Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.mft
File:                     z8cAjG-Rci3DsSdSdVjr2rxoDOY.mft (raw, json)
Hash identifier:          zYPDNmzaKOPvAKMZAd42NxTzcFGt7pHFdi6igN96Eow=
Subject key identifier:   DF:EA:20:70:15:70:4C:C5:6E:3B:89:02:7A:B8:67:90:42:D9:C8:1E
Authority key identifier: CF:C7:00:8C:6F:91:72:2D:C3:B1:27:52:75:58:EB:DA:BC:68:0C:E6
Certificate issuer:       /CN=cfc7008c6f91722dc3b127527558ebdabc680ce6
Certificate serial:       0199FDDA28E7C7B4C0735586A9A30A845DB2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z8cAjG-Rci3DsSdSdVjr2rxoDOY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.mft
Manifest number:          1043
Signing time:             Sun 19 Oct 2025 19:02:36 +0000
Manifest this update:     Sun 19 Oct 2025 19:02:36 +0000
Manifest next update:     Mon 20 Oct 2025 19:02:36 +0000
Files and hashes:         1: z8cAjG-Rci3DsSdSdVjr2rxoDOY.crl (hash: jw6CgHoXeIKfsDAuQ5M+owCNr3r4S88e9JqciCtgbo4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z8cAjG-Rci3DsSdSdVjr2rxoDOY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:da:28:e7:c7:b4:c0:73:55:86:a9:a3:0a:84:5d:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cfc7008c6f91722dc3b127527558ebdabc680ce6
        Validity
            Not Before: Oct 19 19:02:36 2025 GMT
            Not After : Oct 20 19:02:36 2025 GMT
        Subject: CN=dfea207015704cc56e3b89027ab8679042d9c81e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:88:6d:25:fe:57:9d:5e:e1:79:6c:26:0c:6e:
                    3e:fe:98:6d:93:af:a5:8b:55:63:fe:ee:7e:f7:ae:
                    72:9d:00:fe:d8:b6:4d:55:11:07:80:70:15:5c:5c:
                    a1:32:a3:a0:14:64:9f:56:42:4f:d2:9f:c9:e3:f4:
                    64:c3:ab:86:fb:61:7a:e2:2e:3c:c7:40:3f:cb:0e:
                    f0:dc:64:b9:2c:02:7a:6a:af:6b:74:2e:54:70:73:
                    86:b6:aa:7f:1e:5c:3d:83:19:c9:ea:b7:b9:c6:a4:
                    af:0a:fd:8b:fa:80:2c:33:dc:fc:f1:d1:1a:90:13:
                    9d:1f:b8:29:8d:dc:4e:27:27:0b:cf:3f:1d:f0:8e:
                    ee:29:d2:4c:79:3c:97:96:9e:54:a2:04:18:49:3c:
                    ac:0d:17:00:10:53:dd:fd:22:bf:0d:74:10:2d:fd:
                    64:6e:0c:c4:1b:ac:99:35:7f:08:8f:f1:21:2c:a3:
                    15:56:94:f3:d6:ea:52:c7:31:c7:83:df:a7:f3:8e:
                    ed:6f:b9:66:83:2f:e3:12:df:d5:be:6e:fe:1f:2a:
                    24:37:90:91:22:9b:8c:80:8b:63:39:83:36:54:b7:
                    18:fb:a1:79:c2:4b:85:5f:aa:42:7f:6c:b6:fb:76:
                    4c:60:ef:2c:69:5f:35:51:d2:4e:39:fb:4f:28:4c:
                    56:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:EA:20:70:15:70:4C:C5:6E:3B:89:02:7A:B8:67:90:42:D9:C8:1E
            X509v3 Authority Key Identifier:
                keyid:CF:C7:00:8C:6F:91:72:2D:C3:B1:27:52:75:58:EB:DA:BC:68:0C:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z8cAjG-Rci3DsSdSdVjr2rxoDOY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:52:b0:33:c1:ae:df:41:83:fd:a7:f6:3f:8c:2d:ef:bb:25:
         5b:e0:99:8d:73:5b:4f:7a:73:d9:3a:5b:b2:a4:d0:f8:85:88:
         e9:82:b9:c9:27:5c:c6:9d:97:c5:77:ec:ed:a9:62:c5:14:85:
         0e:3a:1b:fd:0c:e2:01:22:1c:21:49:90:0d:d4:79:8b:9d:0d:
         ed:06:2a:6e:b2:56:8e:99:95:ef:6d:f9:0a:7b:f3:a1:ae:f1:
         8a:1a:93:98:34:63:17:28:90:c2:61:73:3c:aa:b2:11:bb:17:
         41:de:97:d3:df:eb:04:5c:58:24:d0:26:f0:cf:a6:77:d4:f7:
         aa:a5:9a:90:75:42:73:7c:0b:f1:1f:db:02:51:5b:2f:e4:bb:
         50:03:5e:94:e5:76:87:93:93:c4:dc:b0:f4:d4:6f:04:42:34:
         be:87:4c:57:aa:5b:a6:2c:06:22:83:e3:96:38:e3:6c:e5:5a:
         b2:aa:a5:dd:71:61:2d:8d:05:b7:53:d1:64:e9:80:92:ce:ec:
         37:00:70:06:a9:08:74:94:00:03:24:64:77:2e:0e:8b:cd:cf:
         73:67:41:77:61:82:e8:fe:db:a7:b8:2c:64:e5:50:97:cc:4d:
         39:96:5b:89:2c:f6:b3:9c:90:b4:4b:6e:3f:5d:8c:b1:f1:97:
         28:ae:31:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92ijnx7TAc1WGqaMKhF2yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmYzcwMDhjNmY5MTcyMmRjM2IxMjc1Mjc1NThlYmRhYmM2
ODBjZTYwHhcNMjUxMDE5MTkwMjM2WhcNMjUxMDIwMTkwMjM2WjAzMTEwLwYDVQQD
EyhkZmVhMjA3MDE1NzA0Y2M1NmUzYjg5MDI3YWI4Njc5MDQyZDljODFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkohtJf5XnV7heWwmDG4+/phtk6+l
i1Vj/u5+965ynQD+2LZNVREHgHAVXFyhMqOgFGSfVkJP0p/J4/Rkw6uG+2F64i48
x0A/yw7w3GS5LAJ6aq9rdC5UcHOGtqp/Hlw9gxnJ6re5xqSvCv2L+oAsM9z88dEa
kBOdH7gpjdxOJycLzz8d8I7uKdJMeTyXlp5UogQYSTysDRcAEFPd/SK/DXQQLf1k
bgzEG6yZNX8Ij/EhLKMVVpTz1upSxzHHg9+n847tb7lmgy/jEt/Vvm7+HyokN5CR
IpuMgItjOYM2VLcY+6F5wkuFX6pCf2y2+3ZMYO8saV81UdJOOftPKExWOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN/qIHAVcEzFbjuJAnq4Z5BC2cgeMB8GA1UdIwQY
MBaAFM/HAIxvkXItw7EnUnVY69q8aAzmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejhjQWpHLVJjaTNEc1NkU2RWanIycnhvRE9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS80MTY4ZGEtZTY1Yy00N2I2LWJiNjEt
MzZmMjRhZDRhMDRmLzEvejhjQWpHLVJjaTNEc1NkU2RWanIycnhvRE9ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS80MTY4ZGEtZTY1Yy00N2I2LWJiNjEtMzZmMjRhZDRhMDRm
LzEvejhjQWpHLVJjaTNEc1NkU2RWanIycnhvRE9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT1KwM8Gu
30GD/af2P4wt77slW+CZjXNbT3pz2TpbsqTQ+IWI6YK5ySdcxp2XxXfs7alixRSF
Djob/QziASIcIUmQDdR5i50N7QYqbrJWjpmV7235Cnvzoa7xihqTmDRjFyiQwmFz
PKqyEbsXQd6X09/rBFxYJNAm8M+md9T3qqWakHVCc3wL8R/bAlFbL+S7UANelOV2
h5OTxNyw9NRvBEI0vodMV6pbpiwGIoPjljjjbOVasqql3XFhLY0Ft1PRZOmAks7s
NwBwBqkIdJQAAyRkdy4Oi83Pc2dBd2GC6P7bp7gsZOVQl8xNOZZbiSz2s5yQtEtu
P12MsfGXKK4x+A==
-----END CERTIFICATE-----