Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/ba365b-694b-4fba-8653-de36bf20ba4f/1/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.mft
File:                     Mf1AF0HmaekgsDxsdqo6eHFAP1Q.mft (raw, json)
Hash identifier:          z/Gb1M7iafMooO5y0uWb6H+lzOIXqV+RBvbRXonOzLQ=
Subject key identifier:   92:55:A7:D0:15:A2:91:4E:B0:1C:34:C6:65:45:C6:D7:FD:40:DD:0B
Authority key identifier: 31:FD:40:17:41:E6:69:E9:20:B0:3C:6C:76:AA:3A:78:71:40:3F:54
Certificate issuer:       /CN=31fd401741e669e920b03c6c76aa3a7871403f54
Certificate serial:       019A71B8226D39B454F2925E91C303EA1FAF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/ba365b-694b-4fba-8653-de36bf20ba4f/1/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.mft
Manifest number:          0586
Signing time:             Tue 11 Nov 2025 07:01:24 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:24 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:24 +0000
Files and hashes:         1: Mf1AF0HmaekgsDxsdqo6eHFAP1Q.crl (hash: abueO+NWleGsF1MnBTsok0/MP95eo2luGxWGgxHKHu4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/00/ba365b-694b-4fba-8653-de36bf20ba4f/1/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/00/ba365b-694b-4fba-8653-de36bf20ba4f/1/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:22:6d:39:b4:54:f2:92:5e:91:c3:03:ea:1f:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=31fd401741e669e920b03c6c76aa3a7871403f54
        Validity
            Not Before: Nov 11 07:01:24 2025 GMT
            Not After : Nov 12 07:01:24 2025 GMT
        Subject: CN=9255a7d015a2914eb01c34c66545c6d7fd40dd0b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:84:af:c9:fd:f4:1b:55:32:6e:63:77:26:4e:
                    35:b4:d7:c5:2a:35:e5:c3:2e:b2:f2:ef:a4:67:14:
                    f3:b7:45:98:59:1e:c2:f4:06:45:07:7e:cb:2b:b2:
                    33:51:0e:6e:17:8a:c4:98:89:cb:a9:a4:75:8f:46:
                    8c:56:4d:64:39:60:0f:af:38:56:ed:b2:7c:9e:77:
                    b8:21:df:1e:47:40:1b:de:8f:e2:0b:72:99:5f:77:
                    d4:b8:08:82:c5:7e:04:b5:2d:9b:8e:85:d7:75:00:
                    ef:20:fc:15:18:fa:cd:f3:a6:1c:4f:a9:6a:3a:74:
                    10:5e:d4:bd:57:5c:8a:c7:a6:b9:00:6c:a8:ce:ea:
                    0f:4d:b9:ea:d3:2c:dc:bb:1a:56:06:22:e4:ba:3f:
                    2e:c7:e2:2f:4a:44:49:4e:a7:6a:8c:a8:b5:46:83:
                    3d:cc:5f:91:2a:af:53:53:a7:7d:f0:6c:b2:21:e4:
                    53:b2:e2:47:f3:79:d7:f0:86:5d:4d:2d:09:ee:b5:
                    85:41:7b:63:16:06:6e:51:48:30:04:5a:f8:e0:a5:
                    92:00:8c:f8:1f:17:f1:dd:77:fe:e7:50:99:cc:5b:
                    84:d7:63:06:e9:86:54:84:b3:1e:92:e2:6b:b2:45:
                    18:8f:fc:c5:43:4c:c6:26:42:ef:28:4a:67:d2:cd:
                    4c:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:55:A7:D0:15:A2:91:4E:B0:1C:34:C6:65:45:C6:D7:FD:40:DD:0B
            X509v3 Authority Key Identifier:
                keyid:31:FD:40:17:41:E6:69:E9:20:B0:3C:6C:76:AA:3A:78:71:40:3F:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/ba365b-694b-4fba-8653-de36bf20ba4f/1/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/ba365b-694b-4fba-8653-de36bf20ba4f/1/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:99:c8:56:f0:81:0f:dd:75:d0:c4:fe:18:63:4b:03:fd:8d:
         44:b3:78:58:03:23:4f:9f:96:68:ac:ca:4b:f7:0d:bb:6b:05:
         28:ca:30:86:9a:d0:3c:66:62:6c:20:85:c5:ac:b0:ff:9a:41:
         40:ff:de:1c:f8:de:46:b9:95:8e:16:29:76:19:4b:2d:e9:94:
         ba:fe:b0:1d:0d:0f:5b:b5:60:24:f9:77:52:de:43:a6:17:81:
         5b:df:ad:dd:e9:9a:96:92:9f:43:f1:ef:c9:d2:fa:de:07:84:
         6c:f9:e4:67:a8:c8:f5:9b:16:c7:b6:bc:37:a1:35:02:18:dc:
         d3:73:ad:e8:eb:da:8f:9b:b3:92:d2:3b:86:48:47:22:d9:07:
         39:29:91:f2:a5:2a:8f:50:48:ae:30:79:45:fd:dc:07:68:0d:
         81:48:2e:ea:ce:84:39:0d:b0:8b:b7:e9:8a:d6:a8:34:f6:1c:
         fb:0e:1d:e6:ff:37:13:96:73:3d:b5:ad:6a:a9:0d:f4:5a:c6:
         9d:ef:aa:03:ad:ec:c1:a6:15:87:cf:fe:6a:66:9b:9a:2f:7e:
         0b:2d:6c:24:26:50:0a:41:52:a1:c1:a0:5a:f8:f7:11:b0:df:
         0c:d8:cf:75:bb:2d:3f:31:4a:52:e7:67:08:a7:97:82:a4:4f:
         d2:84:67:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuCJtObRU8pJekcMD6h+vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxZmQ0MDE3NDFlNjY5ZTkyMGIwM2M2Yzc2YWEzYTc4NzE0
MDNmNTQwHhcNMjUxMTExMDcwMTI0WhcNMjUxMTEyMDcwMTI0WjAzMTEwLwYDVQQD
Eyg5MjU1YTdkMDE1YTI5MTRlYjAxYzM0YzY2NTQ1YzZkN2ZkNDBkZDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoSvyf30G1UybmN3Jk41tNfFKjXl
wy6y8u+kZxTzt0WYWR7C9AZFB37LK7IzUQ5uF4rEmInLqaR1j0aMVk1kOWAPrzhW
7bJ8nne4Id8eR0Ab3o/iC3KZX3fUuAiCxX4EtS2bjoXXdQDvIPwVGPrN86YcT6lq
OnQQXtS9V1yKx6a5AGyozuoPTbnq0yzcuxpWBiLkuj8ux+IvSkRJTqdqjKi1RoM9
zF+RKq9TU6d98GyyIeRTsuJH83nX8IZdTS0J7rWFQXtjFgZuUUgwBFr44KWSAIz4
Hxfx3Xf+51CZzFuE12MG6YZUhLMekuJrskUYj/zFQ0zGJkLvKEpn0s1MYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJJVp9AVopFOsBw0xmVFxtf9QN0LMB8GA1UdIwQY
MBaAFDH9QBdB5mnpILA8bHaqOnhxQD9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWYxQUYwSG1hZWtnc0R4c2RxbzZlSEZBUDFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9iYTM2NWItNjk0Yi00ZmJhLTg2NTMt
ZGUzNmJmMjBiYTRmLzEvTWYxQUYwSG1hZWtnc0R4c2RxbzZlSEZBUDFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9iYTM2NWItNjk0Yi00ZmJhLTg2NTMtZGUzNmJmMjBiYTRm
LzEvTWYxQUYwSG1hZWtnc0R4c2RxbzZlSEZBUDFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYZnIVvCB
D9110MT+GGNLA/2NRLN4WAMjT5+WaKzKS/cNu2sFKMowhprQPGZibCCFxayw/5pB
QP/eHPjeRrmVjhYpdhlLLemUuv6wHQ0PW7VgJPl3Ut5DpheBW9+t3emalpKfQ/Hv
ydL63geEbPnkZ6jI9ZsWx7a8N6E1Ahjc03Ot6Ovaj5uzktI7hkhHItkHOSmR8qUq
j1BIrjB5Rf3cB2gNgUgu6s6EOQ2wi7fpitaoNPYc+w4d5v83E5ZzPbWtaqkN9FrG
ne+qA63swaYVh8/+amabmi9+Cy1sJCZQCkFSocGgWvj3EbDfDNjPdbstPzFKUudn
CKeXgqRP0oRnLw==
-----END CERTIFICATE-----