Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft
File:                     nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft (raw, json)
Hash identifier:          uzV96BqqQDHnKgMsD6NpOLtDyl572JNCDJd1dt82RSI=
Subject key identifier:   93:17:61:8C:C1:DA:48:82:C6:15:A0:4B:FE:40:26:AE:15:A7:ED:86
Authority key identifier: 9D:36:27:D9:76:65:14:57:89:42:42:00:50:BF:83:A8:B1:29:16:6E
Certificate issuer:       /CN=9d3627d9766514578942420050bf83a8b129166e
Certificate serial:       0199FD3430D2B724E1D33438859AD66006FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nTYn2XZlFFeJQkIAUL-DqLEpFm4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft
Manifest number:          1373
Signing time:             Sun 19 Oct 2025 16:01:19 +0000
Manifest this update:     Sun 19 Oct 2025 16:01:19 +0000
Manifest next update:     Mon 20 Oct 2025 16:01:19 +0000
Files and hashes:         1: nTYn2XZlFFeJQkIAUL-DqLEpFm4.crl (hash: nK6zDVzf5+YkiIdOpezTcJXKHothdteKvRV8PDfnx24=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nTYn2XZlFFeJQkIAUL-DqLEpFm4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:34:30:d2:b7:24:e1:d3:34:38:85:9a:d6:60:06:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d3627d9766514578942420050bf83a8b129166e
        Validity
            Not Before: Oct 19 16:01:19 2025 GMT
            Not After : Oct 20 16:01:19 2025 GMT
        Subject: CN=9317618cc1da4882c615a04bfe4026ae15a7ed86
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:b6:71:cd:2c:87:e7:ae:9e:06:05:5b:22:17:
                    91:5b:4d:47:fc:be:53:d6:e6:19:0f:cd:cc:27:d2:
                    c2:ae:a6:fe:3c:bc:a3:7c:a0:8e:bb:b7:2d:4e:16:
                    5b:81:14:99:ad:a6:58:39:cc:5f:f1:cb:bb:36:80:
                    3f:12:94:89:e0:56:52:e3:14:83:ef:87:f9:bb:70:
                    27:14:b8:46:1c:a4:67:68:18:1c:e5:33:18:a9:0d:
                    f5:f8:70:4a:f8:82:f1:7f:2a:a6:4e:9d:e1:77:82:
                    bb:cf:d2:4b:c2:41:e2:4e:78:4f:32:9e:80:27:a1:
                    c6:1f:e6:f8:4c:ba:87:ff:fd:f2:f8:2e:6d:80:0f:
                    a3:e5:c0:18:93:ec:7d:f3:9e:80:58:71:af:e1:aa:
                    62:37:17:ab:98:f6:03:13:f3:cb:04:6e:21:b9:78:
                    5f:cd:ed:a4:31:34:c7:da:3b:b8:e3:f4:52:c5:72:
                    51:f1:56:4c:d3:c4:2c:c2:1a:38:ea:dc:b1:ae:80:
                    a9:ab:06:06:82:ba:2b:13:2b:95:74:b7:6d:03:fc:
                    5c:e4:d6:2f:ec:1f:68:9d:8b:61:b3:c8:5e:b0:b1:
                    e0:c3:5c:ab:f8:d8:03:37:6f:44:4a:7a:2f:ea:96:
                    59:12:c0:9e:4a:d7:53:2d:3b:b9:b9:dd:91:6e:84:
                    4b:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:17:61:8C:C1:DA:48:82:C6:15:A0:4B:FE:40:26:AE:15:A7:ED:86
            X509v3 Authority Key Identifier:
                keyid:9D:36:27:D9:76:65:14:57:89:42:42:00:50:BF:83:A8:B1:29:16:6E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nTYn2XZlFFeJQkIAUL-DqLEpFm4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:9c:89:01:07:28:a1:2a:a7:19:c4:c7:c1:3d:8b:56:f1:1f:
         a6:ad:7a:9f:2a:ca:aa:e2:a9:88:57:8f:9e:f2:10:45:47:39:
         a0:ff:8b:cb:0c:e8:22:c8:97:6c:47:49:4a:9e:8c:73:68:19:
         54:b7:03:d2:85:53:a9:a3:22:cf:0d:1d:85:75:a7:b2:5a:86:
         22:b0:6f:93:29:cc:1a:9d:2d:e6:86:c0:d7:d1:2c:73:37:09:
         37:b8:e4:55:b3:32:19:22:fc:8f:39:f6:bc:4e:ef:ce:6d:23:
         61:c8:62:2d:e9:95:6e:67:8b:fc:3d:d5:b4:0c:b5:e3:d4:b3:
         bf:87:b7:cd:26:8c:b8:97:f8:52:95:3b:09:be:6a:2e:f4:71:
         d4:b2:27:7a:81:5d:5a:7e:5b:8b:0f:f4:4e:a4:92:5c:10:c9:
         11:ff:7d:b2:86:b8:02:2f:57:ef:98:79:bf:29:9e:70:88:b9:
         a4:a6:6d:63:6b:15:a7:bf:21:1a:d6:0c:47:e7:4a:11:34:95:
         77:d3:ff:ad:79:8f:35:99:60:ec:d0:de:96:f1:64:ae:30:dc:
         06:03:75:d4:f5:6b:62:3e:71:3b:01:7b:6a:f8:44:86:88:06:
         07:25:1a:9d:39:ae:43:b5:be:56:76:10:2b:61:29:49:50:94:
         bf:9e:f8:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9NDDStyTh0zQ4hZrWYAb8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMzYyN2Q5NzY2NTE0NTc4OTQyNDIwMDUwYmY4M2E4YjEy
OTE2NmUwHhcNMjUxMDE5MTYwMTE5WhcNMjUxMDIwMTYwMTE5WjAzMTEwLwYDVQQD
Eyg5MzE3NjE4Y2MxZGE0ODgyYzYxNWEwNGJmZTQwMjZhZTE1YTdlZDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvrZxzSyH566eBgVbIheRW01H/L5T
1uYZD83MJ9LCrqb+PLyjfKCOu7ctThZbgRSZraZYOcxf8cu7NoA/EpSJ4FZS4xSD
74f5u3AnFLhGHKRnaBgc5TMYqQ31+HBK+ILxfyqmTp3hd4K7z9JLwkHiTnhPMp6A
J6HGH+b4TLqH//3y+C5tgA+j5cAYk+x9856AWHGv4apiNxermPYDE/PLBG4huXhf
ze2kMTTH2ju44/RSxXJR8VZM08Qswho46tyxroCpqwYGgrorEyuVdLdtA/xc5NYv
7B9onYths8hesLHgw1yr+NgDN29ESnov6pZZEsCeStdTLTu5ud2RboRLZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJMXYYzB2kiCxhWgS/5AJq4Vp+2GMB8GA1UdIwQY
MBaAFJ02J9l2ZRRXiUJCAFC/g6ixKRZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblRZbjJYWmxGRmVKUWtJQVVMLURxTEVwRm00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8zOGI4YmEtZGY2Yy00ODZkLWI2Y2Qt
MWQ1ZGQyMjU4YzRlLzEvblRZbjJYWmxGRmVKUWtJQVVMLURxTEVwRm00Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8zOGI4YmEtZGY2Yy00ODZkLWI2Y2QtMWQ1ZGQyMjU4YzRl
LzEvblRZbjJYWmxGRmVKUWtJQVVMLURxTEVwRm00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGZyJAQco
oSqnGcTHwT2LVvEfpq16nyrKquKpiFePnvIQRUc5oP+LywzoIsiXbEdJSp6Mc2gZ
VLcD0oVTqaMizw0dhXWnslqGIrBvkynMGp0t5obA19EsczcJN7jkVbMyGSL8jzn2
vE7vzm0jYchiLemVbmeL/D3VtAy149Szv4e3zSaMuJf4UpU7Cb5qLvRx1LIneoFd
Wn5biw/0TqSSXBDJEf99soa4Ai9X75h5vymecIi5pKZtY2sVp78hGtYMR+dKETSV
d9P/rXmPNZlg7NDelvFkrjDcBgN11PVrYj5xOwF7avhEhogGByUanTmuQ7W+VnYQ
K2EpSVCUv5749Q==
-----END CERTIFICATE-----