Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft
File:                     Afp6rPiShM693j1MEkYvxE3rw4Q.mft (raw, json)
Hash identifier:          mMYix0Wx8TKNrfYjAFr8wcR6ae3fe/5+gvDlQjZTQ74=
Subject key identifier:   79:EA:5D:53:09:C9:8A:CD:2F:51:CA:4F:4F:78:5C:C8:C2:4A:F5:D3
Authority key identifier: 01:FA:7A:AC:F8:92:84:CE:BD:DE:3D:4C:12:46:2F:C4:4D:EB:C3:84
Certificate issuer:       /CN=01fa7aacf89284cebdde3d4c12462fc44debc384
Certificate serial:       0199FCC652B9B6E1510860B3BD412D6D2CA4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Afp6rPiShM693j1MEkYvxE3rw4Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft
Manifest number:          0C7E
Signing time:             Sun 19 Oct 2025 14:01:19 +0000
Manifest this update:     Sun 19 Oct 2025 14:01:19 +0000
Manifest next update:     Mon 20 Oct 2025 14:01:19 +0000
Files and hashes:         1: Afp6rPiShM693j1MEkYvxE3rw4Q.crl (hash: 0+/iJ/wuOQOryREj7fIO6FBs8ILQIvT2qfug26LJSyE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Afp6rPiShM693j1MEkYvxE3rw4Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:c6:52:b9:b6:e1:51:08:60:b3:bd:41:2d:6d:2c:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01fa7aacf89284cebdde3d4c12462fc44debc384
        Validity
            Not Before: Oct 19 14:01:19 2025 GMT
            Not After : Oct 20 14:01:19 2025 GMT
        Subject: CN=79ea5d5309c98acd2f51ca4f4f785cc8c24af5d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:12:2b:1d:1d:75:4a:d5:6b:51:0c:df:80:9d:
                    51:be:77:35:fa:64:8a:56:aa:06:37:75:74:06:35:
                    60:6f:35:6d:2f:a8:5b:99:18:cd:b0:68:d6:49:25:
                    b6:6c:58:5a:5e:ed:b0:49:92:c1:e1:c6:6d:9a:7e:
                    7c:2b:41:16:b2:7d:b5:98:6a:b8:2b:ea:f1:54:eb:
                    76:45:cf:db:fb:f9:a4:68:52:92:0c:e3:0a:bc:44:
                    43:b1:45:ee:01:28:56:ae:34:8e:ed:df:e6:02:19:
                    a9:01:0d:60:70:c7:83:66:60:3b:82:c5:bf:69:13:
                    2d:ee:bc:19:4e:d6:84:ef:08:c2:72:cf:6d:fb:e1:
                    70:7e:56:d6:ab:8d:6e:7d:b0:19:fa:8d:e8:d8:d1:
                    47:c0:3e:35:14:9d:12:a1:5a:4f:51:23:75:f9:2e:
                    fe:84:c3:a5:9f:54:dd:89:5d:31:e1:a6:7f:6b:43:
                    21:b6:2d:27:42:8d:72:a1:bf:f1:3a:e6:9f:4b:73:
                    37:50:a8:f3:21:a4:59:ef:da:46:b9:df:38:ca:f6:
                    8f:01:7d:e4:f7:92:d4:71:3a:8e:09:80:63:22:d3:
                    64:0b:c5:0a:6b:f6:fa:e4:b2:04:5e:da:69:9c:04:
                    ef:b8:97:52:3a:da:e6:07:58:a4:57:a1:81:bc:9a:
                    9d:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:EA:5D:53:09:C9:8A:CD:2F:51:CA:4F:4F:78:5C:C8:C2:4A:F5:D3
            X509v3 Authority Key Identifier:
                keyid:01:FA:7A:AC:F8:92:84:CE:BD:DE:3D:4C:12:46:2F:C4:4D:EB:C3:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Afp6rPiShM693j1MEkYvxE3rw4Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:2a:93:62:e3:b9:fc:74:47:59:3b:cf:51:72:1e:b8:76:44:
         d8:a9:b3:48:b9:52:c7:f5:73:05:5e:c7:08:70:0c:80:cd:28:
         8f:d7:96:72:c4:4e:21:45:2b:0c:6d:eb:bf:10:06:bc:cd:b0:
         92:77:80:f6:a8:85:25:cb:3d:4a:ff:d2:fa:5a:e7:20:c0:a5:
         dd:17:b4:9e:21:2d:21:c0:dd:14:89:e5:44:14:35:d1:e8:8f:
         fd:1a:44:4b:8d:26:c0:bc:76:37:88:a5:40:96:72:9c:9e:74:
         a9:98:df:5f:30:0f:b4:fe:4d:dd:88:35:66:a3:dc:07:ab:a1:
         dd:2f:4e:60:3a:ad:ac:4d:e6:b5:c6:c5:39:60:54:7e:e2:3c:
         95:d4:fd:40:46:ef:cc:91:11:67:ca:2b:86:80:69:eb:c9:93:
         ec:ec:68:44:bb:0e:39:6e:f6:a2:50:1d:74:30:64:c7:2e:9e:
         3a:06:2e:17:9b:52:bc:98:a6:8e:60:1e:10:18:6a:90:ba:f2:
         a0:58:a8:8e:32:8f:2c:cd:e5:66:f7:40:19:58:c2:da:34:70:
         40:14:86:c7:81:9a:19:20:c2:ac:a0:da:5f:e1:95:fa:c1:3a:
         6b:00:40:e0:8a:59:fc:79:9b:f2:19:78:db:ee:6f:a6:2b:7a:
         8f:0c:db:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8xlK5tuFRCGCzvUEtbSykMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZmE3YWFjZjg5Mjg0Y2ViZGRlM2Q0YzEyNDYyZmM0NGRl
YmMzODQwHhcNMjUxMDE5MTQwMTE5WhcNMjUxMDIwMTQwMTE5WjAzMTEwLwYDVQQD
Eyg3OWVhNWQ1MzA5Yzk4YWNkMmY1MWNhNGY0Zjc4NWNjOGMyNGFmNWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxIrHR11StVrUQzfgJ1Rvnc1+mSK
VqoGN3V0BjVgbzVtL6hbmRjNsGjWSSW2bFhaXu2wSZLB4cZtmn58K0EWsn21mGq4
K+rxVOt2Rc/b+/mkaFKSDOMKvERDsUXuAShWrjSO7d/mAhmpAQ1gcMeDZmA7gsW/
aRMt7rwZTtaE7wjCcs9t++FwflbWq41ufbAZ+o3o2NFHwD41FJ0SoVpPUSN1+S7+
hMOln1TdiV0x4aZ/a0Mhti0nQo1yob/xOuafS3M3UKjzIaRZ79pGud84yvaPAX3k
95LUcTqOCYBjItNkC8UKa/b65LIEXtppnATvuJdSOtrmB1ikV6GBvJqdrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHnqXVMJyYrNL1HKT094XMjCSvXTMB8GA1UdIwQY
MBaAFAH6eqz4koTOvd49TBJGL8RN68OEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWZwNnJQaVNoTTY5M2oxTUVrWXZ4RTNydzRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy82NDVlMWEtZWY3Mi00OTIyLWFhOWEt
N2JlNDNlZGRmMmNhLzEvQWZwNnJQaVNoTTY5M2oxTUVrWXZ4RTNydzRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy82NDVlMWEtZWY3Mi00OTIyLWFhOWEtN2JlNDNlZGRmMmNh
LzEvQWZwNnJQaVNoTTY5M2oxTUVrWXZ4RTNydzRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARyqTYuO5
/HRHWTvPUXIeuHZE2KmzSLlSx/VzBV7HCHAMgM0oj9eWcsROIUUrDG3rvxAGvM2w
kneA9qiFJcs9Sv/S+lrnIMCl3Re0niEtIcDdFInlRBQ10eiP/RpES40mwLx2N4il
QJZynJ50qZjfXzAPtP5N3Yg1ZqPcB6uh3S9OYDqtrE3mtcbFOWBUfuI8ldT9QEbv
zJERZ8orhoBp68mT7OxoRLsOOW72olAddDBkxy6eOgYuF5tSvJimjmAeEBhqkLry
oFiojjKPLM3lZvdAGVjC2jRwQBSGx4GaGSDCrKDaX+GV+sE6awBA4IpZ/Hmb8hl4
2+5vpit6jwzb4w==
-----END CERTIFICATE-----