Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.mft
File:                     pukanXyu9IGGdMXWJigTYVyJ3lY.mft (raw, json)
Hash identifier:          4Rbnt0LMkI3+RUc607f5qhC/UHr2FVzDBuV9z5VEf4w=
Subject key identifier:   C7:8F:0F:2F:61:34:57:5C:1B:3A:87:8D:8C:EA:20:1B:BB:66:08:83
Authority key identifier: A6:E9:1A:9D:7C:AE:F4:81:86:74:C5:D6:26:28:13:61:5C:89:DE:56
Certificate issuer:       /CN=a6e91a9d7caef4818674c5d6262813615c89de56
Certificate serial:       0199FDD99343F4849B7F759CEE96799901FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pukanXyu9IGGdMXWJigTYVyJ3lY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.mft
Manifest number:          1056
Signing time:             Sun 19 Oct 2025 19:01:58 +0000
Manifest this update:     Sun 19 Oct 2025 19:01:58 +0000
Manifest next update:     Mon 20 Oct 2025 19:01:58 +0000
Files and hashes:         1: pukanXyu9IGGdMXWJigTYVyJ3lY.crl (hash: Y9euYUBMhtquAS54KtwzOgsxyli0SODXyPaSviNLGZg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pukanXyu9IGGdMXWJigTYVyJ3lY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d9:93:43:f4:84:9b:7f:75:9c:ee:96:79:99:01:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a6e91a9d7caef4818674c5d6262813615c89de56
        Validity
            Not Before: Oct 19 19:01:58 2025 GMT
            Not After : Oct 20 19:01:58 2025 GMT
        Subject: CN=c78f0f2f6134575c1b3a878d8cea201bbb660883
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:84:9e:67:92:1d:3c:ff:15:73:0a:87:15:58:
                    12:12:ea:89:e6:81:95:89:0f:80:a0:05:ed:e9:22:
                    f8:cd:50:b5:ba:dd:10:78:fd:bc:aa:51:85:ba:0e:
                    95:c6:2f:d2:7c:02:43:d6:e6:a7:44:ee:9e:27:3a:
                    6e:ba:67:7b:41:23:e6:ca:ba:c3:9e:c0:a4:40:1d:
                    79:b8:38:78:62:15:32:23:29:a6:ce:86:3e:6f:57:
                    b1:af:07:62:ec:7d:7c:8d:a9:bd:79:d7:af:c1:09:
                    ca:f3:96:09:e1:20:d9:63:0a:2c:10:65:ab:eb:12:
                    d1:ab:02:ab:c5:d4:00:6d:93:35:76:3e:3d:42:34:
                    e8:18:eb:24:82:89:d3:32:ca:cb:9e:36:8d:97:95:
                    cf:0b:31:56:14:15:95:38:d0:3b:d5:56:71:5d:72:
                    9f:a4:05:b2:57:ee:d4:f1:3f:a3:03:8e:de:bc:20:
                    bc:be:23:eb:fa:29:97:68:8a:75:4d:2d:44:8f:5f:
                    84:d4:b6:49:0a:f9:e6:72:ec:34:e4:10:6e:d2:c5:
                    a3:00:9c:9d:ba:5a:bb:2b:7c:d7:7c:74:75:67:02:
                    85:42:5c:c6:53:00:82:5e:17:f1:e2:bf:41:33:82:
                    5a:28:b1:28:7b:8d:30:f0:66:6c:73:b2:4d:66:68:
                    e3:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:8F:0F:2F:61:34:57:5C:1B:3A:87:8D:8C:EA:20:1B:BB:66:08:83
            X509v3 Authority Key Identifier:
                keyid:A6:E9:1A:9D:7C:AE:F4:81:86:74:C5:D6:26:28:13:61:5C:89:DE:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pukanXyu9IGGdMXWJigTYVyJ3lY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:25:d4:bc:6f:f2:d8:ce:57:28:ab:64:83:5f:67:ee:08:da:
         07:b0:1d:28:54:ef:bf:94:cb:d1:38:dc:11:f1:f4:09:3f:48:
         4f:4f:d7:e9:9c:b6:cc:23:e9:a7:af:f1:cf:59:d0:66:3c:21:
         e9:b8:fc:77:99:69:a9:2c:6a:9b:b6:da:21:ad:05:63:6f:75:
         f0:94:c6:01:66:01:d3:44:19:e3:54:ba:88:fa:10:b1:94:ed:
         c8:0c:a2:cc:5e:6a:da:fc:84:28:6f:55:b9:c4:e3:77:d0:55:
         28:25:f0:37:fe:eb:0b:31:1d:1b:6c:d6:96:7a:50:93:7d:c0:
         b5:17:0a:cc:c5:73:27:2e:31:aa:17:b9:6d:23:75:72:3e:7a:
         d8:27:7a:0d:0e:b5:48:c9:bb:58:a7:35:f6:cc:65:0a:0e:19:
         83:66:97:75:cc:b7:d5:e9:37:d3:01:05:a2:75:f7:cf:2f:f0:
         c2:15:0e:8e:c4:42:91:25:e9:26:d9:01:bd:92:24:6d:75:8f:
         e0:98:e6:6f:37:a7:76:a2:ee:fe:b5:13:cf:35:f2:9e:02:73:
         b9:1f:f4:4b:2a:d3:da:1a:32:08:ab:8f:35:e0:35:24:f7:72:
         61:6c:fd:0a:74:76:2c:e1:54:ff:7a:1b:e9:81:c1:c0:03:46:
         cc:45:0d:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92ZND9ISbf3Wc7pZ5mQH8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2ZTkxYTlkN2NhZWY0ODE4Njc0YzVkNjI2MjgxMzYxNWM4
OWRlNTYwHhcNMjUxMDE5MTkwMTU4WhcNMjUxMDIwMTkwMTU4WjAzMTEwLwYDVQQD
EyhjNzhmMGYyZjYxMzQ1NzVjMWIzYTg3OGQ4Y2VhMjAxYmJiNjYwODgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA14SeZ5IdPP8VcwqHFVgSEuqJ5oGV
iQ+AoAXt6SL4zVC1ut0QeP28qlGFug6Vxi/SfAJD1uanRO6eJzpuumd7QSPmyrrD
nsCkQB15uDh4YhUyIymmzoY+b1exrwdi7H18jam9edevwQnK85YJ4SDZYwosEGWr
6xLRqwKrxdQAbZM1dj49QjToGOskgonTMsrLnjaNl5XPCzFWFBWVONA71VZxXXKf
pAWyV+7U8T+jA47evCC8viPr+imXaIp1TS1Ej1+E1LZJCvnmcuw05BBu0sWjAJyd
ulq7K3zXfHR1ZwKFQlzGUwCCXhfx4r9BM4JaKLEoe40w8GZsc7JNZmjjzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMePDy9hNFdcGzqHjYzqIBu7ZgiDMB8GA1UdIwQY
MBaAFKbpGp18rvSBhnTF1iYoE2Fcid5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHVrYW5YeXU5SUdHZE1YV0ppZ1RZVnlKM2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny81NWRlOTAtYmNmNi00MWE2LWE5ZTgt
NDA4MjI5ZjBiYWYxLzEvcHVrYW5YeXU5SUdHZE1YV0ppZ1RZVnlKM2xZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny81NWRlOTAtYmNmNi00MWE2LWE5ZTgtNDA4MjI5ZjBiYWYx
LzEvcHVrYW5YeXU5SUdHZE1YV0ppZ1RZVnlKM2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHCXUvG/y
2M5XKKtkg19n7gjaB7AdKFTvv5TL0TjcEfH0CT9IT0/X6Zy2zCPpp6/xz1nQZjwh
6bj8d5lpqSxqm7baIa0FY2918JTGAWYB00QZ41S6iPoQsZTtyAyizF5q2vyEKG9V
ucTjd9BVKCXwN/7rCzEdG2zWlnpQk33AtRcKzMVzJy4xqhe5bSN1cj562Cd6DQ61
SMm7WKc19sxlCg4Zg2aXdcy31ek30wEFonX3zy/wwhUOjsRCkSXpJtkBvZIkbXWP
4JjmbzendqLu/rUTzzXyngJzuR/0SyrT2hoyCKuPNeA1JPdyYWz9CnR2LOFU/3ob
6YHBwANGzEUN6A==
-----END CERTIFICATE-----