Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.mft
File:                     PNQrfxakRkXr2PObog8ZBxOxs7w.mft (raw, json)
Hash identifier:          CIgZGAHpyl02MVGM80LQNtbWFe3XvLsKtuhwhV6nqrE=
Subject key identifier:   F1:69:A6:A9:82:49:0D:88:08:30:25:13:6C:99:30:FA:D5:7F:1D:29
Authority key identifier: 3C:D4:2B:7F:16:A4:46:45:EB:D8:F3:9B:A2:0F:19:07:13:B1:B3:BC
Certificate issuer:       /CN=3cd42b7f16a44645ebd8f39ba20f190713b1b3bc
Certificate serial:       0199FBEBC73611CBBF5EEE94019A2FA84D5E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PNQrfxakRkXr2PObog8ZBxOxs7w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.mft
Manifest number:          16E0
Signing time:             Sun 19 Oct 2025 10:02:37 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:37 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:37 +0000
Files and hashes:         1: PNQrfxakRkXr2PObog8ZBxOxs7w.crl (hash: l9SvOk9+AEBniRnElMRcRuwDB+PJ+CyJyXhOBy5BGVg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PNQrfxakRkXr2PObog8ZBxOxs7w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:02:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:c7:36:11:cb:bf:5e:ee:94:01:9a:2f:a8:4d:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3cd42b7f16a44645ebd8f39ba20f190713b1b3bc
        Validity
            Not Before: Oct 19 10:02:37 2025 GMT
            Not After : Oct 20 10:02:37 2025 GMT
        Subject: CN=f169a6a982490d88083025136c9930fad57f1d29
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:f5:09:d3:dd:23:05:77:77:4e:ac:18:12:a5:
                    3c:c7:8e:e8:74:2c:23:f8:e3:6d:3e:c1:f6:29:0e:
                    3c:a9:c1:a7:12:85:09:c4:06:b0:23:90:a7:55:59:
                    14:7d:d3:dd:cd:92:e9:21:75:0d:e4:b1:e8:91:bf:
                    d1:a5:0a:ce:ab:12:4f:92:30:80:c9:e2:d2:b5:9f:
                    3f:8e:e3:7d:48:40:2d:ac:74:5b:3c:92:f9:47:2f:
                    5f:be:61:e3:7c:eb:59:bf:21:d7:4e:f5:9f:9e:cb:
                    a7:14:52:09:36:d0:77:67:b5:1a:87:be:2e:22:8b:
                    60:a4:cd:dc:8a:48:30:4f:2d:00:80:3f:62:80:a8:
                    5b:8b:61:2b:78:6a:79:8a:9c:fa:90:85:e6:64:d3:
                    a1:56:75:5a:ef:cb:7d:8f:67:01:38:9e:75:03:21:
                    6b:2d:1a:f7:d6:be:2c:24:17:ac:97:ff:6b:9c:fd:
                    1c:f4:ec:9f:bf:dc:0f:98:25:12:c1:ef:bf:73:c4:
                    af:76:ec:16:bf:d1:e0:a1:a1:85:ce:06:c6:cd:50:
                    d7:17:16:b5:4b:9c:87:e5:73:49:92:e5:ea:93:25:
                    93:3e:16:a1:b7:b7:29:a1:48:6b:6e:34:0f:d3:a9:
                    67:85:4e:56:5b:a3:40:1a:04:c0:10:5f:a7:05:7c:
                    26:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:69:A6:A9:82:49:0D:88:08:30:25:13:6C:99:30:FA:D5:7F:1D:29
            X509v3 Authority Key Identifier:
                keyid:3C:D4:2B:7F:16:A4:46:45:EB:D8:F3:9B:A2:0F:19:07:13:B1:B3:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PNQrfxakRkXr2PObog8ZBxOxs7w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:02:ce:5c:a1:bf:c3:04:0a:ce:c3:88:99:e4:1f:8d:f2:c4:
         6e:35:39:52:04:43:27:ac:97:95:0a:41:93:0a:8a:16:2c:eb:
         30:d2:5e:8c:ae:3d:72:c1:5e:37:1a:94:bd:09:bb:b9:e8:b2:
         d0:9c:3b:0e:af:5e:10:b5:f9:f2:a2:e3:df:2a:85:d2:18:8c:
         78:90:29:16:31:11:d3:aa:53:05:e0:2a:a9:f1:10:42:b3:ee:
         69:c1:4b:68:37:80:96:2b:01:21:a0:b1:53:c4:e2:06:c9:b9:
         b6:97:e3:a3:6d:84:6e:9e:97:af:11:ec:aa:c3:e1:55:55:6b:
         65:d2:1c:86:da:3a:7b:43:9f:ca:06:e1:c7:65:2a:50:2c:56:
         d3:18:8c:ed:16:6b:2e:b4:d8:4d:82:f4:ce:fa:e7:c3:dc:ee:
         91:f0:93:3e:63:ce:8a:b7:92:63:04:c8:15:04:c9:cf:6c:1f:
         e9:99:68:f2:e2:1b:cc:8f:44:e0:fc:8d:c0:8d:17:aa:f5:6c:
         39:81:d5:37:7a:92:40:49:c7:ed:46:77:7a:c0:a8:b9:1b:de:
         05:ba:f8:bb:08:5d:15:c4:e6:dd:3f:ce:62:e4:f9:8d:6a:31:
         46:e9:f4:45:b6:5f:d0:5c:bb:33:74:4f:44:76:4b:9c:57:92:
         d5:49:d1:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn768c2Ecu/Xu6UAZovqE1eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZDQyYjdmMTZhNDQ2NDVlYmQ4ZjM5YmEyMGYxOTA3MTNi
MWIzYmMwHhcNMjUxMDE5MTAwMjM3WhcNMjUxMDIwMTAwMjM3WjAzMTEwLwYDVQQD
EyhmMTY5YTZhOTgyNDkwZDg4MDgzMDI1MTM2Yzk5MzBmYWQ1N2YxZDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfUJ090jBXd3TqwYEqU8x47odCwj
+ONtPsH2KQ48qcGnEoUJxAawI5CnVVkUfdPdzZLpIXUN5LHokb/RpQrOqxJPkjCA
yeLStZ8/juN9SEAtrHRbPJL5Ry9fvmHjfOtZvyHXTvWfnsunFFIJNtB3Z7Uah74u
IotgpM3cikgwTy0AgD9igKhbi2EreGp5ipz6kIXmZNOhVnVa78t9j2cBOJ51AyFr
LRr31r4sJBesl/9rnP0c9Oyfv9wPmCUSwe+/c8SvduwWv9HgoaGFzgbGzVDXFxa1
S5yH5XNJkuXqkyWTPhaht7cpoUhrbjQP06lnhU5WW6NAGgTAEF+nBXwm5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPFppqmCSQ2ICDAlE2yZMPrVfx0pMB8GA1UdIwQY
MBaAFDzUK38WpEZF69jzm6IPGQcTsbO8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE5RcmZ4YWtSa1hyMlBPYm9nOFpCeE94czd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8yYWNiNzEtM2MzYi00YTY2LTk3MDAt
Y2QyNzI2MTE0ODQ2LzEvUE5RcmZ4YWtSa1hyMlBPYm9nOFpCeE94czd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8yYWNiNzEtM2MzYi00YTY2LTk3MDAtY2QyNzI2MTE0ODQ2
LzEvUE5RcmZ4YWtSa1hyMlBPYm9nOFpCeE94czd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnALOXKG/
wwQKzsOImeQfjfLEbjU5UgRDJ6yXlQpBkwqKFizrMNJejK49csFeNxqUvQm7ueiy
0Jw7Dq9eELX58qLj3yqF0hiMeJApFjER06pTBeAqqfEQQrPuacFLaDeAlisBIaCx
U8TiBsm5tpfjo22Ebp6XrxHsqsPhVVVrZdIchto6e0Ofygbhx2UqUCxW0xiM7RZr
LrTYTYL0zvrnw9zukfCTPmPOireSYwTIFQTJz2wf6Zlo8uIbzI9E4PyNwI0XqvVs
OYHVN3qSQEnH7UZ3esCouRveBbr4uwhdFcTm3T/OYuT5jWoxRun0RbZf0Fy7M3RP
RHZLnFeS1UnR9g==
-----END CERTIFICATE-----