Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/97d09b-e5e1-47f8-b25f-8a92e09bfe1b/1/R3BGWvTHI2RwAFnnll08iepGPNc.mft
File:                     R3BGWvTHI2RwAFnnll08iepGPNc.mft (raw, json)
Hash identifier:          nZPRkzldbvJcd41DMcHyWMWWknc+iNXIVDQqDtTtf68=
Subject key identifier:   65:D9:31:65:AE:5D:F8:9D:E0:42:82:AB:2E:FF:A3:9B:28:65:D2:12
Authority key identifier: 47:70:46:5A:F4:C7:23:64:70:00:59:E7:96:5D:3C:89:EA:46:3C:D7
Certificate issuer:       /CN=4770465af4c72364700059e7965d3c89ea463cd7
Certificate serial:       0199FDD9C5D544DA4548BA436E8B19CBCDF9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/R3BGWvTHI2RwAFnnll08iepGPNc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/97d09b-e5e1-47f8-b25f-8a92e09bfe1b/1/R3BGWvTHI2RwAFnnll08iepGPNc.mft
Manifest number:          1099
Signing time:             Sun 19 Oct 2025 19:02:11 +0000
Manifest this update:     Sun 19 Oct 2025 19:02:11 +0000
Manifest next update:     Mon 20 Oct 2025 19:02:11 +0000
Files and hashes:         1: R3BGWvTHI2RwAFnnll08iepGPNc.crl (hash: lEwLODAgoblcZ3xXO+ZSvLiPVm1myo8b0UDOyLICjO8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/68/97d09b-e5e1-47f8-b25f-8a92e09bfe1b/1/R3BGWvTHI2RwAFnnll08iepGPNc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/68/97d09b-e5e1-47f8-b25f-8a92e09bfe1b/1/R3BGWvTHI2RwAFnnll08iepGPNc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/R3BGWvTHI2RwAFnnll08iepGPNc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d9:c5:d5:44:da:45:48:ba:43:6e:8b:19:cb:cd:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4770465af4c72364700059e7965d3c89ea463cd7
        Validity
            Not Before: Oct 19 19:02:11 2025 GMT
            Not After : Oct 20 19:02:11 2025 GMT
        Subject: CN=65d93165ae5df89de04282ab2effa39b2865d212
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:33:95:44:e8:12:7f:de:fc:1a:0d:3d:b8:84:
                    68:21:00:ab:23:1a:28:0a:bb:2f:22:70:77:88:29:
                    d3:16:79:df:61:43:d7:ae:5b:fb:b9:10:12:61:ef:
                    f1:e8:3f:bd:5d:0f:52:be:a6:e7:ff:62:90:91:e6:
                    cb:db:09:ae:03:24:27:9c:72:f2:58:8f:96:8d:68:
                    c9:46:d3:22:1d:fc:32:5b:54:31:9d:32:57:e2:1b:
                    b9:14:58:37:b8:c2:70:74:46:2e:69:01:e2:ad:4f:
                    de:c0:f4:0b:2c:64:c0:26:df:89:4a:59:1a:7c:85:
                    a6:ef:d6:05:2c:d6:3f:18:9d:f8:ca:de:58:ae:f7:
                    ff:62:c4:96:dd:99:70:61:5c:0a:7e:c2:80:df:70:
                    67:9e:1c:7e:01:1c:10:49:ab:fe:9d:9c:bd:59:ad:
                    f4:8f:83:db:25:1f:9d:8c:82:63:6d:c2:a8:9c:23:
                    14:3a:4b:37:3d:59:ab:eb:84:62:79:5e:84:32:28:
                    f3:ab:8b:6f:9a:d2:fc:11:32:9f:59:0e:4d:ab:14:
                    2a:70:42:b9:b3:4c:a2:85:55:15:58:19:f4:c1:1d:
                    86:71:c6:7b:eb:4c:c0:06:ff:b0:3d:03:0b:e7:ff:
                    00:5f:d5:97:6b:7b:9b:fd:6f:09:6d:60:71:46:d7:
                    2b:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:D9:31:65:AE:5D:F8:9D:E0:42:82:AB:2E:FF:A3:9B:28:65:D2:12
            X509v3 Authority Key Identifier:
                keyid:47:70:46:5A:F4:C7:23:64:70:00:59:E7:96:5D:3C:89:EA:46:3C:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R3BGWvTHI2RwAFnnll08iepGPNc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/97d09b-e5e1-47f8-b25f-8a92e09bfe1b/1/R3BGWvTHI2RwAFnnll08iepGPNc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/97d09b-e5e1-47f8-b25f-8a92e09bfe1b/1/R3BGWvTHI2RwAFnnll08iepGPNc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:e6:90:32:da:6c:29:c1:a8:ae:79:83:93:64:35:ea:57:71:
         53:96:df:20:75:2c:e0:c7:f7:ad:43:d5:f9:3f:ab:33:b9:4a:
         c9:77:fa:92:d5:33:29:2f:1a:99:c9:6c:25:75:95:de:c5:24:
         8a:96:b4:34:d1:a1:8c:ea:8e:db:66:cf:9d:7b:fb:71:e4:73:
         3a:d4:76:c9:a5:70:e4:2d:59:39:6c:71:b0:9c:a3:9c:a0:ba:
         c8:28:06:f5:cd:85:2a:a8:92:63:ed:c2:d5:9d:45:42:21:51:
         fd:9d:53:36:34:35:fd:da:cf:94:f3:a9:0a:d0:2a:20:87:7a:
         c0:ff:cc:62:76:34:59:11:aa:5c:9a:df:3d:82:55:bc:b7:6d:
         49:5c:64:22:85:79:7a:be:26:68:25:e7:f3:f2:30:e9:27:f9:
         d7:93:7b:fb:be:bc:31:7e:33:28:36:e4:ea:5d:e0:47:bb:df:
         72:42:7c:e0:34:8e:78:9c:aa:58:df:58:54:15:c7:81:a2:c9:
         ae:24:b8:41:f6:4a:fe:49:42:9f:fd:1d:da:8c:86:12:2f:08:
         e1:aa:08:24:7e:4a:a2:c6:36:1e:fc:d3:ee:7f:14:2e:dc:42:
         c4:05:be:00:bd:8e:9f:11:9f:c1:f1:0b:f3:36:e0:69:6e:75:
         65:58:dd:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92cXVRNpFSLpDbosZy835MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3NzA0NjVhZjRjNzIzNjQ3MDAwNTllNzk2NWQzYzg5ZWE0
NjNjZDcwHhcNMjUxMDE5MTkwMjExWhcNMjUxMDIwMTkwMjExWjAzMTEwLwYDVQQD
Eyg2NWQ5MzE2NWFlNWRmODlkZTA0MjgyYWIyZWZmYTM5YjI4NjVkMjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzOVROgSf978Gg09uIRoIQCrIxoo
CrsvInB3iCnTFnnfYUPXrlv7uRASYe/x6D+9XQ9Svqbn/2KQkebL2wmuAyQnnHLy
WI+WjWjJRtMiHfwyW1QxnTJX4hu5FFg3uMJwdEYuaQHirU/ewPQLLGTAJt+JSlka
fIWm79YFLNY/GJ34yt5Yrvf/YsSW3ZlwYVwKfsKA33Bnnhx+ARwQSav+nZy9Wa30
j4PbJR+djIJjbcKonCMUOks3PVmr64RieV6EMijzq4tvmtL8ETKfWQ5NqxQqcEK5
s0yihVUVWBn0wR2GccZ760zABv+wPQML5/8AX9WXa3ub/W8JbWBxRtcrcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGXZMWWuXfid4EKCqy7/o5soZdISMB8GA1UdIwQY
MBaAFEdwRlr0xyNkcABZ55ZdPInqRjzXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjNCR1d2VEhJMlJ3QUZubmxsMDhpZXBHUE5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC85N2QwOWItZTVlMS00N2Y4LWIyNWYt
OGE5MmUwOWJmZTFiLzEvUjNCR1d2VEhJMlJ3QUZubmxsMDhpZXBHUE5jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC85N2QwOWItZTVlMS00N2Y4LWIyNWYtOGE5MmUwOWJmZTFi
LzEvUjNCR1d2VEhJMlJ3QUZubmxsMDhpZXBHUE5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmOaQMtps
KcGornmDk2Q16ldxU5bfIHUs4Mf3rUPV+T+rM7lKyXf6ktUzKS8amclsJXWV3sUk
ipa0NNGhjOqO22bPnXv7ceRzOtR2yaVw5C1ZOWxxsJyjnKC6yCgG9c2FKqiSY+3C
1Z1FQiFR/Z1TNjQ1/drPlPOpCtAqIId6wP/MYnY0WRGqXJrfPYJVvLdtSVxkIoV5
er4maCXn8/Iw6Sf515N7+768MX4zKDbk6l3gR7vfckJ84DSOeJyqWN9YVBXHgaLJ
riS4QfZK/klCn/0d2oyGEi8I4aoIJH5KosY2HvzT7n8ULtxCxAW+AL2OnxGfwfEL
8zbgaW51ZVjdCw==
-----END CERTIFICATE-----