Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/87aa20-222c-4acb-b291-f629508c072d/1/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.mft
File:                     IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.mft (raw, json)
Hash identifier:          WDoswEtjHYD8o+li5JoxfztM0R6O+Vg+dKs1n4YSrRs=
Subject key identifier:   F9:68:DE:AB:91:AA:40:F9:10:A1:EA:C3:E4:C4:4B:94:68:D7:47:54
Authority key identifier: 22:FB:EF:69:5F:A9:5D:0C:95:90:9E:51:AA:1F:AB:94:FC:40:26:7D
Certificate issuer:       /CN=22fbef695fa95d0c95909e51aa1fab94fc40267d
Certificate serial:       019A00A361553E8C2AF08C5E95FFDD1BBF64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/87aa20-222c-4acb-b291-f629508c072d/1/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.mft
Manifest number:          0CB5
Signing time:             Mon 20 Oct 2025 08:01:38 +0000
Manifest this update:     Mon 20 Oct 2025 08:01:38 +0000
Manifest next update:     Tue 21 Oct 2025 08:01:38 +0000
Files and hashes:         1: IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.crl (hash: 3IlTx2rGqy7WBBonf07rfoOBPvwnvOw7Bk9X1VUuG98=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/82/87aa20-222c-4acb-b291-f629508c072d/1/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/82/87aa20-222c-4acb-b291-f629508c072d/1/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 08:01:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:00:a3:61:55:3e:8c:2a:f0:8c:5e:95:ff:dd:1b:bf:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22fbef695fa95d0c95909e51aa1fab94fc40267d
        Validity
            Not Before: Oct 20 08:01:38 2025 GMT
            Not After : Oct 21 08:01:38 2025 GMT
        Subject: CN=f968deab91aa40f910a1eac3e4c44b9468d74754
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:a6:ce:9b:59:79:9e:1a:36:34:75:33:a3:27:
                    66:93:58:85:95:de:ff:d5:9c:87:95:93:32:ae:27:
                    3a:99:56:72:3f:e4:bc:b0:09:16:02:0a:bb:aa:94:
                    02:23:f8:ac:65:57:33:fd:20:89:bc:71:e9:50:c7:
                    2c:40:92:02:43:ed:5f:40:07:75:f1:f2:50:30:67:
                    4e:34:cf:6f:fa:ad:9e:62:0c:2c:7d:ec:69:ea:84:
                    9c:13:0e:3b:77:31:ce:9a:d4:1b:39:88:28:a3:c2:
                    83:34:ca:24:f7:b6:c9:87:27:ae:85:79:5e:00:0e:
                    ee:d4:c9:1a:7a:04:e9:90:0e:3b:7b:23:11:43:a6:
                    bf:e3:56:61:2e:b6:b0:7e:9a:0b:96:d1:2e:02:31:
                    13:aa:47:5a:7e:17:e1:fe:84:96:a6:44:b2:c1:4c:
                    be:21:f1:03:df:d4:fd:b0:1d:5c:d6:a9:02:07:a9:
                    cc:85:7e:59:4d:36:27:99:d1:d8:9e:9a:e8:2d:02:
                    1d:83:5a:b1:b7:9e:2b:df:78:56:b3:c6:a8:82:01:
                    21:10:9a:b4:17:69:d4:40:b0:47:d2:d6:8b:c4:4a:
                    ac:c8:aa:b0:f0:b2:41:a9:40:21:9c:f2:45:c9:38:
                    f6:09:39:0a:ff:ae:51:6f:71:84:ad:10:f2:3b:38:
                    0c:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:68:DE:AB:91:AA:40:F9:10:A1:EA:C3:E4:C4:4B:94:68:D7:47:54
            X509v3 Authority Key Identifier:
                keyid:22:FB:EF:69:5F:A9:5D:0C:95:90:9E:51:AA:1F:AB:94:FC:40:26:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/87aa20-222c-4acb-b291-f629508c072d/1/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/87aa20-222c-4acb-b291-f629508c072d/1/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c4:69:c7:71:ec:86:2a:30:f0:e1:c0:40:d9:3d:6d:99:70:e8:
         fc:b3:fb:f9:a1:5a:3a:e3:f2:72:7e:7b:68:13:4c:0d:fa:f4:
         80:9c:4d:15:4b:15:8b:b9:ed:58:e1:a0:48:0e:a3:aa:a4:62:
         16:24:df:56:85:bf:b3:43:0d:53:67:5c:70:8e:a3:a1:0a:b0:
         d8:40:bb:a2:21:85:63:f1:2c:95:49:6e:ae:33:0e:39:92:fa:
         80:10:18:ac:ce:2d:37:83:21:a1:f1:7c:d7:d5:df:11:92:d0:
         80:fe:3a:90:9f:01:47:6f:78:8d:47:bb:53:b4:b9:0e:f0:6a:
         85:b6:b2:0a:91:fa:a8:ea:f1:15:52:3d:c0:b2:09:cc:7f:20:
         5b:1d:45:b3:20:35:77:32:c3:3b:c5:02:d7:98:0d:86:d9:3c:
         48:ad:4e:7e:96:b2:aa:5b:65:39:03:25:ee:94:b7:3f:17:44:
         e4:6c:3b:5c:74:b6:99:b9:6c:3b:9e:fd:aa:c9:ab:e1:e9:26:
         5c:a3:1e:b2:5f:a2:bb:e4:f0:40:a3:38:09:4a:56:50:37:e9:
         cb:ca:71:1a:9b:8d:66:34:6d:6c:a1:91:e8:67:5c:b0:45:b1:
         e7:11:05:cb:c0:88:54:06:96:24:f6:49:9c:47:e1:72:ac:50:
         10:d9:93:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoAo2FVPowq8Ixelf/dG79kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZmJlZjY5NWZhOTVkMGM5NTkwOWU1MWFhMWZhYjk0ZmM0
MDI2N2QwHhcNMjUxMDIwMDgwMTM4WhcNMjUxMDIxMDgwMTM4WjAzMTEwLwYDVQQD
EyhmOTY4ZGVhYjkxYWE0MGY5MTBhMWVhYzNlNGM0NGI5NDY4ZDc0NzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6bOm1l5nho2NHUzoydmk1iFld7/
1ZyHlZMyric6mVZyP+S8sAkWAgq7qpQCI/isZVcz/SCJvHHpUMcsQJICQ+1fQAd1
8fJQMGdONM9v+q2eYgwsfexp6oScEw47dzHOmtQbOYgoo8KDNMok97bJhyeuhXle
AA7u1MkaegTpkA47eyMRQ6a/41ZhLrawfpoLltEuAjETqkdafhfh/oSWpkSywUy+
IfED39T9sB1c1qkCB6nMhX5ZTTYnmdHYnproLQIdg1qxt54r33hWs8aoggEhEJq0
F2nUQLBH0taLxEqsyKqw8LJBqUAhnPJFyTj2CTkK/65Rb3GErRDyOzgM9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPlo3quRqkD5EKHqw+TES5Ro10dUMB8GA1UdIwQY
MBaAFCL772lfqV0MlZCeUaofq5T8QCZ9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZ2dmFWLXBYUXlWa0o1UnFoLXJsUHhBSm4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi84N2FhMjAtMjIyYy00YWNiLWIyOTEt
ZjYyOTUwOGMwNzJkLzEvSXZ2dmFWLXBYUXlWa0o1UnFoLXJsUHhBSm4wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi84N2FhMjAtMjIyYy00YWNiLWIyOTEtZjYyOTUwOGMwNzJk
LzEvSXZ2dmFWLXBYUXlWa0o1UnFoLXJsUHhBSm4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxGnHceyG
KjDw4cBA2T1tmXDo/LP7+aFaOuPycn57aBNMDfr0gJxNFUsVi7ntWOGgSA6jqqRi
FiTfVoW/s0MNU2dccI6joQqw2EC7oiGFY/EslUlurjMOOZL6gBAYrM4tN4MhofF8
19XfEZLQgP46kJ8BR294jUe7U7S5DvBqhbayCpH6qOrxFVI9wLIJzH8gWx1FsyA1
dzLDO8UC15gNhtk8SK1OfpayqltlOQMl7pS3PxdE5Gw7XHS2mblsO579qsmr4ekm
XKMesl+iu+TwQKM4CUpWUDfpy8pxGpuNZjRtbKGR6GdcsEWx5xEFy8CIVAaWJPZJ
nEfhcqxQENmTbg==
-----END CERTIFICATE-----