Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/fd210d-d4c3-4831-a446-a00956afc469/1/5AP02ltCPYmfu1tWFk-wdpbYFZ0.mft
File:                     5AP02ltCPYmfu1tWFk-wdpbYFZ0.mft (raw, json)
Hash identifier:          PUuUSkWhdWnfp/q6UVe93LkLqtw+u/Oky+zGt88C/Tk=
Subject key identifier:   39:96:47:4D:6B:1F:D1:8E:58:C3:EA:88:72:03:93:0A:09:CA:58:95
Authority key identifier: E4:03:F4:DA:5B:42:3D:89:9F:BB:5B:56:16:4F:B0:76:96:D8:15:9D
Certificate issuer:       /CN=e403f4da5b423d899fbb5b56164fb07696d8159d
Certificate serial:       0199FBEB410C1BE7C4C8FCC62F0CD856C9B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5AP02ltCPYmfu1tWFk-wdpbYFZ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/fd210d-d4c3-4831-a446-a00956afc469/1/5AP02ltCPYmfu1tWFk-wdpbYFZ0.mft
Manifest number:          6C
Signing time:             Sun 19 Oct 2025 10:02:02 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:02 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:02 +0000
Files and hashes:         1: 5AP02ltCPYmfu1tWFk-wdpbYFZ0.crl (hash: ZYJVT9i7Ff8kOG6HUzpUQ95ukQdptW7A985DDy69Jcc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d7/fd210d-d4c3-4831-a446-a00956afc469/1/5AP02ltCPYmfu1tWFk-wdpbYFZ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d7/fd210d-d4c3-4831-a446-a00956afc469/1/5AP02ltCPYmfu1tWFk-wdpbYFZ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5AP02ltCPYmfu1tWFk-wdpbYFZ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:41:0c:1b:e7:c4:c8:fc:c6:2f:0c:d8:56:c9:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e403f4da5b423d899fbb5b56164fb07696d8159d
        Validity
            Not Before: Oct 19 10:02:02 2025 GMT
            Not After : Oct 20 10:02:02 2025 GMT
        Subject: CN=3996474d6b1fd18e58c3ea887203930a09ca5895
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:4e:5e:9c:02:8d:e1:ae:7b:9b:aa:4a:00:7e:
                    9f:72:1a:1d:43:ef:58:02:de:8f:d9:8f:cf:53:5a:
                    d0:76:ce:f5:81:80:90:cc:b2:3c:d8:6c:02:ff:6d:
                    26:83:38:4f:49:3c:ab:01:49:f6:37:d0:36:f5:c7:
                    ae:22:ac:d7:ce:fc:fb:12:b9:5f:53:88:40:77:c7:
                    41:b7:c4:a4:32:f9:41:99:83:49:eb:88:07:e4:bc:
                    d7:a3:e2:bb:f2:77:66:a2:cd:65:c2:47:2c:1b:fc:
                    ad:f7:bb:3c:24:b9:8c:38:96:fd:c0:38:32:5c:fe:
                    8d:db:0b:54:f0:46:b0:d6:57:26:af:f4:f4:84:5a:
                    8b:da:6b:b0:9c:54:be:36:3f:f5:9a:79:d2:0f:c0:
                    60:ac:61:24:2c:14:ba:ab:d1:23:36:24:57:97:24:
                    ee:f7:fd:ec:95:fc:35:e5:f8:e7:e9:99:c6:56:b9:
                    26:ae:c9:a0:95:0f:47:9d:55:c2:d2:c4:c7:2f:fc:
                    f2:ea:c8:fa:62:7a:b7:36:cc:c0:84:2e:d2:74:a9:
                    c1:db:08:19:73:aa:12:66:95:d9:69:81:aa:fa:63:
                    43:53:ef:01:bc:27:8d:0e:30:33:98:a8:e1:9e:9e:
                    77:10:ae:42:6c:aa:4e:13:fb:fc:d8:ab:1f:42:5d:
                    43:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:96:47:4D:6B:1F:D1:8E:58:C3:EA:88:72:03:93:0A:09:CA:58:95
            X509v3 Authority Key Identifier:
                keyid:E4:03:F4:DA:5B:42:3D:89:9F:BB:5B:56:16:4F:B0:76:96:D8:15:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5AP02ltCPYmfu1tWFk-wdpbYFZ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/fd210d-d4c3-4831-a446-a00956afc469/1/5AP02ltCPYmfu1tWFk-wdpbYFZ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/fd210d-d4c3-4831-a446-a00956afc469/1/5AP02ltCPYmfu1tWFk-wdpbYFZ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:a2:9b:59:5e:21:70:51:98:e4:6c:49:a9:fa:59:29:f4:e1:
         f9:6b:1a:12:34:8a:7b:17:af:37:7e:a7:4b:d3:dd:56:3f:35:
         7b:b8:b3:b5:2a:06:b2:38:06:af:fb:08:8d:e7:2e:10:0f:37:
         88:52:2d:a1:49:9a:c9:74:49:5e:74:67:f1:b7:ce:31:a8:54:
         0d:60:2c:c7:7e:03:12:09:c3:74:c0:8f:6b:bb:44:7c:46:b3:
         e8:c6:f3:85:b3:39:5f:71:e2:2e:43:9b:51:90:c3:ec:4c:ca:
         ad:32:58:83:45:b7:30:44:2b:c6:c9:4b:3a:b3:5d:01:38:f7:
         54:5f:be:71:86:6f:ab:da:17:64:e3:e8:d7:40:e6:10:0c:38:
         9b:ee:00:f5:86:66:a0:a8:40:89:19:29:74:bc:72:d6:d5:f5:
         ed:03:ea:ce:6f:c7:57:2a:19:63:a8:6c:2f:d5:6f:ce:b5:d2:
         13:a8:8a:83:91:b4:41:fa:e4:cf:38:d1:c5:ef:53:e6:fa:65:
         f4:cb:15:d1:a5:4c:ec:ef:dd:5f:f9:6b:fd:34:8b:59:68:1a:
         21:39:66:e0:a4:5a:7e:eb:87:06:8b:28:86:01:c1:60:e0:db:
         3c:88:f4:4c:4e:20:67:b3:35:85:b4:b5:e7:09:44:67:f7:6d:
         5c:11:43:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn760EMG+fEyPzGLwzYVsmzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0MDNmNGRhNWI0MjNkODk5ZmJiNWI1NjE2NGZiMDc2OTZk
ODE1OWQwHhcNMjUxMDE5MTAwMjAyWhcNMjUxMDIwMTAwMjAyWjAzMTEwLwYDVQQD
EygzOTk2NDc0ZDZiMWZkMThlNThjM2VhODg3MjAzOTMwYTA5Y2E1ODk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApU5enAKN4a57m6pKAH6fchodQ+9Y
At6P2Y/PU1rQds71gYCQzLI82GwC/20mgzhPSTyrAUn2N9A29ceuIqzXzvz7Erlf
U4hAd8dBt8SkMvlBmYNJ64gH5LzXo+K78ndmos1lwkcsG/yt97s8JLmMOJb9wDgy
XP6N2wtU8Eaw1lcmr/T0hFqL2muwnFS+Nj/1mnnSD8BgrGEkLBS6q9EjNiRXlyTu
9/3slfw15fjn6ZnGVrkmrsmglQ9HnVXC0sTHL/zy6sj6Ynq3NszAhC7SdKnB2wgZ
c6oSZpXZaYGq+mNDU+8BvCeNDjAzmKjhnp53EK5CbKpOE/v82KsfQl1DKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDmWR01rH9GOWMPqiHIDkwoJyliVMB8GA1UdIwQY
MBaAFOQD9NpbQj2Jn7tbVhZPsHaW2BWdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUFQMDJsdENQWW1mdTF0V0ZrLXdkcGJZRlowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9mZDIxMGQtZDRjMy00ODMxLWE0NDYt
YTAwOTU2YWZjNDY5LzEvNUFQMDJsdENQWW1mdTF0V0ZrLXdkcGJZRlowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9mZDIxMGQtZDRjMy00ODMxLWE0NDYtYTAwOTU2YWZjNDY5
LzEvNUFQMDJsdENQWW1mdTF0V0ZrLXdkcGJZRlowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS6KbWV4h
cFGY5GxJqfpZKfTh+WsaEjSKexevN36nS9PdVj81e7iztSoGsjgGr/sIjecuEA83
iFItoUmayXRJXnRn8bfOMahUDWAsx34DEgnDdMCPa7tEfEaz6MbzhbM5X3HiLkOb
UZDD7EzKrTJYg0W3MEQrxslLOrNdATj3VF++cYZvq9oXZOPo10DmEAw4m+4A9YZm
oKhAiRkpdLxy1tX17QPqzm/HVyoZY6hsL9VvzrXSE6iKg5G0QfrkzzjRxe9T5vpl
9MsV0aVM7O/dX/lr/TSLWWgaITlm4KRafuuHBosohgHBYODbPIj0TE4gZ7M1hbS1
5wlEZ/dtXBFDNA==
-----END CERTIFICATE-----