Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft
File:                     DwQeIIaCRVpnlCzipkhYygcEfos.mft (raw, json)
Hash identifier:          OunRNFlGZXEPsVbIEusNWT0lvr0KZwXLJAqHVFV94LA=
Subject key identifier:   C8:67:7A:4E:53:70:16:FE:C9:38:19:37:79:5D:A3:50:F8:F2:A2:F5
Authority key identifier: 0F:04:1E:20:86:82:45:5A:67:94:2C:E2:A6:48:58:CA:07:04:7E:8B
Certificate issuer:       /CN=0f041e208682455a67942ce2a64858ca07047e8b
Certificate serial:       019A011137646432AD16572F353F3962AAE8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DwQeIIaCRVpnlCzipkhYygcEfos.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft
Manifest number:          16E3
Signing time:             Mon 20 Oct 2025 10:01:36 +0000
Manifest this update:     Mon 20 Oct 2025 10:01:36 +0000
Manifest next update:     Tue 21 Oct 2025 10:01:36 +0000
Files and hashes:         1: DwQeIIaCRVpnlCzipkhYygcEfos.crl (hash: RfEEP/nAVGYzfdV3ZrNpYYb+fYFe09+DDPr8GBt34A0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DwQeIIaCRVpnlCzipkhYygcEfos.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 09:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:01:11:37:64:64:32:ad:16:57:2f:35:3f:39:62:aa:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f041e208682455a67942ce2a64858ca07047e8b
        Validity
            Not Before: Oct 20 10:01:36 2025 GMT
            Not After : Oct 21 10:01:36 2025 GMT
        Subject: CN=c8677a4e537016fec9381937795da350f8f2a2f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:63:2a:a8:e0:af:01:c5:af:f1:86:30:75:ce:
                    f1:93:f1:56:33:20:8e:6b:b3:a9:56:f7:91:84:33:
                    3a:aa:90:a3:58:52:d5:c2:39:99:74:e9:75:fd:aa:
                    64:23:ee:80:bf:90:f4:99:be:1e:a7:00:0f:9f:9e:
                    ba:e3:69:cc:c1:b2:d2:57:62:f7:13:34:17:4b:41:
                    7b:fb:0b:cb:cd:8d:93:b2:6c:eb:19:74:8b:bf:c0:
                    a6:89:f4:70:23:4c:e1:26:e8:22:a3:c1:dc:af:1f:
                    90:28:ef:d6:b2:eb:7c:97:80:4d:89:c8:eb:d7:45:
                    99:5f:48:1f:f1:52:53:50:05:4b:e6:09:a7:b4:02:
                    e9:cd:fa:2d:e5:2e:cc:6f:2f:40:c1:b9:0e:fa:40:
                    cc:e7:5f:f7:84:b3:45:50:5c:89:6a:aa:f4:07:34:
                    bd:3c:f5:37:c5:01:42:fc:55:5d:3a:d6:12:eb:8e:
                    e0:da:07:18:2b:c5:28:ec:39:06:33:e7:d4:4f:f8:
                    46:81:99:d9:35:a8:d4:04:c5:2a:99:4d:56:08:d5:
                    cc:2f:e1:8c:e2:62:b3:20:bc:55:27:2a:d9:1b:ef:
                    aa:0e:b6:66:04:d0:d7:f7:8f:36:69:a5:e3:c9:fb:
                    5e:03:e8:4b:ce:60:c2:49:72:e1:41:39:0d:67:73:
                    2f:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:67:7A:4E:53:70:16:FE:C9:38:19:37:79:5D:A3:50:F8:F2:A2:F5
            X509v3 Authority Key Identifier:
                keyid:0F:04:1E:20:86:82:45:5A:67:94:2C:E2:A6:48:58:CA:07:04:7E:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DwQeIIaCRVpnlCzipkhYygcEfos.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:65:1c:48:5f:52:57:e7:46:15:37:11:6d:b7:d3:ba:9f:8e:
         72:b5:be:bb:6b:38:52:df:36:61:63:fc:84:71:a4:a4:cb:5c:
         6a:54:b1:78:ce:e4:67:8b:f8:99:cf:2c:1a:3c:36:b7:1d:a4:
         3b:2e:1e:fc:39:61:c2:1b:9d:13:ef:20:54:61:b0:bd:7b:f5:
         6d:a5:6e:9e:24:a9:ec:4b:f1:b8:6f:6b:b9:b7:5a:f5:2b:71:
         06:9c:63:4f:70:b2:be:24:6a:b5:a6:ea:47:97:7f:25:9f:f5:
         54:d0:c8:87:a4:b4:d0:db:a5:3a:8a:a2:35:c0:7b:af:ce:83:
         25:0f:6a:db:f1:19:a6:f3:e7:37:ea:9b:d9:d9:96:f4:e7:df:
         c1:28:5b:7b:ce:32:7f:f0:79:ce:e4:58:2e:a5:f5:e3:fb:8f:
         17:4c:57:87:b0:b5:33:a5:81:73:93:ac:f1:5d:bd:79:7f:61:
         49:92:d9:f8:d2:d8:1f:37:9d:25:c0:39:0b:4e:ec:f0:73:a1:
         55:5c:8d:b2:2c:d2:b8:32:61:df:45:b6:8d:26:c9:cd:65:ef:
         f7:0d:4f:ca:63:0d:ab:6b:76:c3:2d:5e:3f:27:a5:08:12:52:
         6d:c4:47:78:8f:63:1a:79:40:51:c3:a9:03:06:df:c6:22:43:
         0c:1a:af:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoBETdkZDKtFlcvNT85YqroMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMDQxZTIwODY4MjQ1NWE2Nzk0MmNlMmE2NDg1OGNhMDcw
NDdlOGIwHhcNMjUxMDIwMTAwMTM2WhcNMjUxMDIxMTAwMTM2WjAzMTEwLwYDVQQD
EyhjODY3N2E0ZTUzNzAxNmZlYzkzODE5Mzc3OTVkYTM1MGY4ZjJhMmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA02MqqOCvAcWv8YYwdc7xk/FWMyCO
a7OpVveRhDM6qpCjWFLVwjmZdOl1/apkI+6Av5D0mb4epwAPn56642nMwbLSV2L3
EzQXS0F7+wvLzY2TsmzrGXSLv8CmifRwI0zhJugio8Hcrx+QKO/Wsut8l4BNicjr
10WZX0gf8VJTUAVL5gmntALpzfot5S7Mby9AwbkO+kDM51/3hLNFUFyJaqr0BzS9
PPU3xQFC/FVdOtYS647g2gcYK8Uo7DkGM+fUT/hGgZnZNajUBMUqmU1WCNXML+GM
4mKzILxVJyrZG++qDrZmBNDX9482aaXjyfteA+hLzmDCSXLhQTkNZ3MvOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMhnek5TcBb+yTgZN3ldo1D48qL1MB8GA1UdIwQY
MBaAFA8EHiCGgkVaZ5Qs4qZIWMoHBH6LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHdRZUlJYUNSVnBubEN6aXBraFl5Z2NFZm9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mOTIyZTctZDUzZS00ZGFmLTg3NzAt
N2ZmZGZlZTU3ZjUyLzEvRHdRZUlJYUNSVnBubEN6aXBraFl5Z2NFZm9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mOTIyZTctZDUzZS00ZGFmLTg3NzAtN2ZmZGZlZTU3ZjUy
LzEvRHdRZUlJYUNSVnBubEN6aXBraFl5Z2NFZm9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHGUcSF9S
V+dGFTcRbbfTup+OcrW+u2s4Ut82YWP8hHGkpMtcalSxeM7kZ4v4mc8sGjw2tx2k
Oy4e/DlhwhudE+8gVGGwvXv1baVuniSp7EvxuG9rubda9StxBpxjT3CyviRqtabq
R5d/JZ/1VNDIh6S00NulOoqiNcB7r86DJQ9q2/EZpvPnN+qb2dmW9OffwShbe84y
f/B5zuRYLqX14/uPF0xXh7C1M6WBc5Os8V29eX9hSZLZ+NLYHzedJcA5C07s8HOh
VVyNsizSuDJh30W2jSbJzWXv9w1PymMNq2t2wy1ePyelCBJSbcRHeI9jGnlAUcOp
AwbfxiJDDBqvtQ==
-----END CERTIFICATE-----