Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/d3220c-4d66-4d4c-9358-320df2eb0fd2/1/2V_Z-7sug4agu3amyEH8aKfD65g.mft
File:                     2V_Z-7sug4agu3amyEH8aKfD65g.mft (raw, json)
Hash identifier:          uC/mQvJHq8YDxhvPGO3ebz1DUUdm6ifmnxsNOF9cdLE=
Subject key identifier:   C0:1F:B1:7A:C0:95:6F:D8:E2:5B:16:CE:6F:EF:C0:04:12:80:5A:5E
Authority key identifier: D9:5F:D9:FB:BB:2E:83:86:A0:BB:76:A6:C8:41:FC:68:A7:C3:EB:98
Certificate issuer:       /CN=d95fd9fbbb2e8386a0bb76a6c841fc68a7c3eb98
Certificate serial:       0199FEEBFD8985B64CB2826EDDFA7E7D5D25
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2V_Z-7sug4agu3amyEH8aKfD65g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/d3220c-4d66-4d4c-9358-320df2eb0fd2/1/2V_Z-7sug4agu3amyEH8aKfD65g.mft
Manifest number:          0335
Signing time:             Mon 20 Oct 2025 00:01:42 +0000
Manifest this update:     Mon 20 Oct 2025 00:01:42 +0000
Manifest next update:     Tue 21 Oct 2025 00:01:42 +0000
Files and hashes:         1: 2V_Z-7sug4agu3amyEH8aKfD65g.crl (hash: s93UsPJ4LoXcBQuLp41JMxPrQ8pilyUQ/Vs2BHDdeUY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8b/d3220c-4d66-4d4c-9358-320df2eb0fd2/1/2V_Z-7sug4agu3amyEH8aKfD65g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8b/d3220c-4d66-4d4c-9358-320df2eb0fd2/1/2V_Z-7sug4agu3amyEH8aKfD65g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2V_Z-7sug4agu3amyEH8aKfD65g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:eb:fd:89:85:b6:4c:b2:82:6e:dd:fa:7e:7d:5d:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d95fd9fbbb2e8386a0bb76a6c841fc68a7c3eb98
        Validity
            Not Before: Oct 20 00:01:42 2025 GMT
            Not After : Oct 21 00:01:42 2025 GMT
        Subject: CN=c01fb17ac0956fd8e25b16ce6fefc00412805a5e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:7b:e3:65:28:8a:16:81:b7:ba:6d:79:0d:f9:
                    b4:36:90:09:80:4e:0b:f0:22:8e:79:27:07:2f:1c:
                    88:5a:e6:43:92:ca:22:88:ca:e4:e0:5b:a9:ac:ba:
                    a4:5f:1f:8f:91:77:a5:47:f1:9f:5b:3c:14:50:65:
                    38:2f:90:42:f5:49:6d:31:1e:78:18:b3:9e:b5:18:
                    ba:91:f2:2a:09:9a:db:8c:cd:9d:77:65:5d:8d:20:
                    25:fc:43:9e:45:d3:14:37:e8:22:99:da:69:6c:74:
                    67:8e:7a:21:04:9e:95:af:c1:74:c1:0c:32:8c:df:
                    2b:85:c6:d6:8c:0e:02:75:2c:e1:6e:03:5e:13:04:
                    21:09:69:42:fb:a3:eb:3b:05:69:20:ba:bc:e7:cf:
                    15:73:1a:8a:95:b8:10:48:ac:48:cc:16:a2:e7:ae:
                    87:6b:53:5f:d5:b9:e2:9f:89:d1:5b:3a:de:c8:af:
                    4c:51:90:f3:f8:30:3e:d4:f8:cc:d4:a1:6a:10:65:
                    7b:89:18:32:97:af:f2:22:46:ba:10:9f:76:fe:40:
                    38:92:15:cb:54:d0:88:28:cc:4b:2a:40:31:84:37:
                    1a:9c:43:f5:d4:37:44:d0:2f:e4:b1:8e:6e:6a:65:
                    a9:28:75:10:98:34:fb:b4:ab:5b:67:31:49:ae:14:
                    b3:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:1F:B1:7A:C0:95:6F:D8:E2:5B:16:CE:6F:EF:C0:04:12:80:5A:5E
            X509v3 Authority Key Identifier:
                keyid:D9:5F:D9:FB:BB:2E:83:86:A0:BB:76:A6:C8:41:FC:68:A7:C3:EB:98

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2V_Z-7sug4agu3amyEH8aKfD65g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/d3220c-4d66-4d4c-9358-320df2eb0fd2/1/2V_Z-7sug4agu3amyEH8aKfD65g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/d3220c-4d66-4d4c-9358-320df2eb0fd2/1/2V_Z-7sug4agu3amyEH8aKfD65g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:5e:29:dc:85:75:c5:95:c8:da:fd:44:8a:f2:84:2c:35:80:
         3d:d3:80:36:c9:47:0b:fe:96:1c:4f:9f:5e:ce:66:30:64:26:
         aa:4a:18:9a:23:ce:f2:24:fc:10:4d:9b:95:68:97:27:cb:ee:
         65:14:66:c7:54:03:c0:d8:54:69:d6:b7:ef:6a:c7:48:8c:3d:
         78:fa:4e:1d:fe:12:2b:88:49:74:ef:9a:ff:7d:37:e2:a5:d5:
         b8:d0:0f:92:88:07:94:f1:13:d6:0c:36:d9:f4:cd:e7:5f:a5:
         f2:6f:0c:e4:8b:8c:38:e1:a1:9d:f5:fd:ed:f3:40:8f:95:e0:
         7a:f7:50:be:90:3d:3c:ad:83:1c:71:56:c9:1f:94:d8:ad:73:
         1e:4f:a9:14:e4:a5:b3:56:9f:d1:35:fa:34:47:f0:21:c6:fa:
         8e:dd:fa:c8:2e:32:85:14:03:72:36:c1:06:7d:77:ad:1d:ce:
         48:70:b4:b8:99:50:80:8a:a2:5c:54:ce:d2:2e:5b:43:a6:16:
         6d:66:25:49:52:18:fe:fa:2a:07:59:74:75:80:d6:9e:36:92:
         b2:f7:8e:9b:7e:20:71:31:12:57:07:05:c9:0e:89:e9:6c:ae:
         33:a9:3a:54:f5:c9:8c:50:7b:b4:fd:21:95:76:b2:6d:8f:6d:
         c1:88:39:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+6/2JhbZMsoJu3fp+fV0lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5NWZkOWZiYmIyZTgzODZhMGJiNzZhNmM4NDFmYzY4YTdj
M2ViOTgwHhcNMjUxMDIwMDAwMTQyWhcNMjUxMDIxMDAwMTQyWjAzMTEwLwYDVQQD
EyhjMDFmYjE3YWMwOTU2ZmQ4ZTI1YjE2Y2U2ZmVmYzAwNDEyODA1YTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3vjZSiKFoG3um15Dfm0NpAJgE4L
8CKOeScHLxyIWuZDksoiiMrk4FuprLqkXx+PkXelR/GfWzwUUGU4L5BC9UltMR54
GLOetRi6kfIqCZrbjM2dd2VdjSAl/EOeRdMUN+gimdppbHRnjnohBJ6Vr8F0wQwy
jN8rhcbWjA4CdSzhbgNeEwQhCWlC+6PrOwVpILq8588VcxqKlbgQSKxIzBai566H
a1Nf1bnin4nRWzreyK9MUZDz+DA+1PjM1KFqEGV7iRgyl6/yIka6EJ92/kA4khXL
VNCIKMxLKkAxhDcanEP11DdE0C/ksY5uamWpKHUQmDT7tKtbZzFJrhSz2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMAfsXrAlW/Y4lsWzm/vwAQSgFpeMB8GA1UdIwQY
MBaAFNlf2fu7LoOGoLt2pshB/Ginw+uYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlZfWi03c3VnNGFndTNhbXlFSDhhS2ZENjVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9kMzIyMGMtNGQ2Ni00ZDRjLTkzNTgt
MzIwZGYyZWIwZmQyLzEvMlZfWi03c3VnNGFndTNhbXlFSDhhS2ZENjVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9kMzIyMGMtNGQ2Ni00ZDRjLTkzNTgtMzIwZGYyZWIwZmQy
LzEvMlZfWi03c3VnNGFndTNhbXlFSDhhS2ZENjVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALF4p3IV1
xZXI2v1EivKELDWAPdOANslHC/6WHE+fXs5mMGQmqkoYmiPO8iT8EE2blWiXJ8vu
ZRRmx1QDwNhUada372rHSIw9ePpOHf4SK4hJdO+a/3034qXVuNAPkogHlPET1gw2
2fTN51+l8m8M5IuMOOGhnfX97fNAj5XgevdQvpA9PK2DHHFWyR+U2K1zHk+pFOSl
s1af0TX6NEfwIcb6jt36yC4yhRQDcjbBBn13rR3OSHC0uJlQgIqiXFTO0i5bQ6YW
bWYlSVIY/voqB1l0dYDWnjaSsveOm34gcTESVwcFyQ6J6WyuM6k6VPXJjFB7tP0h
lXaybY9twYg5DQ==
-----END CERTIFICATE-----