Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.mft
File:                     epHmw2HvM-JQ3YijH32Sfq03Xtk.mft (raw, json)
Hash identifier:          03n4lzhq0sMljRkUE7SONs0nAsQAEZGEN+vvY403Llg=
Subject key identifier:   09:79:9B:4C:B2:DC:77:C5:16:39:81:4B:80:D0:41:D5:61:E5:3F:F5
Authority key identifier: 7A:91:E6:C3:61:EF:33:E2:50:DD:88:A3:1F:7D:92:7E:AD:37:5E:D9
Certificate issuer:       /CN=7a91e6c361ef33e250dd88a31f7d927ead375ed9
Certificate serial:       0199FBEC6CC59E9F0E866E3A7C385356C39C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/epHmw2HvM-JQ3YijH32Sfq03Xtk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.mft
Manifest number:          065E
Signing time:             Sun 19 Oct 2025 10:03:19 +0000
Manifest this update:     Sun 19 Oct 2025 10:03:19 +0000
Manifest next update:     Mon 20 Oct 2025 10:03:19 +0000
Files and hashes:         1: epHmw2HvM-JQ3YijH32Sfq03Xtk.crl (hash: xfDk/CQdXr6UClfnmkHKa1MdkXrqeofzoJqw8zicGKs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/epHmw2HvM-JQ3YijH32Sfq03Xtk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ec:6c:c5:9e:9f:0e:86:6e:3a:7c:38:53:56:c3:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7a91e6c361ef33e250dd88a31f7d927ead375ed9
        Validity
            Not Before: Oct 19 10:03:19 2025 GMT
            Not After : Oct 20 10:03:19 2025 GMT
        Subject: CN=09799b4cb2dc77c51639814b80d041d561e53ff5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:a2:e0:db:7a:7a:35:87:97:22:2a:93:a5:6d:
                    a6:da:63:38:40:a9:7b:61:43:41:4b:1c:19:77:a4:
                    4f:0e:c7:e1:da:a8:59:cd:68:98:36:09:c1:95:b2:
                    21:16:0c:29:7b:a1:4a:37:e1:78:8b:cb:45:6a:0f:
                    0e:f5:0e:a1:cd:14:22:0c:8d:90:4e:80:e0:73:a3:
                    6c:bf:86:d9:07:77:e5:b6:a1:66:97:df:ba:3e:48:
                    be:78:6a:db:a2:a0:5a:d1:ae:b6:aa:ff:13:82:82:
                    90:4a:79:2f:c3:a4:96:00:22:01:c1:b0:c3:05:ed:
                    5b:51:00:75:af:64:d6:15:0f:e3:cd:b0:79:c0:f6:
                    61:8b:a7:b0:1b:b9:94:ed:24:ad:54:e6:09:98:6f:
                    8b:eb:d5:12:4f:b4:72:52:fe:46:da:1c:a3:3a:d0:
                    24:5b:f1:9a:66:ea:76:ae:30:0a:95:00:9e:d0:67:
                    95:42:1e:14:34:45:d3:d5:2b:8d:de:7a:45:ce:91:
                    46:79:58:29:09:8c:a9:0b:d7:1b:3b:30:56:c7:20:
                    c7:39:fd:47:1a:0d:2b:b6:77:65:68:44:b2:b6:64:
                    a3:08:17:2e:56:70:9d:91:eb:5b:67:fc:88:bb:55:
                    00:be:b5:12:11:9b:06:02:99:c3:71:12:59:39:de:
                    bf:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:79:9B:4C:B2:DC:77:C5:16:39:81:4B:80:D0:41:D5:61:E5:3F:F5
            X509v3 Authority Key Identifier:
                keyid:7A:91:E6:C3:61:EF:33:E2:50:DD:88:A3:1F:7D:92:7E:AD:37:5E:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/epHmw2HvM-JQ3YijH32Sfq03Xtk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ea:7c:15:76:f3:2c:c3:c5:16:b1:dc:e3:67:34:2d:e5:18:8e:
         8b:3a:22:d8:e5:f3:29:08:3c:54:c8:f2:68:b3:07:98:d0:3e:
         d8:08:d8:e1:bf:ed:d9:a8:d2:62:96:75:13:b4:df:4a:ab:ba:
         62:ec:cc:97:fb:7c:bc:9a:72:d1:5a:cb:1b:5a:29:28:40:7b:
         2b:95:eb:d4:c1:a7:a9:44:ac:09:56:e1:c6:10:d5:a1:b2:5d:
         78:92:dc:07:b7:ab:1a:8f:6f:a1:1b:1c:89:96:ab:b1:66:a6:
         a3:e7:cc:73:83:44:05:18:33:ed:c9:77:06:f0:cf:18:0b:48:
         b4:6a:47:82:87:79:1b:21:da:d4:d6:e5:04:a4:b2:7b:9c:7f:
         b2:1f:4e:2a:6b:be:37:28:8a:68:26:53:dd:dc:b5:57:c2:2c:
         34:25:07:43:e9:7f:bf:fb:32:63:04:14:a3:24:60:af:f6:4d:
         8e:76:43:53:dc:ad:02:d1:c8:ea:34:c0:18:3a:ed:05:7e:42:
         c1:b4:99:53:83:c9:ea:e8:43:0a:ba:16:58:f3:98:06:74:d1:
         53:0d:dc:d9:d9:df:52:44:db:e9:c4:bf:f7:95:a5:6b:f8:74:
         42:4a:72:8d:1a:36:7f:2b:e4:2d:b4:1f:83:28:2e:33:cb:52:
         20:c3:99:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn77GzFnp8Ohm46fDhTVsOcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhOTFlNmMzNjFlZjMzZTI1MGRkODhhMzFmN2Q5MjdlYWQz
NzVlZDkwHhcNMjUxMDE5MTAwMzE5WhcNMjUxMDIwMTAwMzE5WjAzMTEwLwYDVQQD
EygwOTc5OWI0Y2IyZGM3N2M1MTYzOTgxNGI4MGQwNDFkNTYxZTUzZmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzaLg23p6NYeXIiqTpW2m2mM4QKl7
YUNBSxwZd6RPDsfh2qhZzWiYNgnBlbIhFgwpe6FKN+F4i8tFag8O9Q6hzRQiDI2Q
ToDgc6Nsv4bZB3fltqFml9+6Pki+eGrboqBa0a62qv8TgoKQSnkvw6SWACIBwbDD
Be1bUQB1r2TWFQ/jzbB5wPZhi6ewG7mU7SStVOYJmG+L69UST7RyUv5G2hyjOtAk
W/GaZup2rjAKlQCe0GeVQh4UNEXT1SuN3npFzpFGeVgpCYypC9cbOzBWxyDHOf1H
Gg0rtndlaESytmSjCBcuVnCdketbZ/yIu1UAvrUSEZsGApnDcRJZOd6/oQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAl5m0yy3HfFFjmBS4DQQdVh5T/1MB8GA1UdIwQY
MBaAFHqR5sNh7zPiUN2Iox99kn6tN17ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXBIbXcySHZNLUpRM1lpakgzMlNmcTAzWHRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS80ZTNmYzMtMDQ4ZC00YjY2LWE5NTEt
M2UyNTM0NTgzNjExLzEvZXBIbXcySHZNLUpRM1lpakgzMlNmcTAzWHRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS80ZTNmYzMtMDQ4ZC00YjY2LWE5NTEtM2UyNTM0NTgzNjEx
LzEvZXBIbXcySHZNLUpRM1lpakgzMlNmcTAzWHRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA6nwVdvMs
w8UWsdzjZzQt5RiOizoi2OXzKQg8VMjyaLMHmNA+2AjY4b/t2ajSYpZ1E7TfSqu6
YuzMl/t8vJpy0VrLG1opKEB7K5Xr1MGnqUSsCVbhxhDVobJdeJLcB7erGo9voRsc
iZarsWamo+fMc4NEBRgz7cl3BvDPGAtItGpHgod5GyHa1NblBKSye5x/sh9OKmu+
NyiKaCZT3dy1V8IsNCUHQ+l/v/syYwQUoyRgr/ZNjnZDU9ytAtHI6jTAGDrtBX5C
wbSZU4PJ6uhDCroWWPOYBnTRUw3c2dnfUkTb6cS/95Wla/h0QkpyjRo2fyvkLbQf
gyguM8tSIMOZUw==
-----END CERTIFICATE-----