Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.mft
File:                     RzrT6YeegYYjFqEICLtcQhKVTLo.mft (raw, json)
Hash identifier:          N8OGYD5HCCzf9GfBhk9UF183MMegorrdCgIcwDLQ7x4=
Subject key identifier:   8C:96:76:25:A2:AB:C8:E3:FD:34:66:D9:A4:79:1A:55:E6:3E:68:7E
Authority key identifier: 47:3A:D3:E9:87:9E:81:86:23:16:A1:08:08:BB:5C:42:12:95:4C:BA
Certificate issuer:       /CN=473ad3e9879e81862316a10808bb5c4212954cba
Certificate serial:       019A71B84B5DFF92AF29F684915CF1A324C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RzrT6YeegYYjFqEICLtcQhKVTLo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.mft
Manifest number:          0FCC
Signing time:             Tue 11 Nov 2025 07:01:34 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:34 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:34 +0000
Files and hashes:         1: RzrT6YeegYYjFqEICLtcQhKVTLo.crl (hash: VRwT5S75Cze8AMoKNRWgCk/kFmkSuEL8M+6G+UjINC8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RzrT6YeegYYjFqEICLtcQhKVTLo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:4b:5d:ff:92:af:29:f6:84:91:5c:f1:a3:24:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=473ad3e9879e81862316a10808bb5c4212954cba
        Validity
            Not Before: Nov 11 07:01:34 2025 GMT
            Not After : Nov 12 07:01:34 2025 GMT
        Subject: CN=8c967625a2abc8e3fd3466d9a4791a55e63e687e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:d4:2a:d9:e5:63:08:93:15:5d:27:45:b6:d8:
                    ce:b7:49:bc:90:bf:c0:70:38:20:df:5e:b3:23:39:
                    08:c1:94:b9:28:e3:08:21:70:a7:81:1a:88:af:92:
                    c5:a6:16:68:72:01:3d:17:02:91:b3:7a:2d:cc:ea:
                    31:14:7f:3b:e3:08:a6:1e:ca:aa:25:f7:ae:c8:2a:
                    8e:0b:a2:cc:2a:80:2d:d7:e0:09:27:13:c7:c3:e8:
                    ab:14:bc:50:e7:17:fe:3a:37:1b:ab:2f:c8:89:e7:
                    a0:85:14:8d:8b:d1:cf:05:fa:da:0c:ed:99:44:4f:
                    ba:d3:79:24:d9:3f:af:e3:e7:9b:e9:83:25:d4:fe:
                    9c:f7:7e:35:78:03:d0:5f:99:0f:f9:cd:cd:d8:fe:
                    7b:2f:d1:73:f8:10:89:96:4f:7f:2d:4c:47:49:56:
                    85:96:cc:01:f6:64:3e:8c:ab:02:c6:ea:ae:4b:e7:
                    e6:d0:ad:5b:a2:bd:72:8c:33:1a:6b:30:9c:0c:e0:
                    e3:a6:b4:e3:20:6a:b1:77:4a:e2:e0:27:cc:b0:93:
                    75:3e:89:cd:9d:5f:0a:2b:e1:b2:53:61:a8:40:cf:
                    f8:0e:a1:40:a9:55:98:f2:03:a1:3c:ea:aa:bd:b7:
                    ab:96:cb:dc:83:3b:5a:b6:4f:7b:fd:4d:60:d3:04:
                    26:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:96:76:25:A2:AB:C8:E3:FD:34:66:D9:A4:79:1A:55:E6:3E:68:7E
            X509v3 Authority Key Identifier:
                keyid:47:3A:D3:E9:87:9E:81:86:23:16:A1:08:08:BB:5C:42:12:95:4C:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RzrT6YeegYYjFqEICLtcQhKVTLo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:3f:be:ab:f6:4f:9c:57:86:ed:c8:10:a0:f0:87:9e:ae:31:
         01:ae:2a:78:6a:d6:27:67:87:b9:25:f9:a2:ef:87:86:90:38:
         fa:c8:1e:a0:26:33:d3:60:de:aa:de:92:d8:8e:eb:06:37:18:
         ce:60:7f:c7:7a:68:10:25:a1:42:9d:8b:ed:7a:0e:c1:82:93:
         4f:0b:6c:6b:96:49:53:61:58:d0:28:24:29:9e:15:cc:4e:ff:
         0a:8f:08:86:46:cc:68:a7:19:ce:35:1d:70:ae:d5:03:0a:09:
         ec:7e:c8:8b:d7:db:f2:b7:3c:db:3e:a4:05:da:0c:bd:49:46:
         31:b4:84:2b:2d:f2:9c:e1:ba:d3:96:3e:95:d9:f6:61:5f:b1:
         54:5b:91:1e:b4:79:9d:69:2f:a8:71:94:29:7e:83:84:b6:97:
         85:f3:46:f2:b8:fa:8d:80:46:b6:40:93:6c:1b:b7:82:33:c0:
         52:b6:e1:9e:14:1c:f0:58:79:4f:6d:1d:97:2d:14:31:16:d5:
         ff:bd:b5:4c:b1:24:b3:2e:c8:17:1c:97:7d:7c:4b:e0:4f:4a:
         26:3b:d4:70:2e:07:2e:0b:0d:bb:e2:0b:8b:d5:3e:57:cc:cd:
         34:86:4b:c0:aa:84:91:d1:54:e0:2c:8c:d7:c8:0a:81:76:a3:
         f9:01:91:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuEtd/5KvKfaEkVzxoyTAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3M2FkM2U5ODc5ZTgxODYyMzE2YTEwODA4YmI1YzQyMTI5
NTRjYmEwHhcNMjUxMTExMDcwMTM0WhcNMjUxMTEyMDcwMTM0WjAzMTEwLwYDVQQD
Eyg4Yzk2NzYyNWEyYWJjOGUzZmQzNDY2ZDlhNDc5MWE1NWU2M2U2ODdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9Qq2eVjCJMVXSdFttjOt0m8kL/A
cDgg316zIzkIwZS5KOMIIXCngRqIr5LFphZocgE9FwKRs3otzOoxFH874wimHsqq
JfeuyCqOC6LMKoAt1+AJJxPHw+irFLxQ5xf+Ojcbqy/IieeghRSNi9HPBfraDO2Z
RE+603kk2T+v4+eb6YMl1P6c9341eAPQX5kP+c3N2P57L9Fz+BCJlk9/LUxHSVaF
lswB9mQ+jKsCxuquS+fm0K1bor1yjDMaazCcDODjprTjIGqxd0ri4CfMsJN1PonN
nV8KK+GyU2GoQM/4DqFAqVWY8gOhPOqqvberlsvcgztatk97/U1g0wQmOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIyWdiWiq8jj/TRm2aR5GlXmPmh+MB8GA1UdIwQY
MBaAFEc60+mHnoGGIxahCAi7XEISlUy6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnpyVDZZZWVnWVlqRnFFSUNMdGNRaEtWVExvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8xZDI3ZGEtYjM5Zi00MmE5LTk0OWYt
YjZjMzlhZDk4M2RkLzEvUnpyVDZZZWVnWVlqRnFFSUNMdGNRaEtWVExvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8xZDI3ZGEtYjM5Zi00MmE5LTk0OWYtYjZjMzlhZDk4M2Rk
LzEvUnpyVDZZZWVnWVlqRnFFSUNMdGNRaEtWVExvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlj++q/ZP
nFeG7cgQoPCHnq4xAa4qeGrWJ2eHuSX5ou+HhpA4+sgeoCYz02Deqt6S2I7rBjcY
zmB/x3poECWhQp2L7XoOwYKTTwtsa5ZJU2FY0CgkKZ4VzE7/Co8IhkbMaKcZzjUd
cK7VAwoJ7H7Ii9fb8rc82z6kBdoMvUlGMbSEKy3ynOG605Y+ldn2YV+xVFuRHrR5
nWkvqHGUKX6DhLaXhfNG8rj6jYBGtkCTbBu3gjPAUrbhnhQc8Fh5T20dly0UMRbV
/721TLEksy7IFxyXfXxL4E9KJjvUcC4HLgsNu+ILi9U+V8zNNIZLwKqEkdFU4CyM
18gKgXaj+QGRhA==
-----END CERTIFICATE-----