Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/1ce3e3-c859-4b71-b6d2-9359d8de2975/1/iQ8_qyNJwBsayP0LkhxgMYzhhNY.mft
File:                     iQ8_qyNJwBsayP0LkhxgMYzhhNY.mft (raw, json)
Hash identifier:          4Y9pObFKSaLlfc2djOcsbnEqu0BRM+ttJIfFPetZXS8=
Subject key identifier:   DC:1E:18:86:09:7E:56:86:63:89:80:71:91:AE:3F:10:11:27:26:1B
Authority key identifier: 89:0F:3F:AB:23:49:C0:1B:1A:C8:FD:0B:92:1C:60:31:8C:E1:84:D6
Certificate issuer:       /CN=890f3fab2349c01b1ac8fd0b921c60318ce184d6
Certificate serial:       0199FB0F311FAFD3E04104E28EF64CC843FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iQ8_qyNJwBsayP0LkhxgMYzhhNY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/1ce3e3-c859-4b71-b6d2-9359d8de2975/1/iQ8_qyNJwBsayP0LkhxgMYzhhNY.mft
Manifest number:          06B9
Signing time:             Sun 19 Oct 2025 06:01:40 +0000
Manifest this update:     Sun 19 Oct 2025 06:01:40 +0000
Manifest next update:     Mon 20 Oct 2025 06:01:40 +0000
Files and hashes:         1: iQ8_qyNJwBsayP0LkhxgMYzhhNY.crl (hash: YxBVRLLQMBCWtBhhFYuDbIU1VFPx6izfCQFht/ODVf0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/1ce3e3-c859-4b71-b6d2-9359d8de2975/1/iQ8_qyNJwBsayP0LkhxgMYzhhNY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/1ce3e3-c859-4b71-b6d2-9359d8de2975/1/iQ8_qyNJwBsayP0LkhxgMYzhhNY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iQ8_qyNJwBsayP0LkhxgMYzhhNY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:0f:31:1f:af:d3:e0:41:04:e2:8e:f6:4c:c8:43:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=890f3fab2349c01b1ac8fd0b921c60318ce184d6
        Validity
            Not Before: Oct 19 06:01:40 2025 GMT
            Not After : Oct 20 06:01:40 2025 GMT
        Subject: CN=dc1e1886097e56866389807191ae3f101127261b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:96:2c:cc:79:ca:1d:65:e1:a3:ae:c7:45:fd:
                    0e:88:f1:b6:00:dc:4f:00:5f:e3:9a:2d:18:31:50:
                    6b:fa:23:40:4a:78:60:dc:ac:ff:b2:68:d5:42:0d:
                    c1:83:7d:29:53:60:f4:c3:0b:4f:64:53:f1:98:fb:
                    ef:18:24:35:51:34:a2:16:0d:26:b5:50:70:a3:cf:
                    2c:e1:14:a7:1e:56:01:56:ee:3a:7e:c5:94:94:32:
                    bd:bf:1b:70:a4:c7:5f:1a:8a:69:01:39:aa:6b:f5:
                    00:7e:8b:0f:43:3e:d3:d7:ee:c0:fc:71:ac:a3:50:
                    63:1f:53:d7:70:77:18:60:41:09:f1:59:37:e6:15:
                    4b:0f:e1:49:25:50:98:42:df:c5:c3:5b:07:59:1e:
                    90:66:81:8c:2f:4c:dd:ae:c2:ce:61:b9:cf:6b:8d:
                    08:bb:54:fa:3e:4b:2f:07:b9:6b:5f:43:f1:8c:04:
                    06:6a:d3:b9:37:55:47:df:1b:e2:1a:17:a9:ef:24:
                    c2:fa:03:d4:4b:f3:39:16:72:d4:87:01:ce:5a:bf:
                    3a:58:fe:eb:f2:89:f7:6e:b4:9b:44:ef:38:2c:33:
                    d0:25:8b:e2:91:f7:79:cd:d6:0c:92:e9:aa:09:da:
                    de:bb:59:c4:5e:a0:ca:e2:8f:bc:e9:43:30:9e:4e:
                    66:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:1E:18:86:09:7E:56:86:63:89:80:71:91:AE:3F:10:11:27:26:1B
            X509v3 Authority Key Identifier:
                keyid:89:0F:3F:AB:23:49:C0:1B:1A:C8:FD:0B:92:1C:60:31:8C:E1:84:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQ8_qyNJwBsayP0LkhxgMYzhhNY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/1ce3e3-c859-4b71-b6d2-9359d8de2975/1/iQ8_qyNJwBsayP0LkhxgMYzhhNY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/1ce3e3-c859-4b71-b6d2-9359d8de2975/1/iQ8_qyNJwBsayP0LkhxgMYzhhNY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:2a:09:41:ca:3d:f3:6f:cf:7f:69:71:5e:0e:3e:0e:1a:35:
         36:d5:b1:8a:cf:7b:9e:d4:99:bb:2f:49:96:a0:5a:87:ae:d5:
         c3:c8:70:90:91:1c:0c:f9:76:d9:36:63:01:04:31:12:8f:b4:
         af:1a:65:5b:b8:a3:21:44:32:bc:19:26:b3:19:79:8b:a5:20:
         4e:99:0a:29:c0:79:0d:4f:74:e3:c9:f0:05:48:7b:ee:e1:a0:
         d3:ae:17:c5:45:6a:d7:88:7e:6a:80:2c:04:86:50:64:e7:19:
         ac:d4:ed:bb:21:b9:d3:ec:76:d7:bd:c1:f1:15:3f:9d:cd:51:
         36:7b:ad:b3:c4:d3:02:13:23:e7:bc:6d:8b:4e:42:0e:a2:a2:
         4d:70:b4:36:3f:52:4b:08:dd:3c:67:dd:1d:f6:73:ab:72:46:
         be:99:d3:ca:6c:46:f0:0f:f4:3e:5d:d8:89:a1:d4:fb:1a:42:
         c0:ee:bc:e3:c1:4e:46:a5:6f:95:d1:4b:f4:fb:ca:ff:2f:77:
         bc:19:14:bf:8a:cc:c9:2d:05:46:82:1a:32:e3:50:86:fc:38:
         a7:dc:c9:9e:28:ab:61:d1:31:a2:95:51:87:c5:97:00:bf:47:
         7b:51:1b:44:c2:ba:36:95:0a:74:cb:05:07:4d:63:80:e8:2e:
         26:b6:a1:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7DzEfr9PgQQTijvZMyEP8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MGYzZmFiMjM0OWMwMWIxYWM4ZmQwYjkyMWM2MDMxOGNl
MTg0ZDYwHhcNMjUxMDE5MDYwMTQwWhcNMjUxMDIwMDYwMTQwWjAzMTEwLwYDVQQD
EyhkYzFlMTg4NjA5N2U1Njg2NjM4OTgwNzE5MWFlM2YxMDExMjcyNjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZYszHnKHWXho67HRf0OiPG2ANxP
AF/jmi0YMVBr+iNASnhg3Kz/smjVQg3Bg30pU2D0wwtPZFPxmPvvGCQ1UTSiFg0m
tVBwo88s4RSnHlYBVu46fsWUlDK9vxtwpMdfGoppATmqa/UAfosPQz7T1+7A/HGs
o1BjH1PXcHcYYEEJ8Vk35hVLD+FJJVCYQt/Fw1sHWR6QZoGML0zdrsLOYbnPa40I
u1T6PksvB7lrX0PxjAQGatO5N1VH3xviGhep7yTC+gPUS/M5FnLUhwHOWr86WP7r
8on3brSbRO84LDPQJYvikfd5zdYMkumqCdreu1nEXqDK4o+86UMwnk5myQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNweGIYJflaGY4mAcZGuPxARJyYbMB8GA1UdIwQY
MBaAFIkPP6sjScAbGsj9C5IcYDGM4YTWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVE4X3F5Tkp3QnNheVAwTGtoeGdNWXpoaE5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS8xY2UzZTMtYzg1OS00YjcxLWI2ZDIt
OTM1OWQ4ZGUyOTc1LzEvaVE4X3F5Tkp3QnNheVAwTGtoeGdNWXpoaE5ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS8xY2UzZTMtYzg1OS00YjcxLWI2ZDItOTM1OWQ4ZGUyOTc1
LzEvaVE4X3F5Tkp3QnNheVAwTGtoeGdNWXpoaE5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAESoJQco9
82/Pf2lxXg4+Dho1NtWxis97ntSZuy9JlqBah67Vw8hwkJEcDPl22TZjAQQxEo+0
rxplW7ijIUQyvBkmsxl5i6UgTpkKKcB5DU9048nwBUh77uGg064XxUVq14h+aoAs
BIZQZOcZrNTtuyG50+x2173B8RU/nc1RNnuts8TTAhMj57xti05CDqKiTXC0Nj9S
SwjdPGfdHfZzq3JGvpnTymxG8A/0Pl3YiaHU+xpCwO6848FORqVvldFL9PvK/y93
vBkUv4rMyS0FRoIaMuNQhvw4p9zJniirYdExopVRh8WXAL9He1EbRMK6NpUKdMsF
B01jgOguJrahJg==
-----END CERTIFICATE-----