Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
File:                     0phnd6RO0JQPKaeVx19Fpi9EuzM.mft (raw, json)
Hash identifier:          6BeKPHaOtBTwAUxwD8YzppLcx9xYqdYExgJCAV7vd9w=
Subject key identifier:   46:75:8C:1C:C5:F9:A9:93:C8:70:E3:05:7C:3D:8C:03:28:B5:52:BD
Authority key identifier: D2:98:67:77:A4:4E:D0:94:0F:29:A7:95:C7:5F:45:A6:2F:44:BB:33
Certificate issuer:       /CN=d2986777a44ed0940f29a795c75f45a62f44bb33
Certificate serial:       0199FBEBEF675F07A0D0C223931B762CDD32
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
Manifest number:          06CC
Signing time:             Sun 19 Oct 2025 10:02:47 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:47 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:47 +0000
Files and hashes:         1: 0phnd6RO0JQPKaeVx19Fpi9EuzM.crl (hash: 8fnr/EmDchJ7V25mfe8igrk77s0pcxyKRU9rzKWo/fo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:ef:67:5f:07:a0:d0:c2:23:93:1b:76:2c:dd:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2986777a44ed0940f29a795c75f45a62f44bb33
        Validity
            Not Before: Oct 19 10:02:47 2025 GMT
            Not After : Oct 20 10:02:47 2025 GMT
        Subject: CN=46758c1cc5f9a993c870e3057c3d8c0328b552bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:6b:6c:67:7a:3c:c3:ca:cb:2f:b3:57:1a:ad:
                    26:aa:fd:d2:3b:49:ec:a6:b3:16:32:33:d6:03:d9:
                    23:94:8e:97:b4:20:3e:4d:3f:a5:ce:8c:e9:10:0c:
                    9d:1b:ef:ba:4a:93:09:11:5b:1b:c1:a6:73:f8:be:
                    86:c7:68:db:b9:d2:91:b7:da:01:50:a8:ab:80:54:
                    54:74:5e:e4:22:a2:f3:df:86:7d:d4:8f:71:52:09:
                    21:81:32:af:fc:fc:8f:56:0c:1a:00:47:2b:9e:f8:
                    b0:0d:47:5f:31:03:9b:4b:a5:4d:e5:00:16:0e:9f:
                    6b:64:45:42:03:89:e8:bb:50:ee:e9:4a:69:7e:af:
                    be:5c:50:c9:c2:d9:e3:9b:e2:7b:14:b2:64:4e:d0:
                    7a:af:f1:fd:62:c3:80:ea:ee:63:84:e9:3f:de:7f:
                    2f:5f:83:4b:66:29:25:53:f7:5a:5e:31:27:9c:44:
                    b6:e3:1a:55:68:24:d3:88:87:37:42:c4:b5:ec:1e:
                    2f:a4:73:1e:2b:50:47:23:b0:f2:73:1c:da:2e:fe:
                    20:c3:5e:05:c4:7c:57:3d:bc:e4:33:b3:1d:f2:87:
                    f5:a6:e4:4b:b7:b6:46:d7:cd:3a:7f:d1:4b:fd:2e:
                    00:00:eb:41:de:94:c9:44:53:bf:db:94:ba:4a:62:
                    da:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:75:8C:1C:C5:F9:A9:93:C8:70:E3:05:7C:3D:8C:03:28:B5:52:BD
            X509v3 Authority Key Identifier:
                keyid:D2:98:67:77:A4:4E:D0:94:0F:29:A7:95:C7:5F:45:A6:2F:44:BB:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:a0:33:1c:19:39:cd:e0:ea:f3:44:5d:fc:0b:8c:ce:ef:a6:
         be:b0:2f:7d:f2:06:36:ba:19:76:de:40:ee:d7:70:97:0d:32:
         5f:7c:f9:2f:71:5b:51:7d:3b:58:61:b0:30:50:5d:19:54:32:
         0e:3a:9f:fa:14:89:e5:b1:94:9f:0d:40:5c:ff:a8:c9:80:f2:
         78:11:11:93:d8:bc:7e:64:a4:d8:ec:58:ce:c9:aa:5d:22:44:
         7f:9e:ea:e1:a6:cf:bd:51:fd:24:cb:2e:91:81:26:6e:da:e2:
         cd:ff:b0:5f:ae:b2:e4:2c:48:91:2c:91:68:cb:9b:9d:e6:d6:
         8e:ca:ec:cf:12:68:ab:fa:08:9b:3b:a5:e8:30:81:07:49:b5:
         7b:9f:94:a2:c5:20:33:22:d9:21:31:1d:b4:87:fc:d8:44:64:
         d9:5d:ce:1f:de:24:42:78:ab:2d:c6:a7:e5:ed:a9:1b:05:68:
         60:82:cc:35:17:39:1c:fb:7a:ee:09:c6:c7:56:db:21:2c:bb:
         bf:ac:fd:9b:ba:b0:a0:fd:7d:14:45:99:d6:9f:e7:24:0d:de:
         62:2b:37:f8:19:25:33:b9:05:49:1a:ee:13:e5:9f:cb:84:59:
         89:46:2e:3d:2c:3a:13:42:8e:55:d5:9f:dc:9c:cd:70:42:b3:
         f8:ac:ff:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76+9nXweg0MIjkxt2LN0yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyOTg2Nzc3YTQ0ZWQwOTQwZjI5YTc5NWM3NWY0NWE2MmY0
NGJiMzMwHhcNMjUxMDE5MTAwMjQ3WhcNMjUxMDIwMTAwMjQ3WjAzMTEwLwYDVQQD
Eyg0Njc1OGMxY2M1ZjlhOTkzYzg3MGUzMDU3YzNkOGMwMzI4YjU1MmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomtsZ3o8w8rLL7NXGq0mqv3SO0ns
prMWMjPWA9kjlI6XtCA+TT+lzozpEAydG++6SpMJEVsbwaZz+L6Gx2jbudKRt9oB
UKirgFRUdF7kIqLz34Z91I9xUgkhgTKv/PyPVgwaAEcrnviwDUdfMQObS6VN5QAW
Dp9rZEVCA4nou1Du6Uppfq++XFDJwtnjm+J7FLJkTtB6r/H9YsOA6u5jhOk/3n8v
X4NLZiklU/daXjEnnES24xpVaCTTiIc3QsS17B4vpHMeK1BHI7DycxzaLv4gw14F
xHxXPbzkM7Md8of1puRLt7ZG1806f9FL/S4AAOtB3pTJRFO/25S6SmLa4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEZ1jBzF+amTyHDjBXw9jAMotVK9MB8GA1UdIwQY
MBaAFNKYZ3ekTtCUDymnlcdfRaYvRLszMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS85NzczZGMtZDhlOC00ODBkLTk4ZjIt
YzAwY2JjMTQ5MmJmLzEvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS85NzczZGMtZDhlOC00ODBkLTk4ZjItYzAwY2JjMTQ5MmJm
LzEvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL6AzHBk5
zeDq80Rd/AuMzu+mvrAvffIGNroZdt5A7tdwlw0yX3z5L3FbUX07WGGwMFBdGVQy
Djqf+hSJ5bGUnw1AXP+oyYDyeBERk9i8fmSk2OxYzsmqXSJEf57q4abPvVH9JMsu
kYEmbtrizf+wX66y5CxIkSyRaMubnebWjsrszxJoq/oImzul6DCBB0m1e5+UosUg
MyLZITEdtIf82ERk2V3OH94kQnirLcan5e2pGwVoYILMNRc5HPt67gnGx1bbISy7
v6z9m7qwoP19FEWZ1p/nJA3eYis3+BklM7kFSRruE+Wfy4RZiUYuPSw6E0KOVdWf
3JzNcEKz+Kz/8g==
-----END CERTIFICATE-----