Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/d59e98-210f-4b55-ac4a-0268381107af/1/pWT0IqqXs96coPZ5Gfv4LrH93dI.mft
File:                     pWT0IqqXs96coPZ5Gfv4LrH93dI.mft (raw, json)
Hash identifier:          NaRPLkroAcuISaRKf5qsm8p7S00QKwCD6PDQZgWvoPE=
Subject key identifier:   2B:6A:5A:60:E7:6B:F2:A2:06:E0:3C:CF:DD:80:62:5A:1B:7C:9C:2D
Authority key identifier: A5:64:F4:22:AA:97:B3:DE:9C:A0:F6:79:19:FB:F8:2E:B1:FD:DD:D2
Certificate issuer:       /CN=a564f422aa97b3de9ca0f67919fbf82eb1fdddd2
Certificate serial:       0199FDD9BD890286CF8F7F7A1A9EEC9EBE70
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pWT0IqqXs96coPZ5Gfv4LrH93dI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/d59e98-210f-4b55-ac4a-0268381107af/1/pWT0IqqXs96coPZ5Gfv4LrH93dI.mft
Manifest number:          070D
Signing time:             Sun 19 Oct 2025 19:02:09 +0000
Manifest this update:     Sun 19 Oct 2025 19:02:09 +0000
Manifest next update:     Mon 20 Oct 2025 19:02:09 +0000
Files and hashes:         1: pWT0IqqXs96coPZ5Gfv4LrH93dI.crl (hash: l+UPvVooE3MtjTWuVF1oKvzS73O1T5lEPm8tiRP4aSI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/d59e98-210f-4b55-ac4a-0268381107af/1/pWT0IqqXs96coPZ5Gfv4LrH93dI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/d59e98-210f-4b55-ac4a-0268381107af/1/pWT0IqqXs96coPZ5Gfv4LrH93dI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pWT0IqqXs96coPZ5Gfv4LrH93dI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d9:bd:89:02:86:cf:8f:7f:7a:1a:9e:ec:9e:be:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a564f422aa97b3de9ca0f67919fbf82eb1fdddd2
        Validity
            Not Before: Oct 19 19:02:09 2025 GMT
            Not After : Oct 20 19:02:09 2025 GMT
        Subject: CN=2b6a5a60e76bf2a206e03ccfdd80625a1b7c9c2d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:21:06:9f:64:67:e6:22:86:44:06:37:79:d7:
                    82:e3:4a:f7:e6:17:57:0c:db:41:1e:62:83:6b:cb:
                    2b:f9:5b:aa:bc:77:e9:3b:63:ae:18:7a:50:bb:d5:
                    99:38:80:e6:4f:cb:75:0f:aa:f4:67:90:89:18:53:
                    37:c6:39:ab:fd:99:82:93:ee:f6:a5:e4:05:64:a7:
                    76:ea:d1:c8:fa:fc:8e:b4:b0:a8:21:52:ac:62:14:
                    d6:8d:a2:86:8e:1c:4a:88:52:8b:f4:db:b8:09:a4:
                    d3:55:f6:ed:4f:26:2f:03:32:43:64:bd:5a:30:40:
                    0b:10:7e:a9:22:df:65:42:67:83:6b:24:93:28:34:
                    16:5c:5f:6c:e0:76:b6:a3:b6:fa:76:c2:32:61:d9:
                    a5:38:c5:f4:c9:0a:d6:56:7e:e5:be:f0:18:3d:7f:
                    c5:3d:cc:53:88:2b:6d:78:29:92:19:56:7c:e2:3e:
                    a9:5b:06:64:a2:08:29:48:e0:80:27:19:c5:72:88:
                    17:9d:a1:e3:26:06:4e:ba:45:a0:2b:6e:c1:55:32:
                    ec:f9:bb:1d:4a:36:6e:5a:18:9c:5c:78:dd:91:9f:
                    dc:b5:30:5e:e5:2e:97:1f:1c:8e:e9:14:76:aa:94:
                    24:48:7b:1f:8a:1e:b7:d5:ba:5b:e4:f2:7d:fd:73:
                    ad:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:6A:5A:60:E7:6B:F2:A2:06:E0:3C:CF:DD:80:62:5A:1B:7C:9C:2D
            X509v3 Authority Key Identifier:
                keyid:A5:64:F4:22:AA:97:B3:DE:9C:A0:F6:79:19:FB:F8:2E:B1:FD:DD:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pWT0IqqXs96coPZ5Gfv4LrH93dI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/d59e98-210f-4b55-ac4a-0268381107af/1/pWT0IqqXs96coPZ5Gfv4LrH93dI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/d59e98-210f-4b55-ac4a-0268381107af/1/pWT0IqqXs96coPZ5Gfv4LrH93dI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:6d:21:50:8b:f7:c0:d7:ca:80:be:02:cd:b6:a2:3e:eb:af:
         2d:d7:7a:50:23:c1:d5:ff:02:c0:b2:3d:82:f0:fc:83:1c:0e:
         8a:0f:9b:c8:e7:c8:0a:31:97:1a:a1:2c:65:01:78:06:3a:1e:
         85:52:c5:d6:64:64:41:71:5f:62:2c:ec:62:fd:46:2c:d2:bc:
         fc:49:97:8c:1c:95:1f:0a:d1:fc:a0:f5:16:45:57:4e:31:91:
         02:14:c7:68:f8:d1:dd:5a:3f:a1:d6:84:1c:a1:6d:98:10:09:
         6c:bf:1f:8f:81:9b:6d:ee:c5:74:aa:2a:51:d8:aa:14:66:8b:
         bd:b2:a6:4a:02:b8:da:c5:67:96:bc:f7:c4:8a:f4:b6:df:96:
         ce:e8:66:73:ec:57:55:6d:ec:bf:f2:c2:50:28:80:00:b6:17:
         3d:44:76:f2:c4:62:6b:14:55:03:6c:f4:94:13:5f:4c:a5:9a:
         82:c7:ef:25:5a:45:df:b0:51:83:e8:01:6b:20:8c:d7:da:25:
         00:e0:b5:a9:a3:31:47:04:d0:17:99:43:c5:7a:fb:69:06:0c:
         a3:75:65:29:3a:d8:0b:ef:10:f1:23:6b:e4:7a:77:28:ca:a1:
         51:c2:72:ba:f5:8e:90:bd:69:d1:7c:24:1f:d2:1b:9d:ba:58:
         97:6d:f0:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92b2JAobPj396Gp7snr5wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NjRmNDIyYWE5N2IzZGU5Y2EwZjY3OTE5ZmJmODJlYjFm
ZGRkZDIwHhcNMjUxMDE5MTkwMjA5WhcNMjUxMDIwMTkwMjA5WjAzMTEwLwYDVQQD
EygyYjZhNWE2MGU3NmJmMmEyMDZlMDNjY2ZkZDgwNjI1YTFiN2M5YzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2SEGn2Rn5iKGRAY3edeC40r35hdX
DNtBHmKDa8sr+VuqvHfpO2OuGHpQu9WZOIDmT8t1D6r0Z5CJGFM3xjmr/ZmCk+72
peQFZKd26tHI+vyOtLCoIVKsYhTWjaKGjhxKiFKL9Nu4CaTTVfbtTyYvAzJDZL1a
MEALEH6pIt9lQmeDaySTKDQWXF9s4Ha2o7b6dsIyYdmlOMX0yQrWVn7lvvAYPX/F
PcxTiCtteCmSGVZ84j6pWwZkoggpSOCAJxnFcogXnaHjJgZOukWgK27BVTLs+bsd
SjZuWhicXHjdkZ/ctTBe5S6XHxyO6RR2qpQkSHsfih631bpb5PJ9/XOteQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCtqWmDna/KiBuA8z92AYlobfJwtMB8GA1UdIwQY
MBaAFKVk9CKql7PenKD2eRn7+C6x/d3SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFdUMElxcVhzOTZjb1BaNUdmdjRMckg5M2RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9kNTllOTgtMjEwZi00YjU1LWFjNGEt
MDI2ODM4MTEwN2FmLzEvcFdUMElxcVhzOTZjb1BaNUdmdjRMckg5M2RJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9kNTllOTgtMjEwZi00YjU1LWFjNGEtMDI2ODM4MTEwN2Fm
LzEvcFdUMElxcVhzOTZjb1BaNUdmdjRMckg5M2RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG20hUIv3
wNfKgL4CzbaiPuuvLdd6UCPB1f8CwLI9gvD8gxwOig+byOfICjGXGqEsZQF4Bjoe
hVLF1mRkQXFfYizsYv1GLNK8/EmXjByVHwrR/KD1FkVXTjGRAhTHaPjR3Vo/odaE
HKFtmBAJbL8fj4Gbbe7FdKoqUdiqFGaLvbKmSgK42sVnlrz3xIr0tt+Wzuhmc+xX
VW3sv/LCUCiAALYXPUR28sRiaxRVA2z0lBNfTKWagsfvJVpF37BRg+gBayCM19ol
AOC1qaMxRwTQF5lDxXr7aQYMo3VlKTrYC+8Q8SNr5Hp3KMqhUcJyuvWOkL1p0Xwk
H9IbnbpYl23wIg==
-----END CERTIFICATE-----