Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/d1205b-072f-46c1-8170-0705bccd1f2a/1/PT1pq2LI2IJfK6S0g9Djk-JTTu8.mft
File:                     PT1pq2LI2IJfK6S0g9Djk-JTTu8.mft (raw, json)
Hash identifier:          EGouROE17OvKyqyV0ERFwBSYM4owBzVrTV6IXdo9w68=
Subject key identifier:   07:CF:8E:17:0C:6D:2C:AF:DD:18:F2:7D:70:79:60:E2:FE:8F:42:B1
Authority key identifier: 3D:3D:69:AB:62:C8:D8:82:5F:2B:A4:B4:83:D0:E3:93:E2:53:4E:EF
Certificate issuer:       /CN=3d3d69ab62c8d8825f2ba4b483d0e393e2534eef
Certificate serial:       0199FDD9EC590F1443BD1E11F909DAA21C23
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PT1pq2LI2IJfK6S0g9Djk-JTTu8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/d1205b-072f-46c1-8170-0705bccd1f2a/1/PT1pq2LI2IJfK6S0g9Djk-JTTu8.mft
Manifest number:          14D1
Signing time:             Sun 19 Oct 2025 19:02:21 +0000
Manifest this update:     Sun 19 Oct 2025 19:02:21 +0000
Manifest next update:     Mon 20 Oct 2025 19:02:21 +0000
Files and hashes:         1: PT1pq2LI2IJfK6S0g9Djk-JTTu8.crl (hash: UcmEFJa05kc5Yjc2YNc/mKxY3HEPcegm4UGdOhsqZ7c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/d1205b-072f-46c1-8170-0705bccd1f2a/1/PT1pq2LI2IJfK6S0g9Djk-JTTu8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/d1205b-072f-46c1-8170-0705bccd1f2a/1/PT1pq2LI2IJfK6S0g9Djk-JTTu8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PT1pq2LI2IJfK6S0g9Djk-JTTu8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d9:ec:59:0f:14:43:bd:1e:11:f9:09:da:a2:1c:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d3d69ab62c8d8825f2ba4b483d0e393e2534eef
        Validity
            Not Before: Oct 19 19:02:21 2025 GMT
            Not After : Oct 20 19:02:21 2025 GMT
        Subject: CN=07cf8e170c6d2cafdd18f27d707960e2fe8f42b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:5d:1a:2e:fc:fd:39:c6:75:13:f5:fa:e0:36:
                    c9:10:2f:3e:6c:c9:be:94:d7:a6:b0:cb:20:b6:e8:
                    de:c4:07:b7:d6:59:11:4d:2f:d3:e1:54:60:b7:16:
                    a8:4f:81:1f:1a:c2:81:41:b5:a8:07:13:04:5d:f4:
                    01:ff:d7:26:4d:8e:63:48:7f:98:f6:17:65:cf:ad:
                    c3:9c:9c:7f:58:47:9e:85:4b:20:43:3a:d5:06:60:
                    a9:52:4a:9c:70:49:43:ac:99:3b:ce:55:b4:fb:20:
                    4c:f8:0d:b4:55:7e:09:b0:f8:a9:59:ee:0b:da:28:
                    84:88:c4:1d:29:71:74:f9:d6:9a:9b:8e:35:57:8e:
                    60:54:69:e4:32:71:ae:12:aa:3b:5d:39:7a:32:fb:
                    44:23:39:fc:3e:ae:f6:7c:87:88:fb:bd:bb:37:42:
                    14:61:31:68:45:6b:b3:88:35:9e:86:63:c6:22:b8:
                    fc:b5:78:ac:89:06:3c:fb:88:c2:f9:c6:4f:10:1e:
                    cf:94:b3:df:77:fd:09:96:51:19:59:1c:e3:c0:aa:
                    cb:f2:b7:6c:a2:55:a4:34:f5:36:85:3a:b9:3a:d0:
                    1b:12:5e:77:04:d3:8d:8c:d4:26:96:7f:5d:f1:7e:
                    89:1c:59:96:f3:b0:3e:99:65:8a:ac:d0:85:4d:21:
                    b6:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:CF:8E:17:0C:6D:2C:AF:DD:18:F2:7D:70:79:60:E2:FE:8F:42:B1
            X509v3 Authority Key Identifier:
                keyid:3D:3D:69:AB:62:C8:D8:82:5F:2B:A4:B4:83:D0:E3:93:E2:53:4E:EF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PT1pq2LI2IJfK6S0g9Djk-JTTu8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/d1205b-072f-46c1-8170-0705bccd1f2a/1/PT1pq2LI2IJfK6S0g9Djk-JTTu8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/d1205b-072f-46c1-8170-0705bccd1f2a/1/PT1pq2LI2IJfK6S0g9Djk-JTTu8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:6b:b1:cf:e1:2a:37:a6:10:02:42:c0:02:0d:19:2f:ab:85:
         9e:6e:17:4e:1f:5d:c0:81:48:9d:49:1a:24:7a:e0:b3:5f:54:
         9c:98:29:3f:8e:83:c7:7b:2d:b6:e1:20:f2:8e:8b:25:d9:ee:
         a8:18:9f:79:36:a4:e6:67:bb:d5:70:df:53:50:73:d8:7c:c4:
         39:2a:49:ac:78:f1:46:fc:1f:12:8e:7a:0b:79:0f:1e:f7:ec:
         99:f9:97:c8:e0:be:35:57:36:bb:38:cc:f3:44:99:ca:9b:9b:
         37:6b:0c:19:26:19:ab:8b:69:3e:c7:21:97:bf:0d:6c:ea:1f:
         59:12:9b:44:fc:cb:0d:69:f8:21:f2:9f:85:ee:b1:1f:6a:65:
         4f:b0:82:a8:a4:96:8c:5e:06:f3:83:63:ca:62:7e:5d:71:b2:
         9b:f0:aa:24:c1:0f:35:c4:50:7f:8b:63:57:5d:02:5d:08:0e:
         e2:d9:97:ff:09:fe:fb:4d:b2:c1:bb:84:41:10:3f:f3:2d:b0:
         99:ca:af:ec:ab:e0:dd:f4:0d:ab:24:0f:93:22:8c:c1:92:d0:
         7c:bb:a9:f9:5b:ba:32:fb:9c:09:50:b9:4d:66:21:59:43:57:
         36:24:8d:6c:1f:54:bc:5a:de:55:f5:20:61:f1:a8:08:fc:ba:
         4b:0e:0d:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92exZDxRDvR4R+QnaohwjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkM2Q2OWFiNjJjOGQ4ODI1ZjJiYTRiNDgzZDBlMzkzZTI1
MzRlZWYwHhcNMjUxMDE5MTkwMjIxWhcNMjUxMDIwMTkwMjIxWjAzMTEwLwYDVQQD
EygwN2NmOGUxNzBjNmQyY2FmZGQxOGYyN2Q3MDc5NjBlMmZlOGY0MmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk10aLvz9OcZ1E/X64DbJEC8+bMm+
lNemsMsgtujexAe31lkRTS/T4VRgtxaoT4EfGsKBQbWoBxMEXfQB/9cmTY5jSH+Y
9hdlz63DnJx/WEeehUsgQzrVBmCpUkqccElDrJk7zlW0+yBM+A20VX4JsPipWe4L
2iiEiMQdKXF0+daam441V45gVGnkMnGuEqo7XTl6MvtEIzn8Pq72fIeI+727N0IU
YTFoRWuziDWehmPGIrj8tXisiQY8+4jC+cZPEB7PlLPfd/0JllEZWRzjwKrL8rds
olWkNPU2hTq5OtAbEl53BNONjNQmln9d8X6JHFmW87A+mWWKrNCFTSG2GwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAfPjhcMbSyv3RjyfXB5YOL+j0KxMB8GA1UdIwQY
MBaAFD09aatiyNiCXyuktIPQ45PiU07vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFQxcHEyTEkySUpmSzZTMGc5RGprLUpUVHU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9kMTIwNWItMDcyZi00NmMxLTgxNzAt
MDcwNWJjY2QxZjJhLzEvUFQxcHEyTEkySUpmSzZTMGc5RGprLUpUVHU4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9kMTIwNWItMDcyZi00NmMxLTgxNzAtMDcwNWJjY2QxZjJh
LzEvUFQxcHEyTEkySUpmSzZTMGc5RGprLUpUVHU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlGuxz+Eq
N6YQAkLAAg0ZL6uFnm4XTh9dwIFInUkaJHrgs19UnJgpP46Dx3sttuEg8o6LJdnu
qBifeTak5me71XDfU1Bz2HzEOSpJrHjxRvwfEo56C3kPHvfsmfmXyOC+NVc2uzjM
80SZypubN2sMGSYZq4tpPschl78NbOofWRKbRPzLDWn4IfKfhe6xH2plT7CCqKSW
jF4G84NjymJ+XXGym/CqJMEPNcRQf4tjV10CXQgO4tmX/wn++02ywbuEQRA/8y2w
mcqv7Kvg3fQNqyQPkyKMwZLQfLup+Vu6MvucCVC5TWYhWUNXNiSNbB9UvFreVfUg
YfGoCPy6Sw4NfA==
-----END CERTIFICATE-----