Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/b729cc-754e-4aea-85f2-0ac2cd3fe008/1/9rG5O-fUO4bWT4tLljvJFWJfI_I.mft
File:                     9rG5O-fUO4bWT4tLljvJFWJfI_I.mft (raw, json)
Hash identifier:          64MAQ2nB2Q0lzmBZK9A2dzhcqBz7GmdQzwscmbN91/s=
Subject key identifier:   E7:06:14:8A:85:C6:D8:61:4F:05:D7:60:5E:09:75:CF:DA:BA:8A:9E
Authority key identifier: F6:B1:B9:3B:E7:D4:3B:86:D6:4F:8B:4B:96:3B:C9:15:62:5F:23:F2
Certificate issuer:       /CN=f6b1b93be7d43b86d64f8b4b963bc915625f23f2
Certificate serial:       0199FBEBBF5616C5D482A0ED6FDBD08EA142
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9rG5O-fUO4bWT4tLljvJFWJfI_I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/b729cc-754e-4aea-85f2-0ac2cd3fe008/1/9rG5O-fUO4bWT4tLljvJFWJfI_I.mft
Manifest number:          0373
Signing time:             Sun 19 Oct 2025 10:02:35 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:35 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:35 +0000
Files and hashes:         1: 9rG5O-fUO4bWT4tLljvJFWJfI_I.crl (hash: viOw7N7QNOjYq1EnC+yK1gXR2q2vcjjQQKhghqk2EOg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/b729cc-754e-4aea-85f2-0ac2cd3fe008/1/9rG5O-fUO4bWT4tLljvJFWJfI_I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/b729cc-754e-4aea-85f2-0ac2cd3fe008/1/9rG5O-fUO4bWT4tLljvJFWJfI_I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9rG5O-fUO4bWT4tLljvJFWJfI_I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:bf:56:16:c5:d4:82:a0:ed:6f:db:d0:8e:a1:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f6b1b93be7d43b86d64f8b4b963bc915625f23f2
        Validity
            Not Before: Oct 19 10:02:35 2025 GMT
            Not After : Oct 20 10:02:35 2025 GMT
        Subject: CN=e706148a85c6d8614f05d7605e0975cfdaba8a9e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:e1:92:c6:84:df:b5:22:5f:37:ed:4a:a2:19:
                    19:6b:d0:61:e0:55:90:c7:6d:62:6e:63:8a:23:9a:
                    15:d9:fb:e3:33:f1:8a:f1:89:54:d5:c6:3f:04:50:
                    fe:37:5c:3f:0b:28:53:55:86:17:1e:ef:28:95:ba:
                    44:83:d5:11:78:8c:b1:77:20:20:7b:12:ba:e0:c0:
                    63:b0:f9:a4:90:c0:56:71:f2:b7:5f:50:b2:0b:29:
                    d5:a8:b0:19:f9:a0:ec:dc:63:12:52:36:da:d2:48:
                    ff:45:53:29:3f:d5:d6:2a:87:09:86:d0:0d:93:8c:
                    24:c3:20:24:17:43:0b:77:4f:b4:46:b0:5b:0d:16:
                    a6:f1:e0:09:b9:cb:a4:39:88:3f:21:89:84:95:b2:
                    0c:c3:bc:fd:06:81:e9:73:30:35:1e:e9:55:a5:61:
                    58:22:9a:bb:d7:77:63:5d:68:60:9b:b2:32:f8:7e:
                    6e:ef:c7:44:4e:64:f4:fc:67:d1:60:ea:24:22:58:
                    e4:ae:3e:99:1c:3b:a2:11:fb:45:f5:f4:b0:8a:f7:
                    ba:66:20:ce:03:39:99:f5:d1:94:8f:23:a3:b1:a4:
                    75:5c:4c:3c:06:af:c9:03:63:d9:27:96:d3:00:84:
                    66:d3:e5:9a:d8:2a:8b:aa:6b:6f:a7:38:dc:b4:4b:
                    fe:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:06:14:8A:85:C6:D8:61:4F:05:D7:60:5E:09:75:CF:DA:BA:8A:9E
            X509v3 Authority Key Identifier:
                keyid:F6:B1:B9:3B:E7:D4:3B:86:D6:4F:8B:4B:96:3B:C9:15:62:5F:23:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9rG5O-fUO4bWT4tLljvJFWJfI_I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/b729cc-754e-4aea-85f2-0ac2cd3fe008/1/9rG5O-fUO4bWT4tLljvJFWJfI_I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/b729cc-754e-4aea-85f2-0ac2cd3fe008/1/9rG5O-fUO4bWT4tLljvJFWJfI_I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:d3:37:7e:0c:41:c6:9b:86:e9:3a:c1:c2:da:21:46:ee:b7:
         91:32:5e:60:54:b3:00:d8:9c:ae:a1:1d:5c:a0:ce:d7:86:02:
         15:ce:ad:34:90:a1:ad:60:d5:7d:0d:f3:ca:77:be:53:31:ab:
         61:e3:60:4e:53:b7:8e:39:eb:0a:c2:50:01:63:17:e7:74:08:
         35:21:9a:aa:be:17:0e:6c:d0:c5:b9:41:2c:25:86:82:39:ab:
         e9:f6:17:7f:96:0b:b5:cc:0f:30:f4:11:03:45:b1:7b:17:35:
         7c:26:6a:15:f5:4d:98:33:01:3a:d3:9e:0e:a0:20:a8:80:86:
         bc:b2:ca:3b:ff:d8:9e:b2:90:d9:88:26:3a:a5:2d:a1:bb:a3:
         02:2d:51:08:86:8c:cc:41:6d:13:94:59:0d:42:6b:38:18:00:
         93:33:84:dc:c7:3f:fb:18:a0:12:ea:8f:b0:59:8c:27:bb:9f:
         b2:aa:45:a0:fc:24:e2:0a:16:0b:02:3a:fb:dc:32:ae:f7:bc:
         fc:45:f3:b8:2b:90:ba:5a:38:cb:3b:98:1b:a4:9d:55:8e:71:
         e5:bc:68:4f:c5:13:54:06:2a:29:6f:f8:78:b0:fc:27:58:ea:
         fa:9e:6e:ee:8f:9b:54:98:68:52:bd:f5:d0:56:44:88:45:03:
         00:16:e0:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7679WFsXUgqDtb9vQjqFCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2YjFiOTNiZTdkNDNiODZkNjRmOGI0Yjk2M2JjOTE1NjI1
ZjIzZjIwHhcNMjUxMDE5MTAwMjM1WhcNMjUxMDIwMTAwMjM1WjAzMTEwLwYDVQQD
EyhlNzA2MTQ4YTg1YzZkODYxNGYwNWQ3NjA1ZTA5NzVjZmRhYmE4YTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlOGSxoTftSJfN+1KohkZa9Bh4FWQ
x21ibmOKI5oV2fvjM/GK8YlU1cY/BFD+N1w/CyhTVYYXHu8olbpEg9UReIyxdyAg
exK64MBjsPmkkMBWcfK3X1CyCynVqLAZ+aDs3GMSUjba0kj/RVMpP9XWKocJhtAN
k4wkwyAkF0MLd0+0RrBbDRam8eAJucukOYg/IYmElbIMw7z9BoHpczA1HulVpWFY
Ipq713djXWhgm7Iy+H5u78dETmT0/GfRYOokIljkrj6ZHDuiEftF9fSwive6ZiDO
AzmZ9dGUjyOjsaR1XEw8Bq/JA2PZJ5bTAIRm0+Wa2CqLqmtvpzjctEv+lwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOcGFIqFxthhTwXXYF4Jdc/auoqeMB8GA1UdIwQY
MBaAFPaxuTvn1DuG1k+LS5Y7yRViXyPyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXJHNU8tZlVPNGJXVDR0TGxqdkpGV0pmSV9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9iNzI5Y2MtNzU0ZS00YWVhLTg1ZjIt
MGFjMmNkM2ZlMDA4LzEvOXJHNU8tZlVPNGJXVDR0TGxqdkpGV0pmSV9JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9iNzI5Y2MtNzU0ZS00YWVhLTg1ZjItMGFjMmNkM2ZlMDA4
LzEvOXJHNU8tZlVPNGJXVDR0TGxqdkpGV0pmSV9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApNM3fgxB
xpuG6TrBwtohRu63kTJeYFSzANicrqEdXKDO14YCFc6tNJChrWDVfQ3zyne+UzGr
YeNgTlO3jjnrCsJQAWMX53QINSGaqr4XDmzQxblBLCWGgjmr6fYXf5YLtcwPMPQR
A0Wxexc1fCZqFfVNmDMBOtOeDqAgqICGvLLKO//YnrKQ2YgmOqUtobujAi1RCIaM
zEFtE5RZDUJrOBgAkzOE3Mc/+xigEuqPsFmMJ7ufsqpFoPwk4goWCwI6+9wyrve8
/EXzuCuQulo4yzuYG6SdVY5x5bxoT8UTVAYqKW/4eLD8J1jq+p5u7o+bVJhoUr31
0FZEiEUDABbg+g==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:15:21 2025 by rpki-client