Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/39e0d9-52a2-437c-895f-4c582c28fba3/1/z6XOwUOirx7RwtmWlvHxaH9Fhkk.mft
File:                     z6XOwUOirx7RwtmWlvHxaH9Fhkk.mft (raw, json)
Hash identifier:          3OXSkKDX+3d56rqoktu29/8rtADD5ircUcgfclx0xLI=
Subject key identifier:   AD:A7:6F:73:2C:EB:0A:A9:8E:75:7F:DB:82:20:CF:E5:77:2F:91:AD
Authority key identifier: CF:A5:CE:C1:43:A2:AF:1E:D1:C2:D9:96:96:F1:F1:68:7F:45:86:49
Certificate issuer:       /CN=cfa5cec143a2af1ed1c2d99696f1f1687f458649
Certificate serial:       0199FBEA748AFD98CE05CB01B204A3FFA832
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z6XOwUOirx7RwtmWlvHxaH9Fhkk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/39e0d9-52a2-437c-895f-4c582c28fba3/1/z6XOwUOirx7RwtmWlvHxaH9Fhkk.mft
Manifest number:          16DF
Signing time:             Sun 19 Oct 2025 10:01:10 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:10 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:10 +0000
Files and hashes:         1: z6XOwUOirx7RwtmWlvHxaH9Fhkk.crl (hash: ifqGiHOLpMR9uwSoCAP4/bok6tbC/50abhoUaXJVlvU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/39e0d9-52a2-437c-895f-4c582c28fba3/1/z6XOwUOirx7RwtmWlvHxaH9Fhkk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/39e0d9-52a2-437c-895f-4c582c28fba3/1/z6XOwUOirx7RwtmWlvHxaH9Fhkk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z6XOwUOirx7RwtmWlvHxaH9Fhkk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ea:74:8a:fd:98:ce:05:cb:01:b2:04:a3:ff:a8:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cfa5cec143a2af1ed1c2d99696f1f1687f458649
        Validity
            Not Before: Oct 19 10:01:10 2025 GMT
            Not After : Oct 20 10:01:10 2025 GMT
        Subject: CN=ada76f732ceb0aa98e757fdb8220cfe5772f91ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:31:08:9a:36:e2:18:81:93:76:e9:b7:43:d6:
                    e6:ae:17:65:ce:1f:5d:74:61:77:d3:49:8d:09:b2:
                    b1:a2:b7:53:63:87:22:c0:12:e5:50:97:6f:06:49:
                    db:23:9f:c3:9e:61:71:ac:ae:10:31:b5:a2:b5:e4:
                    7b:41:06:2f:94:71:ca:30:f4:a1:65:c7:66:40:fd:
                    6e:db:64:30:13:75:25:92:c7:b4:63:96:70:9b:ba:
                    0b:9c:a2:cf:23:52:7a:92:f6:01:a9:a6:e9:c7:4b:
                    71:31:bb:ce:38:58:2c:43:61:b1:34:df:c1:08:9f:
                    5f:86:cf:29:5a:06:4e:3a:ca:61:d3:45:ee:d0:3d:
                    b8:c6:b0:e7:48:59:a1:be:c6:11:51:b0:c7:ca:99:
                    5a:b3:92:7a:2c:ed:e9:da:47:f0:5f:a1:0e:a6:fe:
                    02:84:be:9a:f2:8f:31:94:26:6d:c4:90:36:fb:a6:
                    cf:cd:1a:50:ef:22:ee:4b:72:40:e9:c2:66:1c:50:
                    ef:f8:a2:55:c9:fc:89:dc:b6:88:3b:14:bc:cf:d1:
                    7f:68:f2:96:45:f4:54:4a:79:3c:8f:ce:f6:76:4f:
                    f0:9c:a5:20:3b:60:fd:cc:f8:a0:74:5b:38:14:9d:
                    b5:a3:f6:14:ff:7e:ab:32:12:b4:4e:9c:b6:45:a1:
                    34:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:A7:6F:73:2C:EB:0A:A9:8E:75:7F:DB:82:20:CF:E5:77:2F:91:AD
            X509v3 Authority Key Identifier:
                keyid:CF:A5:CE:C1:43:A2:AF:1E:D1:C2:D9:96:96:F1:F1:68:7F:45:86:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z6XOwUOirx7RwtmWlvHxaH9Fhkk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/39e0d9-52a2-437c-895f-4c582c28fba3/1/z6XOwUOirx7RwtmWlvHxaH9Fhkk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/39e0d9-52a2-437c-895f-4c582c28fba3/1/z6XOwUOirx7RwtmWlvHxaH9Fhkk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:08:8e:bd:b3:7e:44:70:9e:02:9c:8c:a5:84:95:c0:b2:a2:
         30:b5:7f:2e:38:b1:28:f3:a0:12:61:19:9b:bd:1a:61:17:a4:
         94:e2:d3:83:39:ac:09:2d:1b:be:47:13:87:1c:df:46:88:4a:
         08:90:83:21:77:16:75:4f:be:d1:0c:5b:ba:c0:c4:aa:22:55:
         62:ed:36:5e:e2:0c:ba:2a:66:65:4d:12:6d:57:b0:41:62:56:
         38:1d:44:b0:48:b5:a3:92:9d:00:ea:60:2b:89:c7:52:0f:6b:
         6b:dd:ad:d1:c1:3e:f0:e1:7a:19:de:76:0f:ee:14:29:48:db:
         75:d5:f1:80:30:36:be:83:cf:19:ae:6d:90:a2:28:33:e6:db:
         d7:f9:2d:3b:0f:90:0c:97:37:fe:cc:ad:bf:22:30:8f:79:c2:
         f2:c2:3b:2f:0d:8e:6c:49:cf:33:da:cd:67:29:d6:45:a1:5d:
         9a:27:24:27:60:4f:8b:83:8a:10:79:48:89:fc:84:89:c8:de:
         1a:ea:81:be:85:32:b7:1e:ab:98:b6:38:59:d4:65:09:91:d3:
         6f:94:0c:b1:5c:9c:b8:1b:23:34:df:3d:6a:0e:fe:c4:91:ab:
         ec:b6:88:aa:08:dd:3f:f7:4a:cb:fa:bd:f5:1a:02:dc:03:d3:
         f2:50:ec:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76nSK/ZjOBcsBsgSj/6gyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmYTVjZWMxNDNhMmFmMWVkMWMyZDk5Njk2ZjFmMTY4N2Y0
NTg2NDkwHhcNMjUxMDE5MTAwMTEwWhcNMjUxMDIwMTAwMTEwWjAzMTEwLwYDVQQD
EyhhZGE3NmY3MzJjZWIwYWE5OGU3NTdmZGI4MjIwY2ZlNTc3MmY5MWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmTEImjbiGIGTdum3Q9bmrhdlzh9d
dGF300mNCbKxordTY4ciwBLlUJdvBknbI5/DnmFxrK4QMbWiteR7QQYvlHHKMPSh
ZcdmQP1u22QwE3Ulkse0Y5Zwm7oLnKLPI1J6kvYBqabpx0txMbvOOFgsQ2GxNN/B
CJ9fhs8pWgZOOsph00Xu0D24xrDnSFmhvsYRUbDHyplas5J6LO3p2kfwX6EOpv4C
hL6a8o8xlCZtxJA2+6bPzRpQ7yLuS3JA6cJmHFDv+KJVyfyJ3LaIOxS8z9F/aPKW
RfRUSnk8j872dk/wnKUgO2D9zPigdFs4FJ21o/YU/36rMhK0Tpy2RaE0rwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK2nb3Ms6wqpjnV/24Igz+V3L5GtMB8GA1UdIwQY
MBaAFM+lzsFDoq8e0cLZlpbx8Wh/RYZJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejZYT3dVT2lyeDdSd3RtV2x2SHhhSDlGaGtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zOWUwZDktNTJhMi00MzdjLTg5NWYt
NGM1ODJjMjhmYmEzLzEvejZYT3dVT2lyeDdSd3RtV2x2SHhhSDlGaGtrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zOWUwZDktNTJhMi00MzdjLTg5NWYtNGM1ODJjMjhmYmEz
LzEvejZYT3dVT2lyeDdSd3RtV2x2SHhhSDlGaGtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJQiOvbN+
RHCeApyMpYSVwLKiMLV/LjixKPOgEmEZm70aYReklOLTgzmsCS0bvkcThxzfRohK
CJCDIXcWdU++0QxbusDEqiJVYu02XuIMuipmZU0SbVewQWJWOB1EsEi1o5KdAOpg
K4nHUg9ra92t0cE+8OF6Gd52D+4UKUjbddXxgDA2voPPGa5tkKIoM+bb1/ktOw+Q
DJc3/sytvyIwj3nC8sI7Lw2ObEnPM9rNZynWRaFdmickJ2BPi4OKEHlIifyEicje
GuqBvoUytx6rmLY4WdRlCZHTb5QMsVycuBsjNN89ag7+xJGr7LaIqgjdP/dKy/q9
9RoC3APT8lDscg==
-----END CERTIFICATE-----