Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/1c9754-32e9-4186-a691-dc3651ccf9ae/1/x3Kabs4tDr6bvl2NeWL3O9ySBKk.mft
File:                     x3Kabs4tDr6bvl2NeWL3O9ySBKk.mft (raw, json)
Hash identifier:          LdTVfMybucWmVi/eQdYPoGbz+9DoiEYmDZ/qnh4yACc=
Subject key identifier:   66:95:4B:C9:F5:6B:8D:BE:5F:A3:BA:51:2D:E9:35:1E:C5:50:33:C6
Authority key identifier: C7:72:9A:6E:CE:2D:0E:BE:9B:BE:5D:8D:79:62:F7:3B:DC:92:04:A9
Certificate issuer:       /CN=c7729a6ece2d0ebe9bbe5d8d7962f73bdc9204a9
Certificate serial:       0199FBEC0EB311471E672247AF823D7477EB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/x3Kabs4tDr6bvl2NeWL3O9ySBKk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/1c9754-32e9-4186-a691-dc3651ccf9ae/1/x3Kabs4tDr6bvl2NeWL3O9ySBKk.mft
Manifest number:          0196
Signing time:             Sun 19 Oct 2025 10:02:55 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:55 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:55 +0000
Files and hashes:         1: x3Kabs4tDr6bvl2NeWL3O9ySBKk.crl (hash: OHTifdUc6Wc2P5sttYbseVRZVIe9QQCyXLNBsxpqYbM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/1c9754-32e9-4186-a691-dc3651ccf9ae/1/x3Kabs4tDr6bvl2NeWL3O9ySBKk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/1c9754-32e9-4186-a691-dc3651ccf9ae/1/x3Kabs4tDr6bvl2NeWL3O9ySBKk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/x3Kabs4tDr6bvl2NeWL3O9ySBKk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ec:0e:b3:11:47:1e:67:22:47:af:82:3d:74:77:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c7729a6ece2d0ebe9bbe5d8d7962f73bdc9204a9
        Validity
            Not Before: Oct 19 10:02:55 2025 GMT
            Not After : Oct 20 10:02:55 2025 GMT
        Subject: CN=66954bc9f56b8dbe5fa3ba512de9351ec55033c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:22:a2:9f:26:5d:93:ae:24:0a:07:d4:7e:c8:
                    17:84:cc:f5:f4:56:5e:37:8e:a5:74:45:dd:58:91:
                    4e:82:6d:27:25:d8:de:39:a0:72:58:dd:e0:1b:5f:
                    48:f5:e6:cf:75:df:3e:6b:05:1d:76:e8:7a:bb:46:
                    13:0e:60:b3:91:90:b2:92:93:1f:b6:1c:cd:39:d6:
                    d2:b6:5c:5a:c4:fe:e1:10:f9:a4:0b:5e:f7:e4:78:
                    4c:f1:6c:4d:55:c4:d3:62:d5:69:d0:86:ca:f7:c8:
                    e9:64:ab:78:65:c1:a7:61:2a:ad:2f:d8:e5:2b:65:
                    8e:88:aa:29:b8:10:b3:3a:60:d8:ba:ff:71:42:53:
                    e8:0e:72:e8:c9:5b:e7:b5:fd:d9:f1:e8:ef:99:c0:
                    66:c6:6f:64:78:07:c0:17:4d:29:3a:57:32:d6:9a:
                    05:8d:fe:02:a8:7c:21:f9:f7:e3:c4:0f:14:d2:c8:
                    26:5d:ba:5f:e4:92:66:33:66:f1:97:f9:ce:b8:92:
                    87:d1:8c:0e:f7:73:68:d4:85:b0:46:ab:f8:b2:db:
                    5e:06:92:ac:94:eb:78:a8:2e:8e:b4:45:b6:06:af:
                    c3:52:27:ea:aa:88:cd:1b:b0:5d:b0:55:82:30:e9:
                    d3:a4:c3:a5:a5:8f:85:23:4c:cf:c5:02:04:38:ff:
                    43:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:95:4B:C9:F5:6B:8D:BE:5F:A3:BA:51:2D:E9:35:1E:C5:50:33:C6
            X509v3 Authority Key Identifier:
                keyid:C7:72:9A:6E:CE:2D:0E:BE:9B:BE:5D:8D:79:62:F7:3B:DC:92:04:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x3Kabs4tDr6bvl2NeWL3O9ySBKk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/1c9754-32e9-4186-a691-dc3651ccf9ae/1/x3Kabs4tDr6bvl2NeWL3O9ySBKk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/1c9754-32e9-4186-a691-dc3651ccf9ae/1/x3Kabs4tDr6bvl2NeWL3O9ySBKk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:b5:89:6c:44:ef:a9:0f:0b:04:5f:5a:39:1d:0b:90:69:f5:
         ee:92:30:32:29:74:6c:19:a4:59:46:39:4b:e2:27:ed:68:2b:
         c7:a5:e5:da:56:51:98:43:8f:0f:cd:4b:b0:40:71:c5:8d:86:
         ca:56:a5:0c:0a:70:24:55:5f:6c:22:b3:09:cc:8f:e8:12:e5:
         87:52:c1:b3:68:82:02:10:67:98:87:65:d5:20:9c:87:dc:03:
         27:ef:9b:2a:b5:65:e6:84:39:42:10:6c:30:66:82:53:48:de:
         87:79:dc:36:d4:00:98:32:93:58:7c:b5:49:0f:da:58:79:56:
         fe:75:2b:d7:32:21:c2:ec:f4:22:a8:ea:28:39:be:03:32:58:
         ef:87:3c:c0:62:e0:9a:ad:26:9a:13:9a:0b:cd:a0:b4:af:20:
         50:67:26:31:c5:09:66:71:d5:c2:ad:84:f5:8e:73:59:2f:db:
         e6:bc:6c:e8:3d:33:dd:41:c5:f0:d7:9e:62:6d:6e:36:a3:d9:
         9e:0f:51:66:a9:e6:99:f0:95:8a:ce:0f:29:91:be:e8:e5:20:
         8b:13:35:80:b4:01:06:a8:48:0f:82:4d:61:92:14:bd:94:04:
         7c:00:4c:97:81:13:70:20:3c:02:9d:12:7a:82:39:7b:2a:28:
         4b:f8:c0:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn77A6zEUceZyJHr4I9dHfrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NzI5YTZlY2UyZDBlYmU5YmJlNWQ4ZDc5NjJmNzNiZGM5
MjA0YTkwHhcNMjUxMDE5MTAwMjU1WhcNMjUxMDIwMTAwMjU1WjAzMTEwLwYDVQQD
Eyg2Njk1NGJjOWY1NmI4ZGJlNWZhM2JhNTEyZGU5MzUxZWM1NTAzM2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCKinyZdk64kCgfUfsgXhMz19FZe
N46ldEXdWJFOgm0nJdjeOaByWN3gG19I9ebPdd8+awUdduh6u0YTDmCzkZCykpMf
thzNOdbStlxaxP7hEPmkC1735HhM8WxNVcTTYtVp0IbK98jpZKt4ZcGnYSqtL9jl
K2WOiKopuBCzOmDYuv9xQlPoDnLoyVvntf3Z8ejvmcBmxm9keAfAF00pOlcy1poF
jf4CqHwh+ffjxA8U0sgmXbpf5JJmM2bxl/nOuJKH0YwO93No1IWwRqv4stteBpKs
lOt4qC6OtEW2Bq/DUifqqojNG7BdsFWCMOnTpMOlpY+FI0zPxQIEOP9DBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGaVS8n1a42+X6O6US3pNR7FUDPGMB8GA1UdIwQY
MBaAFMdymm7OLQ6+m75djXli9zvckgSpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDNLYWJzNHREcjZidmwyTmVXTDNPOXlTQktrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8xYzk3NTQtMzJlOS00MTg2LWE2OTEt
ZGMzNjUxY2NmOWFlLzEveDNLYWJzNHREcjZidmwyTmVXTDNPOXlTQktrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8xYzk3NTQtMzJlOS00MTg2LWE2OTEtZGMzNjUxY2NmOWFl
LzEveDNLYWJzNHREcjZidmwyTmVXTDNPOXlTQktrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARbWJbETv
qQ8LBF9aOR0LkGn17pIwMil0bBmkWUY5S+In7Wgrx6Xl2lZRmEOPD81LsEBxxY2G
ylalDApwJFVfbCKzCcyP6BLlh1LBs2iCAhBnmIdl1SCch9wDJ++bKrVl5oQ5QhBs
MGaCU0jeh3ncNtQAmDKTWHy1SQ/aWHlW/nUr1zIhwuz0IqjqKDm+AzJY74c8wGLg
mq0mmhOaC82gtK8gUGcmMcUJZnHVwq2E9Y5zWS/b5rxs6D0z3UHF8NeeYm1uNqPZ
ng9RZqnmmfCVis4PKZG+6OUgixM1gLQBBqhID4JNYZIUvZQEfABMl4ETcCA8Ap0S
eoI5eyooS/jAnA==
-----END CERTIFICATE-----