Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft
File:                     bLdrU2M4PWjlVeUnClkx2DQOGA0.mft (raw, json)
Hash identifier:          Wm4A4L5Yr6l5e8eHq0xBzU8rK+WGGKVGLh4mcrKvmG8=
Subject key identifier:   25:7F:C4:90:0A:1A:25:04:05:0C:5F:F7:33:BF:D9:5A:27:8B:45:1F
Authority key identifier: 6C:B7:6B:53:63:38:3D:68:E5:55:E5:27:0A:59:31:D8:34:0E:18:0D
Certificate issuer:       /CN=6cb76b5363383d68e555e5270a5931d8340e180d
Certificate serial:       0199FFC78EA5A76A7C64ECBE14882F523BBD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bLdrU2M4PWjlVeUnClkx2DQOGA0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft
Manifest number:          0E71
Signing time:             Mon 20 Oct 2025 04:01:32 +0000
Manifest this update:     Mon 20 Oct 2025 04:01:32 +0000
Manifest next update:     Tue 21 Oct 2025 04:01:32 +0000
Files and hashes:         1: bLdrU2M4PWjlVeUnClkx2DQOGA0.crl (hash: 1VPHzfXqr9cAfNFABhPLTDuTJskK2dPi17RSU7OHu8s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bLdrU2M4PWjlVeUnClkx2DQOGA0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c7:8e:a5:a7:6a:7c:64:ec:be:14:88:2f:52:3b:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6cb76b5363383d68e555e5270a5931d8340e180d
        Validity
            Not Before: Oct 20 04:01:32 2025 GMT
            Not After : Oct 21 04:01:32 2025 GMT
        Subject: CN=257fc4900a1a2504050c5ff733bfd95a278b451f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:0b:15:f0:3a:25:c3:9e:54:9b:54:bc:79:57:
                    eb:aa:15:ba:ef:9f:86:8e:d0:dc:54:d0:08:61:ab:
                    c5:f6:52:f8:f0:6d:2f:0d:3b:06:e6:07:39:06:10:
                    ae:64:f5:92:0b:13:b6:40:65:69:22:8c:0d:af:9c:
                    92:f2:a0:e3:e2:ea:23:30:2b:d0:ed:4d:db:79:1a:
                    53:42:7e:8d:07:01:98:48:a0:fd:62:c3:64:e1:48:
                    b2:56:38:e1:ff:ba:36:5a:fa:ef:13:59:2c:44:a6:
                    95:a8:8a:d5:f0:33:4d:84:7c:e2:a8:22:8b:f9:cc:
                    dd:e8:5c:ba:37:06:30:25:88:e8:8f:38:37:01:c3:
                    cd:3b:3d:8a:c1:29:db:c6:ad:24:d2:b6:c3:61:47:
                    41:62:55:01:93:a5:81:37:5c:39:d4:b7:c0:6a:89:
                    c0:4f:cf:cd:8c:ab:fb:76:aa:ec:86:56:fa:7a:06:
                    61:f1:d8:60:b7:eb:06:d1:a3:c1:04:ac:af:6f:ae:
                    90:fe:47:32:e5:ae:ca:b6:98:a9:88:cf:e2:f1:62:
                    8a:80:2b:f7:f9:c8:a3:af:76:1d:bf:8e:1b:b8:32:
                    9c:09:4b:70:12:8c:c2:a7:b7:42:73:74:22:6f:96:
                    55:a9:ea:b8:b3:a1:18:a3:5d:a5:a2:21:0c:37:e2:
                    74:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:7F:C4:90:0A:1A:25:04:05:0C:5F:F7:33:BF:D9:5A:27:8B:45:1F
            X509v3 Authority Key Identifier:
                keyid:6C:B7:6B:53:63:38:3D:68:E5:55:E5:27:0A:59:31:D8:34:0E:18:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bLdrU2M4PWjlVeUnClkx2DQOGA0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:0a:ff:fe:ab:b8:09:86:d9:97:15:88:eb:de:51:bf:98:7c:
         01:71:bb:55:4c:67:1c:39:c3:1a:4d:66:3f:8b:d4:4b:84:8a:
         57:59:23:63:89:e1:58:b5:9f:a1:d4:75:1c:87:27:45:7c:f5:
         28:2b:71:6e:a6:f0:7e:48:07:9a:0f:dc:8d:3f:68:df:4d:09:
         4e:58:38:17:fb:cc:11:66:01:3b:bb:62:ae:2d:c3:d2:7d:34:
         54:e1:4c:2f:58:47:74:ca:ea:b6:eb:0d:1c:d8:8c:2f:7c:66:
         36:2b:c2:03:42:fc:23:59:19:57:6a:d1:77:12:7c:80:39:44:
         19:88:19:8f:84:84:bb:09:b7:a2:7e:21:ea:f8:24:70:ab:c1:
         0b:35:d8:ed:63:b0:d6:09:25:8e:93:09:e4:4c:fd:35:0d:60:
         20:29:d5:90:22:5f:d5:39:34:f5:a6:58:7f:02:56:48:5c:4f:
         60:60:13:78:c4:96:04:c2:da:32:cb:94:17:38:92:e0:6a:ef:
         89:b6:10:b2:34:82:d4:40:ce:02:b1:cf:ed:73:bc:c5:ba:5f:
         5a:59:4b:5e:2e:7d:d0:a9:df:7e:3d:bc:0f:3d:6b:ea:0d:c6:
         30:1a:23:1a:f2:2f:43:8d:c0:3e:fa:df:0c:7f:66:da:fb:6b:
         84:27:8f:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/x46lp2p8ZOy+FIgvUju9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYjc2YjUzNjMzODNkNjhlNTU1ZTUyNzBhNTkzMWQ4MzQw
ZTE4MGQwHhcNMjUxMDIwMDQwMTMyWhcNMjUxMDIxMDQwMTMyWjAzMTEwLwYDVQQD
EygyNTdmYzQ5MDBhMWEyNTA0MDUwYzVmZjczM2JmZDk1YTI3OGI0NTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgsV8Dolw55Um1S8eVfrqhW675+G
jtDcVNAIYavF9lL48G0vDTsG5gc5BhCuZPWSCxO2QGVpIowNr5yS8qDj4uojMCvQ
7U3beRpTQn6NBwGYSKD9YsNk4UiyVjjh/7o2WvrvE1ksRKaVqIrV8DNNhHziqCKL
+czd6Fy6NwYwJYjojzg3AcPNOz2KwSnbxq0k0rbDYUdBYlUBk6WBN1w51LfAaonA
T8/NjKv7dqrshlb6egZh8dhgt+sG0aPBBKyvb66Q/kcy5a7KtpipiM/i8WKKgCv3
+cijr3Ydv44buDKcCUtwEozCp7dCc3Qib5ZVqeq4s6EYo12loiEMN+J0pQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCV/xJAKGiUEBQxf9zO/2Voni0UfMB8GA1UdIwQY
MBaAFGy3a1NjOD1o5VXlJwpZMdg0DhgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkxkclUyTTRQV2psVmVVbkNsa3gyRFFPR0EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My82ZGU3MjktOGMyZC00ZTEyLTg3YWEt
Y2I0NTI2ZmIxN2QwLzEvYkxkclUyTTRQV2psVmVVbkNsa3gyRFFPR0EwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My82ZGU3MjktOGMyZC00ZTEyLTg3YWEtY2I0NTI2ZmIxN2Qw
LzEvYkxkclUyTTRQV2psVmVVbkNsa3gyRFFPR0EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIgr//qu4
CYbZlxWI695Rv5h8AXG7VUxnHDnDGk1mP4vUS4SKV1kjY4nhWLWfodR1HIcnRXz1
KCtxbqbwfkgHmg/cjT9o300JTlg4F/vMEWYBO7tiri3D0n00VOFML1hHdMrqtusN
HNiML3xmNivCA0L8I1kZV2rRdxJ8gDlEGYgZj4SEuwm3on4h6vgkcKvBCzXY7WOw
1gkljpMJ5Ez9NQ1gICnVkCJf1Tk09aZYfwJWSFxPYGATeMSWBMLaMsuUFziS4Grv
ibYQsjSC1EDOArHP7XO8xbpfWllLXi590Knffj28Dz1r6g3GMBojGvIvQ43APvrf
DH9m2vtrhCePOQ==
-----END CERTIFICATE-----