Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.mft
File:                     hDGpmcvwQL00DSk12JlhtS8EpEU.mft (raw, json)
Hash identifier:          ZjprXzKqjFSSubNzcrXsx0LLCHv+0eM4X0ZJaKs2a2w=
Subject key identifier:   70:DF:6A:B2:8E:E5:2A:38:59:77:A0:4E:AA:60:D9:4E:69:D1:77:6E
Authority key identifier: 84:31:A9:99:CB:F0:40:BD:34:0D:29:35:D8:99:61:B5:2F:04:A4:45
Certificate issuer:       /CN=8431a999cbf040bd340d2935d89961b52f04a445
Certificate serial:       019A71B7C21F680FDC2D902FDE62E7BB73A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hDGpmcvwQL00DSk12JlhtS8EpEU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.mft
Manifest number:          0A51
Signing time:             Tue 11 Nov 2025 07:00:59 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:59 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:59 +0000
Files and hashes:         1: hDGpmcvwQL00DSk12JlhtS8EpEU.crl (hash: nMKynHtk2nBXF+4y36qOjwBxfTe5Xg2FYFiBtNndj9k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hDGpmcvwQL00DSk12JlhtS8EpEU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:c2:1f:68:0f:dc:2d:90:2f:de:62:e7:bb:73:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8431a999cbf040bd340d2935d89961b52f04a445
        Validity
            Not Before: Nov 11 07:00:59 2025 GMT
            Not After : Nov 12 07:00:59 2025 GMT
        Subject: CN=70df6ab28ee52a385977a04eaa60d94e69d1776e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:a8:30:89:7e:34:95:be:42:7c:5b:d6:a6:79:
                    c1:80:98:37:e4:da:40:53:02:df:b0:c3:e9:8c:d6:
                    c1:5e:b7:ba:41:ad:9a:7e:1b:43:b2:e0:6b:1b:91:
                    3f:db:66:df:18:d5:a0:0e:a4:0c:b8:68:86:05:c9:
                    74:d6:bc:e4:89:4f:30:9d:eb:09:f2:32:f6:26:15:
                    ff:cd:7a:13:c4:9d:ee:b4:dc:cd:3a:58:6a:0d:fa:
                    85:4f:aa:25:de:a3:c5:b4:cc:3a:62:93:51:23:d1:
                    8a:57:b1:46:56:04:14:06:d3:23:87:03:8d:79:f9:
                    2c:99:41:dd:b5:48:ee:57:e6:f9:fb:14:29:a1:3e:
                    e1:4c:ec:6b:a2:d9:be:5b:56:70:e2:78:28:a2:80:
                    c1:6e:84:09:3a:0f:bc:c7:72:91:bd:63:59:f0:0e:
                    14:f0:24:63:b1:9f:dd:3c:0e:a1:7a:6a:47:e1:14:
                    67:a7:3c:24:46:a6:8c:33:93:20:3a:67:63:64:07:
                    f7:a0:e8:74:5b:60:f2:c1:dc:00:76:e8:04:f0:2c:
                    b5:67:7b:d8:53:7f:e2:6e:c9:b5:35:f8:60:6a:a3:
                    f8:ce:a0:96:e2:f6:20:f5:d5:59:b7:97:c3:33:d6:
                    aa:3f:79:43:b1:f6:dc:96:f6:62:27:a2:ed:12:c2:
                    ca:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:DF:6A:B2:8E:E5:2A:38:59:77:A0:4E:AA:60:D9:4E:69:D1:77:6E
            X509v3 Authority Key Identifier:
                keyid:84:31:A9:99:CB:F0:40:BD:34:0D:29:35:D8:99:61:B5:2F:04:A4:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hDGpmcvwQL00DSk12JlhtS8EpEU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:e2:27:2f:bc:0a:57:5d:4a:a9:b9:f1:2f:9c:86:db:68:9a:
         94:29:2c:fb:38:7b:cd:96:b5:1c:de:86:3c:4f:7d:68:53:2d:
         11:2a:4c:fc:67:ea:95:af:39:4e:5f:78:d4:da:0c:22:9d:48:
         44:f2:35:d2:d7:26:31:05:60:60:b2:28:44:50:7b:3a:5c:83:
         d7:88:31:c8:0f:32:52:07:78:0b:32:3d:b5:ca:4b:08:5a:49:
         06:66:4e:77:26:17:02:e9:f2:46:7f:3b:c7:c0:bf:e1:b3:d2:
         ed:15:28:42:30:4a:01:7e:8c:7c:7f:a9:98:93:16:18:4d:42:
         88:83:b5:bb:c5:e4:b3:b7:ee:6e:93:47:17:a4:76:3f:5b:cf:
         a3:3f:18:3d:f3:d3:b8:7b:a4:24:1a:69:ab:c7:39:23:4d:bf:
         1e:6e:e1:80:ce:fb:18:b5:97:46:66:f3:c8:53:d7:f5:38:4e:
         2e:66:90:31:c2:1a:a0:d8:c8:b7:85:a1:76:27:4f:88:a6:5e:
         16:27:fe:70:d6:8f:d0:71:af:86:a9:09:87:19:30:1e:67:f3:
         a9:26:e3:cb:db:a0:2c:d7:30:8d:99:6f:18:ce:59:73:2d:05:
         01:3f:88:88:32:03:c4:f6:fa:08:53:82:b7:f8:28:3d:bd:95:
         c0:d4:33:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt8IfaA/cLZAv3mLnu3OlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0MzFhOTk5Y2JmMDQwYmQzNDBkMjkzNWQ4OTk2MWI1MmYw
NGE0NDUwHhcNMjUxMTExMDcwMDU5WhcNMjUxMTEyMDcwMDU5WjAzMTEwLwYDVQQD
Eyg3MGRmNmFiMjhlZTUyYTM4NTk3N2EwNGVhYTYwZDk0ZTY5ZDE3NzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlagwiX40lb5CfFvWpnnBgJg35NpA
UwLfsMPpjNbBXre6Qa2afhtDsuBrG5E/22bfGNWgDqQMuGiGBcl01rzkiU8wnesJ
8jL2JhX/zXoTxJ3utNzNOlhqDfqFT6ol3qPFtMw6YpNRI9GKV7FGVgQUBtMjhwON
efksmUHdtUjuV+b5+xQpoT7hTOxrotm+W1Zw4ngoooDBboQJOg+8x3KRvWNZ8A4U
8CRjsZ/dPA6hempH4RRnpzwkRqaMM5MgOmdjZAf3oOh0W2DywdwAdugE8Cy1Z3vY
U3/ibsm1NfhgaqP4zqCW4vYg9dVZt5fDM9aqP3lDsfbclvZiJ6LtEsLKUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHDfarKO5So4WXegTqpg2U5p0XduMB8GA1UdIwQY
MBaAFIQxqZnL8EC9NA0pNdiZYbUvBKRFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaERHcG1jdndRTDAwRFNrMTJKbGh0UzhFcEVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS82YzJjN2EtZmMxNi00OTExLTgzZmYt
MTNkOWJhMjdlNTFmLzEvaERHcG1jdndRTDAwRFNrMTJKbGh0UzhFcEVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS82YzJjN2EtZmMxNi00OTExLTgzZmYtMTNkOWJhMjdlNTFm
LzEvaERHcG1jdndRTDAwRFNrMTJKbGh0UzhFcEVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiuInL7wK
V11KqbnxL5yG22ialCks+zh7zZa1HN6GPE99aFMtESpM/Gfqla85Tl941NoMIp1I
RPI10tcmMQVgYLIoRFB7OlyD14gxyA8yUgd4CzI9tcpLCFpJBmZOdyYXAunyRn87
x8C/4bPS7RUoQjBKAX6MfH+pmJMWGE1CiIO1u8Xks7fubpNHF6R2P1vPoz8YPfPT
uHukJBppq8c5I02/Hm7hgM77GLWXRmbzyFPX9ThOLmaQMcIaoNjIt4WhdidPiKZe
Fif+cNaP0HGvhqkJhxkwHmfzqSbjy9ugLNcwjZlvGM5Zcy0FAT+IiDIDxPb6CFOC
t/goPb2VwNQzyg==
-----END CERTIFICATE-----