Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.mft
File:                     9lb6GLEZw6Scu8xWpgRXQ5pEks4.mft (raw, json)
Hash identifier:          uM70nUkIWKx4hefb5AZnfPv/ORwRjVBmUr608l4sBMw=
Subject key identifier:   71:CD:EF:5F:44:AA:72:0C:03:0E:D7:EF:40:D9:6E:4C:26:AD:36:4B
Authority key identifier: F6:56:FA:18:B1:19:C3:A4:9C:BB:CC:56:A6:04:57:43:9A:44:92:CE
Certificate issuer:       /CN=f656fa18b119c3a49cbbcc56a60457439a4492ce
Certificate serial:       019A04110A582CB043C056FB4AF0EA194C07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9lb6GLEZw6Scu8xWpgRXQ5pEks4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.mft
Manifest number:          1672
Signing time:             Tue 21 Oct 2025 00:00:16 +0000
Manifest this update:     Tue 21 Oct 2025 00:00:16 +0000
Manifest next update:     Wed 22 Oct 2025 00:00:16 +0000
Files and hashes:         1: 9lb6GLEZw6Scu8xWpgRXQ5pEks4.crl (hash: TdhGzMTA3V8Ztcuk5E7CZ/7sfPd5dIbfokcn6f9agrs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9lb6GLEZw6Scu8xWpgRXQ5pEks4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 22 Oct 2025 00:00:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:04:11:0a:58:2c:b0:43:c0:56:fb:4a:f0:ea:19:4c:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f656fa18b119c3a49cbbcc56a60457439a4492ce
        Validity
            Not Before: Oct 21 00:00:16 2025 GMT
            Not After : Oct 22 00:00:16 2025 GMT
        Subject: CN=71cdef5f44aa720c030ed7ef40d96e4c26ad364b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:10:78:d2:07:a3:2d:2b:c3:8b:e0:f4:16:57:
                    aa:33:4e:dc:6f:5b:27:08:7f:b8:de:ac:30:c7:c8:
                    e7:82:53:d4:94:a8:3d:bc:f8:4a:ea:1e:f4:d8:8e:
                    1b:ac:06:34:4a:a7:56:72:fe:b5:73:a2:d9:a4:ea:
                    df:ae:7f:1e:c2:72:1e:ad:89:08:80:e4:62:a4:e6:
                    a0:a1:09:a5:e6:03:79:f9:27:94:c6:9d:6e:33:72:
                    6a:81:06:84:2b:df:60:62:e3:53:3d:e6:37:6c:33:
                    54:a9:da:5b:36:0c:7a:29:2f:ab:90:61:63:37:58:
                    34:34:24:71:d4:87:69:9b:4d:70:79:ab:53:a2:30:
                    0e:d4:fd:35:11:6b:32:e8:a4:ed:5d:73:8a:0e:e9:
                    62:d2:fd:3e:c3:dd:5e:b7:fa:d9:25:31:43:56:aa:
                    ee:8e:6d:c2:38:4a:7c:a8:3c:ab:93:44:e7:d0:c2:
                    0d:83:b5:b9:4d:ce:c7:f7:9d:43:8f:43:47:42:ef:
                    b2:ef:a6:6b:a2:a2:22:d0:c5:3d:3e:7f:b3:82:68:
                    40:c1:bb:b3:ca:dc:15:45:cd:d2:ab:b4:6c:e4:fb:
                    a7:90:58:7c:4b:33:37:b1:8e:1e:18:d5:c9:f2:34:
                    a8:a2:8a:d2:1d:e5:1c:2a:10:6b:02:b8:66:c2:fa:
                    13:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:CD:EF:5F:44:AA:72:0C:03:0E:D7:EF:40:D9:6E:4C:26:AD:36:4B
            X509v3 Authority Key Identifier:
                keyid:F6:56:FA:18:B1:19:C3:A4:9C:BB:CC:56:A6:04:57:43:9A:44:92:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9lb6GLEZw6Scu8xWpgRXQ5pEks4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:ee:3f:6a:16:10:9d:aa:22:b8:a2:e7:4e:49:49:d4:20:d6:
         2a:18:32:d5:4a:03:2e:4c:c4:72:d7:14:2b:05:a9:1d:bb:cb:
         02:8b:d1:0f:5d:fc:70:12:a5:d4:00:4d:75:28:42:70:5e:49:
         1a:b0:de:93:9a:18:62:64:d3:78:54:45:60:0c:aa:75:d4:79:
         aa:3d:af:b4:19:5a:53:cd:a2:23:fc:b7:65:3b:a2:15:85:b1:
         e4:7c:82:e7:a4:89:93:d5:98:40:24:8e:20:0f:4d:17:07:08:
         00:0f:ef:c0:7f:6e:39:61:8a:6b:53:19:4c:64:20:c1:d8:42:
         0f:68:e1:5a:89:be:ec:62:cc:16:62:04:2e:0f:22:4c:9f:da:
         10:c5:21:e7:00:47:45:97:0f:c4:c1:45:00:8f:7d:02:15:a2:
         62:e4:d7:ad:9f:36:a9:36:ef:22:ea:28:16:a7:7f:6c:78:bc:
         fc:65:a6:f0:6d:0a:40:b6:ec:0f:6c:b2:2c:55:04:bb:9f:37:
         1d:88:dc:de:db:b8:5c:58:b3:d2:e5:c1:84:d9:45:e2:bc:c2:
         79:af:c0:68:01:dd:3a:49:8d:a6:03:a4:b8:a5:ab:41:26:7e:
         4b:54:6f:ba:16:24:67:e6:8c:c6:7b:18:dc:36:36:e5:8a:f2:
         7f:28:a2:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoEEQpYLLBDwFb7SvDqGUwHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2NTZmYTE4YjExOWMzYTQ5Y2JiY2M1NmE2MDQ1NzQzOWE0
NDkyY2UwHhcNMjUxMDIxMDAwMDE2WhcNMjUxMDIyMDAwMDE2WjAzMTEwLwYDVQQD
Eyg3MWNkZWY1ZjQ0YWE3MjBjMDMwZWQ3ZWY0MGQ5NmU0YzI2YWQzNjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxRB40gejLSvDi+D0FleqM07cb1sn
CH+43qwwx8jnglPUlKg9vPhK6h702I4brAY0SqdWcv61c6LZpOrfrn8ewnIerYkI
gORipOagoQml5gN5+SeUxp1uM3JqgQaEK99gYuNTPeY3bDNUqdpbNgx6KS+rkGFj
N1g0NCRx1Idpm01weatTojAO1P01EWsy6KTtXXOKDuli0v0+w91et/rZJTFDVqru
jm3COEp8qDyrk0Tn0MINg7W5Tc7H951Dj0NHQu+y76ZroqIi0MU9Pn+zgmhAwbuz
ytwVRc3Sq7Rs5PunkFh8SzM3sY4eGNXJ8jSooorSHeUcKhBrArhmwvoT/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHHN719EqnIMAw7X70DZbkwmrTZLMB8GA1UdIwQY
MBaAFPZW+hixGcOknLvMVqYEV0OaRJLOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWxiNkdMRVp3NlNjdTh4V3BnUlhRNXBFa3M0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9mMmQzYTItYjE0YS00MTFhLTg2Mjkt
YzkyMGYxNjQ2YzljLzEvOWxiNkdMRVp3NlNjdTh4V3BnUlhRNXBFa3M0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9mMmQzYTItYjE0YS00MTFhLTg2MjktYzkyMGYxNjQ2Yzlj
LzEvOWxiNkdMRVp3NlNjdTh4V3BnUlhRNXBFa3M0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcO4/ahYQ
naoiuKLnTklJ1CDWKhgy1UoDLkzEctcUKwWpHbvLAovRD138cBKl1ABNdShCcF5J
GrDek5oYYmTTeFRFYAyqddR5qj2vtBlaU82iI/y3ZTuiFYWx5HyC56SJk9WYQCSO
IA9NFwcIAA/vwH9uOWGKa1MZTGQgwdhCD2jhWom+7GLMFmIELg8iTJ/aEMUh5wBH
RZcPxMFFAI99AhWiYuTXrZ82qTbvIuooFqd/bHi8/GWm8G0KQLbsD2yyLFUEu583
HYjc3tu4XFiz0uXBhNlF4rzCea/AaAHdOkmNpgOkuKWrQSZ+S1RvuhYkZ+aMxnsY
3DY25Yryfyiiew==
-----END CERTIFICATE-----