Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/d67087-765b-46eb-808c-677bab613aff/1/3-ytVuquEjX6eI5OrTkiwpbig6U.mft
File:                     3-ytVuquEjX6eI5OrTkiwpbig6U.mft (raw, json)
Hash identifier:          Y+g8z8UV6osd/ulT2tmJxuSuyv8IhTOk3ApStQ2dwzE=
Subject key identifier:   A7:D9:BA:C3:1B:A7:84:6B:AC:3C:51:D7:B7:0F:6C:92:97:C2:10:CB
Authority key identifier: DF:EC:AD:56:EA:AE:12:35:FA:78:8E:4E:AD:39:22:C2:96:E2:83:A5
Certificate issuer:       /CN=dfecad56eaae1235fa788e4ead3922c296e283a5
Certificate serial:       0199FE10502E916F1CBE2CABCB61F425D629
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3-ytVuquEjX6eI5OrTkiwpbig6U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/d67087-765b-46eb-808c-677bab613aff/1/3-ytVuquEjX6eI5OrTkiwpbig6U.mft
Manifest number:          021C
Signing time:             Sun 19 Oct 2025 20:01:45 +0000
Manifest this update:     Sun 19 Oct 2025 20:01:45 +0000
Manifest next update:     Mon 20 Oct 2025 20:01:45 +0000
Files and hashes:         1: 3-ytVuquEjX6eI5OrTkiwpbig6U.crl (hash: BhvkG4+PdPq1MPwa0kGYc5OY9aNqSuZCXMZocoafpac=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/d67087-765b-46eb-808c-677bab613aff/1/3-ytVuquEjX6eI5OrTkiwpbig6U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/d67087-765b-46eb-808c-677bab613aff/1/3-ytVuquEjX6eI5OrTkiwpbig6U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3-ytVuquEjX6eI5OrTkiwpbig6U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 20:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:10:50:2e:91:6f:1c:be:2c:ab:cb:61:f4:25:d6:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dfecad56eaae1235fa788e4ead3922c296e283a5
        Validity
            Not Before: Oct 19 20:01:45 2025 GMT
            Not After : Oct 20 20:01:45 2025 GMT
        Subject: CN=a7d9bac31ba7846bac3c51d7b70f6c9297c210cb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:33:a1:ca:19:a7:67:2d:e4:85:24:41:be:60:
                    60:c8:e5:25:95:27:1a:fe:07:09:ce:7c:8c:35:7c:
                    62:2a:e1:be:b6:cc:c7:64:a1:f3:5f:10:58:ce:03:
                    e1:cd:da:c8:37:81:5f:d9:93:fb:a9:02:0a:f9:26:
                    4e:2f:62:db:f5:94:7a:71:32:51:da:43:79:cd:53:
                    1e:90:a2:9e:b4:f6:f8:b0:5c:81:59:56:8e:d0:83:
                    7c:c2:47:f9:47:03:91:9d:ad:fd:00:dc:20:81:e6:
                    09:35:9d:30:eb:eb:43:be:c2:ae:aa:a7:cd:88:6d:
                    35:2a:f4:8f:6b:f3:b5:4a:f6:e4:ad:c5:27:e6:de:
                    bf:7d:2f:58:a4:65:c2:96:8c:f7:23:27:33:e4:9b:
                    51:07:d2:9b:2d:4e:38:30:10:56:d4:1d:fe:1a:73:
                    39:5f:f2:e8:fa:eb:5e:80:e7:f8:f0:0c:bf:a9:2a:
                    45:6e:a5:c4:10:b5:ad:db:dc:1a:2c:e2:4b:19:8a:
                    ac:d2:36:be:a2:86:94:77:25:be:45:39:7b:ea:d4:
                    38:c0:46:ca:b2:87:dd:58:fe:9c:b0:c4:a5:0e:db:
                    88:e9:1c:4f:52:69:ef:6d:c7:57:7c:76:1d:20:32:
                    73:8b:61:a6:2c:dc:86:ea:15:fb:22:2b:2f:ae:4b:
                    dc:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:D9:BA:C3:1B:A7:84:6B:AC:3C:51:D7:B7:0F:6C:92:97:C2:10:CB
            X509v3 Authority Key Identifier:
                keyid:DF:EC:AD:56:EA:AE:12:35:FA:78:8E:4E:AD:39:22:C2:96:E2:83:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3-ytVuquEjX6eI5OrTkiwpbig6U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/d67087-765b-46eb-808c-677bab613aff/1/3-ytVuquEjX6eI5OrTkiwpbig6U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/d67087-765b-46eb-808c-677bab613aff/1/3-ytVuquEjX6eI5OrTkiwpbig6U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:c7:eb:5a:00:5a:f0:c6:ae:68:5c:fe:8b:27:36:8d:88:c9:
         4f:8f:55:1e:94:3d:8f:d8:f6:bd:f9:16:2d:96:23:ed:c8:66:
         37:ad:0a:bb:ea:98:0a:32:3f:68:4e:d2:01:9e:68:78:3f:d4:
         df:16:ac:81:a5:d4:07:a1:70:ec:98:b9:67:11:bc:74:9a:67:
         65:a6:83:40:d7:1b:0d:1b:97:69:1e:6b:08:89:b6:9a:67:e5:
         a9:3d:51:87:d8:b7:fa:ba:79:39:72:db:5b:9c:c7:2d:52:fb:
         bd:0b:8b:dc:93:31:e9:11:4f:ba:c2:bf:d4:88:57:7d:a2:e6:
         a7:07:dd:d3:eb:c0:e6:c3:3a:e7:eb:55:4e:74:2b:17:88:b8:
         87:cc:9a:a6:75:16:c7:7c:bf:90:17:dd:97:f8:86:1c:22:98:
         1c:50:e8:9b:15:f8:bc:1e:98:12:86:c7:20:69:1c:a7:b9:70:
         a4:35:3a:8b:a0:a4:8d:0c:7a:cd:67:a6:41:ea:28:6e:f5:ca:
         4d:86:ce:04:14:1c:fa:bd:3e:3b:bd:0b:f6:df:74:05:35:dd:
         d8:b7:b2:42:f5:79:04:0b:e5:fd:fd:26:01:aa:3a:55:25:fe:
         04:b5:62:3f:e5:eb:a0:d5:cb:5c:10:e2:5f:64:49:fc:67:b6:
         7b:17:54:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+EFAukW8cviyry2H0JdYpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZWNhZDU2ZWFhZTEyMzVmYTc4OGU0ZWFkMzkyMmMyOTZl
MjgzYTUwHhcNMjUxMDE5MjAwMTQ1WhcNMjUxMDIwMjAwMTQ1WjAzMTEwLwYDVQQD
EyhhN2Q5YmFjMzFiYTc4NDZiYWMzYzUxZDdiNzBmNmM5Mjk3YzIxMGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTOhyhmnZy3khSRBvmBgyOUllSca
/gcJznyMNXxiKuG+tszHZKHzXxBYzgPhzdrIN4Ff2ZP7qQIK+SZOL2Lb9ZR6cTJR
2kN5zVMekKKetPb4sFyBWVaO0IN8wkf5RwORna39ANwggeYJNZ0w6+tDvsKuqqfN
iG01KvSPa/O1SvbkrcUn5t6/fS9YpGXCloz3Iycz5JtRB9KbLU44MBBW1B3+GnM5
X/Lo+utegOf48Ay/qSpFbqXEELWt29waLOJLGYqs0ja+ooaUdyW+RTl76tQ4wEbK
sofdWP6csMSlDtuI6RxPUmnvbcdXfHYdIDJzi2GmLNyG6hX7IisvrkvcAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKfZusMbp4RrrDxR17cPbJKXwhDLMB8GA1UdIwQY
MBaAFN/srVbqrhI1+niOTq05IsKW4oOlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMy15dFZ1cXVFalg2ZUk1T3JUa2l3cGJpZzZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9kNjcwODctNzY1Yi00NmViLTgwOGMt
Njc3YmFiNjEzYWZmLzEvMy15dFZ1cXVFalg2ZUk1T3JUa2l3cGJpZzZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9kNjcwODctNzY1Yi00NmViLTgwOGMtNjc3YmFiNjEzYWZm
LzEvMy15dFZ1cXVFalg2ZUk1T3JUa2l3cGJpZzZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK8frWgBa
8MauaFz+iyc2jYjJT49VHpQ9j9j2vfkWLZYj7chmN60Ku+qYCjI/aE7SAZ5oeD/U
3xasgaXUB6Fw7Ji5ZxG8dJpnZaaDQNcbDRuXaR5rCIm2mmflqT1Rh9i3+rp5OXLb
W5zHLVL7vQuL3JMx6RFPusK/1IhXfaLmpwfd0+vA5sM65+tVTnQrF4i4h8yapnUW
x3y/kBfdl/iGHCKYHFDomxX4vB6YEobHIGkcp7lwpDU6i6CkjQx6zWemQeoobvXK
TYbOBBQc+r0+O70L9t90BTXd2LeyQvV5BAvl/f0mAao6VSX+BLViP+XroNXLXBDi
X2RJ/Ge2exdUaA==
-----END CERTIFICATE-----