Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft
File:                     2GkQtETemfqBw5NVDJfkoyC86BI.mft (raw, json)
Hash identifier:          z14yeSaNIPi4rB8nd0RG1y8R4sqK/qwPzyRF0OZILkQ=
Subject key identifier:   E1:5A:3E:45:45:BB:1D:3B:39:13:11:E4:84:2A:4B:0E:FF:ED:34:A8
Authority key identifier: D8:69:10:B4:44:DE:99:FA:81:C3:93:55:0C:97:E4:A3:20:BC:E8:12
Certificate issuer:       /CN=d86910b444de99fa81c393550c97e4a320bce812
Certificate serial:       0199FC21A489C20BA2C77F7A245EFA053360
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2GkQtETemfqBw5NVDJfkoyC86BI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft
Manifest number:          0DEA
Signing time:             Sun 19 Oct 2025 11:01:27 +0000
Manifest this update:     Sun 19 Oct 2025 11:01:27 +0000
Manifest next update:     Mon 20 Oct 2025 11:01:27 +0000
Files and hashes:         1: 2GkQtETemfqBw5NVDJfkoyC86BI.crl (hash: C0ZSph+Xy5Rc++2KLM8C2UvrFRzZp7mMizs0UA5fa6I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2GkQtETemfqBw5NVDJfkoyC86BI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:01:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:21:a4:89:c2:0b:a2:c7:7f:7a:24:5e:fa:05:33:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d86910b444de99fa81c393550c97e4a320bce812
        Validity
            Not Before: Oct 19 11:01:27 2025 GMT
            Not After : Oct 20 11:01:27 2025 GMT
        Subject: CN=e15a3e4545bb1d3b391311e4842a4b0effed34a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:8b:45:20:a6:8f:9a:38:3d:63:1b:b5:ce:9c:
                    0b:ff:45:a3:05:a2:ac:23:44:3a:70:9a:36:2a:3b:
                    bc:12:0f:7c:57:c6:ec:6e:eb:00:47:02:4c:02:fa:
                    a5:20:b2:e3:09:55:f8:33:4f:b2:79:c0:09:86:fb:
                    3b:4d:59:22:c2:25:90:76:7c:4e:8a:e4:34:12:30:
                    cb:12:7b:1f:c2:fb:cb:88:5a:32:df:b7:c6:c4:c3:
                    52:40:19:02:d7:36:07:bf:4e:8d:0c:43:74:b9:7f:
                    30:c7:98:af:bb:dc:aa:77:fa:cf:1a:c0:b6:fa:f3:
                    3e:93:75:9c:c7:6f:b4:09:83:c0:81:aa:5b:20:6e:
                    59:15:fe:35:26:7f:7a:07:15:ad:37:1c:67:de:0b:
                    04:f4:01:30:2e:17:bc:dd:97:00:fe:5e:f2:b2:f5:
                    94:d0:67:5c:de:f5:07:b1:ee:5c:74:4c:4f:fd:25:
                    15:f6:6d:df:c4:ef:7b:3a:ec:e5:33:58:0c:27:8c:
                    06:5c:10:1a:fa:54:60:96:66:43:7b:8d:f0:42:8b:
                    3a:33:52:b9:cb:06:c6:cb:54:03:27:2f:01:f9:0a:
                    09:47:4b:9b:b4:4a:22:49:ac:8c:5d:ed:7b:32:d6:
                    7a:c6:be:9b:18:7b:b8:c2:74:f7:5e:64:28:a7:e9:
                    18:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:5A:3E:45:45:BB:1D:3B:39:13:11:E4:84:2A:4B:0E:FF:ED:34:A8
            X509v3 Authority Key Identifier:
                keyid:D8:69:10:B4:44:DE:99:FA:81:C3:93:55:0C:97:E4:A3:20:BC:E8:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2GkQtETemfqBw5NVDJfkoyC86BI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:31:9f:17:a6:f2:b6:ec:c5:4e:ac:d6:f4:cb:cf:6e:21:d5:
         57:57:bc:cb:3a:c5:ef:8b:34:e0:bc:fd:17:c6:02:5f:42:c6:
         5e:42:c3:91:f1:d3:78:7c:0b:d9:b5:b5:a5:fd:b3:f4:fe:af:
         98:70:68:90:b6:32:c7:1b:28:9b:e0:63:c1:21:57:b0:c8:dd:
         ec:b2:61:31:d8:8b:1e:0a:1d:37:c3:6f:6e:51:47:14:bc:92:
         83:74:95:d0:8a:c7:24:5a:dd:3d:31:f9:6b:b7:62:7a:a4:84:
         ea:c7:69:23:5e:bd:3a:26:8f:1e:ec:90:cb:db:d0:13:55:af:
         29:45:64:37:4c:d7:d2:32:b8:f5:22:80:21:e2:22:a7:ae:d7:
         d5:b6:5c:d5:40:b3:2b:0b:a6:17:53:67:be:f7:59:b1:31:5b:
         23:3a:d6:25:6d:57:a8:5a:a8:0b:c9:57:60:44:0d:5f:12:4b:
         be:39:5b:cd:97:ce:4b:25:c6:17:6e:26:2c:27:54:e8:33:66:
         13:e4:9b:f7:35:5f:45:95:8d:82:f4:6d:aa:28:88:37:bc:c8:
         07:40:63:6a:21:5f:7c:74:8e:79:cb:5d:87:c9:59:6d:f6:5b:
         df:60:ac:53:79:cd:e8:5b:db:54:56:7e:fa:82:2b:d3:95:80:
         2b:f0:e0:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8IaSJwguix396JF76BTNgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NjkxMGI0NDRkZTk5ZmE4MWMzOTM1NTBjOTdlNGEzMjBi
Y2U4MTIwHhcNMjUxMDE5MTEwMTI3WhcNMjUxMDIwMTEwMTI3WjAzMTEwLwYDVQQD
EyhlMTVhM2U0NTQ1YmIxZDNiMzkxMzExZTQ4NDJhNGIwZWZmZWQzNGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqotFIKaPmjg9Yxu1zpwL/0WjBaKs
I0Q6cJo2Kju8Eg98V8bsbusARwJMAvqlILLjCVX4M0+yecAJhvs7TVkiwiWQdnxO
iuQ0EjDLEnsfwvvLiFoy37fGxMNSQBkC1zYHv06NDEN0uX8wx5ivu9yqd/rPGsC2
+vM+k3Wcx2+0CYPAgapbIG5ZFf41Jn96BxWtNxxn3gsE9AEwLhe83ZcA/l7ysvWU
0Gdc3vUHse5cdExP/SUV9m3fxO97OuzlM1gMJ4wGXBAa+lRglmZDe43wQos6M1K5
ywbGy1QDJy8B+QoJR0ubtEoiSayMXe17MtZ6xr6bGHu4wnT3XmQop+kY1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOFaPkVFux07ORMR5IQqSw7/7TSoMB8GA1UdIwQY
MBaAFNhpELRE3pn6gcOTVQyX5KMgvOgSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkdrUXRFVGVtZnFCdzVOVkRKZmtveUM4NkJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy80ZjI1NjMtMmU4Mi00NzhlLThmNjAt
ODY5MzFiZmUzZWVhLzEvMkdrUXRFVGVtZnFCdzVOVkRKZmtveUM4NkJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy80ZjI1NjMtMmU4Mi00NzhlLThmNjAtODY5MzFiZmUzZWVh
LzEvMkdrUXRFVGVtZnFCdzVOVkRKZmtveUM4NkJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKDGfF6by
tuzFTqzW9MvPbiHVV1e8yzrF74s04Lz9F8YCX0LGXkLDkfHTeHwL2bW1pf2z9P6v
mHBokLYyxxsom+BjwSFXsMjd7LJhMdiLHgodN8NvblFHFLySg3SV0IrHJFrdPTH5
a7dieqSE6sdpI169OiaPHuyQy9vQE1WvKUVkN0zX0jK49SKAIeIip67X1bZc1UCz
KwumF1NnvvdZsTFbIzrWJW1XqFqoC8lXYEQNXxJLvjlbzZfOSyXGF24mLCdU6DNm
E+Sb9zVfRZWNgvRtqiiIN7zIB0BjaiFffHSOectdh8lZbfZb32CsU3nN6FvbVFZ+
+oIr05WAK/DgIQ==
-----END CERTIFICATE-----