Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.mft
File:                     mTFQMIBh3NrF2EZc-ITGejuxkVk.mft (raw, json)
Hash identifier:          NupfrZT1BlJBipj6ilcWXRUfW/Z5zuIjOChKGIIp73Q=
Subject key identifier:   D5:83:92:D1:50:D0:0C:5A:2D:3F:3A:81:89:59:29:1D:64:95:7C:0F
Authority key identifier: 99:31:50:30:80:61:DC:DA:C5:D8:46:5C:F8:84:C6:7A:3B:B1:91:59
Certificate issuer:       /CN=993150308061dcdac5d8465cf884c67a3bb19159
Certificate serial:       019A711319336CB1586DC3870B6314F511E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mTFQMIBh3NrF2EZc-ITGejuxkVk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.mft
Manifest number:          0813
Signing time:             Tue 11 Nov 2025 04:01:08 +0000
Manifest this update:     Tue 11 Nov 2025 04:01:08 +0000
Manifest next update:     Wed 12 Nov 2025 04:01:08 +0000
Files and hashes:         1: mTFQMIBh3NrF2EZc-ITGejuxkVk.crl (hash: /x0rdZX0n9NOWwX5zE4RdsvP15oGhsfyyNEhobnw4AQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mTFQMIBh3NrF2EZc-ITGejuxkVk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:13:19:33:6c:b1:58:6d:c3:87:0b:63:14:f5:11:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=993150308061dcdac5d8465cf884c67a3bb19159
        Validity
            Not Before: Nov 11 04:01:08 2025 GMT
            Not After : Nov 12 04:01:08 2025 GMT
        Subject: CN=d58392d150d00c5a2d3f3a818959291d64957c0f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:07:5e:e0:62:dc:08:9b:81:f9:0d:b9:36:d1:
                    f5:c5:75:22:61:2d:08:f5:6b:3e:04:3e:22:a5:09:
                    4d:1c:9d:15:55:3b:3b:18:e4:c8:c7:71:68:d6:eb:
                    8f:f5:bb:5c:06:0e:c1:26:19:76:6c:d6:7e:23:03:
                    5a:eb:2e:7d:9d:e9:fb:3b:c6:ae:7c:25:3c:cf:86:
                    31:5c:ea:e8:46:1d:f8:75:bf:5f:8a:2d:c1:4d:c8:
                    d6:1f:27:d4:bd:d7:b6:a5:50:f7:7e:f4:d7:7f:46:
                    c8:cf:ac:0b:a6:12:28:87:9d:af:8b:3b:8c:0a:bc:
                    d8:28:1f:aa:d5:0e:bc:f6:67:2e:05:d9:1e:ac:be:
                    43:90:c4:25:05:40:a2:fb:a7:b2:d3:8d:27:ab:16:
                    93:92:cf:8b:99:12:5e:f6:80:a5:55:f8:ef:bb:9a:
                    f4:12:b7:11:54:4f:2b:d7:a5:fb:d8:7c:bd:88:ab:
                    ea:cd:d9:d5:c4:46:f3:e4:24:c9:d8:06:f0:d8:63:
                    6a:7c:df:5a:0d:ac:7d:4b:c7:2a:34:be:fa:c0:cd:
                    84:92:27:27:bb:38:77:6a:fb:96:22:64:d8:3b:46:
                    f3:9e:6c:54:78:d3:53:b4:43:59:05:13:a5:ae:c0:
                    3a:80:bc:63:7f:a3:61:88:2a:bf:68:5b:7d:93:2a:
                    45:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:83:92:D1:50:D0:0C:5A:2D:3F:3A:81:89:59:29:1D:64:95:7C:0F
            X509v3 Authority Key Identifier:
                keyid:99:31:50:30:80:61:DC:DA:C5:D8:46:5C:F8:84:C6:7A:3B:B1:91:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mTFQMIBh3NrF2EZc-ITGejuxkVk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:27:cc:9a:11:1e:17:d6:5c:2c:23:bc:a2:e4:99:ee:0b:34:
         33:40:cc:77:26:39:77:b5:45:8c:14:02:07:8c:d9:fe:b1:34:
         da:b2:a6:a2:cc:81:9e:81:0a:45:3b:60:db:bc:d4:d7:db:39:
         ac:a2:5f:6e:2a:ab:99:f7:f2:94:62:c8:a4:36:77:e2:ff:5d:
         40:bb:35:80:13:3e:51:10:17:1a:02:93:27:ff:5d:7a:be:9b:
         a2:b9:e4:40:b3:bf:aa:9e:93:48:18:5f:58:03:2a:f3:3e:0f:
         11:c0:e2:34:7f:ba:4d:2f:d3:6a:da:a1:b3:e6:0f:91:9b:9d:
         36:01:0a:d2:5b:87:d6:43:97:96:13:50:14:3b:9e:21:4c:1e:
         e6:ff:08:c0:e5:70:d8:14:3c:00:6a:0c:fc:10:76:a9:ec:27:
         0f:e7:75:32:12:75:82:19:51:eb:c9:8e:52:23:3c:a6:bb:4c:
         6c:b2:6f:d1:da:4e:ae:77:08:ba:20:ca:ae:f2:13:15:e7:42:
         68:26:42:7b:d1:e9:0b:a1:3e:8f:fa:c7:fb:80:10:19:a7:c2:
         78:70:7c:b4:d1:e9:62:a1:40:64:a9:5f:2e:6c:ad:7c:05:c3:
         99:0a:a0:8c:96:e4:f6:75:a4:70:56:20:61:f4:cd:ce:1b:a1:
         4b:b5:bc:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxExkzbLFYbcOHC2MU9RHiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MzE1MDMwODA2MWRjZGFjNWQ4NDY1Y2Y4ODRjNjdhM2Ji
MTkxNTkwHhcNMjUxMTExMDQwMTA4WhcNMjUxMTEyMDQwMTA4WjAzMTEwLwYDVQQD
EyhkNTgzOTJkMTUwZDAwYzVhMmQzZjNhODE4OTU5MjkxZDY0OTU3YzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQde4GLcCJuB+Q25NtH1xXUiYS0I
9Ws+BD4ipQlNHJ0VVTs7GOTIx3Fo1uuP9btcBg7BJhl2bNZ+IwNa6y59nen7O8au
fCU8z4YxXOroRh34db9fii3BTcjWHyfUvde2pVD3fvTXf0bIz6wLphIoh52vizuM
CrzYKB+q1Q689mcuBdkerL5DkMQlBUCi+6ey040nqxaTks+LmRJe9oClVfjvu5r0
ErcRVE8r16X72Hy9iKvqzdnVxEbz5CTJ2Abw2GNqfN9aDax9S8cqNL76wM2Ekicn
uzh3avuWImTYO0bznmxUeNNTtENZBROlrsA6gLxjf6NhiCq/aFt9kypFkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNWDktFQ0AxaLT86gYlZKR1klXwPMB8GA1UdIwQY
MBaAFJkxUDCAYdzaxdhGXPiExno7sZFZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVRGUU1JQmgzTnJGMkVaYy1JVEdlanV4a1ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS84YTg0NWEtMjY2OS00MDQ1LThkODMt
NTJiMjMwZWNhY2FlLzEvbVRGUU1JQmgzTnJGMkVaYy1JVEdlanV4a1ZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS84YTg0NWEtMjY2OS00MDQ1LThkODMtNTJiMjMwZWNhY2Fl
LzEvbVRGUU1JQmgzTnJGMkVaYy1JVEdlanV4a1ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnCfMmhEe
F9ZcLCO8ouSZ7gs0M0DMdyY5d7VFjBQCB4zZ/rE02rKmosyBnoEKRTtg27zU19s5
rKJfbiqrmffylGLIpDZ34v9dQLs1gBM+URAXGgKTJ/9der6bornkQLO/qp6TSBhf
WAMq8z4PEcDiNH+6TS/Tatqhs+YPkZudNgEK0luH1kOXlhNQFDueIUwe5v8IwOVw
2BQ8AGoM/BB2qewnD+d1MhJ1ghlR68mOUiM8prtMbLJv0dpOrncIuiDKrvITFedC
aCZCe9HpC6E+j/rH+4AQGafCeHB8tNHpYqFAZKlfLmytfAXDmQqgjJbk9nWkcFYg
YfTNzhuhS7W80g==
-----END CERTIFICATE-----