Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft
File:                     PO7GxHlRspnHCAZYPXkdUM2BbF8.mft (raw, json)
Hash identifier:          V9C0x70AiP2Dah7Nwf76tU2H9/X4rEZk3ABFGmwlJVA=
Subject key identifier:   12:E7:36:9B:2F:4A:73:60:38:3F:1B:55:ED:A4:74:2E:F6:00:93:E1
Authority key identifier: 3C:EE:C6:C4:79:51:B2:99:C7:08:06:58:3D:79:1D:50:CD:81:6C:5F
Certificate issuer:       /CN=3ceec6c47951b299c70806583d791d50cd816c5f
Certificate serial:       0199FBEB3C814B3D0114417C936B4C0FFE6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PO7GxHlRspnHCAZYPXkdUM2BbF8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft
Manifest number:          0331
Signing time:             Sun 19 Oct 2025 10:02:01 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:01 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:01 +0000
Files and hashes:         1: PO7GxHlRspnHCAZYPXkdUM2BbF8.crl (hash: Ety5D6WUheBXJfGG2Z952DCS+eH2G6QFfLbL3/ED+v4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PO7GxHlRspnHCAZYPXkdUM2BbF8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:3c:81:4b:3d:01:14:41:7c:93:6b:4c:0f:fe:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ceec6c47951b299c70806583d791d50cd816c5f
        Validity
            Not Before: Oct 19 10:02:01 2025 GMT
            Not After : Oct 20 10:02:01 2025 GMT
        Subject: CN=12e7369b2f4a7360383f1b55eda4742ef60093e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:04:d4:d3:95:cb:39:9a:a2:b3:6b:6f:15:09:
                    5e:1b:8b:3e:93:03:f4:1f:ea:ee:99:ed:00:55:44:
                    c2:be:40:bd:9e:ca:3f:40:cf:89:f4:c3:42:a3:32:
                    f3:e2:a9:bd:ad:ad:36:64:11:f2:6d:7b:dd:3b:78:
                    56:b8:87:69:4d:9d:59:70:d9:85:4e:76:34:ed:12:
                    c5:50:88:aa:ba:ad:d4:14:21:57:d2:f2:63:df:96:
                    3b:70:69:04:a0:1e:1a:de:3b:cf:71:b0:8f:df:16:
                    e7:2f:dc:e5:22:8a:28:b6:46:cf:71:d4:74:1d:dd:
                    f2:85:7e:c1:1c:aa:32:81:ce:fb:fa:9c:35:98:ad:
                    fb:f7:58:f1:ec:34:7e:d3:34:6b:a5:d5:3b:bc:be:
                    9a:71:10:0f:59:1f:c6:50:ab:37:f6:0e:5c:76:92:
                    07:83:2f:27:3a:74:2c:90:6b:c7:49:3b:0f:7e:9b:
                    7b:74:32:23:2b:08:23:c9:45:d1:66:53:21:46:62:
                    5d:3e:1a:29:aa:96:bf:24:82:e9:bd:ce:f7:7d:cd:
                    41:e8:e7:6c:51:38:e9:9c:29:34:e1:c2:a4:f3:6c:
                    27:14:85:12:90:94:89:2e:93:33:d3:0c:6f:c0:88:
                    e8:33:2a:a7:a4:1f:90:e6:fa:b1:84:85:ec:33:81:
                    33:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:E7:36:9B:2F:4A:73:60:38:3F:1B:55:ED:A4:74:2E:F6:00:93:E1
            X509v3 Authority Key Identifier:
                keyid:3C:EE:C6:C4:79:51:B2:99:C7:08:06:58:3D:79:1D:50:CD:81:6C:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PO7GxHlRspnHCAZYPXkdUM2BbF8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b7:bb:f6:6b:4c:ca:72:8a:69:43:40:03:ee:10:fa:3f:bc:8d:
         7c:11:e2:7c:e7:63:30:f0:d6:a1:ec:3b:35:7a:5f:41:a4:49:
         07:d3:90:d4:c6:a8:bf:01:5d:b1:09:66:34:e5:92:d5:29:0e:
         b1:a2:7c:11:c6:97:12:00:fa:62:de:9f:df:a8:a5:fb:e9:a5:
         20:e0:11:50:01:f1:43:1a:6c:a5:6f:5f:75:36:d8:d0:c0:af:
         94:d6:72:6d:48:cc:92:ed:29:59:f6:a6:c0:df:5f:7c:ec:3d:
         5f:3b:0a:1e:4a:fe:1f:e5:2d:b2:05:2d:e6:8b:98:e1:fe:65:
         3f:b9:fd:a9:c4:9e:a7:8b:d4:fe:3c:08:9a:35:56:83:fb:f9:
         0e:9d:e0:85:4b:a2:17:6f:90:70:ab:a0:93:26:30:18:0c:fd:
         be:4d:bd:87:03:48:03:ba:e4:e3:f9:b9:97:b7:4c:83:cc:fc:
         1d:08:64:a0:17:5f:bf:d0:ba:d8:24:2e:0e:f5:a6:b7:ff:14:
         a6:4b:91:50:63:25:b7:ea:ca:db:c1:7b:f7:d9:4a:f5:01:d4:
         72:d7:36:9a:a1:31:3f:42:44:11:a8:00:45:ff:1a:39:2f:78:
         69:18:56:85:eb:66:64:77:72:5d:a7:25:97:00:81:df:70:69:
         1b:18:f2:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76zyBSz0BFEF8k2tMD/5rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZWVjNmM0Nzk1MWIyOTljNzA4MDY1ODNkNzkxZDUwY2Q4
MTZjNWYwHhcNMjUxMDE5MTAwMjAxWhcNMjUxMDIwMTAwMjAxWjAzMTEwLwYDVQQD
EygxMmU3MzY5YjJmNGE3MzYwMzgzZjFiNTVlZGE0NzQyZWY2MDA5M2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyQTU05XLOZqis2tvFQleG4s+kwP0
H+rume0AVUTCvkC9nso/QM+J9MNCozLz4qm9ra02ZBHybXvdO3hWuIdpTZ1ZcNmF
TnY07RLFUIiquq3UFCFX0vJj35Y7cGkEoB4a3jvPcbCP3xbnL9zlIoootkbPcdR0
Hd3yhX7BHKoygc77+pw1mK3791jx7DR+0zRrpdU7vL6acRAPWR/GUKs39g5cdpIH
gy8nOnQskGvHSTsPfpt7dDIjKwgjyUXRZlMhRmJdPhopqpa/JILpvc73fc1B6Ods
UTjpnCk04cKk82wnFIUSkJSJLpMz0wxvwIjoMyqnpB+Q5vqxhIXsM4EzMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBLnNpsvSnNgOD8bVe2kdC72AJPhMB8GA1UdIwQY
MBaAFDzuxsR5UbKZxwgGWD15HVDNgWxfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE83R3hIbFJzcG5IQ0FaWVBYa2RVTTJCYkY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9iMzMwYzctZmRhYy00MDBhLTk2N2It
YTcyZWFkMjk1MzI1LzEvUE83R3hIbFJzcG5IQ0FaWVBYa2RVTTJCYkY4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9iMzMwYzctZmRhYy00MDBhLTk2N2ItYTcyZWFkMjk1MzI1
LzEvUE83R3hIbFJzcG5IQ0FaWVBYa2RVTTJCYkY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAt7v2a0zK
coppQ0AD7hD6P7yNfBHifOdjMPDWoew7NXpfQaRJB9OQ1MaovwFdsQlmNOWS1SkO
saJ8EcaXEgD6Yt6f36il++mlIOARUAHxQxpspW9fdTbY0MCvlNZybUjMku0pWfam
wN9ffOw9XzsKHkr+H+UtsgUt5ouY4f5lP7n9qcSep4vU/jwImjVWg/v5Dp3ghUui
F2+QcKugkyYwGAz9vk29hwNIA7rk4/m5l7dMg8z8HQhkoBdfv9C62CQuDvWmt/8U
pkuRUGMlt+rK28F799lK9QHUctc2mqExP0JEEagARf8aOS94aRhWhetmZHdyXacl
lwCB33BpGxjyYA==
-----END CERTIFICATE-----