Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft
File:                     LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft (raw, json)
Hash identifier:          U/6xWen/eGA8w+OIuvyiSZZi7DVtMSaOYeAESVvhhho=
Subject key identifier:   95:92:91:DA:45:69:1A:1F:FE:1B:C2:10:36:D4:CF:21:41:C2:32:09
Authority key identifier: 2E:31:63:12:AD:2B:21:AA:9A:04:81:1F:62:AD:03:6B:F6:88:85:D9
Certificate issuer:       /CN=2e316312ad2b21aa9a04811f62ad036bf68885d9
Certificate serial:       0199FDD8E38A920AB038B1AE22B122AAC602
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LjFjEq0rIaqaBIEfYq0Da_aIhdk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft
Manifest number:          0B5C
Signing time:             Sun 19 Oct 2025 19:01:13 +0000
Manifest this update:     Sun 19 Oct 2025 19:01:13 +0000
Manifest next update:     Mon 20 Oct 2025 19:01:13 +0000
Files and hashes:         1: LjFjEq0rIaqaBIEfYq0Da_aIhdk.crl (hash: WsHKQaG4w0h7gtzqegci8/+nCM92a+diAXVn+m5P5z8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LjFjEq0rIaqaBIEfYq0Da_aIhdk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 19:01:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d8:e3:8a:92:0a:b0:38:b1:ae:22:b1:22:aa:c6:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e316312ad2b21aa9a04811f62ad036bf68885d9
        Validity
            Not Before: Oct 19 19:01:13 2025 GMT
            Not After : Oct 20 19:01:13 2025 GMT
        Subject: CN=959291da45691a1ffe1bc21036d4cf2141c23209
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:c5:e2:3c:c1:41:f0:15:bc:20:f5:1f:f2:71:
                    6d:a7:48:40:12:d7:9f:c3:00:87:e6:9d:15:e3:e9:
                    9b:90:6a:96:ca:45:da:06:5f:c0:b4:f7:a8:e8:63:
                    ca:00:e0:05:06:cb:11:0a:92:f2:ea:71:ba:e9:46:
                    74:43:44:a3:87:a2:be:00:90:3e:f9:22:10:b6:bc:
                    84:81:a2:12:81:81:db:62:52:35:96:4d:07:91:11:
                    36:12:26:7d:48:fa:4d:93:f5:f0:b6:2f:16:28:f0:
                    63:f8:54:e3:7e:b7:94:8e:32:47:74:5e:2b:93:26:
                    65:09:9d:80:95:95:f6:f9:bc:50:e4:cd:e2:8f:39:
                    71:eb:e2:69:c5:ed:b8:95:7b:eb:04:28:0a:e0:cd:
                    13:a2:ad:8a:6d:1a:68:eb:32:01:75:e7:b6:25:3c:
                    08:3f:3d:23:09:de:e3:c1:1d:93:b8:c4:90:6b:7c:
                    92:d8:69:24:9f:26:05:76:ef:4e:46:b0:25:b3:7a:
                    f7:31:42:9b:37:1f:a7:50:ca:2c:ee:34:47:35:dc:
                    cc:48:a7:8c:f7:e3:93:f5:c5:a7:b1:c9:b6:10:ca:
                    f9:bc:85:2a:2b:54:85:e4:e1:32:f5:a5:f8:97:2b:
                    78:de:cc:8e:47:10:fb:e5:29:0f:1c:b6:61:a0:da:
                    de:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:92:91:DA:45:69:1A:1F:FE:1B:C2:10:36:D4:CF:21:41:C2:32:09
            X509v3 Authority Key Identifier:
                keyid:2E:31:63:12:AD:2B:21:AA:9A:04:81:1F:62:AD:03:6B:F6:88:85:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LjFjEq0rIaqaBIEfYq0Da_aIhdk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:10:2c:bd:11:7d:ac:bb:3e:68:45:10:8a:6a:ea:37:09:f1:
         e0:d1:13:50:5d:40:85:8a:a6:93:30:5d:32:41:37:ce:10:df:
         7b:be:4d:e0:62:7d:74:99:5c:61:b9:06:9d:a3:b7:1c:63:a1:
         b7:a4:91:28:75:7f:cd:e5:28:27:25:bf:6b:ce:cc:e7:f1:68:
         6e:f4:e3:10:34:25:75:3c:23:3c:ad:a3:c9:cf:a8:f8:53:ba:
         5c:71:4f:ee:53:9e:e5:cf:f3:61:d3:4a:d5:28:88:da:2f:eb:
         b5:c3:39:fc:ed:96:e4:8e:10:cf:69:e5:2c:29:d7:9f:4c:b2:
         eb:95:7d:af:68:20:68:85:53:db:96:de:5b:7d:6f:01:4f:e7:
         00:b2:c9:d3:47:13:79:ec:c0:56:3d:c1:8c:49:61:09:62:3d:
         dc:37:08:0b:51:42:10:89:29:1b:69:5f:79:58:a8:1c:52:85:
         e7:9c:08:3d:10:b5:65:fe:b8:be:dc:6c:0e:f1:a9:78:e4:1a:
         c1:54:ab:ae:8f:52:47:37:59:6e:b6:5b:e3:a2:f8:ec:eb:f2:
         d5:0a:4c:40:d1:35:9d:31:48:66:fd:d3:1f:69:ad:8b:76:54:
         30:88:de:52:78:80:25:14:90:ce:11:43:3c:7b:94:3a:9b:90:
         16:43:93:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92OOKkgqwOLGuIrEiqsYCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMzE2MzEyYWQyYjIxYWE5YTA0ODExZjYyYWQwMzZiZjY4
ODg1ZDkwHhcNMjUxMDE5MTkwMTEzWhcNMjUxMDIwMTkwMTEzWjAzMTEwLwYDVQQD
Eyg5NTkyOTFkYTQ1NjkxYTFmZmUxYmMyMTAzNmQ0Y2YyMTQxYzIzMjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzcXiPMFB8BW8IPUf8nFtp0hAEtef
wwCH5p0V4+mbkGqWykXaBl/AtPeo6GPKAOAFBssRCpLy6nG66UZ0Q0Sjh6K+AJA+
+SIQtryEgaISgYHbYlI1lk0HkRE2EiZ9SPpNk/Xwti8WKPBj+FTjfreUjjJHdF4r
kyZlCZ2AlZX2+bxQ5M3ijzlx6+Jpxe24lXvrBCgK4M0Toq2KbRpo6zIBdee2JTwI
Pz0jCd7jwR2TuMSQa3yS2GkknyYFdu9ORrAls3r3MUKbNx+nUMos7jRHNdzMSKeM
9+OT9cWnscm2EMr5vIUqK1SF5OEy9aX4lyt43syORxD75SkPHLZhoNreCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJWSkdpFaRof/hvCEDbUzyFBwjIJMB8GA1UdIwQY
MBaAFC4xYxKtKyGqmgSBH2KtA2v2iIXZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGpGakVxMHJJYXFhQklFZllxMERhX2FJaGRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC83YjlkMmMtN2Q0OS00YTE5LWE1NWQt
M2I0NzY2NmQxMzY1LzEvTGpGakVxMHJJYXFhQklFZllxMERhX2FJaGRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC83YjlkMmMtN2Q0OS00YTE5LWE1NWQtM2I0NzY2NmQxMzY1
LzEvTGpGakVxMHJJYXFhQklFZllxMERhX2FJaGRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAxAsvRF9
rLs+aEUQimrqNwnx4NETUF1AhYqmkzBdMkE3zhDfe75N4GJ9dJlcYbkGnaO3HGOh
t6SRKHV/zeUoJyW/a87M5/FobvTjEDQldTwjPK2jyc+o+FO6XHFP7lOe5c/zYdNK
1SiI2i/rtcM5/O2W5I4Qz2nlLCnXn0yy65V9r2ggaIVT25beW31vAU/nALLJ00cT
eezAVj3BjElhCWI93DcIC1FCEIkpG2lfeVioHFKF55wIPRC1Zf64vtxsDvGpeOQa
wVSrro9SRzdZbrZb46L47Ovy1QpMQNE1nTFIZv3TH2mti3ZUMIjeUniAJRSQzhFD
PHuUOpuQFkOTvg==
-----END CERTIFICATE-----