Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/bfc6b1-02af-4cb1-a06d-4d493082da1c/1/aweCDo1ADzwl3dC-G0bFTpVZYKE.mft
File:                     aweCDo1ADzwl3dC-G0bFTpVZYKE.mft (raw, json)
Hash identifier:          PkzmUXaRbkTKVuXCkI76ajtbXB9c8MuGu6+jTqkOxNg=
Subject key identifier:   BC:B4:79:DB:FE:7B:04:CB:3E:06:D5:B4:08:61:F9:AF:87:32:89:7B
Authority key identifier: 6B:07:82:0E:8D:40:0F:3C:25:DD:D0:BE:1B:46:C5:4E:95:59:60:A1
Certificate issuer:       /CN=6b07820e8d400f3c25ddd0be1b46c54e955960a1
Certificate serial:       019A725CD564BFA6313BE99BD71DA08195A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aweCDo1ADzwl3dC-G0bFTpVZYKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/bfc6b1-02af-4cb1-a06d-4d493082da1c/1/aweCDo1ADzwl3dC-G0bFTpVZYKE.mft
Manifest number:          0E39
Signing time:             Tue 11 Nov 2025 10:01:17 +0000
Manifest this update:     Tue 11 Nov 2025 10:01:17 +0000
Manifest next update:     Wed 12 Nov 2025 10:01:17 +0000
Files and hashes:         1: aweCDo1ADzwl3dC-G0bFTpVZYKE.crl (hash: x6H9xApbDb2W0R5iMvJmtIbrTu27NyZiR24gK35oBYw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/04/bfc6b1-02af-4cb1-a06d-4d493082da1c/1/aweCDo1ADzwl3dC-G0bFTpVZYKE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/04/bfc6b1-02af-4cb1-a06d-4d493082da1c/1/aweCDo1ADzwl3dC-G0bFTpVZYKE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aweCDo1ADzwl3dC-G0bFTpVZYKE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:5c:d5:64:bf:a6:31:3b:e9:9b:d7:1d:a0:81:95:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b07820e8d400f3c25ddd0be1b46c54e955960a1
        Validity
            Not Before: Nov 11 10:01:17 2025 GMT
            Not After : Nov 12 10:01:17 2025 GMT
        Subject: CN=bcb479dbfe7b04cb3e06d5b40861f9af8732897b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:ca:2d:3a:e0:e0:c8:f7:dd:51:9e:28:4a:17:
                    59:b3:95:03:a6:e6:35:3b:c6:4b:93:b9:7f:e0:2a:
                    b9:f9:91:f7:d1:b3:d3:43:f6:9c:a2:63:ca:82:cd:
                    a3:1a:b3:f7:5d:d1:58:d3:51:d7:12:53:8d:4f:d1:
                    3e:02:00:74:00:f5:d6:14:a1:70:3b:5f:ba:af:5c:
                    69:c3:93:fe:58:48:a6:1c:e3:5f:01:e9:c7:2e:59:
                    a9:74:08:9d:78:79:dd:f0:65:64:85:fc:20:84:d2:
                    54:34:3a:84:8d:30:82:33:9b:e9:98:2c:31:1e:16:
                    b1:fc:f3:fd:8f:a8:6c:da:f6:7d:cb:77:96:95:4b:
                    20:b6:ad:2b:ee:b6:8c:dd:18:4c:e6:1b:0e:09:b5:
                    19:40:27:f1:36:ed:4e:43:02:1a:db:4e:ab:21:f4:
                    c4:2d:bd:a2:d0:71:1f:62:df:e9:e3:1e:b2:28:b3:
                    20:a3:5f:06:b9:0f:c7:33:6d:97:f5:d5:64:fd:f0:
                    b9:fa:ca:e5:bd:b4:d7:10:63:16:57:e2:24:b4:60:
                    5a:30:5b:10:d8:78:3c:27:27:83:67:2c:9a:16:53:
                    96:96:f8:3b:47:f6:4c:fa:b2:a0:d7:05:34:61:5f:
                    2d:8c:cf:fb:19:9b:0b:0c:c3:36:af:48:3b:4c:2d:
                    57:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:B4:79:DB:FE:7B:04:CB:3E:06:D5:B4:08:61:F9:AF:87:32:89:7B
            X509v3 Authority Key Identifier:
                keyid:6B:07:82:0E:8D:40:0F:3C:25:DD:D0:BE:1B:46:C5:4E:95:59:60:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aweCDo1ADzwl3dC-G0bFTpVZYKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/bfc6b1-02af-4cb1-a06d-4d493082da1c/1/aweCDo1ADzwl3dC-G0bFTpVZYKE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/bfc6b1-02af-4cb1-a06d-4d493082da1c/1/aweCDo1ADzwl3dC-G0bFTpVZYKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:dc:5a:24:48:91:c8:6a:11:02:50:99:dd:99:52:c5:d7:e4:
         1c:0e:77:68:6e:f7:96:39:13:a0:8c:ec:37:2b:5d:e5:4c:d0:
         09:34:54:3f:a0:13:83:96:ba:db:39:fb:d2:1c:78:4d:cf:e6:
         c4:3c:06:b6:05:5f:c5:69:6d:06:c6:88:44:ca:2d:2c:82:7d:
         2e:1a:3b:a7:9a:56:01:04:0e:82:c0:7e:d9:2a:4e:7d:59:a7:
         65:d6:93:93:5e:a6:3a:76:72:3c:1c:4f:09:3c:c9:f0:53:80:
         7f:b4:6a:8e:1c:35:aa:e8:13:dc:10:4e:73:7f:9d:8a:c4:d0:
         fa:49:9e:9e:14:0b:c1:aa:b9:56:43:33:ad:0e:70:45:a7:1b:
         5e:9a:d4:15:89:73:94:2a:22:0e:12:01:0f:46:31:5e:27:bd:
         b0:e1:da:b8:f6:cd:f6:9a:8c:f3:18:b5:a9:b8:5a:1a:be:1e:
         2c:ad:f7:c7:43:b9:04:fe:60:a1:a5:84:8f:7f:7d:89:5c:76:
         4c:6f:c5:19:09:a7:53:5b:d7:28:cf:77:e8:01:59:1b:1d:e0:
         5c:c7:1a:8a:7d:6e:23:2d:49:3b:fc:6f:0e:65:ab:31:60:b2:
         c0:72:06:5b:d4:ff:20:31:dd:30:fe:50:ec:8d:fc:da:c6:dc:
         80:6c:df:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXNVkv6YxO+mb1x2ggZWpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMDc4MjBlOGQ0MDBmM2MyNWRkZDBiZTFiNDZjNTRlOTU1
OTYwYTEwHhcNMjUxMTExMTAwMTE3WhcNMjUxMTEyMTAwMTE3WjAzMTEwLwYDVQQD
EyhiY2I0NzlkYmZlN2IwNGNiM2UwNmQ1YjQwODYxZjlhZjg3MzI4OTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosotOuDgyPfdUZ4oShdZs5UDpuY1
O8ZLk7l/4Cq5+ZH30bPTQ/acomPKgs2jGrP3XdFY01HXElONT9E+AgB0APXWFKFw
O1+6r1xpw5P+WEimHONfAenHLlmpdAideHnd8GVkhfwghNJUNDqEjTCCM5vpmCwx
Hhax/PP9j6hs2vZ9y3eWlUsgtq0r7raM3RhM5hsOCbUZQCfxNu1OQwIa206rIfTE
Lb2i0HEfYt/p4x6yKLMgo18GuQ/HM22X9dVk/fC5+srlvbTXEGMWV+IktGBaMFsQ
2Hg8JyeDZyyaFlOWlvg7R/ZM+rKg1wU0YV8tjM/7GZsLDMM2r0g7TC1X6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLy0edv+ewTLPgbVtAhh+a+HMol7MB8GA1UdIwQY
MBaAFGsHgg6NQA88Jd3QvhtGxU6VWWChMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXdlQ0RvMUFEendsM2RDLUcwYkZUcFZaWUtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9iZmM2YjEtMDJhZi00Y2IxLWEwNmQt
NGQ0OTMwODJkYTFjLzEvYXdlQ0RvMUFEendsM2RDLUcwYkZUcFZaWUtFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9iZmM2YjEtMDJhZi00Y2IxLWEwNmQtNGQ0OTMwODJkYTFj
LzEvYXdlQ0RvMUFEendsM2RDLUcwYkZUcFZaWUtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVNxaJEiR
yGoRAlCZ3ZlSxdfkHA53aG73ljkToIzsNytd5UzQCTRUP6ATg5a62zn70hx4Tc/m
xDwGtgVfxWltBsaIRMotLIJ9Lho7p5pWAQQOgsB+2SpOfVmnZdaTk16mOnZyPBxP
CTzJ8FOAf7Rqjhw1qugT3BBOc3+disTQ+kmenhQLwaq5VkMzrQ5wRacbXprUFYlz
lCoiDhIBD0YxXie9sOHauPbN9pqM8xi1qbhaGr4eLK33x0O5BP5goaWEj399iVx2
TG/FGQmnU1vXKM936AFZGx3gXMcain1uIy1JO/xvDmWrMWCywHIGW9T/IDHdMP5Q
7I382sbcgGzfnA==
-----END CERTIFICATE-----