Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/ae3cc8-ce74-4d57-819a-9fa02cc248e5/1/Tom7FOgJr_PsljCL2a6GUafndio.mft
File:                     Tom7FOgJr_PsljCL2a6GUafndio.mft (raw, json)
Hash identifier:          wyvVu29KNG8t8rleTAhg2TUDj9ysCJHCEPjCKGx5EZ4=
Subject key identifier:   5B:19:97:84:7F:21:4D:8B:92:5E:B8:50:5D:15:84:02:C4:D4:11:17
Authority key identifier: 4E:89:BB:14:E8:09:AF:F3:EC:96:30:8B:D9:AE:86:51:A7:E7:76:2A
Certificate issuer:       /CN=4e89bb14e809aff3ec96308bd9ae8651a7e7762a
Certificate serial:       0199FC58F7FE5BA959DFCE98FB9E9577DE0D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Tom7FOgJr_PsljCL2a6GUafndio.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/ae3cc8-ce74-4d57-819a-9fa02cc248e5/1/Tom7FOgJr_PsljCL2a6GUafndio.mft
Manifest number:          16E2
Signing time:             Sun 19 Oct 2025 12:01:53 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:53 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:53 +0000
Files and hashes:         1: Tom7FOgJr_PsljCL2a6GUafndio.crl (hash: Ktlf992pbdLThHi1ENYFIX23nOpWVt5E4F4e2cSOCYQ=)
                          2: fxuqWXx_O_zewgAff6HXjyvgKp0.roa (hash: cm4JBhg0Zq8hHGX0z/7BWc/vnIZVK86NCDFtwq+RrhA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/86/ae3cc8-ce74-4d57-819a-9fa02cc248e5/1/Tom7FOgJr_PsljCL2a6GUafndio.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/86/ae3cc8-ce74-4d57-819a-9fa02cc248e5/1/Tom7FOgJr_PsljCL2a6GUafndio.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Tom7FOgJr_PsljCL2a6GUafndio.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:f7:fe:5b:a9:59:df:ce:98:fb:9e:95:77:de:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e89bb14e809aff3ec96308bd9ae8651a7e7762a
        Validity
            Not Before: Oct 19 12:01:53 2025 GMT
            Not After : Oct 20 12:01:53 2025 GMT
        Subject: CN=5b1997847f214d8b925eb8505d158402c4d41117
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:bf:8f:27:f9:7b:d9:52:a5:85:d9:ae:c8:89:
                    1e:d1:d9:a3:9f:29:95:95:78:17:90:2e:66:ad:ae:
                    d5:6b:3b:e3:90:6c:c1:ab:3c:6a:bc:9a:34:e3:c8:
                    47:49:b2:ff:46:3c:44:e3:a5:87:58:34:8b:dc:57:
                    ea:0e:cb:79:67:c5:08:2a:b4:11:d0:6c:84:24:e7:
                    d1:26:c9:78:f1:f5:12:09:2d:80:03:79:fc:54:1f:
                    5f:82:2b:32:ec:2b:d7:57:16:8a:26:86:39:85:81:
                    d4:88:ff:e9:a7:63:0a:87:86:e6:06:10:0d:a7:b0:
                    60:d0:50:1d:7b:59:8c:9d:61:0f:4b:57:7a:ba:7b:
                    ae:70:bf:f1:f8:34:59:47:96:5d:f9:c9:d0:5e:19:
                    b1:e3:4b:56:cf:ac:4f:14:e0:f2:00:ff:1b:9d:3f:
                    f8:50:7a:01:7b:c5:3c:7e:ee:a5:e2:a2:c3:fa:f2:
                    32:88:0d:bc:08:b4:cc:e4:2b:2a:06:c5:d2:98:61:
                    59:42:ae:2f:7a:aa:ff:c6:84:53:85:74:14:4b:66:
                    8b:82:46:86:37:89:36:e6:5e:03:a6:d6:6c:3d:dc:
                    c6:65:cf:27:10:52:0f:23:5e:03:8e:e1:c8:9a:fc:
                    7a:11:44:b9:a7:3e:23:bd:0a:7b:15:86:33:7d:58:
                    bb:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:19:97:84:7F:21:4D:8B:92:5E:B8:50:5D:15:84:02:C4:D4:11:17
            X509v3 Authority Key Identifier:
                keyid:4E:89:BB:14:E8:09:AF:F3:EC:96:30:8B:D9:AE:86:51:A7:E7:76:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tom7FOgJr_PsljCL2a6GUafndio.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ae3cc8-ce74-4d57-819a-9fa02cc248e5/1/Tom7FOgJr_PsljCL2a6GUafndio.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ae3cc8-ce74-4d57-819a-9fa02cc248e5/1/Tom7FOgJr_PsljCL2a6GUafndio.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:1b:dc:b1:44:86:11:81:45:e0:b8:2b:33:ac:71:0f:5d:46:
         86:ea:87:6d:d9:c1:75:44:d8:96:24:cb:c4:fe:bd:91:95:38:
         12:c5:72:55:06:aa:4f:c4:fc:29:81:63:cd:83:23:74:4d:f5:
         59:67:35:32:2c:5c:e4:aa:ef:27:6c:df:dd:e0:73:23:6a:45:
         f2:8c:04:61:6d:4a:79:13:d4:ab:96:97:fe:24:37:e4:5b:22:
         83:bf:d6:9f:57:08:ac:88:41:a9:e6:b5:b0:bd:63:9b:09:fe:
         6c:12:f6:49:7c:cc:8c:25:73:82:f4:86:de:85:c2:79:15:e4:
         1b:d1:f3:d3:f0:62:67:4d:9c:36:2d:32:74:81:96:0e:cc:6e:
         8c:f9:ea:f3:bb:61:fd:8a:20:83:25:10:31:f9:57:b4:f9:f2:
         a0:99:8a:c0:62:02:a7:32:85:c0:71:ab:cb:48:9c:cf:4d:9a:
         61:84:54:61:49:49:52:84:ba:f2:03:b6:7c:b0:7f:96:d6:47:
         4d:92:53:98:c4:52:43:80:8e:ab:5c:0a:66:b5:1a:66:fa:25:
         3f:4c:6b:53:89:93:47:52:71:5b:12:ac:54:ee:8b:63:00:9f:
         8f:87:9e:e2:8e:0f:62:96:0e:d0:a2:ee:81:21:42:2c:d9:3e:
         16:66:e2:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WPf+W6lZ386Y+56Vd94NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlODliYjE0ZTgwOWFmZjNlYzk2MzA4YmQ5YWU4NjUxYTdl
Nzc2MmEwHhcNMjUxMDE5MTIwMTUzWhcNMjUxMDIwMTIwMTUzWjAzMTEwLwYDVQQD
Eyg1YjE5OTc4NDdmMjE0ZDhiOTI1ZWI4NTA1ZDE1ODQwMmM0ZDQxMTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA37+PJ/l72VKlhdmuyIke0dmjnymV
lXgXkC5mra7VazvjkGzBqzxqvJo048hHSbL/RjxE46WHWDSL3FfqDst5Z8UIKrQR
0GyEJOfRJsl48fUSCS2AA3n8VB9fgisy7CvXVxaKJoY5hYHUiP/pp2MKh4bmBhAN
p7Bg0FAde1mMnWEPS1d6unuucL/x+DRZR5Zd+cnQXhmx40tWz6xPFODyAP8bnT/4
UHoBe8U8fu6l4qLD+vIyiA28CLTM5CsqBsXSmGFZQq4veqr/xoRThXQUS2aLgkaG
N4k25l4DptZsPdzGZc8nEFIPI14DjuHImvx6EUS5pz4jvQp7FYYzfVi7fQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFsZl4R/IU2Lkl64UF0VhALE1BEXMB8GA1UdIwQY
MBaAFE6JuxToCa/z7JYwi9muhlGn53YqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVG9tN0ZPZ0pyX1BzbGpDTDJhNkdVYWZuZGlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9hZTNjYzgtY2U3NC00ZDU3LTgxOWEt
OWZhMDJjYzI0OGU1LzEvVG9tN0ZPZ0pyX1BzbGpDTDJhNkdVYWZuZGlvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9hZTNjYzgtY2U3NC00ZDU3LTgxOWEtOWZhMDJjYzI0OGU1
LzEvVG9tN0ZPZ0pyX1BzbGpDTDJhNkdVYWZuZGlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFBvcsUSG
EYFF4LgrM6xxD11GhuqHbdnBdUTYliTLxP69kZU4EsVyVQaqT8T8KYFjzYMjdE31
WWc1Mixc5KrvJ2zf3eBzI2pF8owEYW1KeRPUq5aX/iQ35Fsig7/Wn1cIrIhBqea1
sL1jmwn+bBL2SXzMjCVzgvSG3oXCeRXkG9Hz0/BiZ02cNi0ydIGWDsxujPnq87th
/YoggyUQMflXtPnyoJmKwGICpzKFwHGry0icz02aYYRUYUlJUoS68gO2fLB/ltZH
TZJTmMRSQ4COq1wKZrUaZvolP0xrU4mTR1JxWxKsVO6LYwCfj4ee4o4PYpYO0KLu
gSFCLNk+FmbiMQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:21:55 2025 by rpki-client