Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft
File:                     FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft (raw, json)
Hash identifier:          7aF+IZFEhwvG6tmh9jLHUEVOjBwAYAcgMxzURCjuwo4=
Subject key identifier:   52:F5:A5:55:CE:1E:DC:94:F7:15:4E:2A:EE:11:EE:A6:BA:98:A5:6C
Authority key identifier: 16:53:6F:C7:56:A5:86:4A:AA:2C:1E:77:BB:76:42:48:DA:BE:26:08
Certificate issuer:       /CN=16536fc756a5864aaa2c1e77bb764248dabe2608
Certificate serial:       0199FE46CB700691AA852D51022223FE6E61
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FlNvx1alhkqqLB53u3ZCSNq-Jgg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft
Manifest number:          0735
Signing time:             Sun 19 Oct 2025 21:01:16 +0000
Manifest this update:     Sun 19 Oct 2025 21:01:16 +0000
Manifest next update:     Mon 20 Oct 2025 21:01:16 +0000
Files and hashes:         1: FlNvx1alhkqqLB53u3ZCSNq-Jgg.crl (hash: pilzPDKhctLJh5XFb58GDLJMj2N43wN+FPON+yRZj/I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FlNvx1alhkqqLB53u3ZCSNq-Jgg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 20:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:46:cb:70:06:91:aa:85:2d:51:02:22:23:fe:6e:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=16536fc756a5864aaa2c1e77bb764248dabe2608
        Validity
            Not Before: Oct 19 21:01:16 2025 GMT
            Not After : Oct 20 21:01:16 2025 GMT
        Subject: CN=52f5a555ce1edc94f7154e2aee11eea6ba98a56c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:69:43:8a:e9:03:a1:eb:58:04:a7:e2:10:5b:
                    d1:07:d9:54:4f:7b:b4:a8:b4:64:e1:0d:89:d4:4a:
                    14:6f:e5:df:87:e4:66:8e:2f:66:af:4c:39:be:ff:
                    fc:2a:35:d0:32:e3:c0:13:c7:ba:87:91:4e:87:20:
                    1a:75:9c:82:ff:b4:5a:42:f8:06:85:4a:7d:38:c1:
                    1c:95:da:d4:38:6f:4c:4a:f6:98:1e:83:2d:d6:46:
                    d3:ff:c4:a6:25:1b:8e:ba:d2:c7:ec:91:53:ec:ff:
                    e1:52:9d:2a:be:9d:5a:3e:0a:d4:36:ec:b3:91:56:
                    db:3c:8a:03:0a:98:94:ed:70:12:d3:32:aa:d0:d5:
                    3b:5c:8c:9e:03:0f:8d:0e:22:4c:88:0c:87:d0:b5:
                    72:dd:43:c4:64:d2:0d:9c:a7:1b:40:27:8f:ea:aa:
                    bf:de:5f:17:4c:7c:77:31:79:fc:45:9b:43:9e:69:
                    f4:af:3d:a9:f3:54:76:80:95:42:bd:3b:b3:93:21:
                    d1:de:70:93:ad:e1:74:23:78:2a:89:69:2f:c0:57:
                    66:38:f9:1e:ec:67:3a:ff:94:a9:03:14:04:77:7f:
                    5a:ec:43:7c:ec:32:65:ac:61:10:f9:df:b9:45:ca:
                    d5:b2:cc:b0:85:aa:4e:34:9c:cb:9f:c4:c2:2a:ba:
                    a2:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:F5:A5:55:CE:1E:DC:94:F7:15:4E:2A:EE:11:EE:A6:BA:98:A5:6C
            X509v3 Authority Key Identifier:
                keyid:16:53:6F:C7:56:A5:86:4A:AA:2C:1E:77:BB:76:42:48:DA:BE:26:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FlNvx1alhkqqLB53u3ZCSNq-Jgg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:df:49:90:1c:dd:c9:1e:77:a6:86:59:f8:ca:04:cf:b7:07:
         7d:20:1f:cf:35:b1:ef:8b:13:14:0f:93:71:74:0d:1f:aa:d9:
         bf:63:83:46:45:06:06:51:f5:ac:7e:75:21:39:2d:ef:2f:36:
         60:e8:ae:2b:7a:b8:bf:c4:76:45:88:e8:08:c4:5d:23:f0:57:
         cf:e7:6b:dc:a5:f5:7d:f6:e9:ea:4b:14:e1:1b:81:24:dd:3d:
         48:c9:e8:44:fa:e7:cd:86:a2:e1:86:06:db:b4:d9:69:af:29:
         cd:4c:8b:f1:b3:d1:86:70:03:ec:bf:c4:3d:8d:39:f6:3f:40:
         48:22:64:dc:90:ac:ad:a2:af:02:27:75:0c:fc:9a:1c:91:77:
         08:37:e4:19:34:06:52:66:f0:02:ae:ab:e8:a7:97:61:e6:13:
         ed:71:6c:01:7e:c4:f5:31:70:1e:97:83:5d:7f:ac:34:bb:3b:
         9a:b1:26:8e:32:a6:b3:ab:d8:46:dc:5e:fa:ba:ca:0a:de:1a:
         93:81:2d:d3:77:87:83:b6:de:39:61:a7:de:81:5c:46:71:71:
         5c:2c:a4:99:a9:c0:be:4b:9e:fa:60:7a:b7:90:cf:87:57:7f:
         08:c9:5e:41:f5:ba:77:5c:36:b7:00:a0:30:f0:5c:91:59:c0:
         f9:d5:1b:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+RstwBpGqhS1RAiIj/m5hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2NTM2ZmM3NTZhNTg2NGFhYTJjMWU3N2JiNzY0MjQ4ZGFi
ZTI2MDgwHhcNMjUxMDE5MjEwMTE2WhcNMjUxMDIwMjEwMTE2WjAzMTEwLwYDVQQD
Eyg1MmY1YTU1NWNlMWVkYzk0ZjcxNTRlMmFlZTExZWVhNmJhOThhNTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmlDiukDoetYBKfiEFvRB9lUT3u0
qLRk4Q2J1EoUb+Xfh+Rmji9mr0w5vv/8KjXQMuPAE8e6h5FOhyAadZyC/7RaQvgG
hUp9OMEcldrUOG9MSvaYHoMt1kbT/8SmJRuOutLH7JFT7P/hUp0qvp1aPgrUNuyz
kVbbPIoDCpiU7XAS0zKq0NU7XIyeAw+NDiJMiAyH0LVy3UPEZNINnKcbQCeP6qq/
3l8XTHx3MXn8RZtDnmn0rz2p81R2gJVCvTuzkyHR3nCTreF0I3gqiWkvwFdmOPke
7Gc6/5SpAxQEd39a7EN87DJlrGEQ+d+5RcrVssywhapONJzLn8TCKrqi0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFL1pVXOHtyU9xVOKu4R7qa6mKVsMB8GA1UdIwQY
MBaAFBZTb8dWpYZKqiwed7t2QkjaviYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmxOdngxYWxoa3FxTEI1M3UzWkNTTnEtSmdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS85YTRiNDUtZGFjMC00Yzc5LThlMTQt
N2YzZWI3NTQ2MTAyLzEvRmxOdngxYWxoa3FxTEI1M3UzWkNTTnEtSmdnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS85YTRiNDUtZGFjMC00Yzc5LThlMTQtN2YzZWI3NTQ2MTAy
LzEvRmxOdngxYWxoa3FxTEI1M3UzWkNTTnEtSmdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFd9JkBzd
yR53poZZ+MoEz7cHfSAfzzWx74sTFA+TcXQNH6rZv2ODRkUGBlH1rH51ITkt7y82
YOiuK3q4v8R2RYjoCMRdI/BXz+dr3KX1ffbp6ksU4RuBJN09SMnoRPrnzYai4YYG
27TZaa8pzUyL8bPRhnAD7L/EPY059j9ASCJk3JCsraKvAid1DPyaHJF3CDfkGTQG
UmbwAq6r6KeXYeYT7XFsAX7E9TFwHpeDXX+sNLs7mrEmjjKms6vYRtxe+rrKCt4a
k4Et03eHg7beOWGn3oFcRnFxXCykmanAvkue+mB6t5DPh1d/CMleQfW6d1w2twCg
MPBckVnA+dUbpQ==
-----END CERTIFICATE-----