Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.mft
File:                     Th1cISsoF0fIw-xuhm4Vs5TFu98.mft (raw, json)
Hash identifier:          ImSlxyt3BapXA0/gII9GyuC6kGwGQW92sVV+K9cpj2c=
Subject key identifier:   F8:4F:41:B4:D0:9D:D5:8E:B4:27:A7:19:F4:59:3D:FA:1D:6B:74:CB
Authority key identifier: 4E:1D:5C:21:2B:28:17:47:C8:C3:EC:6E:86:6E:15:B3:94:C5:BB:DF
Certificate issuer:       /CN=4e1d5c212b281747c8c3ec6e866e15b394c5bbdf
Certificate serial:       019A725C985C50121CB366D3B857306F4A42
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Th1cISsoF0fIw-xuhm4Vs5TFu98.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.mft
Manifest number:          0E57
Signing time:             Tue 11 Nov 2025 10:01:02 +0000
Manifest this update:     Tue 11 Nov 2025 10:01:02 +0000
Manifest next update:     Wed 12 Nov 2025 10:01:02 +0000
Files and hashes:         1: Th1cISsoF0fIw-xuhm4Vs5TFu98.crl (hash: 673Pj2W5LrQjnyk0kg20W8tINTdr3Ql36ta9Hvv9XzU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Th1cISsoF0fIw-xuhm4Vs5TFu98.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:5c:98:5c:50:12:1c:b3:66:d3:b8:57:30:6f:4a:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e1d5c212b281747c8c3ec6e866e15b394c5bbdf
        Validity
            Not Before: Nov 11 10:01:02 2025 GMT
            Not After : Nov 12 10:01:02 2025 GMT
        Subject: CN=f84f41b4d09dd58eb427a719f4593dfa1d6b74cb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:12:42:33:3f:82:23:15:cf:c6:1f:27:2c:2b:
                    09:08:7d:ae:71:06:b4:ee:39:45:16:a3:13:6a:45:
                    54:b5:d6:7c:40:f2:58:8c:f8:5a:e2:17:d7:ab:bd:
                    87:58:87:f8:fe:86:b6:2b:dc:86:43:68:2d:63:81:
                    fd:06:39:f7:08:59:30:2a:a8:44:cd:db:a3:47:73:
                    f3:e7:8b:a0:58:77:7f:e3:fa:9a:de:9a:a8:87:1c:
                    ca:64:af:79:89:78:e6:a3:fa:89:07:a2:b0:34:72:
                    5d:ec:9f:db:f7:66:5e:ed:17:d2:65:23:e0:f0:8b:
                    8f:f3:b9:8c:b9:e2:a2:17:a7:2a:0f:de:a5:f7:f9:
                    87:a1:51:00:01:76:6d:1e:af:da:54:83:bf:30:29:
                    98:41:0e:47:d9:f7:c3:13:91:44:50:a5:38:65:46:
                    08:6a:09:15:25:17:d6:12:73:2a:58:72:0e:04:28:
                    c7:8b:4b:5e:8b:0d:34:89:80:10:c8:0b:1b:da:24:
                    ba:2b:dd:b9:ef:f2:56:d9:3a:6a:80:fb:55:33:3b:
                    ad:04:b1:23:ed:7a:d3:8b:9f:c9:b1:2e:d1:f5:a4:
                    88:20:ab:0f:18:6d:18:1b:f3:87:b2:e9:4e:2a:5f:
                    36:2a:8e:d1:0b:4f:86:f6:1d:44:ad:4e:ab:21:04:
                    35:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:4F:41:B4:D0:9D:D5:8E:B4:27:A7:19:F4:59:3D:FA:1D:6B:74:CB
            X509v3 Authority Key Identifier:
                keyid:4E:1D:5C:21:2B:28:17:47:C8:C3:EC:6E:86:6E:15:B3:94:C5:BB:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Th1cISsoF0fIw-xuhm4Vs5TFu98.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:66:7b:b9:e7:c4:eb:8b:5a:6a:a1:3e:85:c5:a8:f0:bd:01:
         a5:96:83:5a:53:8c:2f:10:78:b2:74:24:ac:93:7c:2e:34:bd:
         82:36:b7:42:54:4b:8a:ca:ae:3c:d0:97:78:cf:2f:d6:9e:1c:
         12:b0:b1:71:4d:3c:ec:9b:4f:7d:f1:d5:9a:bc:1e:6e:bc:fa:
         38:32:57:c3:8f:c9:cb:60:df:d4:a8:d0:38:19:b2:f4:52:f2:
         75:d6:c6:52:9f:38:1d:f2:c1:03:a0:25:76:13:b7:d4:c5:c3:
         b8:9f:e2:45:25:9c:15:5b:a1:b0:aa:1e:d7:2f:c1:da:63:35:
         40:e0:66:6e:aa:c1:85:57:26:0a:7f:e1:ba:f7:01:d1:67:e4:
         22:34:d1:53:5a:4b:ad:86:53:1d:90:38:b1:a2:65:76:1c:fb:
         8e:c7:ca:ec:49:79:8b:f6:dc:81:7b:8e:98:46:8d:ce:d0:29:
         ef:73:85:c9:d0:75:dd:63:da:f5:82:11:41:dc:eb:fb:f3:01:
         b7:c9:b9:de:48:b7:3f:9c:48:62:88:63:ca:f8:7c:2b:dd:d5:
         4f:a3:b1:84:bf:ec:2d:be:b4:aa:ec:c9:f7:4e:2d:c0:01:47:
         81:57:de:d6:6f:ff:6a:20:d9:83:cd:91:13:93:be:b8:bc:b0:
         ca:d0:34:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXJhcUBIcs2bTuFcwb0pCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMWQ1YzIxMmIyODE3NDdjOGMzZWM2ZTg2NmUxNWIzOTRj
NWJiZGYwHhcNMjUxMTExMTAwMTAyWhcNMjUxMTEyMTAwMTAyWjAzMTEwLwYDVQQD
EyhmODRmNDFiNGQwOWRkNThlYjQyN2E3MTlmNDU5M2RmYTFkNmI3NGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxJCMz+CIxXPxh8nLCsJCH2ucQa0
7jlFFqMTakVUtdZ8QPJYjPha4hfXq72HWIf4/oa2K9yGQ2gtY4H9Bjn3CFkwKqhE
zdujR3Pz54ugWHd/4/qa3pqohxzKZK95iXjmo/qJB6KwNHJd7J/b92Ze7RfSZSPg
8IuP87mMueKiF6cqD96l9/mHoVEAAXZtHq/aVIO/MCmYQQ5H2ffDE5FEUKU4ZUYI
agkVJRfWEnMqWHIOBCjHi0teiw00iYAQyAsb2iS6K9257/JW2TpqgPtVMzutBLEj
7XrTi5/JsS7R9aSIIKsPGG0YG/OHsulOKl82Ko7RC0+G9h1ErU6rIQQ1GQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPhPQbTQndWOtCenGfRZPfoda3TLMB8GA1UdIwQY
MBaAFE4dXCErKBdHyMPsboZuFbOUxbvfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGgxY0lTc29GMGZJdy14dWhtNFZzNVRGdTk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8yNzc1MDMtODJlMy00YzE3LTk2OTkt
NzEyZTI3NjFkYWY1LzEvVGgxY0lTc29GMGZJdy14dWhtNFZzNVRGdTk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8yNzc1MDMtODJlMy00YzE3LTk2OTktNzEyZTI3NjFkYWY1
LzEvVGgxY0lTc29GMGZJdy14dWhtNFZzNVRGdTk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOGZ7uefE
64taaqE+hcWo8L0BpZaDWlOMLxB4snQkrJN8LjS9gja3QlRLisquPNCXeM8v1p4c
ErCxcU087JtPffHVmrwebrz6ODJXw4/Jy2Df1KjQOBmy9FLyddbGUp84HfLBA6Al
dhO31MXDuJ/iRSWcFVuhsKoe1y/B2mM1QOBmbqrBhVcmCn/huvcB0WfkIjTRU1pL
rYZTHZA4saJldhz7jsfK7El5i/bcgXuOmEaNztAp73OFydB13WPa9YIRQdzr+/MB
t8m53ki3P5xIYohjyvh8K93VT6OxhL/sLb60quzJ904twAFHgVfe1m//aiDZg82R
E5O+uLywytA0Dg==
-----END CERTIFICATE-----