Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.mft
File:                     XtGkql_QUBs-ptafQzwvFkIRYIk.mft (raw, json)
Hash identifier:          MiJxoKFaQAJ7zP70nvyf5GIYxdFDYcqbgyJkwwz+9BA=
Subject key identifier:   F4:3A:BF:10:57:1D:66:3B:00:73:27:B5:9E:ED:3C:6B:BF:52:14:67
Authority key identifier: 5E:D1:A4:AA:5F:D0:50:1B:3E:A6:D6:9F:43:3C:2F:16:42:11:60:89
Certificate issuer:       /CN=5ed1a4aa5fd0501b3ea6d69f433c2f1642116089
Certificate serial:       0199FE46E2D594BC9748D56A20989D48B768
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XtGkql_QUBs-ptafQzwvFkIRYIk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.mft
Manifest number:          16DE
Signing time:             Sun 19 Oct 2025 21:01:22 +0000
Manifest this update:     Sun 19 Oct 2025 21:01:22 +0000
Manifest next update:     Mon 20 Oct 2025 21:01:22 +0000
Files and hashes:         1: XtGkql_QUBs-ptafQzwvFkIRYIk.crl (hash: ncNE4y1l+oaJZNYLsjORTpXwvg6txhyp0+g2D+J0b/0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XtGkql_QUBs-ptafQzwvFkIRYIk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:46:e2:d5:94:bc:97:48:d5:6a:20:98:9d:48:b7:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ed1a4aa5fd0501b3ea6d69f433c2f1642116089
        Validity
            Not Before: Oct 19 21:01:22 2025 GMT
            Not After : Oct 20 21:01:22 2025 GMT
        Subject: CN=f43abf10571d663b007327b59eed3c6bbf521467
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:d3:26:85:b0:58:59:92:80:6d:64:4b:85:10:
                    99:2f:9c:13:93:3d:8f:a2:58:7f:8b:4a:69:ae:39:
                    b1:d7:5e:09:4d:a3:52:30:1b:63:05:59:11:9d:6c:
                    25:f2:17:f5:4d:37:f1:d4:9f:b0:1e:0f:55:23:25:
                    a8:20:94:83:15:b2:b6:33:3d:e0:79:53:8f:23:54:
                    68:39:af:16:6f:54:b8:09:49:f9:42:44:8d:65:28:
                    d8:83:a4:40:ec:ec:93:8e:e2:52:1a:51:71:bb:d3:
                    f0:58:e9:40:d7:62:27:86:c5:39:88:33:cf:21:44:
                    d3:9c:f3:14:43:9f:fc:0f:f5:7e:e6:9c:41:e8:2a:
                    9d:02:aa:1a:33:28:cb:b9:d0:0f:35:56:5d:b0:22:
                    67:2d:54:61:5d:29:11:cb:df:2d:5c:bb:88:20:a5:
                    f5:bd:8c:e1:ed:e9:ab:09:ae:a1:e1:08:c1:90:3a:
                    55:a8:34:c1:46:11:0a:7d:95:42:30:95:84:97:2a:
                    c1:d5:e1:45:e2:45:34:13:5c:2c:d5:3a:f0:0f:85:
                    e9:4f:0a:29:e2:5a:b5:6c:29:72:e6:2d:6f:26:5b:
                    f0:ac:90:b0:99:b9:45:ce:97:fb:19:ce:27:05:a1:
                    f6:13:e4:cf:6e:74:65:9f:a2:a8:5a:8e:06:ba:8c:
                    4f:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:3A:BF:10:57:1D:66:3B:00:73:27:B5:9E:ED:3C:6B:BF:52:14:67
            X509v3 Authority Key Identifier:
                keyid:5E:D1:A4:AA:5F:D0:50:1B:3E:A6:D6:9F:43:3C:2F:16:42:11:60:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XtGkql_QUBs-ptafQzwvFkIRYIk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:12:5d:ae:b1:0d:1f:b0:e5:c0:1b:1b:cd:d7:6d:55:cb:4f:
         c8:2c:60:27:b0:61:8a:c3:38:5d:4f:08:98:87:32:b2:7d:76:
         a3:2c:7f:02:24:73:c5:b8:5b:a7:4c:5f:7c:81:b3:a6:5f:2d:
         ce:3c:04:cf:c4:a5:69:56:a6:44:e1:c4:d6:24:59:c0:af:d7:
         c7:fb:28:e8:8e:d5:bf:ef:7d:7e:f3:23:54:89:0f:c8:ca:d1:
         c7:32:73:35:bb:80:d2:67:eb:98:e7:c5:5e:3c:84:0f:6a:10:
         d6:c4:12:56:ee:23:d8:50:00:ef:f5:58:e7:7a:42:d2:89:bb:
         cf:10:07:3c:a4:74:e0:b0:ff:60:6a:24:97:a1:8c:aa:75:8d:
         a3:87:00:35:fa:6b:29:bb:e9:e1:1b:11:b6:18:e2:e3:71:90:
         d4:9a:f0:40:5c:87:a1:db:53:34:ac:ea:58:9d:71:df:ad:89:
         c7:59:cc:3c:66:e6:06:d4:50:f7:d7:9f:7e:66:a8:ec:74:c1:
         c4:e1:29:a9:1b:00:f0:8b:86:f4:44:a3:b0:43:2e:ea:68:4e:
         31:24:9c:dc:5b:62:30:1f:5c:c7:12:d4:bf:0e:d2:27:f2:5a:
         53:16:a3:2f:0e:dc:6f:cb:9e:cd:68:77:90:a3:cc:5a:f3:e4:
         93:96:55:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+RuLVlLyXSNVqIJidSLdoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZDFhNGFhNWZkMDUwMWIzZWE2ZDY5ZjQzM2MyZjE2NDIx
MTYwODkwHhcNMjUxMDE5MjEwMTIyWhcNMjUxMDIwMjEwMTIyWjAzMTEwLwYDVQQD
EyhmNDNhYmYxMDU3MWQ2NjNiMDA3MzI3YjU5ZWVkM2M2YmJmNTIxNDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4NMmhbBYWZKAbWRLhRCZL5wTkz2P
olh/i0pprjmx114JTaNSMBtjBVkRnWwl8hf1TTfx1J+wHg9VIyWoIJSDFbK2Mz3g
eVOPI1RoOa8Wb1S4CUn5QkSNZSjYg6RA7OyTjuJSGlFxu9PwWOlA12InhsU5iDPP
IUTTnPMUQ5/8D/V+5pxB6CqdAqoaMyjLudAPNVZdsCJnLVRhXSkRy98tXLuIIKX1
vYzh7emrCa6h4QjBkDpVqDTBRhEKfZVCMJWElyrB1eFF4kU0E1ws1TrwD4XpTwop
4lq1bCly5i1vJlvwrJCwmblFzpf7Gc4nBaH2E+TPbnRln6KoWo4GuoxPKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPQ6vxBXHWY7AHMntZ7tPGu/UhRnMB8GA1UdIwQY
MBaAFF7RpKpf0FAbPqbWn0M8LxZCEWCJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHRHa3FsX1FVQnMtcHRhZlF6d3ZGa0lSWUlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi85Yzc3MDMtOGQxNC00YmMwLTg4YTkt
YjlhODZhYzNlOGJlLzEvWHRHa3FsX1FVQnMtcHRhZlF6d3ZGa0lSWUlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi85Yzc3MDMtOGQxNC00YmMwLTg4YTktYjlhODZhYzNlOGJl
LzEvWHRHa3FsX1FVQnMtcHRhZlF6d3ZGa0lSWUlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoxJdrrEN
H7DlwBsbzddtVctPyCxgJ7BhisM4XU8ImIcysn12oyx/AiRzxbhbp0xffIGzpl8t
zjwEz8SlaVamROHE1iRZwK/Xx/so6I7Vv+99fvMjVIkPyMrRxzJzNbuA0mfrmOfF
XjyED2oQ1sQSVu4j2FAA7/VY53pC0om7zxAHPKR04LD/YGokl6GMqnWNo4cANfpr
Kbvp4RsRthji43GQ1JrwQFyHodtTNKzqWJ1x362Jx1nMPGbmBtRQ99effmao7HTB
xOEpqRsA8IuG9ESjsEMu6mhOMSSc3FtiMB9cxxLUvw7SJ/JaUxajLw7cb8uezWh3
kKPMWvPkk5ZVvw==
-----END CERTIFICATE-----