Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/2e65c9-a04e-4b87-a3fe-6503648711ba/1/l4ag6hgbRs2isjOCKvEAPBuxz40.mft
File:                     l4ag6hgbRs2isjOCKvEAPBuxz40.mft (raw, json)
Hash identifier:          t4aZsKZ0YsxMe+Xo7VFLFD1B3I9FxZX90O1ao4rOufw=
Subject key identifier:   2C:00:B0:FD:AA:96:AD:48:2A:EE:31:83:54:52:A5:76:D6:F2:09:0A
Authority key identifier: 97:86:A0:EA:18:1B:46:CD:A2:B2:33:82:2A:F1:00:3C:1B:B1:CF:8D
Certificate issuer:       /CN=9786a0ea181b46cda2b233822af1003c1bb1cf8d
Certificate serial:       0199FAA1251238263C029FD38783394362CF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/l4ag6hgbRs2isjOCKvEAPBuxz40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/2e65c9-a04e-4b87-a3fe-6503648711ba/1/l4ag6hgbRs2isjOCKvEAPBuxz40.mft
Manifest number:          78
Signing time:             Sun 19 Oct 2025 04:01:28 +0000
Manifest this update:     Sun 19 Oct 2025 04:01:28 +0000
Manifest next update:     Mon 20 Oct 2025 04:01:28 +0000
Files and hashes:         1: l4ag6hgbRs2isjOCKvEAPBuxz40.crl (hash: o6UJ64+ruZYtYpBub5Xd28FG6fgVokm+t5kMWkSoNbY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5f/2e65c9-a04e-4b87-a3fe-6503648711ba/1/l4ag6hgbRs2isjOCKvEAPBuxz40.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5f/2e65c9-a04e-4b87-a3fe-6503648711ba/1/l4ag6hgbRs2isjOCKvEAPBuxz40.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/l4ag6hgbRs2isjOCKvEAPBuxz40.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 04:01:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fa:a1:25:12:38:26:3c:02:9f:d3:87:83:39:43:62:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9786a0ea181b46cda2b233822af1003c1bb1cf8d
        Validity
            Not Before: Oct 19 04:01:28 2025 GMT
            Not After : Oct 20 04:01:28 2025 GMT
        Subject: CN=2c00b0fdaa96ad482aee31835452a576d6f2090a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:a9:1f:59:30:c9:da:d6:b6:54:df:58:df:4f:
                    72:1a:8f:50:45:7a:4c:ba:62:41:de:c0:78:fb:ef:
                    10:da:ec:c6:3a:f4:74:28:99:b8:f5:45:2a:61:a5:
                    00:d8:ca:2c:f4:4d:db:ca:9d:f4:a6:4e:b1:82:79:
                    8a:ca:1e:3c:1f:11:6a:49:12:88:46:d1:51:bc:1f:
                    e1:08:e2:38:ae:b7:f1:c0:75:ed:58:8a:0a:1b:4d:
                    7b:d3:47:50:cc:28:58:cd:f0:60:c7:f8:b4:90:e5:
                    33:6b:a9:e2:0b:c6:ee:c4:46:36:51:09:6c:21:a4:
                    4f:41:df:94:da:f6:16:1c:7a:c6:68:b5:12:c1:fb:
                    b1:08:54:34:48:30:d7:de:ec:31:14:4e:ae:1c:06:
                    01:8d:0e:10:a9:ad:9a:87:8d:64:94:62:89:24:87:
                    34:a3:20:5e:be:5b:4c:92:ea:b9:a7:e4:c9:c9:b3:
                    89:98:a7:4e:6d:33:52:8d:59:f1:75:1a:64:fc:1e:
                    21:1a:76:59:77:d8:4a:a7:79:49:17:7e:6e:ce:2c:
                    09:a2:93:a2:17:7c:b9:e5:85:84:e6:6d:be:b9:5b:
                    1e:d6:7d:38:0a:89:75:f2:0b:ea:ce:00:f5:33:66:
                    45:8c:75:12:84:13:df:44:7c:c2:1e:22:8b:97:af:
                    11:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:00:B0:FD:AA:96:AD:48:2A:EE:31:83:54:52:A5:76:D6:F2:09:0A
            X509v3 Authority Key Identifier:
                keyid:97:86:A0:EA:18:1B:46:CD:A2:B2:33:82:2A:F1:00:3C:1B:B1:CF:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l4ag6hgbRs2isjOCKvEAPBuxz40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/2e65c9-a04e-4b87-a3fe-6503648711ba/1/l4ag6hgbRs2isjOCKvEAPBuxz40.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/2e65c9-a04e-4b87-a3fe-6503648711ba/1/l4ag6hgbRs2isjOCKvEAPBuxz40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:b6:63:52:4c:47:61:2c:31:d9:99:61:94:2d:b1:df:03:a1:
         c6:7f:89:c7:3d:77:7c:7e:21:a5:81:c1:be:59:b2:a3:83:8d:
         47:a4:95:0b:48:32:72:ec:26:05:f1:1e:bc:ab:43:9b:06:2f:
         3e:41:1f:0e:94:c9:dd:72:b7:3f:d8:38:35:0f:c6:95:28:98:
         86:ed:78:3e:06:f2:05:65:97:66:6e:7d:81:db:e6:b5:b9:e8:
         46:e8:0b:e7:ab:f6:bf:6a:9d:4b:49:29:bb:f8:b3:7a:40:49:
         7f:7c:11:ef:0f:b5:7d:ce:8b:26:5e:82:ad:d4:7b:7a:62:87:
         57:dc:2c:e6:1f:47:8b:68:70:2f:9e:b0:35:6f:af:d8:23:9c:
         ab:d3:56:79:37:61:5c:67:0b:b5:e4:48:58:1e:82:90:ae:b0:
         58:91:35:99:84:6b:d8:5f:f7:3f:04:fc:ed:56:75:61:93:13:
         b2:01:4a:d0:e0:92:b3:3a:e4:c9:35:8f:dc:c3:5d:88:8f:5b:
         dd:f2:d9:7c:ac:6c:78:a0:cc:b2:b2:df:62:e3:7f:f2:0c:09:
         25:5c:ab:e7:59:02:31:e7:c1:17:cb:7a:01:d1:ae:ff:65:80:
         d1:e2:3d:4e:e4:16:89:f0:b8:6d:70:79:be:d0:5b:88:2e:66:
         f2:7c:54:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn6oSUSOCY8Ap/Th4M5Q2LPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3ODZhMGVhMTgxYjQ2Y2RhMmIyMzM4MjJhZjEwMDNjMWJi
MWNmOGQwHhcNMjUxMDE5MDQwMTI4WhcNMjUxMDIwMDQwMTI4WjAzMTEwLwYDVQQD
EygyYzAwYjBmZGFhOTZhZDQ4MmFlZTMxODM1NDUyYTU3NmQ2ZjIwOTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6kfWTDJ2ta2VN9Y309yGo9QRXpM
umJB3sB4++8Q2uzGOvR0KJm49UUqYaUA2Mos9E3byp30pk6xgnmKyh48HxFqSRKI
RtFRvB/hCOI4rrfxwHXtWIoKG01700dQzChYzfBgx/i0kOUza6niC8buxEY2UQls
IaRPQd+U2vYWHHrGaLUSwfuxCFQ0SDDX3uwxFE6uHAYBjQ4Qqa2ah41klGKJJIc0
oyBevltMkuq5p+TJybOJmKdObTNSjVnxdRpk/B4hGnZZd9hKp3lJF35uziwJopOi
F3y55YWE5m2+uVse1n04Col18gvqzgD1M2ZFjHUShBPfRHzCHiKLl68R6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCwAsP2qlq1IKu4xg1RSpXbW8gkKMB8GA1UdIwQY
MBaAFJeGoOoYG0bNorIzgirxADwbsc+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDRhZzZoZ2JSczJpc2pPQ0t2RUFQQnV4ejQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8yZTY1YzktYTA0ZS00Yjg3LWEzZmUt
NjUwMzY0ODcxMWJhLzEvbDRhZzZoZ2JSczJpc2pPQ0t2RUFQQnV4ejQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8yZTY1YzktYTA0ZS00Yjg3LWEzZmUtNjUwMzY0ODcxMWJh
LzEvbDRhZzZoZ2JSczJpc2pPQ0t2RUFQQnV4ejQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj7ZjUkxH
YSwx2ZlhlC2x3wOhxn+Jxz13fH4hpYHBvlmyo4ONR6SVC0gycuwmBfEevKtDmwYv
PkEfDpTJ3XK3P9g4NQ/GlSiYhu14PgbyBWWXZm59gdvmtbnoRugL56v2v2qdS0kp
u/izekBJf3wR7w+1fc6LJl6CrdR7emKHV9ws5h9Hi2hwL56wNW+v2COcq9NWeTdh
XGcLteRIWB6CkK6wWJE1mYRr2F/3PwT87VZ1YZMTsgFK0OCSszrkyTWP3MNdiI9b
3fLZfKxseKDMsrLfYuN/8gwJJVyr51kCMefBF8t6AdGu/2WA0eI9TuQWifC4bXB5
vtBbiC5m8nxUrw==
-----END CERTIFICATE-----