Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/871d77-08aa-4a91-996a-8bba5fa3c317/1/nPBdS9XUK0F1rMY0rM8P-hhz8Ko.mft
File:                     nPBdS9XUK0F1rMY0rM8P-hhz8Ko.mft (raw, json)
Hash identifier:          EGCEoeK8SZoDZdhictcfN9R0MQm8anlmzxpgrE4I9WQ=
Subject key identifier:   0F:EF:E4:C4:31:A8:21:78:FA:5E:D2:04:AF:37:FC:39:17:75:76:2E
Authority key identifier: 9C:F0:5D:4B:D5:D4:2B:41:75:AC:C6:34:AC:CF:0F:FA:18:73:F0:AA
Certificate issuer:       /CN=9cf05d4bd5d42b4175acc634accf0ffa1873f0aa
Certificate serial:       0199FC58C1C4B838A33CA33B2D4C26E21D38
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nPBdS9XUK0F1rMY0rM8P-hhz8Ko.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/871d77-08aa-4a91-996a-8bba5fa3c317/1/nPBdS9XUK0F1rMY0rM8P-hhz8Ko.mft
Manifest number:          056F
Signing time:             Sun 19 Oct 2025 12:01:39 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:39 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:39 +0000
Files and hashes:         1: nPBdS9XUK0F1rMY0rM8P-hhz8Ko.crl (hash: onyPnRuVazVrQCY+vnnX9BNaCiy213jbH8pL+v5SuJw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5d/871d77-08aa-4a91-996a-8bba5fa3c317/1/nPBdS9XUK0F1rMY0rM8P-hhz8Ko.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5d/871d77-08aa-4a91-996a-8bba5fa3c317/1/nPBdS9XUK0F1rMY0rM8P-hhz8Ko.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nPBdS9XUK0F1rMY0rM8P-hhz8Ko.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:c1:c4:b8:38:a3:3c:a3:3b:2d:4c:26:e2:1d:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9cf05d4bd5d42b4175acc634accf0ffa1873f0aa
        Validity
            Not Before: Oct 19 12:01:39 2025 GMT
            Not After : Oct 20 12:01:39 2025 GMT
        Subject: CN=0fefe4c431a82178fa5ed204af37fc391775762e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:c6:f5:06:83:84:05:c7:89:e9:67:83:25:a5:
                    21:69:2f:61:fc:c2:4e:02:13:87:5e:a8:a1:c8:d7:
                    db:fd:1c:67:bb:89:0e:d7:c1:b0:24:73:b4:d1:73:
                    3b:96:c0:b6:f5:9d:c8:b7:37:5c:4b:fc:07:11:00:
                    71:8a:76:b7:56:91:9a:ac:22:ec:46:a2:49:54:cd:
                    e7:dd:ca:7e:2c:6f:01:80:50:cf:6c:32:09:9d:a1:
                    07:28:79:27:8c:1a:64:26:99:c0:ee:93:b8:10:68:
                    98:3a:3d:63:bd:49:7f:d8:f8:a3:5d:b4:2a:c7:4c:
                    69:f2:e0:02:00:67:40:89:06:e1:57:ee:9e:df:8a:
                    f5:fe:ee:33:84:c8:2d:de:1d:9c:ce:5a:6e:0a:ce:
                    3d:16:e4:84:9e:80:5c:92:eb:7d:37:75:25:39:35:
                    6c:26:08:3b:d4:3e:28:83:14:6c:51:bc:d2:cb:1d:
                    0f:ee:ce:e9:d3:6c:41:d6:a2:d4:7a:78:58:06:9d:
                    13:cc:4b:f8:b5:5e:46:9f:fd:29:3a:cf:2e:e2:24:
                    0f:73:7d:f3:4c:5e:76:a9:70:21:cb:ba:89:e1:75:
                    0d:df:91:c0:4f:a0:71:3e:67:e0:89:30:53:74:5f:
                    2e:3a:d3:d9:8a:99:93:a1:1d:4c:5d:f4:11:57:b2:
                    36:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:EF:E4:C4:31:A8:21:78:FA:5E:D2:04:AF:37:FC:39:17:75:76:2E
            X509v3 Authority Key Identifier:
                keyid:9C:F0:5D:4B:D5:D4:2B:41:75:AC:C6:34:AC:CF:0F:FA:18:73:F0:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nPBdS9XUK0F1rMY0rM8P-hhz8Ko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/871d77-08aa-4a91-996a-8bba5fa3c317/1/nPBdS9XUK0F1rMY0rM8P-hhz8Ko.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/871d77-08aa-4a91-996a-8bba5fa3c317/1/nPBdS9XUK0F1rMY0rM8P-hhz8Ko.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:54:50:a5:68:7b:86:07:ca:4c:fd:ae:83:fb:66:5c:a1:96:
         0d:9b:a7:c9:b4:70:26:91:c2:76:20:01:19:6a:2f:cc:4d:d2:
         4d:5a:1d:c1:bb:a4:40:bc:46:59:88:61:18:ad:e5:96:64:ab:
         0e:65:83:13:a3:63:87:d2:f2:d0:14:36:23:7f:96:03:4e:cd:
         a7:22:93:44:0f:84:c9:e1:6e:6a:58:f6:7e:b4:d3:c4:1b:e3:
         a1:49:8a:ca:02:b8:fd:84:56:52:3e:a4:50:9f:f5:78:5a:ae:
         94:b1:5e:3a:bb:95:40:a3:fc:a1:c2:20:bd:77:b7:17:15:8b:
         76:5c:c0:10:e5:c4:b2:b0:ef:f9:5a:56:60:cf:29:75:dd:1c:
         dd:63:53:17:25:0c:e9:4d:ad:94:2f:0c:64:22:22:a1:8d:cc:
         66:2d:53:d6:31:63:37:bb:de:7f:e9:eb:ed:17:0f:12:58:e7:
         e3:65:55:31:b0:b2:0d:25:ce:60:2a:ba:90:63:66:97:15:63:
         ef:2a:ec:36:fa:10:51:96:a3:b2:ea:ec:9b:81:f7:5a:cd:13:
         a9:53:0a:5f:6f:84:7c:41:e7:11:74:aa:3f:ff:ef:c7:ef:bd:
         f9:86:ed:e7:72:3c:48:14:5c:41:69:ee:16:c2:89:87:37:16:
         13:50:78:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WMHEuDijPKM7LUwm4h04MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljZjA1ZDRiZDVkNDJiNDE3NWFjYzYzNGFjY2YwZmZhMTg3
M2YwYWEwHhcNMjUxMDE5MTIwMTM5WhcNMjUxMDIwMTIwMTM5WjAzMTEwLwYDVQQD
EygwZmVmZTRjNDMxYTgyMTc4ZmE1ZWQyMDRhZjM3ZmMzOTE3NzU3NjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8b1BoOEBceJ6WeDJaUhaS9h/MJO
AhOHXqihyNfb/Rxnu4kO18GwJHO00XM7lsC29Z3ItzdcS/wHEQBxina3VpGarCLs
RqJJVM3n3cp+LG8BgFDPbDIJnaEHKHknjBpkJpnA7pO4EGiYOj1jvUl/2PijXbQq
x0xp8uACAGdAiQbhV+6e34r1/u4zhMgt3h2czlpuCs49FuSEnoBckut9N3UlOTVs
Jgg71D4ogxRsUbzSyx0P7s7p02xB1qLUenhYBp0TzEv4tV5Gn/0pOs8u4iQPc33z
TF52qXAhy7qJ4XUN35HAT6BxPmfgiTBTdF8uOtPZipmToR1MXfQRV7I2TQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA/v5MQxqCF4+l7SBK83/DkXdXYuMB8GA1UdIwQY
MBaAFJzwXUvV1CtBdazGNKzPD/oYc/CqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblBCZFM5WFVLMEYxck1ZMHJNOFAtaGh6OEtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC84NzFkNzctMDhhYS00YTkxLTk5NmEt
OGJiYTVmYTNjMzE3LzEvblBCZFM5WFVLMEYxck1ZMHJNOFAtaGh6OEtvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC84NzFkNzctMDhhYS00YTkxLTk5NmEtOGJiYTVmYTNjMzE3
LzEvblBCZFM5WFVLMEYxck1ZMHJNOFAtaGh6OEtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO1RQpWh7
hgfKTP2ug/tmXKGWDZunybRwJpHCdiABGWovzE3STVodwbukQLxGWYhhGK3llmSr
DmWDE6Njh9Ly0BQ2I3+WA07NpyKTRA+EyeFualj2frTTxBvjoUmKygK4/YRWUj6k
UJ/1eFqulLFeOruVQKP8ocIgvXe3FxWLdlzAEOXEsrDv+VpWYM8pdd0c3WNTFyUM
6U2tlC8MZCIioY3MZi1T1jFjN7vef+nr7RcPEljn42VVMbCyDSXOYCq6kGNmlxVj
7yrsNvoQUZajsursm4H3Ws0TqVMKX2+EfEHnEXSqP//vx++9+Ybt53I8SBRcQWnu
FsKJhzcWE1B4hQ==
-----END CERTIFICATE-----