Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/4ef8b4-7e06-4768-b47a-970fb0e44c47/1/pL9-XCjULmcUGeYsMmBJ5cedSOA.mft
File:                     pL9-XCjULmcUGeYsMmBJ5cedSOA.mft (raw, json)
Hash identifier:          +P9vbwjJoimuu3Srh+flXDWeZvhn91RNlp6/J5bSaD0=
Subject key identifier:   4B:02:27:23:7C:E5:EC:18:0D:9F:D5:C4:5B:D7:13:F5:CD:2C:6E:76
Authority key identifier: A4:BF:7E:5C:28:D4:2E:67:14:19:E6:2C:32:60:49:E5:C7:9D:48:E0
Certificate issuer:       /CN=a4bf7e5c28d42e671419e62c326049e5c79d48e0
Certificate serial:       019A7149EDCF2A82D5661C903B5CCE98EA3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pL9-XCjULmcUGeYsMmBJ5cedSOA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/4ef8b4-7e06-4768-b47a-970fb0e44c47/1/pL9-XCjULmcUGeYsMmBJ5cedSOA.mft
Manifest number:          0127
Signing time:             Tue 11 Nov 2025 05:01:01 +0000
Manifest this update:     Tue 11 Nov 2025 05:01:01 +0000
Manifest next update:     Wed 12 Nov 2025 05:01:01 +0000
Files and hashes:         1: pL9-XCjULmcUGeYsMmBJ5cedSOA.crl (hash: CS/USB6sVh99cldtb+3oR4fw1/G3baltEt09RxN80HI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/4ef8b4-7e06-4768-b47a-970fb0e44c47/1/pL9-XCjULmcUGeYsMmBJ5cedSOA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/4ef8b4-7e06-4768-b47a-970fb0e44c47/1/pL9-XCjULmcUGeYsMmBJ5cedSOA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pL9-XCjULmcUGeYsMmBJ5cedSOA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 05:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:49:ed:cf:2a:82:d5:66:1c:90:3b:5c:ce:98:ea:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a4bf7e5c28d42e671419e62c326049e5c79d48e0
        Validity
            Not Before: Nov 11 05:01:01 2025 GMT
            Not After : Nov 12 05:01:01 2025 GMT
        Subject: CN=4b0227237ce5ec180d9fd5c45bd713f5cd2c6e76
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:97:17:35:52:9b:1b:57:08:0e:a2:90:64:ca:
                    d0:17:85:af:3b:9b:a0:9e:6a:c1:54:07:41:97:68:
                    07:e9:4f:d4:a6:0d:90:ce:c0:e1:de:be:61:2c:32:
                    bc:26:12:ce:7f:4b:50:98:03:e4:2b:0e:cb:84:06:
                    90:a0:6b:a0:fd:98:aa:d5:a8:8b:98:24:2a:2d:21:
                    2e:8f:65:b7:70:98:82:dc:0a:6e:90:98:fa:be:ef:
                    c8:9c:44:ac:66:0d:93:b2:e8:2a:3f:07:09:48:99:
                    5c:f9:da:18:43:69:6d:d8:69:bf:c2:9f:5d:00:25:
                    63:9b:c2:c7:d5:85:04:12:c5:85:28:8b:f5:91:ba:
                    80:53:17:85:78:45:6b:a1:82:94:8f:6e:50:a2:41:
                    93:9a:79:55:ac:35:3f:95:6d:d9:26:79:7e:13:b3:
                    64:1a:ae:97:23:4d:10:2c:09:fe:d6:cb:f3:cb:14:
                    18:16:09:c2:bf:1b:9d:8f:26:41:c1:fe:68:e2:96:
                    2d:2b:71:1e:0d:d0:98:e8:0f:f7:51:e8:4e:ef:bf:
                    68:14:9b:1e:3c:70:1d:b2:09:10:a9:ce:cb:25:b0:
                    4e:b7:76:e1:07:e2:c6:44:40:e6:26:99:1a:5f:22:
                    2c:e6:f2:ce:a0:a4:ef:90:0f:a5:f2:cc:f7:0a:c4:
                    4b:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:02:27:23:7C:E5:EC:18:0D:9F:D5:C4:5B:D7:13:F5:CD:2C:6E:76
            X509v3 Authority Key Identifier:
                keyid:A4:BF:7E:5C:28:D4:2E:67:14:19:E6:2C:32:60:49:E5:C7:9D:48:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pL9-XCjULmcUGeYsMmBJ5cedSOA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/4ef8b4-7e06-4768-b47a-970fb0e44c47/1/pL9-XCjULmcUGeYsMmBJ5cedSOA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/4ef8b4-7e06-4768-b47a-970fb0e44c47/1/pL9-XCjULmcUGeYsMmBJ5cedSOA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:0e:e4:fb:be:ae:03:63:66:26:7c:e4:84:87:2e:bd:dd:93:
         7b:14:8d:7b:48:3b:b7:c9:1d:ea:59:f0:8a:2d:33:07:2c:be:
         37:68:da:8b:bc:a5:9e:3a:44:28:1f:95:d5:78:f1:c5:c9:1e:
         32:d1:c5:62:4c:d7:ff:a0:4d:40:d7:5d:80:90:78:64:aa:2d:
         8e:a0:5e:e4:6f:7b:db:0d:75:6b:0a:01:8e:03:1a:a2:d6:4c:
         1b:71:4a:e3:ec:ae:18:d1:84:5d:8d:29:d7:4f:06:88:15:91:
         b1:47:d4:17:d8:c1:fc:65:62:df:cc:10:86:28:74:f4:6a:0f:
         85:2e:35:11:31:8c:6c:57:89:43:79:9a:93:97:16:84:eb:e7:
         fa:37:2a:68:14:e6:91:d0:ff:bd:b5:7f:d3:14:8f:34:ac:15:
         23:8b:e7:f5:82:2b:74:cb:e8:b7:88:c3:57:d7:94:d0:3e:90:
         24:bc:fe:a6:7d:35:a3:e4:da:53:ad:d8:e2:eb:11:24:a7:8c:
         7f:31:92:94:c1:08:0d:2b:cd:a0:e2:85:f3:12:ed:e9:25:41:
         09:59:b3:67:cb:80:50:bb:87:6c:d7:a6:25:cc:46:cf:9c:12:
         88:fb:e1:37:f5:3f:ee:32:80:c5:3c:d9:7c:7d:41:78:7e:15:
         c2:2e:61:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSe3PKoLVZhyQO1zOmOo+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0YmY3ZTVjMjhkNDJlNjcxNDE5ZTYyYzMyNjA0OWU1Yzc5
ZDQ4ZTAwHhcNMjUxMTExMDUwMTAxWhcNMjUxMTEyMDUwMTAxWjAzMTEwLwYDVQQD
Eyg0YjAyMjcyMzdjZTVlYzE4MGQ5ZmQ1YzQ1YmQ3MTNmNWNkMmM2ZTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJcXNVKbG1cIDqKQZMrQF4WvO5ug
nmrBVAdBl2gH6U/Upg2QzsDh3r5hLDK8JhLOf0tQmAPkKw7LhAaQoGug/Ziq1aiL
mCQqLSEuj2W3cJiC3ApukJj6vu/InESsZg2TsugqPwcJSJlc+doYQ2lt2Gm/wp9d
ACVjm8LH1YUEEsWFKIv1kbqAUxeFeEVroYKUj25QokGTmnlVrDU/lW3ZJnl+E7Nk
Gq6XI00QLAn+1svzyxQYFgnCvxudjyZBwf5o4pYtK3EeDdCY6A/3UehO779oFJse
PHAdsgkQqc7LJbBOt3bhB+LGREDmJpkaXyIs5vLOoKTvkA+l8sz3CsRLZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEsCJyN85ewYDZ/VxFvXE/XNLG52MB8GA1UdIwQY
MBaAFKS/flwo1C5nFBnmLDJgSeXHnUjgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEw5LVhDalVMbWNVR2VZc01tQko1Y2VkU09BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS80ZWY4YjQtN2UwNi00NzY4LWI0N2Et
OTcwZmIwZTQ0YzQ3LzEvcEw5LVhDalVMbWNVR2VZc01tQko1Y2VkU09BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS80ZWY4YjQtN2UwNi00NzY4LWI0N2EtOTcwZmIwZTQ0YzQ3
LzEvcEw5LVhDalVMbWNVR2VZc01tQko1Y2VkU09BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMQ7k+76u
A2NmJnzkhIcuvd2TexSNe0g7t8kd6lnwii0zByy+N2jai7ylnjpEKB+V1Xjxxcke
MtHFYkzX/6BNQNddgJB4ZKotjqBe5G972w11awoBjgMaotZMG3FK4+yuGNGEXY0p
108GiBWRsUfUF9jB/GVi38wQhih09GoPhS41ETGMbFeJQ3mak5cWhOvn+jcqaBTm
kdD/vbV/0xSPNKwVI4vn9YIrdMvot4jDV9eU0D6QJLz+pn01o+TaU63Y4usRJKeM
fzGSlMEIDSvNoOKF8xLt6SVBCVmzZ8uAULuHbNemJcxGz5wSiPvhN/U/7jKAxTzZ
fH1BeH4Vwi5hbQ==
-----END CERTIFICATE-----