Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/be439e-d3c8-48a1-a7b7-c296ec4b2170/1/r5aNFt0rQdNStf0zxJs-xP2tQlg.mft
File:                     r5aNFt0rQdNStf0zxJs-xP2tQlg.mft (raw, json)
Hash identifier:          qL1Jx1pFnxcotCA89XEdXK5M6MzcszfOupXMSYM8Mxg=
Subject key identifier:   36:B8:21:C0:F7:C5:C3:60:5D:9C:5B:7D:B0:48:47:33:3A:B2:68:A9
Authority key identifier: AF:96:8D:16:DD:2B:41:D3:52:B5:FD:33:C4:9B:3E:C4:FD:AD:42:58
Certificate issuer:       /CN=af968d16dd2b41d352b5fd33c49b3ec4fdad4258
Certificate serial:       019A011152FAFD6D45285BD635177D83F504
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r5aNFt0rQdNStf0zxJs-xP2tQlg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/be439e-d3c8-48a1-a7b7-c296ec4b2170/1/r5aNFt0rQdNStf0zxJs-xP2tQlg.mft
Manifest number:          0FF5
Signing time:             Mon 20 Oct 2025 10:01:43 +0000
Manifest this update:     Mon 20 Oct 2025 10:01:43 +0000
Manifest next update:     Tue 21 Oct 2025 10:01:43 +0000
Files and hashes:         1: r5aNFt0rQdNStf0zxJs-xP2tQlg.crl (hash: xAhhkN1oLLQI00YNkl1WQ4/Smyyq1uVt0lZhOYAH9sc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/62/be439e-d3c8-48a1-a7b7-c296ec4b2170/1/r5aNFt0rQdNStf0zxJs-xP2tQlg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/62/be439e-d3c8-48a1-a7b7-c296ec4b2170/1/r5aNFt0rQdNStf0zxJs-xP2tQlg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r5aNFt0rQdNStf0zxJs-xP2tQlg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 09:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:01:11:52:fa:fd:6d:45:28:5b:d6:35:17:7d:83:f5:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af968d16dd2b41d352b5fd33c49b3ec4fdad4258
        Validity
            Not Before: Oct 20 10:01:43 2025 GMT
            Not After : Oct 21 10:01:43 2025 GMT
        Subject: CN=36b821c0f7c5c3605d9c5b7db04847333ab268a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:eb:92:7e:17:f9:76:e7:44:27:c6:e3:de:48:
                    db:21:e5:2e:4c:0d:b2:c8:82:56:70:6b:2a:a8:7b:
                    2e:be:a6:a2:44:4e:6a:c6:25:dc:16:d5:f4:a0:d5:
                    84:3e:d4:ae:fa:18:74:09:f5:80:87:ec:0d:c8:17:
                    36:b9:e0:d6:ab:58:b1:58:e5:49:a6:60:da:63:88:
                    cf:17:3f:cb:74:50:cd:60:96:31:3c:07:66:71:c3:
                    af:78:a9:50:4c:c4:c7:23:c8:a7:26:3f:28:13:52:
                    b8:77:96:07:95:ec:65:90:a9:78:81:bb:38:7a:5d:
                    ac:be:25:55:de:ea:18:f1:ee:7f:e4:19:55:3c:91:
                    62:28:5f:a2:73:36:c6:86:94:8d:89:69:98:fe:cd:
                    14:e4:76:4d:a0:6e:2d:80:c6:4e:e3:f4:a0:a8:d1:
                    57:ff:8f:28:7a:83:b3:62:00:1a:82:4a:48:a9:c9:
                    e4:fd:9a:2e:18:a3:a1:b8:43:fb:13:82:6b:a0:04:
                    e2:4c:03:d1:98:cf:75:06:1f:db:5e:10:67:d7:54:
                    30:22:a2:20:c7:ec:5e:b1:e7:37:0f:d9:39:e7:98:
                    df:27:38:02:dd:4c:eb:58:3f:db:36:ee:2e:7a:32:
                    e2:28:82:d9:0a:7a:af:05:60:b4:0a:4a:09:db:42:
                    2b:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:B8:21:C0:F7:C5:C3:60:5D:9C:5B:7D:B0:48:47:33:3A:B2:68:A9
            X509v3 Authority Key Identifier:
                keyid:AF:96:8D:16:DD:2B:41:D3:52:B5:FD:33:C4:9B:3E:C4:FD:AD:42:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r5aNFt0rQdNStf0zxJs-xP2tQlg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/be439e-d3c8-48a1-a7b7-c296ec4b2170/1/r5aNFt0rQdNStf0zxJs-xP2tQlg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/be439e-d3c8-48a1-a7b7-c296ec4b2170/1/r5aNFt0rQdNStf0zxJs-xP2tQlg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:38:d1:dc:91:13:24:2a:8c:52:23:66:02:09:e3:a2:28:25:
         90:bc:ae:16:8b:db:5c:f2:77:39:0c:fe:c2:6a:94:e2:12:68:
         cd:36:cd:d5:d9:30:f0:c3:52:7c:e5:02:7b:ea:9e:d4:8c:fd:
         4d:21:44:00:40:1f:9a:32:40:aa:fc:c3:96:55:79:d3:6a:02:
         fb:2f:f6:2f:21:fc:7e:e4:05:f9:31:5e:b0:fe:53:07:29:c7:
         3b:20:8b:26:a2:a4:7c:5b:6c:a7:c9:cb:ec:92:df:3c:71:dd:
         67:bc:49:14:21:7f:d8:46:6f:b7:3b:d1:0d:52:26:72:1c:73:
         a9:c8:5a:c0:77:ce:49:cb:49:a9:e5:c0:d9:31:4e:94:ba:72:
         ff:35:9a:4f:6d:06:49:0e:09:8a:f1:fe:49:2a:7c:7a:67:ce:
         d1:1d:54:2d:05:47:bb:5f:a0:91:c6:c6:4a:09:97:a8:6c:46:
         71:5a:2c:97:a4:cb:db:b7:00:bb:06:8e:33:ab:f0:29:8a:15:
         1a:9d:db:c4:95:76:9b:8b:29:06:ff:82:dd:57:78:db:be:ad:
         4d:13:84:a2:02:1d:41:4a:f5:e2:33:67:cd:10:c7:4a:10:08:
         33:78:6b:d2:0a:5a:f4:c7:11:38:ab:b9:31:eb:4c:95:29:71:
         a5:25:fd:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoBEVL6/W1FKFvWNRd9g/UEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOTY4ZDE2ZGQyYjQxZDM1MmI1ZmQzM2M0OWIzZWM0ZmRh
ZDQyNTgwHhcNMjUxMDIwMTAwMTQzWhcNMjUxMDIxMTAwMTQzWjAzMTEwLwYDVQQD
EygzNmI4MjFjMGY3YzVjMzYwNWQ5YzViN2RiMDQ4NDczMzNhYjI2OGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+uSfhf5dudEJ8bj3kjbIeUuTA2y
yIJWcGsqqHsuvqaiRE5qxiXcFtX0oNWEPtSu+hh0CfWAh+wNyBc2ueDWq1ixWOVJ
pmDaY4jPFz/LdFDNYJYxPAdmccOveKlQTMTHI8inJj8oE1K4d5YHlexlkKl4gbs4
el2sviVV3uoY8e5/5BlVPJFiKF+iczbGhpSNiWmY/s0U5HZNoG4tgMZO4/SgqNFX
/48oeoOzYgAagkpIqcnk/ZouGKOhuEP7E4JroATiTAPRmM91Bh/bXhBn11QwIqIg
x+xesec3D9k555jfJzgC3UzrWD/bNu4uejLiKILZCnqvBWC0CkoJ20IrywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDa4IcD3xcNgXZxbfbBIRzM6smipMB8GA1UdIwQY
MBaAFK+WjRbdK0HTUrX9M8SbPsT9rUJYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjVhTkZ0MHJRZE5TdGYwenhKcy14UDJ0UWxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9iZTQzOWUtZDNjOC00OGExLWE3Yjct
YzI5NmVjNGIyMTcwLzEvcjVhTkZ0MHJRZE5TdGYwenhKcy14UDJ0UWxnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9iZTQzOWUtZDNjOC00OGExLWE3YjctYzI5NmVjNGIyMTcw
LzEvcjVhTkZ0MHJRZE5TdGYwenhKcy14UDJ0UWxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVzjR3JET
JCqMUiNmAgnjoiglkLyuFovbXPJ3OQz+wmqU4hJozTbN1dkw8MNSfOUCe+qe1Iz9
TSFEAEAfmjJAqvzDllV502oC+y/2LyH8fuQF+TFesP5TBynHOyCLJqKkfFtsp8nL
7JLfPHHdZ7xJFCF/2EZvtzvRDVImchxzqchawHfOSctJqeXA2TFOlLpy/zWaT20G
SQ4JivH+SSp8emfO0R1ULQVHu1+gkcbGSgmXqGxGcVosl6TL27cAuwaOM6vwKYoV
Gp3bxJV2m4spBv+C3Vd4276tTROEogIdQUr14jNnzRDHShAIM3hr0gpa9McROKu5
MetMlSlxpSX9nQ==
-----END CERTIFICATE-----