Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.mft
File:                     a-BR-5PgFam3YbtFr-EJ2740fGY.mft (raw, json)
Hash identifier:          seVjZJGuDEkZToSZ1fsOnbSujX9dn3T2bKeCJM+1jYw=
Subject key identifier:   92:C9:B3:AE:B9:1C:05:92:30:12:F9:52:E5:49:5B:9E:B5:5E:AD:0A
Authority key identifier: 6B:E0:51:FB:93:E0:15:A9:B7:61:BB:45:AF:E1:09:DB:BE:34:7C:66
Certificate issuer:       /CN=6be051fb93e015a9b761bb45afe109dbbe347c66
Certificate serial:       0199FCC6B14FAC149B96C1BE25624D67C9FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a-BR-5PgFam3YbtFr-EJ2740fGY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.mft
Manifest number:          0693
Signing time:             Sun 19 Oct 2025 14:01:43 +0000
Manifest this update:     Sun 19 Oct 2025 14:01:43 +0000
Manifest next update:     Mon 20 Oct 2025 14:01:43 +0000
Files and hashes:         1: a-BR-5PgFam3YbtFr-EJ2740fGY.crl (hash: C+AY3TERxHEA/KoNLoLOefcM0cpYcPUrYFIdnNyjOCE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a-BR-5PgFam3YbtFr-EJ2740fGY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:c6:b1:4f:ac:14:9b:96:c1:be:25:62:4d:67:c9:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6be051fb93e015a9b761bb45afe109dbbe347c66
        Validity
            Not Before: Oct 19 14:01:43 2025 GMT
            Not After : Oct 20 14:01:43 2025 GMT
        Subject: CN=92c9b3aeb91c05923012f952e5495b9eb55ead0a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:16:20:de:1c:d0:db:1f:90:27:06:e9:8d:d2:
                    54:dc:cf:e7:d3:df:93:f9:73:c9:6d:11:ca:d9:ed:
                    2d:60:d0:17:6e:12:65:58:6f:a5:f4:ff:d8:1c:5c:
                    68:44:11:49:4b:fb:b1:29:73:23:a6:be:85:59:75:
                    4b:96:99:91:d6:e9:54:bc:64:4d:a8:45:ba:6a:d6:
                    c9:96:f5:da:0c:6c:8c:14:02:cc:54:41:de:b5:2d:
                    ca:19:3d:67:24:35:7e:77:2f:d8:f2:59:a7:33:4b:
                    2c:b5:e9:ba:d1:f7:29:89:2c:ff:46:5e:2c:95:86:
                    4f:11:a3:93:68:52:b5:34:2b:b0:2e:9c:ba:af:71:
                    63:21:9a:41:f9:3e:fb:23:f6:a9:36:ea:46:3e:98:
                    ec:c0:5d:cb:b8:33:59:23:81:55:c3:43:55:d9:1d:
                    73:88:41:61:50:ae:a3:9c:06:cf:f2:c7:3b:4f:71:
                    02:89:09:f1:4a:8d:58:ec:65:48:c1:6f:f1:3b:52:
                    dd:42:ff:d0:18:a6:a5:3a:89:e9:3d:8e:45:a5:8e:
                    3e:57:4e:04:09:3d:bd:4b:73:10:03:2a:33:ce:88:
                    84:64:ce:e5:20:84:49:70:ee:8c:3c:23:12:de:89:
                    3e:ff:cd:da:e8:6b:fe:7b:b2:50:9a:f1:3e:2b:cb:
                    4b:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:C9:B3:AE:B9:1C:05:92:30:12:F9:52:E5:49:5B:9E:B5:5E:AD:0A
            X509v3 Authority Key Identifier:
                keyid:6B:E0:51:FB:93:E0:15:A9:B7:61:BB:45:AF:E1:09:DB:BE:34:7C:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a-BR-5PgFam3YbtFr-EJ2740fGY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:56:67:5b:38:02:6b:7c:ee:8e:53:54:32:0b:9e:3d:62:f0:
         fa:0d:21:0b:2b:05:50:62:92:07:24:12:83:25:3b:8f:25:7e:
         05:0e:be:3a:be:58:13:1c:2d:07:f0:c7:e5:05:18:d6:45:0d:
         c3:7a:f2:8e:6c:db:36:0a:ee:92:12:a4:2e:38:ea:ce:4d:e6:
         89:c8:a3:70:45:13:17:be:48:b4:9e:7e:ec:46:81:66:6d:45:
         6e:d1:73:ff:69:1d:73:4a:2e:eb:dc:6c:fe:d1:95:6c:84:9b:
         73:f8:84:aa:58:e7:19:46:a7:c8:82:97:fe:fb:92:5e:d9:e8:
         53:b2:4e:70:2e:88:91:ea:9c:57:5e:2a:b9:62:c3:1e:b0:13:
         18:55:48:ec:44:94:ab:39:35:be:66:cc:50:41:83:a4:04:41:
         85:ef:e5:68:70:e9:a1:14:bc:29:a0:7a:ad:21:8f:69:68:a9:
         c4:2e:aa:cd:61:57:ee:56:5a:27:a2:84:36:fb:76:a5:88:1a:
         bb:ea:ae:99:e8:87:a6:43:2b:9c:be:93:88:5e:21:52:30:84:
         03:69:2e:31:f8:44:f1:f6:a7:30:46:ce:e2:ca:b2:7e:d0:2d:
         8b:a6:c3:8a:56:49:d5:83:2f:62:e4:b0:0a:d0:e1:5b:b2:fa:
         91:7c:fa:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8xrFPrBSblsG+JWJNZ8n9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiZTA1MWZiOTNlMDE1YTliNzYxYmI0NWFmZTEwOWRiYmUz
NDdjNjYwHhcNMjUxMDE5MTQwMTQzWhcNMjUxMDIwMTQwMTQzWjAzMTEwLwYDVQQD
Eyg5MmM5YjNhZWI5MWMwNTkyMzAxMmY5NTJlNTQ5NWI5ZWI1NWVhZDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphYg3hzQ2x+QJwbpjdJU3M/n09+T
+XPJbRHK2e0tYNAXbhJlWG+l9P/YHFxoRBFJS/uxKXMjpr6FWXVLlpmR1ulUvGRN
qEW6atbJlvXaDGyMFALMVEHetS3KGT1nJDV+dy/Y8lmnM0sstem60fcpiSz/Rl4s
lYZPEaOTaFK1NCuwLpy6r3FjIZpB+T77I/apNupGPpjswF3LuDNZI4FVw0NV2R1z
iEFhUK6jnAbP8sc7T3ECiQnxSo1Y7GVIwW/xO1LdQv/QGKalOonpPY5FpY4+V04E
CT29S3MQAyozzoiEZM7lIIRJcO6MPCMS3ok+/83a6Gv+e7JQmvE+K8tLcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJLJs665HAWSMBL5UuVJW561Xq0KMB8GA1UdIwQY
MBaAFGvgUfuT4BWpt2G7Ra/hCdu+NHxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYS1CUi01UGdGYW0zWWJ0RnItRUoyNzQwZkdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yNWY4NWUtZDA3MC00ODhiLTg5ZjYt
ZjRlNTlmMzlhNzRhLzEvYS1CUi01UGdGYW0zWWJ0RnItRUoyNzQwZkdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8yNWY4NWUtZDA3MC00ODhiLTg5ZjYtZjRlNTlmMzlhNzRh
LzEvYS1CUi01UGdGYW0zWWJ0RnItRUoyNzQwZkdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA1ZnWzgC
a3zujlNUMguePWLw+g0hCysFUGKSByQSgyU7jyV+BQ6+Or5YExwtB/DH5QUY1kUN
w3ryjmzbNgrukhKkLjjqzk3micijcEUTF75ItJ5+7EaBZm1FbtFz/2kdc0ou69xs
/tGVbISbc/iEqljnGUanyIKX/vuSXtnoU7JOcC6IkeqcV14quWLDHrATGFVI7ESU
qzk1vmbMUEGDpARBhe/laHDpoRS8KaB6rSGPaWipxC6qzWFX7lZaJ6KENvt2pYga
u+qumeiHpkMrnL6TiF4hUjCEA2kuMfhE8fanMEbO4sqyftAti6bDilZJ1YMvYuSw
CtDhW7L6kXz61A==
-----END CERTIFICATE-----