Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft
File:                     VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft (raw, json)
Hash identifier:          jkkue63xekQEsfmhcriZzls+YpU8CAogY6BpXAerBQc=
Subject key identifier:   F2:01:02:D5:D1:62:22:E0:58:9F:C1:FB:9E:D1:76:BA:E0:B4:54:DC
Authority key identifier: 54:76:E0:90:01:C3:18:65:26:19:0D:1F:35:D2:A5:B9:9F:CA:A2:70
Certificate issuer:       /CN=5476e09001c3186526190d1f35d2a5b99fcaa270
Certificate serial:       0199FBEB678A13591C9EC2D35F49EBFDF4A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft
Manifest number:          16E0
Signing time:             Sun 19 Oct 2025 10:02:12 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:12 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:12 +0000
Files and hashes:         1: VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl (hash: X5pf9fWV4iYk2jJgNkE7NkEqqPV8cvBAdDd3pNcnKEw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:02:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:67:8a:13:59:1c:9e:c2:d3:5f:49:eb:fd:f4:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5476e09001c3186526190d1f35d2a5b99fcaa270
        Validity
            Not Before: Oct 19 10:02:12 2025 GMT
            Not After : Oct 20 10:02:12 2025 GMT
        Subject: CN=f20102d5d16222e0589fc1fb9ed176bae0b454dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:05:a7:07:1e:a2:41:11:af:a5:5c:c4:a1:4f:
                    ba:27:e5:a0:c8:45:2e:cd:50:bd:1c:2f:7a:d1:74:
                    ca:90:92:32:e4:49:9b:48:67:ee:31:7b:90:dc:1f:
                    c1:a7:47:15:f7:f0:9c:d2:74:c5:d3:1a:d2:de:11:
                    5f:d8:4d:60:ae:94:1e:e8:af:98:9e:ee:c7:46:3d:
                    7d:b7:fd:4a:f9:6c:80:79:1f:76:71:24:09:9a:cb:
                    cd:73:69:c5:0f:78:34:cd:b2:4c:40:08:57:79:50:
                    e5:bb:9b:1f:5c:5c:4a:bf:60:50:cd:ab:85:ea:31:
                    62:76:a2:39:ad:6e:d9:f2:0e:49:74:d6:85:f8:d5:
                    26:e9:f5:8b:1d:13:0a:ff:8a:62:c3:fa:5a:55:fd:
                    00:98:b6:fc:e9:e2:06:9b:0d:87:47:ae:e2:31:2f:
                    02:7a:84:26:88:b1:5d:65:4a:18:02:ed:53:73:c2:
                    11:fa:2e:16:2f:62:4b:b9:02:1c:64:98:8a:e3:e6:
                    a8:fd:ac:66:ee:38:07:9e:d0:73:0c:a1:2b:bd:d0:
                    40:57:17:84:94:9b:76:b3:a2:69:82:48:23:3d:44:
                    41:44:a3:ca:bb:85:9e:82:2f:e9:97:f3:7f:ac:b3:
                    6f:40:22:40:5d:3e:bf:a9:eb:6b:e5:a0:9d:66:c8:
                    68:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:01:02:D5:D1:62:22:E0:58:9F:C1:FB:9E:D1:76:BA:E0:B4:54:DC
            X509v3 Authority Key Identifier:
                keyid:54:76:E0:90:01:C3:18:65:26:19:0D:1F:35:D2:A5:B9:9F:CA:A2:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c4:c7:b3:3e:35:ab:eb:ba:16:63:44:5a:9f:d5:ea:1e:51:1c:
         54:f3:b8:df:69:62:92:61:5c:2b:dc:81:f2:b2:62:4a:42:33:
         31:e4:3b:ac:e2:38:7d:0a:6d:ff:10:ee:f8:b6:0f:a2:34:b6:
         23:31:9b:e8:df:82:d2:46:cd:b3:6b:f7:29:c0:3d:f5:52:fb:
         fd:74:6a:c4:0f:b6:c5:a7:7b:b9:05:6b:62:21:29:2d:a7:f8:
         82:0e:bf:78:3a:07:84:16:73:c6:7e:04:72:d2:65:31:06:86:
         02:f9:91:73:8d:83:6d:84:1a:8d:bf:94:a9:e6:f4:dd:6d:0f:
         ed:89:38:d0:f1:16:eb:a6:e5:28:6e:28:ef:f1:c1:db:2a:ef:
         8f:43:0e:60:fb:b0:2a:82:5e:4e:17:06:f3:cb:68:40:13:ba:
         14:39:e6:fa:3f:b7:01:47:c2:e2:36:fd:40:98:14:7e:99:f5:
         86:51:87:92:3b:75:d3:ba:18:86:15:8f:d9:f8:e6:9a:dd:30:
         79:33:0f:52:15:35:41:c6:9a:5d:7e:60:ea:04:2c:cb:04:da:
         f6:85:10:eb:b7:14:d7:7f:5a:de:03:5e:9a:69:b5:a1:d6:6f:
         72:b0:58:45:47:88:6b:3c:42:42:c3:94:59:db:cf:7b:11:d4:
         31:92:9a:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn762eKE1kcnsLTX0nr/fShMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NzZlMDkwMDFjMzE4NjUyNjE5MGQxZjM1ZDJhNWI5OWZj
YWEyNzAwHhcNMjUxMDE5MTAwMjEyWhcNMjUxMDIwMTAwMjEyWjAzMTEwLwYDVQQD
EyhmMjAxMDJkNWQxNjIyMmUwNTg5ZmMxZmI5ZWQxNzZiYWUwYjQ1NGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwwWnBx6iQRGvpVzEoU+6J+WgyEUu
zVC9HC960XTKkJIy5EmbSGfuMXuQ3B/Bp0cV9/Cc0nTF0xrS3hFf2E1grpQe6K+Y
nu7HRj19t/1K+WyAeR92cSQJmsvNc2nFD3g0zbJMQAhXeVDlu5sfXFxKv2BQzauF
6jFidqI5rW7Z8g5JdNaF+NUm6fWLHRMK/4piw/paVf0AmLb86eIGmw2HR67iMS8C
eoQmiLFdZUoYAu1Tc8IR+i4WL2JLuQIcZJiK4+ao/axm7jgHntBzDKErvdBAVxeE
lJt2s6JpgkgjPURBRKPKu4Wegi/pl/N/rLNvQCJAXT6/qetr5aCdZshoqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPIBAtXRYiLgWJ/B+57RdrrgtFTcMB8GA1UdIwQY
MBaAFFR24JABwxhlJhkNHzXSpbmfyqJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC80YmM0N2UtMzk4Ny00YTM0LTkyYmMt
ODkwMWU4ODEzYWFjLzEvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC80YmM0N2UtMzk4Ny00YTM0LTkyYmMtODkwMWU4ODEzYWFj
LzEvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxMezPjWr
67oWY0Ran9XqHlEcVPO432likmFcK9yB8rJiSkIzMeQ7rOI4fQpt/xDu+LYPojS2
IzGb6N+C0kbNs2v3KcA99VL7/XRqxA+2xad7uQVrYiEpLaf4gg6/eDoHhBZzxn4E
ctJlMQaGAvmRc42DbYQajb+Uqeb03W0P7Yk40PEW66blKG4o7/HB2yrvj0MOYPuw
KoJeThcG88toQBO6FDnm+j+3AUfC4jb9QJgUfpn1hlGHkjt107oYhhWP2fjmmt0w
eTMPUhU1QcaaXX5g6gQsywTa9oUQ67cU139a3gNemmm1odZvcrBYRUeIazxCQsOU
WdvPexHUMZKaZQ==
-----END CERTIFICATE-----