Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/ef9479-2994-449c-9d9c-e1dc69e333df/1/z39cWYBZ4a5ZdsgeorgmaX7hmQY.mft
File:                     z39cWYBZ4a5ZdsgeorgmaX7hmQY.mft (raw, json)
Hash identifier:          kLwtKafHlY38XTcetVJRfPA7lqB/bh7OD8Mw/PmYgro=
Subject key identifier:   20:4C:33:B3:28:1A:B4:F3:4C:19:8F:40:BD:AC:43:26:FB:A5:E4:AC
Authority key identifier: CF:7F:5C:59:80:59:E1:AE:59:76:C8:1E:A2:B8:26:69:7E:E1:99:06
Certificate issuer:       /CN=cf7f5c598059e1ae5976c81ea2b826697ee19906
Certificate serial:       0199FAD7AB1BD9B53D6118325DAF71F353FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z39cWYBZ4a5ZdsgeorgmaX7hmQY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/ef9479-2994-449c-9d9c-e1dc69e333df/1/z39cWYBZ4a5ZdsgeorgmaX7hmQY.mft
Manifest number:          0580
Signing time:             Sun 19 Oct 2025 05:01:01 +0000
Manifest this update:     Sun 19 Oct 2025 05:01:01 +0000
Manifest next update:     Mon 20 Oct 2025 05:01:01 +0000
Files and hashes:         1: z39cWYBZ4a5ZdsgeorgmaX7hmQY.crl (hash: aWAUrTwDrbkgBDEioL69rWje7pW9Nr8DTK31ukaqzlM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7d/ef9479-2994-449c-9d9c-e1dc69e333df/1/z39cWYBZ4a5ZdsgeorgmaX7hmQY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7d/ef9479-2994-449c-9d9c-e1dc69e333df/1/z39cWYBZ4a5ZdsgeorgmaX7hmQY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z39cWYBZ4a5ZdsgeorgmaX7hmQY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 05:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fa:d7:ab:1b:d9:b5:3d:61:18:32:5d:af:71:f3:53:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf7f5c598059e1ae5976c81ea2b826697ee19906
        Validity
            Not Before: Oct 19 05:01:01 2025 GMT
            Not After : Oct 20 05:01:01 2025 GMT
        Subject: CN=204c33b3281ab4f34c198f40bdac4326fba5e4ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:2d:83:0c:90:20:c7:5a:c4:32:49:c7:4d:4c:
                    db:1d:32:79:29:ef:b0:e6:65:fb:a7:6b:86:8b:75:
                    68:66:bd:72:ef:de:29:20:16:fc:fd:5a:15:cd:77:
                    d0:d9:8d:61:30:99:bd:d5:b5:d7:b2:19:93:19:9a:
                    2d:9e:97:8d:80:5e:e6:fa:bb:1e:30:aa:04:e3:92:
                    1b:ed:9b:89:54:0b:89:1d:15:95:7a:a6:71:01:2c:
                    5f:10:03:13:86:41:6a:a7:de:7b:ee:08:a4:2e:62:
                    e7:0b:60:b1:07:e5:ef:05:23:7a:0e:c1:31:fc:b3:
                    2d:8d:10:c6:fc:2f:8e:bd:55:9c:b5:5a:7e:33:de:
                    90:8c:02:3b:58:6d:2e:bf:5e:dc:e5:b9:3b:15:d6:
                    f8:0a:48:e4:21:16:15:68:fe:69:39:86:f0:26:6d:
                    69:4d:f3:ab:95:09:7b:99:f6:4b:97:d5:2a:0f:83:
                    c6:03:19:0d:6c:fb:bd:1c:b3:ac:6a:82:ca:c9:c5:
                    07:42:34:1e:6a:10:8b:a4:95:97:9d:7f:8d:27:53:
                    1c:1a:38:0b:77:a6:4b:f2:e7:3c:fe:e1:2d:39:44:
                    03:cb:01:62:27:43:f0:e4:a1:e7:30:7d:e3:36:6d:
                    5d:14:87:50:37:45:20:d7:11:85:87:ae:07:92:4a:
                    63:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:4C:33:B3:28:1A:B4:F3:4C:19:8F:40:BD:AC:43:26:FB:A5:E4:AC
            X509v3 Authority Key Identifier:
                keyid:CF:7F:5C:59:80:59:E1:AE:59:76:C8:1E:A2:B8:26:69:7E:E1:99:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z39cWYBZ4a5ZdsgeorgmaX7hmQY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ef9479-2994-449c-9d9c-e1dc69e333df/1/z39cWYBZ4a5ZdsgeorgmaX7hmQY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ef9479-2994-449c-9d9c-e1dc69e333df/1/z39cWYBZ4a5ZdsgeorgmaX7hmQY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:3b:72:c4:df:bc:b0:01:2c:c6:aa:58:9f:7d:09:1a:98:c4:
         b8:76:86:d9:a1:39:10:cd:af:04:f7:ac:42:bb:8a:d3:2f:6e:
         c5:32:ea:ab:d2:b7:37:6c:a6:a5:9a:b7:b8:bc:2e:8f:76:53:
         12:e2:0d:67:52:8e:82:38:85:67:6c:bd:70:82:3d:43:89:48:
         e5:2b:48:71:c0:67:ea:bb:0e:68:33:3b:de:2a:a4:ce:19:98:
         24:86:88:45:82:8b:0f:e5:2d:43:75:15:e3:0e:0c:3b:fe:16:
         82:74:80:e0:4f:9f:2f:eb:c4:2f:9d:52:38:62:18:32:d6:3e:
         a0:2a:0b:46:6c:89:2c:ce:46:f3:0c:c1:03:00:60:63:38:01:
         21:5c:28:23:b6:c3:67:0c:09:06:3e:cc:f0:e3:7d:79:95:5e:
         98:f4:cf:20:1e:f5:c1:20:f5:d2:54:e9:a5:bc:29:cf:8c:76:
         45:a2:40:7f:3b:d0:ca:7e:03:1e:e5:fc:b8:80:b9:fd:24:a8:
         a0:e8:24:72:dd:aa:70:01:a8:1c:72:5a:2c:e8:90:e8:26:8b:
         fc:15:7e:b8:fa:15:59:a9:3a:14:7c:6c:9e:4c:67:f0:b3:bf:
         9d:5d:53:02:a2:74:b0:03:4b:8e:d6:9a:d4:38:ab:74:7c:fe:
         65:0c:ec:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn616sb2bU9YRgyXa9x81P9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmN2Y1YzU5ODA1OWUxYWU1OTc2YzgxZWEyYjgyNjY5N2Vl
MTk5MDYwHhcNMjUxMDE5MDUwMTAxWhcNMjUxMDIwMDUwMTAxWjAzMTEwLwYDVQQD
EygyMDRjMzNiMzI4MWFiNGYzNGMxOThmNDBiZGFjNDMyNmZiYTVlNGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArC2DDJAgx1rEMknHTUzbHTJ5Ke+w
5mX7p2uGi3VoZr1y794pIBb8/VoVzXfQ2Y1hMJm91bXXshmTGZotnpeNgF7m+rse
MKoE45Ib7ZuJVAuJHRWVeqZxASxfEAMThkFqp9577gikLmLnC2CxB+XvBSN6DsEx
/LMtjRDG/C+OvVWctVp+M96QjAI7WG0uv17c5bk7Fdb4CkjkIRYVaP5pOYbwJm1p
TfOrlQl7mfZLl9UqD4PGAxkNbPu9HLOsaoLKycUHQjQeahCLpJWXnX+NJ1McGjgL
d6ZL8uc8/uEtOUQDywFiJ0Pw5KHnMH3jNm1dFIdQN0Ug1xGFh64HkkpjtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCBMM7MoGrTzTBmPQL2sQyb7peSsMB8GA1UdIwQY
MBaAFM9/XFmAWeGuWXbIHqK4Jml+4ZkGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejM5Y1dZQlo0YTVaZHNnZW9yZ21hWDdobVFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9lZjk0NzktMjk5NC00NDljLTlkOWMt
ZTFkYzY5ZTMzM2RmLzEvejM5Y1dZQlo0YTVaZHNnZW9yZ21hWDdobVFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9lZjk0NzktMjk5NC00NDljLTlkOWMtZTFkYzY5ZTMzM2Rm
LzEvejM5Y1dZQlo0YTVaZHNnZW9yZ21hWDdobVFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnztyxN+8
sAEsxqpYn30JGpjEuHaG2aE5EM2vBPesQruK0y9uxTLqq9K3N2ympZq3uLwuj3ZT
EuINZ1KOgjiFZ2y9cII9Q4lI5StIccBn6rsOaDM73iqkzhmYJIaIRYKLD+UtQ3UV
4w4MO/4WgnSA4E+fL+vEL51SOGIYMtY+oCoLRmyJLM5G8wzBAwBgYzgBIVwoI7bD
ZwwJBj7M8ON9eZVemPTPIB71wSD10lTppbwpz4x2RaJAfzvQyn4DHuX8uIC5/SSo
oOgkct2qcAGoHHJaLOiQ6CaL/BV+uPoVWak6FHxsnkxn8LO/nV1TAqJ0sANLjtaa
1DirdHz+ZQzsoA==
-----END CERTIFICATE-----