Before: Oct 19 12:02:00 2025 GMT
            Not After : Oct 20 12:02:00 2025 GMT
        Subject: CN=989ef99baffc1bb4c5f238389c06b16fb1bb0364
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:b4:77:34:18:88:ce:7e:73:21:dc:14:31:70:
                    a6:20:12:21:89:ac:77:f7:0d:0c:a3:a7:79:d4:5f:
                    3a:e0:d8:78:ee:01:0c:eb:90:a5:ea:5d:71:9e:aa:
                    79:61:0e:96:99:14:4c:ff:1d:0d:f8:24:1a:6b:49:
                    76:e0:7d:02:11:e2:58:88:ea:ea:5e:eb:29:63:41:
                    bd:2f:08:d3:87:79:9c:07:5b:14:c8:7c:00:09:0c:
                    0b:d8:1c:7d:e2:78:32:04:5b:0e:a2:83:52:5e:70:
                    b9:ab:0e:17:34:4e:40:b7:e1:67:4b:c4:1a:8f:15:
                    da:35:51:d6:4f:e9:18:d7:0c:a2:38:17:31:1b:15:
                    b8:e7:75:7e:ba:15:93:d0:6f:dd:b0:85:ab:ec:c1:
                    2a:b8:63:f5:94:95:09:76:0a:b9:df:b7:0a:75:81:
                    21:45:68:ce:b6:40:10:9a:f4:03:a4:6b:71:3e:e6:
                    5f:a8:e3:cc:33:46:15:39:99:5d:8d:b0:84:f9:47:
                    11:37:65:ae:d9:11:73:ea:47:c6:dc:1a:b7:ee:99:
                    2d:d8:98:f1:f5:51:41:06:1d:92:32:dc:a8:12:3a:
                    a1:a9:cd:df:e1:93:53:5a:55:2c:17:5c:57:6d:db:
                    87:b9:8b:27:32:c1:7c:a0:4c:2b:81:e0:4c:cd:42:
                    bf:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:9E:F9:9B:AF:FC:1B:B4:C5:F2:38:38:9C:06:B1:6F:B1:BB:03:64
            X509v3 Authority Key Identifier:
                keyid:23:F9:10:84:05:88:19:88:9A:4A:8F:32:EA:34:77:59:54:31:34:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:0c:b0:de:bc:f7:e7:aa:f0:cb:10:21:40:4b:d0:96:c7:8e:
         e0:ec:cb:86:3c:21:b8:98:36:99:02:d6:47:cf:5e:37:13:27:
         ba:1d:29:25:81:be:86:bd:dd:69:67:d1:34:e0:83:51:b1:26:
         c8:0b:a7:2b:d5:7d:ee:b4:47:29:03:cf:b3:d0:9b:d4:82:52:
         b1:b8:9e:cd:4c:d6:1b:da:ec:78:f8:6e:a2:8e:f0:d7:05:28:
         9a:0b:68:64:b4:eb:70:8d:87:1a:4a:f9:34:a3:ea:94:51:62:
         28:47:83:f7:6d:a2:49:46:73:5d:5f:d2:43:91:b6:ee:34:90:
         d8:b5:ee:c1:f5:30:fa:43:68:27:89:09:13:23:71:e5:cb:6b:
         70:16:2a:5f:70:31:4d:cb:aa:3f:b5:c0:57:d8:3b:f8:9d:6f:
         b9:b2:a9:52:2e:b4:11:ed:f3:3a:30:3e:95:2a:bf:5e:1e:f0:
         e0:86:58:6a:2f:ec:41:b9:a2:4b:8d:62:af:c1:8b:bc:12:b4:
         21:b8:8e:6d:57:c9:1b:08:06:f4:bb:0e:a9:52:6d:3d:32:db:
         a5:45:9f:9f:f0:ea:d5:6d:4a:b5:ad:fa:81:30:c0:93:2d:ba:
         b1:64:dd:d5:33:51:b0:93:2f:80:82:e9:b1:37:5c:bf:0e:c5:
         e6:a8:38:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WROhy+hN+WRPuQ0DuitmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZjkxMDg0MDU4ODE5ODg5YTRhOGYzMmVhMzQ3NzU5NTQz
MTM0ZjAwHhcNMjUxMDE5MTIwMjAwWhcNMjUxMDIwMTIwMjAwWjAzMTEwLwYDVQQD
Eyg5ODllZjk5YmFmZmMxYmI0YzVmMjM4Mzg5YzA2YjE2ZmIxYmIwMzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLR3NBiIzn5zIdwUMXCmIBIhiax3
9w0Mo6d51F864Nh47gEM65Cl6l1xnqp5YQ6WmRRM/x0N+CQaa0l24H0CEeJYiOrq
XuspY0G9LwjTh3mcB1sUyHwACQwL2Bx94ngyBFsOooNSXnC5qw4XNE5At+FnS8Qa
jxXaNVHWT+kY1wyiOBcxGxW453V+uhWT0G/dsIWr7MEquGP1lJUJdgq537cKdYEh
RWjOtkAQmvQDpGtxPuZfqOPMM0YVOZldjbCE+UcRN2Wu2RFz6kfG3Bq37pkt2Jjx
9VFBBh2SMtyoEjqhqc3f4ZNTWlUsF1xXbduHuYsnMsF8oEwrgeBMzUK/wwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJie+Zuv/Bu0xfI4OJwGsW+xuwNkMB8GA1UdIwQY
MBaAFCP5EIQFiBmImkqPMuo0d1lUMTTwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8yMDUwMDctNzljNi00ODUyLTg5MjQt
ZmRjZWQ0NWQyZmVjLzEvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8yMDUwMDctNzljNi00ODUyLTg5MjQtZmRjZWQ0NWQyZmVj
LzEvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATgyw3rz3
56rwyxAhQEvQlseO4OzLhjwhuJg2mQLWR89eNxMnuh0pJYG+hr3daWfRNOCDUbEm
yAunK9V97rRHKQPPs9Cb1IJSsbiezUzWG9rsePhuoo7w1wUomgtoZLTrcI2HGkr5
NKPqlFFiKEeD922iSUZzXV/SQ5G27jSQ2LXuwfUw+kNoJ4kJEyNx5ctrcBYqX3Ax
TcuqP7XAV9g7+J1vubKpUi60Ee3zOjA+lSq/Xh7w4IZYai/sQbmiS41ir8GLvBK0
IbiObVfJGwgG9LsOqVJtPTLbpUWfn/Dq1W1Kta36gTDAky26sWTd1TNRsJMvgILp
sTdcvw7F5qg4zQ==
-----END CERTIFICATE-----