Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.mft
File:                     hCIIK4U0vXrmP6gAimhbZfTNJZM.mft (raw, json)
Hash identifier:          j7De8hYmKnZxJXl501PAZtxebcoW46xYBQgib8teT1E=
Subject key identifier:   85:6C:E6:D2:7E:4B:98:FD:55:0D:56:4F:FF:18:39:BA:38:E7:84:43
Authority key identifier: 84:22:08:2B:85:34:BD:7A:E6:3F:A8:00:8A:68:5B:65:F4:CD:25:93
Certificate issuer:       /CN=8422082b8534bd7ae63fa8008a685b65f4cd2593
Certificate serial:       0199FCC68654683ACD8A9EFC08BAFAAACC9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hCIIK4U0vXrmP6gAimhbZfTNJZM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.mft
Manifest number:          04EE
Signing time:             Sun 19 Oct 2025 14:01:32 +0000
Manifest this update:     Sun 19 Oct 2025 14:01:32 +0000
Manifest next update:     Mon 20 Oct 2025 14:01:32 +0000
Files and hashes:         1: hCIIK4U0vXrmP6gAimhbZfTNJZM.crl (hash: 7AchiYYa31mo5G+8fC8907mEBrl6TXwQzwDV6ZOAOKs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hCIIK4U0vXrmP6gAimhbZfTNJZM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:c6:86:54:68:3a:cd:8a:9e:fc:08:ba:fa:aa:cc:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8422082b8534bd7ae63fa8008a685b65f4cd2593
        Validity
            Not Before: Oct 19 14:01:32 2025 GMT
            Not After : Oct 20 14:01:32 2025 GMT
        Subject: CN=856ce6d27e4b98fd550d564fff1839ba38e78443
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:d7:75:12:d1:fd:07:76:88:d9:86:eb:2f:55:
                    26:42:29:d4:64:bd:23:a4:d0:7f:69:17:58:b3:82:
                    48:8a:db:77:07:74:ba:85:48:2d:b0:bb:43:dc:89:
                    8d:a9:19:06:22:bf:2f:82:dc:c5:8d:95:64:d9:b5:
                    89:1f:b0:5a:dd:f7:12:9e:4b:cf:79:eb:d5:f7:82:
                    4b:5a:61:4e:70:06:7f:f3:b0:0a:7c:6e:71:fb:23:
                    23:71:4e:a0:f7:76:21:2e:38:3b:c8:34:2e:da:ea:
                    b2:b4:db:5e:62:19:1e:97:2c:f0:88:98:09:c4:6e:
                    2d:72:e5:de:b1:d0:6d:31:5c:42:4b:3d:a3:dd:3d:
                    a9:64:4c:c1:cc:d2:c2:58:2a:49:a4:e8:75:dd:5b:
                    bc:ba:f8:8e:70:08:9e:33:76:9a:bc:79:c4:0b:f4:
                    45:96:5b:67:7e:c7:11:d4:b3:64:55:8c:0c:88:85:
                    8c:bf:a3:c5:32:55:2d:2d:74:81:a5:8a:9c:28:ff:
                    4b:86:33:72:c5:0e:e8:04:8b:cd:8d:db:00:12:93:
                    f9:90:7b:43:56:64:c2:69:fc:53:78:29:88:e0:b2:
                    be:e7:8e:6e:64:65:45:2b:bd:88:15:f0:fb:6b:68:
                    b5:8d:47:a7:92:43:3f:da:1c:4c:2b:b4:8c:32:3c:
                    de:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:6C:E6:D2:7E:4B:98:FD:55:0D:56:4F:FF:18:39:BA:38:E7:84:43
            X509v3 Authority Key Identifier:
                keyid:84:22:08:2B:85:34:BD:7A:E6:3F:A8:00:8A:68:5B:65:F4:CD:25:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hCIIK4U0vXrmP6gAimhbZfTNJZM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:5f:33:78:d8:3b:b2:11:fc:29:ec:f7:1f:3f:ae:66:10:ca:
         01:37:56:39:4a:0a:60:8d:42:a8:84:df:60:27:56:2b:ee:2c:
         2a:25:fe:67:90:3e:03:fc:3d:40:b0:58:a0:5e:9e:1d:bf:d9:
         06:de:c5:0d:ec:95:9c:ad:51:af:ef:45:fd:29:13:17:cb:9d:
         db:e6:06:49:d7:4d:a4:6d:b8:da:8c:26:3f:4b:d1:50:6c:7f:
         5e:41:1f:19:1a:81:e5:ea:3b:a5:dc:de:fc:8e:19:db:5a:b6:
         37:08:31:8d:40:d6:e7:38:59:a2:b3:dc:e7:e2:e8:44:e2:8c:
         38:ce:0e:cb:54:2d:0d:d4:42:16:35:b4:f2:69:70:3a:07:3c:
         67:19:e2:06:91:e2:6d:66:29:78:65:cf:79:9b:82:b3:aa:3a:
         a3:49:06:61:d8:23:19:96:80:01:48:64:e5:f6:ec:0b:ce:f0:
         d2:08:53:e5:68:77:40:0a:eb:4f:b3:8a:73:2c:00:74:19:f5:
         29:de:14:e2:3c:9e:ed:37:aa:b4:ab:83:6d:53:4c:af:da:ef:
         16:e9:49:1a:1c:e5:8f:72:26:53:96:d4:46:09:e7:65:9c:59:
         aa:80:be:22:8b:6f:57:51:78:bc:c0:be:1d:0c:e8:20:d9:9e:
         58:12:b9:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8xoZUaDrNip78CLr6qsycMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0MjIwODJiODUzNGJkN2FlNjNmYTgwMDhhNjg1YjY1ZjRj
ZDI1OTMwHhcNMjUxMDE5MTQwMTMyWhcNMjUxMDIwMTQwMTMyWjAzMTEwLwYDVQQD
Eyg4NTZjZTZkMjdlNGI5OGZkNTUwZDU2NGZmZjE4MzliYTM4ZTc4NDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyNd1EtH9B3aI2YbrL1UmQinUZL0j
pNB/aRdYs4JIitt3B3S6hUgtsLtD3ImNqRkGIr8vgtzFjZVk2bWJH7Ba3fcSnkvP
eevV94JLWmFOcAZ/87AKfG5x+yMjcU6g93YhLjg7yDQu2uqytNteYhkelyzwiJgJ
xG4tcuXesdBtMVxCSz2j3T2pZEzBzNLCWCpJpOh13Vu8uviOcAieM3aavHnEC/RF
lltnfscR1LNkVYwMiIWMv6PFMlUtLXSBpYqcKP9LhjNyxQ7oBIvNjdsAEpP5kHtD
VmTCafxTeCmI4LK+545uZGVFK72IFfD7a2i1jUenkkM/2hxMK7SMMjzedQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIVs5tJ+S5j9VQ1WT/8YObo454RDMB8GA1UdIwQY
MBaAFIQiCCuFNL165j+oAIpoW2X0zSWTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaENJSUs0VTB2WHJtUDZnQWltaGJaZlROSlpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS8wOTRkYjMtZTM4OS00NDYxLWI1MGUt
NTgxNjlmYmVjZGZhLzEvaENJSUs0VTB2WHJtUDZnQWltaGJaZlROSlpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS8wOTRkYjMtZTM4OS00NDYxLWI1MGUtNTgxNjlmYmVjZGZh
LzEvaENJSUs0VTB2WHJtUDZnQWltaGJaZlROSlpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT18zeNg7
shH8Kez3Hz+uZhDKATdWOUoKYI1CqITfYCdWK+4sKiX+Z5A+A/w9QLBYoF6eHb/Z
Bt7FDeyVnK1Rr+9F/SkTF8ud2+YGSddNpG242owmP0vRUGx/XkEfGRqB5eo7pdze
/I4Z21q2NwgxjUDW5zhZorPc5+LoROKMOM4Oy1QtDdRCFjW08mlwOgc8ZxniBpHi
bWYpeGXPeZuCs6o6o0kGYdgjGZaAAUhk5fbsC87w0ghT5Wh3QArrT7OKcywAdBn1
Kd4U4jye7TeqtKuDbVNMr9rvFulJGhzlj3ImU5bURgnnZZxZqoC+IotvV1F4vMC+
HQzoINmeWBK5aw==
-----END CERTIFICATE-----