Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.mft
File:                     mdXL9__sUlSnHvex7fem12x1liU.mft (raw, json)
Hash identifier:          nU7W4C7YkOrqxCxip48q3B2XlBUnD/UmzwnZppFvvwQ=
Subject key identifier:   08:B1:7A:02:3D:2A:F8:82:FC:C5:57:12:2D:43:82:BC:BB:32:A4:97
Authority key identifier: 99:D5:CB:F7:FF:EC:52:54:A7:1E:F7:B1:ED:F7:A6:D7:6C:75:96:25
Certificate issuer:       /CN=99d5cbf7ffec5254a71ef7b1edf7a6d76c759625
Certificate serial:       0199FBEBFC74CD26C7746514FDC8D8D3963A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mdXL9__sUlSnHvex7fem12x1liU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.mft
Manifest number:          16DF
Signing time:             Sun 19 Oct 2025 10:02:50 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:50 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:50 +0000
Files and hashes:         1: mdXL9__sUlSnHvex7fem12x1liU.crl (hash: 61TC0Ice5fMIkzDBAOzFl/kdsh1YONcMxux3PPsJCbM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mdXL9__sUlSnHvex7fem12x1liU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:fc:74:cd:26:c7:74:65:14:fd:c8:d8:d3:96:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99d5cbf7ffec5254a71ef7b1edf7a6d76c759625
        Validity
            Not Before: Oct 19 10:02:50 2025 GMT
            Not After : Oct 20 10:02:50 2025 GMT
        Subject: CN=08b17a023d2af882fcc557122d4382bcbb32a497
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:d4:b6:90:b6:ec:08:0d:4c:28:27:f4:03:bf:
                    8d:b6:42:6d:ce:a2:39:b7:dc:b6:c1:1a:01:00:d7:
                    b2:37:5e:19:8e:5c:f4:86:ab:a7:94:da:d4:4d:a6:
                    59:52:02:56:4b:e2:7b:27:df:ec:73:b3:ed:4e:ef:
                    36:d1:8c:f0:c0:d6:7d:ee:6d:4c:ba:52:78:26:69:
                    f3:4a:7e:62:2f:a9:3c:96:f2:d2:5f:2c:aa:a7:a3:
                    95:6d:95:c7:32:69:ef:db:c1:a3:62:f0:d5:a1:36:
                    63:25:3b:3a:ed:d0:aa:3e:dd:cc:7a:b7:10:bc:84:
                    cc:5b:6b:c8:58:0c:7f:74:7d:d9:91:1d:6a:15:92:
                    83:c5:08:6d:93:e3:89:93:69:d0:d6:aa:81:3c:30:
                    01:a0:9a:49:d8:e5:02:74:89:d5:36:dd:19:49:27:
                    69:17:c4:80:e4:74:71:98:f9:4a:c1:c7:77:2a:7e:
                    69:0e:1b:aa:78:25:71:67:b5:bb:52:f9:e1:68:19:
                    dd:86:5a:81:09:19:8d:b6:66:a3:ea:dc:88:92:0d:
                    4f:32:14:48:60:6e:71:17:92:f9:5f:66:8a:1c:b6:
                    59:02:14:d6:85:24:d9:ca:76:da:2f:3c:07:54:72:
                    6e:a5:77:b3:48:e2:75:5b:9c:92:c1:e4:1a:7a:c5:
                    76:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:B1:7A:02:3D:2A:F8:82:FC:C5:57:12:2D:43:82:BC:BB:32:A4:97
            X509v3 Authority Key Identifier:
                keyid:99:D5:CB:F7:FF:EC:52:54:A7:1E:F7:B1:ED:F7:A6:D7:6C:75:96:25

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mdXL9__sUlSnHvex7fem12x1liU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:08:c8:ae:b1:c1:99:05:07:43:37:bc:8c:5d:42:e1:56:80:
         e6:ef:34:ac:fd:fa:9a:59:13:e1:4a:15:06:25:03:ff:ec:96:
         8f:21:b5:21:18:eb:87:8b:f8:d4:ca:dd:59:b8:ee:6c:20:d4:
         ed:8c:fd:66:9e:74:9c:36:68:c2:40:3f:45:16:dd:bc:54:0c:
         9c:1b:00:79:fa:70:03:6e:f1:63:6d:f8:4a:50:94:21:f0:51:
         3c:1c:27:c3:27:36:bd:87:5b:29:e9:90:12:a7:5b:7d:d0:6e:
         cb:34:83:13:ee:cc:8a:af:4c:97:38:c5:fb:4e:4f:01:ee:6d:
         a0:ff:a5:5f:01:26:52:af:85:ee:0a:ae:6d:98:9b:e6:5d:37:
         67:52:cb:36:b0:6f:b0:a0:96:3d:c2:65:64:55:6f:ff:cf:20:
         39:3f:e7:13:00:15:c4:62:ec:bd:97:ec:ab:32:b8:24:79:61:
         cd:30:de:2d:be:d3:21:26:99:6c:a1:1d:89:c7:26:f1:86:94:
         4e:8c:71:10:24:88:20:f4:12:47:78:5e:6f:42:6f:07:97:ee:
         da:01:77:eb:fa:34:8c:d5:96:12:76:1d:71:61:bb:56:11:35:
         15:78:4d:69:65:38:3d:62:51:7c:cb:de:85:bd:ee:69:e1:8d:
         01:45:02:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76/x0zSbHdGUU/cjY05Y6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZDVjYmY3ZmZlYzUyNTRhNzFlZjdiMWVkZjdhNmQ3NmM3
NTk2MjUwHhcNMjUxMDE5MTAwMjUwWhcNMjUxMDIwMTAwMjUwWjAzMTEwLwYDVQQD
EygwOGIxN2EwMjNkMmFmODgyZmNjNTU3MTIyZDQzODJiY2JiMzJhNDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdS2kLbsCA1MKCf0A7+NtkJtzqI5
t9y2wRoBANeyN14Zjlz0hqunlNrUTaZZUgJWS+J7J9/sc7PtTu820YzwwNZ97m1M
ulJ4JmnzSn5iL6k8lvLSXyyqp6OVbZXHMmnv28GjYvDVoTZjJTs67dCqPt3MercQ
vITMW2vIWAx/dH3ZkR1qFZKDxQhtk+OJk2nQ1qqBPDABoJpJ2OUCdInVNt0ZSSdp
F8SA5HRxmPlKwcd3Kn5pDhuqeCVxZ7W7UvnhaBndhlqBCRmNtmaj6tyIkg1PMhRI
YG5xF5L5X2aKHLZZAhTWhSTZynbaLzwHVHJupXezSOJ1W5ySweQaesV2nQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAixegI9KviC/MVXEi1Dgry7MqSXMB8GA1UdIwQY
MBaAFJnVy/f/7FJUpx73se33ptdsdZYlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWRYTDlfX3NVbFNuSHZleDdmZW0xMngxbGlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi81MjM2ZTktZmY1YS00MDE5LTk0ZDQt
YWVhZTZlMzU5M2E3LzEvbWRYTDlfX3NVbFNuSHZleDdmZW0xMngxbGlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi81MjM2ZTktZmY1YS00MDE5LTk0ZDQtYWVhZTZlMzU5M2E3
LzEvbWRYTDlfX3NVbFNuSHZleDdmZW0xMngxbGlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAgjIrrHB
mQUHQze8jF1C4VaA5u80rP36mlkT4UoVBiUD/+yWjyG1IRjrh4v41MrdWbjubCDU
7Yz9Zp50nDZowkA/RRbdvFQMnBsAefpwA27xY234SlCUIfBRPBwnwyc2vYdbKemQ
EqdbfdBuyzSDE+7Miq9MlzjF+05PAe5toP+lXwEmUq+F7gqubZib5l03Z1LLNrBv
sKCWPcJlZFVv/88gOT/nEwAVxGLsvZfsqzK4JHlhzTDeLb7TISaZbKEdiccm8YaU
ToxxECSIIPQSR3heb0JvB5fu2gF36/o0jNWWEnYdcWG7VhE1FXhNaWU4PWJRfMve
hb3uaeGNAUUCUg==
-----END CERTIFICATE-----