Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
File:                     DU7kd6rb1vbH8sonqPohowxrNXw.mft (raw, json)
Hash identifier:          UNt5H2up+9tx+lBulsA2grcW9AEc6RezUwBBk0Mra+Q=
Subject key identifier:   B3:4A:31:38:FB:79:26:5F:D2:B9:0A:6B:CC:A5:29:86:A8:38:40:5E
Authority key identifier: 0D:4E:E4:77:AA:DB:D6:F6:C7:F2:CA:27:A8:FA:21:A3:0C:6B:35:7C
Certificate issuer:       /CN=0d4ee477aadbd6f6c7f2ca27a8fa21a30c6b357c
Certificate serial:       0199FFC84A1E43F5EDEB458B0A0024B4440E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
Manifest number:          1273
Signing time:             Mon 20 Oct 2025 04:02:20 +0000
Manifest this update:     Mon 20 Oct 2025 04:02:20 +0000
Manifest next update:     Tue 21 Oct 2025 04:02:20 +0000
Files and hashes:         1: DU7kd6rb1vbH8sonqPohowxrNXw.crl (hash: 2X6tZpPOf8dkPlF9znshKE+XCkoxcpfFqo50CWT1+1U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 04:02:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c8:4a:1e:43:f5:ed:eb:45:8b:0a:00:24:b4:44:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d4ee477aadbd6f6c7f2ca27a8fa21a30c6b357c
        Validity
            Not Before: Oct 20 04:02:20 2025 GMT
            Not After : Oct 21 04:02:20 2025 GMT
        Subject: CN=b34a3138fb79265fd2b90a6bcca52986a838405e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:65:82:5e:66:e5:f8:ca:44:38:90:b2:cf:3f:
                    56:79:15:d3:fd:08:cd:e1:5a:c1:0f:2d:23:60:50:
                    66:4d:98:15:02:1d:a2:23:50:94:f2:df:6f:ab:69:
                    85:2a:d7:d9:61:64:98:a7:ab:2f:a3:6e:bf:1a:6b:
                    10:fe:d6:0d:d0:0d:f9:40:e3:31:33:28:5a:cd:46:
                    d7:49:6c:4b:9c:e8:5c:c5:cc:79:ae:8e:60:e4:cd:
                    1c:2f:41:d5:ee:3f:0d:95:02:6f:56:ad:20:e1:1c:
                    0e:44:ee:f2:89:a1:99:ae:4e:af:64:32:df:6a:3b:
                    d4:46:03:c3:d0:42:02:24:51:9d:72:6b:49:a8:2d:
                    17:90:7e:28:b5:d1:57:dd:83:b1:8b:3a:77:9e:f1:
                    da:26:3f:5f:6d:f9:61:56:58:bc:4e:33:c5:24:27:
                    44:87:e0:53:a5:0c:90:53:ad:42:3f:d9:d9:0e:d2:
                    cb:9c:ca:4b:d8:e0:28:0b:35:31:55:0a:df:2d:25:
                    1f:ba:ac:fe:09:bf:f5:70:c5:d9:d2:48:ff:15:ce:
                    b1:ef:26:3d:d0:5c:0b:3f:08:81:f6:21:f1:23:ef:
                    e8:50:0e:06:b3:70:e3:f2:aa:40:a5:15:be:34:32:
                    44:1d:84:9e:57:c2:28:09:82:03:50:21:c6:f6:09:
                    c8:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:4A:31:38:FB:79:26:5F:D2:B9:0A:6B:CC:A5:29:86:A8:38:40:5E
            X509v3 Authority Key Identifier:
                keyid:0D:4E:E4:77:AA:DB:D6:F6:C7:F2:CA:27:A8:FA:21:A3:0C:6B:35:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:65:a6:5b:b3:6f:4a:33:53:2b:b5:94:12:5a:03:33:b4:9b:
         55:4d:fe:e8:74:18:40:da:12:fb:44:d8:9a:73:08:b3:2c:99:
         00:12:5f:0e:d8:78:fb:8c:be:bb:35:1d:86:f8:98:53:05:06:
         4b:38:77:10:3b:62:ad:95:4a:c2:1b:60:db:1a:30:29:fa:2b:
         ce:34:7d:7b:79:25:10:bd:32:c9:d8:1f:17:b9:21:45:e6:86:
         1b:ec:2d:0f:b1:8d:bb:3a:c8:01:5d:d1:f6:d0:90:e1:98:2e:
         75:ea:67:50:7c:de:68:de:35:7b:d4:5e:de:d9:86:88:a0:93:
         23:46:5c:16:f5:48:25:67:4c:d4:79:51:a8:b5:b0:7c:38:1f:
         99:93:ef:52:3d:f4:f7:35:e4:94:64:e0:c3:fd:36:35:37:4a:
         9c:cb:39:5d:70:68:7f:d4:fb:48:8b:9a:75:82:b4:c2:8f:29:
         1e:8d:b2:26:2c:7d:9e:c0:2f:e0:93:bf:51:c6:f2:8c:a1:2e:
         c0:8f:a3:f5:09:f3:aa:a4:a5:4f:50:31:a9:81:35:18:ff:0c:
         78:ce:ac:c2:23:96:5f:77:3d:56:af:6b:b0:40:9b:6a:1f:b9:
         f3:3d:02:7f:45:01:6f:a1:12:dc:e9:fe:2e:a0:a1:68:d5:10:
         c4:3e:0a:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/yEoeQ/Xt60WLCgAktEQOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNGVlNDc3YWFkYmQ2ZjZjN2YyY2EyN2E4ZmEyMWEzMGM2
YjM1N2MwHhcNMjUxMDIwMDQwMjIwWhcNMjUxMDIxMDQwMjIwWjAzMTEwLwYDVQQD
EyhiMzRhMzEzOGZiNzkyNjVmZDJiOTBhNmJjY2E1Mjk4NmE4Mzg0MDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxWWCXmbl+MpEOJCyzz9WeRXT/QjN
4VrBDy0jYFBmTZgVAh2iI1CU8t9vq2mFKtfZYWSYp6svo26/GmsQ/tYN0A35QOMx
MyhazUbXSWxLnOhcxcx5ro5g5M0cL0HV7j8NlQJvVq0g4RwORO7yiaGZrk6vZDLf
ajvURgPD0EICJFGdcmtJqC0XkH4otdFX3YOxizp3nvHaJj9fbflhVli8TjPFJCdE
h+BTpQyQU61CP9nZDtLLnMpL2OAoCzUxVQrfLSUfuqz+Cb/1cMXZ0kj/Fc6x7yY9
0FwLPwiB9iHxI+/oUA4Gs3Dj8qpApRW+NDJEHYSeV8IoCYIDUCHG9gnIqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLNKMTj7eSZf0rkKa8ylKYaoOEBeMB8GA1UdIwQY
MBaAFA1O5Heq29b2x/LKJ6j6IaMMazV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xYWRiM2ItMDU5Ny00MGY0LTk1ZjEt
MDhhNjY4MGFjODQyLzEvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xYWRiM2ItMDU5Ny00MGY0LTk1ZjEtMDhhNjY4MGFjODQy
LzEvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj2WmW7Nv
SjNTK7WUEloDM7SbVU3+6HQYQNoS+0TYmnMIsyyZABJfDth4+4y+uzUdhviYUwUG
Szh3EDtirZVKwhtg2xowKforzjR9e3klEL0yydgfF7khReaGG+wtD7GNuzrIAV3R
9tCQ4ZgudepnUHzeaN41e9Re3tmGiKCTI0ZcFvVIJWdM1HlRqLWwfDgfmZPvUj30
9zXklGTgw/02NTdKnMs5XXBof9T7SIuadYK0wo8pHo2yJix9nsAv4JO/UcbyjKEu
wI+j9QnzqqSlT1AxqYE1GP8MeM6swiOWX3c9Vq9rsECbah+58z0Cf0UBb6ES3On+
LqChaNUQxD4KWA==
-----END CERTIFICATE-----