Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/00b426-128b-4f9c-a3af-bdb5f16d46f0/1/_e3ZOtbKqmCtSfD5N32Kq_h34ts.mft
File:                     _e3ZOtbKqmCtSfD5N32Kq_h34ts.mft (raw, json)
Hash identifier:          nOK80x9VKNbUAoPaWltmyhFG/UPVipe3I8qD3UsgafA=
Subject key identifier:   30:A0:AB:5D:1E:B4:C4:C0:66:B1:4E:ED:AC:86:71:BF:F8:48:F3:BC
Authority key identifier: FD:ED:D9:3A:D6:CA:AA:60:AD:49:F0:F9:37:7D:8A:AB:F8:77:E2:DB
Certificate issuer:       /CN=fdedd93ad6caaa60ad49f0f9377d8aabf877e2db
Certificate serial:       019A71B89F089199DAA6B9CDE51F60004785
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_e3ZOtbKqmCtSfD5N32Kq_h34ts.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/00b426-128b-4f9c-a3af-bdb5f16d46f0/1/_e3ZOtbKqmCtSfD5N32Kq_h34ts.mft
Manifest number:          089E
Signing time:             Tue 11 Nov 2025 07:01:55 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:55 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:55 +0000
Files and hashes:         1: _e3ZOtbKqmCtSfD5N32Kq_h34ts.crl (hash: EvPK6m45a8bGGddZSG1g+/l2Ko9I/goT72hmcuckoFs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/00b426-128b-4f9c-a3af-bdb5f16d46f0/1/_e3ZOtbKqmCtSfD5N32Kq_h34ts.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/00b426-128b-4f9c-a3af-bdb5f16d46f0/1/_e3ZOtbKqmCtSfD5N32Kq_h34ts.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_e3ZOtbKqmCtSfD5N32Kq_h34ts.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:9f:08:91:99:da:a6:b9:cd:e5:1f:60:00:47:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fdedd93ad6caaa60ad49f0f9377d8aabf877e2db
        Validity
            Not Before: Nov 11 07:01:55 2025 GMT
            Not After : Nov 12 07:01:55 2025 GMT
        Subject: CN=30a0ab5d1eb4c4c066b14eedac8671bff848f3bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:f8:a9:38:3b:7e:60:11:56:09:bb:7c:74:0a:
                    37:70:95:1c:73:f1:47:04:0d:72:f9:8d:b8:65:42:
                    6d:26:3e:98:17:8c:96:4c:30:b0:0f:30:08:54:52:
                    e3:4b:c3:b3:c9:73:b7:f8:24:43:b9:de:90:cc:4d:
                    cf:20:54:df:34:f8:5a:03:bb:37:c0:5d:8e:32:74:
                    09:08:08:80:66:92:99:23:bb:87:c6:f6:2a:3b:2c:
                    87:20:99:68:e4:07:7b:44:d3:6f:6d:48:8b:37:f0:
                    fe:c0:42:ff:7c:9b:94:bf:5a:db:85:fa:40:f5:c6:
                    d3:d9:22:3f:7e:c9:ad:df:44:03:e9:3b:96:5d:27:
                    ff:8d:76:dd:04:a6:b9:d5:34:b8:c6:46:ad:0a:da:
                    94:9d:15:f3:fb:a1:f9:34:ef:ff:56:2c:b2:0b:bf:
                    4d:7c:ee:29:4d:df:95:8f:a4:74:90:11:b1:47:2c:
                    10:85:43:1b:67:98:e8:2f:b7:17:98:80:d4:c9:e4:
                    1b:b4:9d:b3:b6:16:6c:9b:ca:02:58:1e:4a:a5:e6:
                    5a:b7:e1:ea:d5:9c:19:cb:4c:f3:77:f2:94:eb:93:
                    52:40:22:59:33:35:5f:cf:b8:76:92:97:ec:90:8d:
                    a6:d5:bb:6e:22:a7:6e:cd:c6:d4:62:c0:5f:13:b3:
                    07:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:A0:AB:5D:1E:B4:C4:C0:66:B1:4E:ED:AC:86:71:BF:F8:48:F3:BC
            X509v3 Authority Key Identifier:
                keyid:FD:ED:D9:3A:D6:CA:AA:60:AD:49:F0:F9:37:7D:8A:AB:F8:77:E2:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_e3ZOtbKqmCtSfD5N32Kq_h34ts.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/00b426-128b-4f9c-a3af-bdb5f16d46f0/1/_e3ZOtbKqmCtSfD5N32Kq_h34ts.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/00b426-128b-4f9c-a3af-bdb5f16d46f0/1/_e3ZOtbKqmCtSfD5N32Kq_h34ts.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:9c:0f:7e:a9:63:05:73:02:8e:39:cf:27:2b:d7:b5:b6:8d:
         9b:9a:56:1e:5a:81:18:e4:b1:7f:09:2a:95:67:78:06:ba:d7:
         62:90:93:2a:3e:5d:75:7a:16:70:c9:4f:bd:5c:68:49:65:6b:
         ea:5b:ec:27:8e:2d:0c:2e:49:d9:5b:59:5b:07:c2:92:23:8e:
         49:47:e5:cf:36:e0:f9:96:7a:b6:b1:63:3e:11:d5:b7:86:1e:
         42:c3:1b:b7:1d:ba:4e:78:a0:79:f0:5d:8f:34:fc:86:37:a3:
         90:d7:7c:1f:e7:f2:59:a8:ed:3d:48:53:5f:67:66:cb:0a:ce:
         7c:18:0b:8d:a3:d3:22:bd:f9:3b:08:12:43:e8:44:17:a9:eb:
         81:3a:15:79:59:59:e7:75:a9:99:01:ca:9f:94:c6:cf:9e:be:
         56:28:90:50:aa:d3:3d:87:c3:68:ce:5a:99:6d:61:3f:bc:02:
         c2:1e:41:1f:6f:bf:3b:8c:7e:30:a0:16:c6:fa:49:40:99:32:
         11:12:c2:20:62:4a:b2:7e:fe:4d:94:b8:59:8f:62:9f:ef:79:
         0a:01:cc:61:3c:b8:5b:18:6d:2e:35:be:83:8a:11:39:cc:01:
         dd:8f:ff:9c:57:f1:bc:4e:56:2d:00:84:08:41:3e:f5:0e:d5:
         13:6e:d6:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuJ8IkZnaprnN5R9gAEeFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkZWRkOTNhZDZjYWFhNjBhZDQ5ZjBmOTM3N2Q4YWFiZjg3
N2UyZGIwHhcNMjUxMTExMDcwMTU1WhcNMjUxMTEyMDcwMTU1WjAzMTEwLwYDVQQD
EygzMGEwYWI1ZDFlYjRjNGMwNjZiMTRlZWRhYzg2NzFiZmY4NDhmM2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx/ipODt+YBFWCbt8dAo3cJUcc/FH
BA1y+Y24ZUJtJj6YF4yWTDCwDzAIVFLjS8OzyXO3+CRDud6QzE3PIFTfNPhaA7s3
wF2OMnQJCAiAZpKZI7uHxvYqOyyHIJlo5Ad7RNNvbUiLN/D+wEL/fJuUv1rbhfpA
9cbT2SI/fsmt30QD6TuWXSf/jXbdBKa51TS4xkatCtqUnRXz+6H5NO//ViyyC79N
fO4pTd+Vj6R0kBGxRywQhUMbZ5joL7cXmIDUyeQbtJ2zthZsm8oCWB5KpeZat+Hq
1ZwZy0zzd/KU65NSQCJZMzVfz7h2kpfskI2m1btuIqduzcbUYsBfE7MHBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDCgq10etMTAZrFO7ayGcb/4SPO8MB8GA1UdIwQY
MBaAFP3t2TrWyqpgrUnw+Td9iqv4d+LbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2UzWk90YktxbUN0U2ZENU4zMktxX2gzNHRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8wMGI0MjYtMTI4Yi00ZjljLWEzYWYt
YmRiNWYxNmQ0NmYwLzEvX2UzWk90YktxbUN0U2ZENU4zMktxX2gzNHRzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8wMGI0MjYtMTI4Yi00ZjljLWEzYWYtYmRiNWYxNmQ0NmYw
LzEvX2UzWk90YktxbUN0U2ZENU4zMktxX2gzNHRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVJwPfqlj
BXMCjjnPJyvXtbaNm5pWHlqBGOSxfwkqlWd4BrrXYpCTKj5ddXoWcMlPvVxoSWVr
6lvsJ44tDC5J2VtZWwfCkiOOSUflzzbg+ZZ6trFjPhHVt4YeQsMbtx26TnigefBd
jzT8hjejkNd8H+fyWajtPUhTX2dmywrOfBgLjaPTIr35OwgSQ+hEF6nrgToVeVlZ
53WpmQHKn5TGz56+ViiQUKrTPYfDaM5amW1hP7wCwh5BH2+/O4x+MKAWxvpJQJky
ERLCIGJKsn7+TZS4WY9in+95CgHMYTy4WxhtLjW+g4oROcwB3Y//nFfxvE5WLQCE
CEE+9Q7VE27Wcw==
-----END CERTIFICATE-----