Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/414e43-02e1-474c-86b4-2c8e0b497380/1/2wy7NfYw1Aytd1B_2r03_e3BIQM.mft
File:                     2wy7NfYw1Aytd1B_2r03_e3BIQM.mft (raw, json)
Hash identifier:          zih3QUh4k35QV1rl0wl9YMLE4d1BkkN/A9HRzayW/ik=
Subject key identifier:   D0:A0:1D:E6:50:27:55:13:2F:E4:81:23:2E:F0:F0:27:37:A7:0B:09
Authority key identifier: DB:0C:BB:35:F6:30:D4:0C:AD:77:50:7F:DA:BD:37:FD:ED:C1:21:03
Certificate issuer:       /CN=db0cbb35f630d40cad77507fdabd37fdedc12103
Certificate serial:       019A01B63FBE8888650D9CE0D12721D8673E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2wy7NfYw1Aytd1B_2r03_e3BIQM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9c/414e43-02e1-474c-86b4-2c8e0b497380/1/2wy7NfYw1Aytd1B_2r03_e3BIQM.mft
Manifest number:          0199
Signing time:             Mon 20 Oct 2025 13:01:52 +0000
Manifest this update:     Mon 20 Oct 2025 13:01:52 +0000
Manifest next update:     Tue 21 Oct 2025 13:01:52 +0000
Files and hashes:         1: 2wy7NfYw1Aytd1B_2r03_e3BIQM.crl (hash: uU3XELFTe0SjzjXdGiQga7jv9dBYzVqZwZUyw4GWVKo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9c/414e43-02e1-474c-86b4-2c8e0b497380/1/2wy7NfYw1Aytd1B_2r03_e3BIQM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9c/414e43-02e1-474c-86b4-2c8e0b497380/1/2wy7NfYw1Aytd1B_2r03_e3BIQM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2wy7NfYw1Aytd1B_2r03_e3BIQM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 13:01:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:01:b6:3f:be:88:88:65:0d:9c:e0:d1:27:21:d8:67:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db0cbb35f630d40cad77507fdabd37fdedc12103
        Validity
            Not Before: Oct 20 13:01:52 2025 GMT
            Not After : Oct 21 13:01:52 2025 GMT
        Subject: CN=d0a01de6502755132fe481232ef0f02737a70b09
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:f4:39:a6:ca:20:17:25:30:86:56:c6:62:3e:
                    e7:9f:67:c4:fb:61:3f:f1:b7:c9:6a:ee:bb:16:a0:
                    df:78:27:92:0c:10:51:e4:65:3a:05:7e:21:2e:22:
                    87:0b:f1:f0:77:d9:f7:32:b8:ba:fa:52:c5:1c:79:
                    82:58:13:84:95:06:a8:ab:d6:71:a1:29:5b:fe:b4:
                    65:d5:b7:b4:73:2c:4d:dd:85:70:f1:97:c0:92:4d:
                    a5:09:72:a5:3f:07:19:74:60:ba:c6:8c:93:ac:06:
                    7b:c7:97:87:70:90:bc:a4:17:54:a0:1f:23:c1:51:
                    d1:11:d3:b3:c3:22:57:e5:c2:88:52:37:b9:f2:92:
                    09:0a:86:b9:34:f7:7d:88:8d:cb:1b:44:9a:d4:06:
                    78:11:70:25:75:2e:b0:a2:3b:86:56:cb:7e:e4:67:
                    9e:7b:0a:c5:7f:7b:11:99:a6:3e:af:7d:3d:1e:65:
                    ec:4e:b1:bb:83:1e:ec:80:8a:d6:60:83:b8:99:34:
                    ae:f6:4c:33:ef:f8:11:9a:4b:a8:30:1e:62:00:b8:
                    92:d7:5e:99:3d:ba:8b:85:63:f5:6e:85:db:31:1a:
                    f0:16:37:4c:46:fd:8e:18:68:b4:a4:12:da:44:18:
                    a8:2b:b3:7c:14:f7:17:88:91:4b:49:82:78:61:1c:
                    56:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:A0:1D:E6:50:27:55:13:2F:E4:81:23:2E:F0:F0:27:37:A7:0B:09
            X509v3 Authority Key Identifier:
                keyid:DB:0C:BB:35:F6:30:D4:0C:AD:77:50:7F:DA:BD:37:FD:ED:C1:21:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2wy7NfYw1Aytd1B_2r03_e3BIQM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/414e43-02e1-474c-86b4-2c8e0b497380/1/2wy7NfYw1Aytd1B_2r03_e3BIQM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/414e43-02e1-474c-86b4-2c8e0b497380/1/2wy7NfYw1Aytd1B_2r03_e3BIQM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:c2:7a:84:43:4a:40:62:d0:7e:fb:42:f0:83:05:9b:58:1c:
         86:df:52:3f:41:f5:3f:ca:47:05:1b:73:22:d8:a6:e8:87:e1:
         e3:5b:03:7d:69:d2:1a:5a:0a:b4:3d:9d:eb:d3:e0:28:a3:5b:
         58:11:05:04:16:f5:eb:69:36:bd:f7:fc:40:4e:18:7d:a6:72:
         c3:5c:be:38:65:c1:88:7c:ed:63:f8:f7:79:b1:97:d9:48:2e:
         9b:18:22:0b:69:15:9e:69:2e:14:2f:c8:ea:d5:50:b3:0d:c6:
         a4:32:7e:43:a8:61:95:48:26:50:81:43:92:ff:0f:a7:f1:09:
         98:5e:12:ab:aa:16:f1:10:c1:74:a6:98:3e:e2:78:9e:6d:63:
         10:24:71:2d:71:da:c4:5e:9c:1d:1f:6b:f0:d0:d4:f3:0f:7e:
         61:93:d2:09:76:d4:f7:22:b1:7b:98:57:11:59:3d:62:ee:2a:
         3e:33:bc:6f:fa:2a:70:76:f3:23:6f:fe:a9:be:7c:fa:1a:65:
         d5:80:aa:ca:64:05:5f:3a:a8:c1:0f:5f:e3:5d:43:4b:5d:65:
         1e:de:a8:df:60:d2:42:fc:9a:7b:b3:92:b9:da:3b:ce:00:7c:
         3f:f8:05:bb:fc:7c:55:d8:54:38:52:14:b9:0b:72:76:6d:78:
         1e:5b:ae:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoBtj++iIhlDZzg0Sch2Gc+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMGNiYjM1ZjYzMGQ0MGNhZDc3NTA3ZmRhYmQzN2ZkZWRj
MTIxMDMwHhcNMjUxMDIwMTMwMTUyWhcNMjUxMDIxMTMwMTUyWjAzMTEwLwYDVQQD
EyhkMGEwMWRlNjUwMjc1NTEzMmZlNDgxMjMyZWYwZjAyNzM3YTcwYjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0fQ5psogFyUwhlbGYj7nn2fE+2E/
8bfJau67FqDfeCeSDBBR5GU6BX4hLiKHC/Hwd9n3Mri6+lLFHHmCWBOElQaoq9Zx
oSlb/rRl1be0cyxN3YVw8ZfAkk2lCXKlPwcZdGC6xoyTrAZ7x5eHcJC8pBdUoB8j
wVHREdOzwyJX5cKIUje58pIJCoa5NPd9iI3LG0Sa1AZ4EXAldS6wojuGVst+5Gee
ewrFf3sRmaY+r309HmXsTrG7gx7sgIrWYIO4mTSu9kwz7/gRmkuoMB5iALiS116Z
PbqLhWP1boXbMRrwFjdMRv2OGGi0pBLaRBioK7N8FPcXiJFLSYJ4YRxWyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNCgHeZQJ1UTL+SBIy7w8Cc3pwsJMB8GA1UdIwQY
MBaAFNsMuzX2MNQMrXdQf9q9N/3twSEDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnd5N05mWXcxQXl0ZDFCXzJyMDNfZTNCSVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy80MTRlNDMtMDJlMS00NzRjLTg2YjQt
MmM4ZTBiNDk3MzgwLzEvMnd5N05mWXcxQXl0ZDFCXzJyMDNfZTNCSVFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy80MTRlNDMtMDJlMS00NzRjLTg2YjQtMmM4ZTBiNDk3Mzgw
LzEvMnd5N05mWXcxQXl0ZDFCXzJyMDNfZTNCSVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAesJ6hENK
QGLQfvtC8IMFm1gcht9SP0H1P8pHBRtzItim6Ifh41sDfWnSGloKtD2d69PgKKNb
WBEFBBb162k2vff8QE4YfaZyw1y+OGXBiHztY/j3ebGX2UgumxgiC2kVnmkuFC/I
6tVQsw3GpDJ+Q6hhlUgmUIFDkv8Pp/EJmF4Sq6oW8RDBdKaYPuJ4nm1jECRxLXHa
xF6cHR9r8NDU8w9+YZPSCXbU9yKxe5hXEVk9Yu4qPjO8b/oqcHbzI2/+qb58+hpl
1YCqymQFXzqowQ9f411DS11lHt6o32DSQvyae7OSudo7zgB8P/gFu/x8VdhUOFIU
uQtydm14HluuIA==
-----END CERTIFICATE-----