Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/69e7fe-40c0-45c2-b2b1-b72d7adbfb96/1/Tle6dst9bSrsBSA89BuOZxbufqA.mft
File:                     Tle6dst9bSrsBSA89BuOZxbufqA.mft (raw, json)
Hash identifier:          8xvuGLdTDHkazK6z6kniV9gDh1jyV9kLtkTcAl5xS5o=
Subject key identifier:   65:33:49:B2:92:00:8B:2A:E2:EA:6F:7C:FC:54:20:D0:22:56:EB:FD
Authority key identifier: 4E:57:BA:76:CB:7D:6D:2A:EC:05:20:3C:F4:1B:8E:67:16:EE:7E:A0
Certificate issuer:       /CN=4e57ba76cb7d6d2aec05203cf41b8e6716ee7ea0
Certificate serial:       0199FBEB14788B8951971A6D23230757330A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Tle6dst9bSrsBSA89BuOZxbufqA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/77/69e7fe-40c0-45c2-b2b1-b72d7adbfb96/1/Tle6dst9bSrsBSA89BuOZxbufqA.mft
Manifest number:          1007
Signing time:             Sun 19 Oct 2025 10:01:51 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:51 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:51 +0000
Files and hashes:         1: Tle6dst9bSrsBSA89BuOZxbufqA.crl (hash: XGhmw08sov09WV46dFdAuMUmlGHoPB5kUYkHu1UC6bA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/77/69e7fe-40c0-45c2-b2b1-b72d7adbfb96/1/Tle6dst9bSrsBSA89BuOZxbufqA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/77/69e7fe-40c0-45c2-b2b1-b72d7adbfb96/1/Tle6dst9bSrsBSA89BuOZxbufqA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Tle6dst9bSrsBSA89BuOZxbufqA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:14:78:8b:89:51:97:1a:6d:23:23:07:57:33:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e57ba76cb7d6d2aec05203cf41b8e6716ee7ea0
        Validity
            Not Before: Oct 19 10:01:51 2025 GMT
            Not After : Oct 20 10:01:51 2025 GMT
        Subject: CN=653349b292008b2ae2ea6f7cfc5420d02256ebfd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:af:ce:d3:ea:2e:ce:e5:71:71:ef:42:e5:b9:
                    de:59:71:b9:57:00:af:17:ff:ad:42:d7:df:e2:76:
                    3c:bd:ca:2b:c4:87:a3:00:2a:24:fd:ed:7c:96:4c:
                    24:c7:14:e1:1c:09:70:a2:6a:8b:a7:4d:8f:46:fa:
                    fb:e0:51:d9:19:3c:c8:b1:90:95:47:8a:c1:5d:24:
                    51:13:73:6f:93:77:5b:3b:ae:49:39:03:55:b7:58:
                    e2:a8:33:d5:1f:c1:21:fb:ad:45:d7:e6:a4:7c:04:
                    71:d8:cc:01:90:b1:fa:0b:00:64:94:e1:ec:e7:c5:
                    1d:09:ee:ae:b0:0f:74:97:a2:b4:01:1a:f1:b0:20:
                    7e:a5:4c:18:7e:0c:2a:d6:57:eb:f4:47:d1:d0:f4:
                    9d:db:fe:10:60:bc:31:25:52:e7:fe:2d:57:d2:75:
                    da:2e:8b:d5:09:f3:76:06:1e:29:99:45:a5:7b:58:
                    2d:73:72:69:00:81:26:6d:e0:76:9b:6e:42:bc:9d:
                    67:c4:43:5d:4d:2b:42:d5:93:47:3b:13:89:b3:b5:
                    6d:18:ba:82:d5:58:56:14:85:cc:aa:2b:28:7d:1a:
                    42:c5:d3:b4:77:45:f8:45:2e:61:a7:62:0e:c5:6a:
                    b8:61:d4:8b:49:c4:96:80:b6:a5:d2:16:a3:5e:38:
                    f7:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:33:49:B2:92:00:8B:2A:E2:EA:6F:7C:FC:54:20:D0:22:56:EB:FD
            X509v3 Authority Key Identifier:
                keyid:4E:57:BA:76:CB:7D:6D:2A:EC:05:20:3C:F4:1B:8E:67:16:EE:7E:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tle6dst9bSrsBSA89BuOZxbufqA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/69e7fe-40c0-45c2-b2b1-b72d7adbfb96/1/Tle6dst9bSrsBSA89BuOZxbufqA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/77/69e7fe-40c0-45c2-b2b1-b72d7adbfb96/1/Tle6dst9bSrsBSA89BuOZxbufqA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:ec:e8:b1:08:5f:21:42:78:46:dd:94:68:ff:bb:4c:b9:c9:
         c4:61:43:01:4d:8c:96:cf:ce:cf:df:a1:25:02:b5:c1:b2:55:
         91:3f:43:0b:40:7d:62:58:d5:7c:6a:2f:e1:31:f8:12:3b:06:
         7d:ef:59:1a:51:40:89:92:8f:bf:39:e7:6f:d6:08:dc:8d:f8:
         f4:c0:e8:5c:b8:50:e1:54:a9:75:fa:2c:8b:23:4f:98:31:2c:
         fc:c9:4d:34:ee:0e:63:db:13:e6:44:cf:0d:12:d5:fc:a0:50:
         70:fe:6d:a0:bb:22:ff:86:d5:62:49:33:d7:a9:36:b4:6b:70:
         57:cd:b6:76:a8:45:44:fc:66:33:54:2a:2d:62:3b:f4:8e:3c:
         9c:c5:0c:da:97:07:c2:45:6c:0c:c0:37:7f:52:a1:bf:dc:67:
         b5:84:d1:67:d5:78:e1:db:ba:50:c3:61:1b:52:da:32:b9:28:
         31:4f:66:92:94:8d:3d:ee:85:59:9d:30:fe:db:88:e1:c6:ac:
         ac:92:ab:11:53:f6:de:90:1f:7a:52:2e:f4:e8:fb:91:64:86:
         d0:bd:bd:82:bc:e7:1f:57:42:86:ab:7c:1b:c2:aa:2f:fe:39:
         dd:06:6d:9e:36:50:d8:0c:b5:0e:5d:49:59:59:82:42:87:cb:
         7e:25:75:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76xR4i4lRlxptIyMHVzMKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNTdiYTc2Y2I3ZDZkMmFlYzA1MjAzY2Y0MWI4ZTY3MTZl
ZTdlYTAwHhcNMjUxMDE5MTAwMTUxWhcNMjUxMDIwMTAwMTUxWjAzMTEwLwYDVQQD
Eyg2NTMzNDliMjkyMDA4YjJhZTJlYTZmN2NmYzU0MjBkMDIyNTZlYmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6/O0+ouzuVxce9C5bneWXG5VwCv
F/+tQtff4nY8vcorxIejACok/e18lkwkxxThHAlwomqLp02PRvr74FHZGTzIsZCV
R4rBXSRRE3Nvk3dbO65JOQNVt1jiqDPVH8Eh+61F1+akfARx2MwBkLH6CwBklOHs
58UdCe6usA90l6K0ARrxsCB+pUwYfgwq1lfr9EfR0PSd2/4QYLwxJVLn/i1X0nXa
LovVCfN2Bh4pmUWle1gtc3JpAIEmbeB2m25CvJ1nxENdTStC1ZNHOxOJs7VtGLqC
1VhWFIXMqisofRpCxdO0d0X4RS5hp2IOxWq4YdSLScSWgLal0hajXjj3IwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGUzSbKSAIsq4upvfPxUINAiVuv9MB8GA1UdIwQY
MBaAFE5XunbLfW0q7AUgPPQbjmcW7n6gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGxlNmRzdDliU3JzQlNBODlCdU9aeGJ1ZnFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny82OWU3ZmUtNDBjMC00NWMyLWIyYjEt
YjcyZDdhZGJmYjk2LzEvVGxlNmRzdDliU3JzQlNBODlCdU9aeGJ1ZnFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny82OWU3ZmUtNDBjMC00NWMyLWIyYjEtYjcyZDdhZGJmYjk2
LzEvVGxlNmRzdDliU3JzQlNBODlCdU9aeGJ1ZnFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYezosQhf
IUJ4Rt2UaP+7TLnJxGFDAU2Mls/Oz9+hJQK1wbJVkT9DC0B9YljVfGov4TH4EjsG
fe9ZGlFAiZKPvznnb9YI3I349MDoXLhQ4VSpdfosiyNPmDEs/MlNNO4OY9sT5kTP
DRLV/KBQcP5toLsi/4bVYkkz16k2tGtwV822dqhFRPxmM1QqLWI79I48nMUM2pcH
wkVsDMA3f1Khv9xntYTRZ9V44du6UMNhG1LaMrkoMU9mkpSNPe6FWZ0w/tuI4cas
rJKrEVP23pAfelIu9Oj7kWSG0L29grznH1dChqt8G8KqL/453QZtnjZQ2Ay1Dl1J
WVmCQofLfiV1nQ==
-----END CERTIFICATE-----