Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/f7db9d-fcd9-4f21-91c2-60033d5b03bb/1/PyOrcwUwR5LcLOgXgLXbiJ2Pfzo.mft
File:                     PyOrcwUwR5LcLOgXgLXbiJ2Pfzo.mft (raw, json)
Hash identifier:          zisVG0aLTNbVfuIdBb0ruUf/hBNRk9YQsJJNFecy+Kk=
Subject key identifier:   33:70:3A:F1:C2:74:45:5A:1B:6F:8E:C6:5E:F7:3D:F5:54:D9:7D:41
Authority key identifier: 3F:23:AB:73:05:30:47:92:DC:2C:E8:17:80:B5:DB:88:9D:8F:7F:3A
Certificate issuer:       /CN=3f23ab7305304792dc2ce81780b5db889d8f7f3a
Certificate serial:       0199FC8F83D4C8C4AD5B45EFE6611F102639
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PyOrcwUwR5LcLOgXgLXbiJ2Pfzo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/f7db9d-fcd9-4f21-91c2-60033d5b03bb/1/PyOrcwUwR5LcLOgXgLXbiJ2Pfzo.mft
Manifest number:          16DF
Signing time:             Sun 19 Oct 2025 13:01:27 +0000
Manifest this update:     Sun 19 Oct 2025 13:01:27 +0000
Manifest next update:     Mon 20 Oct 2025 13:01:27 +0000
Files and hashes:         1: PyOrcwUwR5LcLOgXgLXbiJ2Pfzo.crl (hash: KsodKVF3qH1vyIh1+69jNG01Db8cbd13Yz5+7tx4dkQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/f7db9d-fcd9-4f21-91c2-60033d5b03bb/1/PyOrcwUwR5LcLOgXgLXbiJ2Pfzo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/f7db9d-fcd9-4f21-91c2-60033d5b03bb/1/PyOrcwUwR5LcLOgXgLXbiJ2Pfzo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PyOrcwUwR5LcLOgXgLXbiJ2Pfzo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:8f:83:d4:c8:c4:ad:5b:45:ef:e6:61:1f:10:26:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3f23ab7305304792dc2ce81780b5db889d8f7f3a
        Validity
            Not Before: Oct 19 13:01:27 2025 GMT
            Not After : Oct 20 13:01:27 2025 GMT
        Subject: CN=33703af1c274455a1b6f8ec65ef73df554d97d41
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:e3:04:44:5a:b0:1e:cb:97:f7:d9:9b:a2:66:
                    ce:a8:94:fb:18:a1:c9:44:e2:e9:66:57:cd:b2:4e:
                    96:50:ad:3c:0b:20:12:22:19:3c:c2:11:b3:c9:2a:
                    ef:c0:54:37:81:a5:d2:91:aa:2a:e3:7a:3a:d8:e5:
                    49:bb:d4:57:b3:b9:1a:6e:4c:75:9a:56:d2:e5:86:
                    0a:63:77:b7:25:22:1b:bc:b0:1d:91:a8:ff:fb:fd:
                    a2:04:f1:68:a6:bd:4c:40:7b:45:8c:19:29:f6:3b:
                    3c:f9:b9:af:95:02:1f:2b:bb:4f:65:a4:3b:62:54:
                    f3:7c:62:68:a8:80:ad:16:71:af:5c:3e:54:21:27:
                    e3:30:3e:d6:37:e8:1d:8d:79:6e:03:9d:87:3e:48:
                    80:f9:91:9c:9b:04:06:a9:a1:95:2d:40:d5:b7:c3:
                    a8:e9:5b:2f:ed:cc:4d:3a:ae:84:b6:93:86:4c:a0:
                    3f:5a:df:24:aa:22:61:3b:33:ad:07:52:71:3e:e5:
                    da:05:a0:b5:67:8d:0e:21:09:52:89:10:ae:02:5f:
                    30:3b:b3:41:98:db:cb:6a:2a:bc:06:5c:7a:b4:5a:
                    da:aa:e0:2d:b9:af:90:1a:76:3e:ca:e0:f3:8f:12:
                    17:23:a2:d6:0f:b1:66:c0:ac:ad:2f:b4:85:7d:66:
                    8c:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:70:3A:F1:C2:74:45:5A:1B:6F:8E:C6:5E:F7:3D:F5:54:D9:7D:41
            X509v3 Authority Key Identifier:
                keyid:3F:23:AB:73:05:30:47:92:DC:2C:E8:17:80:B5:DB:88:9D:8F:7F:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PyOrcwUwR5LcLOgXgLXbiJ2Pfzo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f7db9d-fcd9-4f21-91c2-60033d5b03bb/1/PyOrcwUwR5LcLOgXgLXbiJ2Pfzo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f7db9d-fcd9-4f21-91c2-60033d5b03bb/1/PyOrcwUwR5LcLOgXgLXbiJ2Pfzo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:81:2a:51:7c:44:f5:89:25:af:54:92:8c:69:0c:5f:cd:c3:
         42:1e:d4:85:e3:be:5c:e6:a2:51:dd:98:a0:2a:9d:b9:60:2b:
         98:66:81:60:9b:0e:d8:9a:e5:de:58:5f:e6:bb:cb:4d:6a:25:
         b3:13:b9:96:fd:03:76:bb:5c:b8:fe:ce:9f:11:51:05:68:63:
         6d:5f:9f:55:5d:ff:2d:ed:56:5e:11:de:60:b8:ba:ab:58:08:
         27:41:fb:6e:db:61:a2:0c:b9:0a:1e:8e:97:c4:b4:9b:b2:4a:
         e6:c7:20:57:82:2e:ad:dc:f1:87:92:0e:dd:61:aa:af:d9:4b:
         60:af:e8:45:39:aa:dd:c1:42:2b:ec:57:0a:47:fd:1e:e2:25:
         1e:79:c1:1c:3c:58:42:d4:31:79:c8:6d:20:bf:f3:ca:3a:75:
         e7:bb:78:17:c2:33:89:d4:3c:08:85:3a:b5:d6:7b:d2:d4:e0:
         c7:0e:bf:14:30:c8:a9:86:d9:58:b9:07:21:49:2a:df:59:eb:
         9d:74:c6:d2:19:43:f0:8b:d3:12:27:2e:0d:cb:d1:2e:61:18:
         4d:9f:6b:dd:42:24:9e:49:5e:8a:11:a8:1f:9b:e4:7c:d1:ca:
         db:b7:e2:8e:4e:59:b0:c8:e0:2b:ac:69:97:34:b6:9f:45:c4:
         89:8d:1e:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8j4PUyMStW0Xv5mEfECY5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMjNhYjczMDUzMDQ3OTJkYzJjZTgxNzgwYjVkYjg4OWQ4
ZjdmM2EwHhcNMjUxMDE5MTMwMTI3WhcNMjUxMDIwMTMwMTI3WjAzMTEwLwYDVQQD
EygzMzcwM2FmMWMyNzQ0NTVhMWI2ZjhlYzY1ZWY3M2RmNTU0ZDk3ZDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAueMERFqwHsuX99mbombOqJT7GKHJ
ROLpZlfNsk6WUK08CyASIhk8whGzySrvwFQ3gaXSkaoq43o62OVJu9RXs7kabkx1
mlbS5YYKY3e3JSIbvLAdkaj/+/2iBPFopr1MQHtFjBkp9js8+bmvlQIfK7tPZaQ7
YlTzfGJoqICtFnGvXD5UISfjMD7WN+gdjXluA52HPkiA+ZGcmwQGqaGVLUDVt8Oo
6Vsv7cxNOq6EtpOGTKA/Wt8kqiJhOzOtB1JxPuXaBaC1Z40OIQlSiRCuAl8wO7NB
mNvLaiq8Blx6tFraquAtua+QGnY+yuDzjxIXI6LWD7FmwKytL7SFfWaMvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDNwOvHCdEVaG2+Oxl73PfVU2X1BMB8GA1UdIwQY
MBaAFD8jq3MFMEeS3CzoF4C124idj386MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHlPcmN3VXdSNUxjTE9nWGdMWGJpSjJQZnpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9mN2RiOWQtZmNkOS00ZjIxLTkxYzIt
NjAwMzNkNWIwM2JiLzEvUHlPcmN3VXdSNUxjTE9nWGdMWGJpSjJQZnpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9mN2RiOWQtZmNkOS00ZjIxLTkxYzItNjAwMzNkNWIwM2Ji
LzEvUHlPcmN3VXdSNUxjTE9nWGdMWGJpSjJQZnpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPYEqUXxE
9Yklr1SSjGkMX83DQh7UheO+XOaiUd2YoCqduWArmGaBYJsO2Jrl3lhf5rvLTWol
sxO5lv0DdrtcuP7OnxFRBWhjbV+fVV3/Le1WXhHeYLi6q1gIJ0H7btthogy5Ch6O
l8S0m7JK5scgV4Iurdzxh5IO3WGqr9lLYK/oRTmq3cFCK+xXCkf9HuIlHnnBHDxY
QtQxechtIL/zyjp157t4F8IzidQ8CIU6tdZ70tTgxw6/FDDIqYbZWLkHIUkq31nr
nXTG0hlD8IvTEicuDcvRLmEYTZ9r3UIknkleihGoH5vkfNHK27fijk5ZsMjgK6xp
lzS2n0XEiY0e7Q==
-----END CERTIFICATE-----