Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft
File:                     hRwTZejd_OV1mPvo3n6oesYD4iw.mft (raw, json)
Hash identifier:          PAZJuNQv344xaXH8I2tKhARYYlp3ljzg/SgMoz5C1TU=
Subject key identifier:   17:2C:B1:1C:FB:97:1A:3A:45:AF:3F:6F:F5:B5:E2:DA:F6:66:45:F6
Authority key identifier: 85:1C:13:65:E8:DD:FC:E5:75:98:FB:E8:DE:7E:A8:7A:C6:03:E2:2C
Certificate issuer:       /CN=851c1365e8ddfce57598fbe8de7ea87ac603e22c
Certificate serial:       019A71B920DC423E0A3003A29A78AAB805CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hRwTZejd_OV1mPvo3n6oesYD4iw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft
Manifest number:          096F
Signing time:             Tue 11 Nov 2025 07:02:29 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:29 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:29 +0000
Files and hashes:         1: hRwTZejd_OV1mPvo3n6oesYD4iw.crl (hash: yzhkWKSz5iJ1pHPwofsUnClM3oiBJCq1C3xPXuwgYjM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hRwTZejd_OV1mPvo3n6oesYD4iw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b9:20:dc:42:3e:0a:30:03:a2:9a:78:aa:b8:05:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=851c1365e8ddfce57598fbe8de7ea87ac603e22c
        Validity
            Not Before: Nov 11 07:02:29 2025 GMT
            Not After : Nov 12 07:02:29 2025 GMT
        Subject: CN=172cb11cfb971a3a45af3f6ff5b5e2daf66645f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:28:85:79:ba:2b:bb:2e:1b:21:82:42:8c:25:
                    04:a0:89:06:e0:34:6a:f4:bd:24:00:9d:13:49:0f:
                    d7:f0:03:bd:3d:e6:fe:ea:24:ad:86:02:bd:1a:01:
                    e4:25:ef:d9:2f:af:b1:39:b7:00:e1:5f:22:d2:bf:
                    8c:cf:a1:6c:6c:7c:de:79:a2:32:18:cb:82:55:8e:
                    f6:4b:05:08:83:56:9b:69:0b:d4:72:8a:7c:c1:c0:
                    67:c7:ca:c5:ca:a8:8d:17:84:cb:10:55:8b:ae:67:
                    cb:4b:0f:82:da:b9:93:47:da:40:9e:2e:d6:db:ba:
                    9c:89:6c:be:49:99:3f:aa:fc:89:e6:91:75:ad:cd:
                    f6:6d:e0:d7:ca:d4:5c:fb:6a:a3:b6:10:f3:23:09:
                    a1:a3:07:26:4f:63:57:5e:54:64:ae:ad:a1:ce:5e:
                    a1:82:68:4a:0c:dd:3f:b1:99:4c:fe:58:dc:bc:90:
                    5c:45:f6:4a:ee:8e:9d:d3:f1:43:00:08:57:a1:60:
                    3e:23:3a:47:4e:26:9b:99:2e:67:f8:a0:2e:91:52:
                    3f:22:3d:6f:4e:60:81:1a:e5:14:ec:f2:4b:a3:63:
                    6f:44:82:a1:6b:07:f6:ed:e0:3f:9e:5c:8e:71:e4:
                    29:32:28:e6:6c:50:9d:38:7a:5c:26:40:95:44:7b:
                    d8:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:2C:B1:1C:FB:97:1A:3A:45:AF:3F:6F:F5:B5:E2:DA:F6:66:45:F6
            X509v3 Authority Key Identifier:
                keyid:85:1C:13:65:E8:DD:FC:E5:75:98:FB:E8:DE:7E:A8:7A:C6:03:E2:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hRwTZejd_OV1mPvo3n6oesYD4iw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:34:de:64:2b:48:34:e2:5b:a9:15:49:fb:28:66:2d:7d:b9:
         1d:5f:45:37:c5:8a:ac:53:dc:c2:d6:ea:8d:6d:cc:dc:2d:d5:
         ea:69:1b:27:f8:7c:6e:f9:53:96:9e:b1:18:07:94:aa:bd:f5:
         92:11:45:75:8e:04:d2:c2:0d:76:48:1b:b9:e7:86:f3:f4:fb:
         e7:ec:50:dc:dd:15:29:d2:23:86:35:78:93:fd:dc:bd:d1:5b:
         6c:f0:03:84:8e:a2:99:25:fa:a1:97:3d:21:db:26:12:6d:7a:
         08:3a:f3:f4:c7:29:3d:64:8f:49:d0:38:ad:e8:84:d6:e3:ba:
         75:74:ca:f8:a6:fb:f9:4c:6d:91:df:7d:fe:f9:5a:a3:a6:4b:
         e7:50:f2:b5:6a:99:e0:2a:a9:ad:80:2b:02:77:68:d8:10:78:
         e7:6c:bf:5c:d0:c6:a3:66:79:36:4e:e1:80:26:aa:74:1b:63:
         5d:d6:66:df:a0:c0:19:36:d4:9d:3b:8b:f6:d0:74:73:05:a6:
         a6:54:4e:a9:b7:98:d6:d4:ae:77:2b:35:9c:5d:f3:73:a1:48:
         a7:97:20:c6:86:d3:2c:35:de:92:62:65:54:b8:33:34:4e:cd:
         04:b5:71:9d:c4:ff:17:35:2d:ee:66:d4:84:67:49:26:ab:b2:
         d3:ce:6f:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuSDcQj4KMAOimniquAXLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MWMxMzY1ZThkZGZjZTU3NTk4ZmJlOGRlN2VhODdhYzYw
M2UyMmMwHhcNMjUxMTExMDcwMjI5WhcNMjUxMTEyMDcwMjI5WjAzMTEwLwYDVQQD
EygxNzJjYjExY2ZiOTcxYTNhNDVhZjNmNmZmNWI1ZTJkYWY2NjY0NWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCiFeboruy4bIYJCjCUEoIkG4DRq
9L0kAJ0TSQ/X8AO9Peb+6iSthgK9GgHkJe/ZL6+xObcA4V8i0r+Mz6FsbHzeeaIy
GMuCVY72SwUIg1abaQvUcop8wcBnx8rFyqiNF4TLEFWLrmfLSw+C2rmTR9pAni7W
27qciWy+SZk/qvyJ5pF1rc32beDXytRc+2qjthDzIwmhowcmT2NXXlRkrq2hzl6h
gmhKDN0/sZlM/ljcvJBcRfZK7o6d0/FDAAhXoWA+IzpHTiabmS5n+KAukVI/Ij1v
TmCBGuUU7PJLo2NvRIKhawf27eA/nlyOceQpMijmbFCdOHpcJkCVRHvYBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBcssRz7lxo6Ra8/b/W14tr2ZkX2MB8GA1UdIwQY
MBaAFIUcE2Xo3fzldZj76N5+qHrGA+IsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFJ3VFplamRfT1YxbVB2bzNuNm9lc1lENGl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8zNTIyZTktODZlMC00YjVhLWEyYzgt
MDBmMDYwMTI1MmM4LzEvaFJ3VFplamRfT1YxbVB2bzNuNm9lc1lENGl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8zNTIyZTktODZlMC00YjVhLWEyYzgtMDBmMDYwMTI1MmM4
LzEvaFJ3VFplamRfT1YxbVB2bzNuNm9lc1lENGl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAjTeZCtI
NOJbqRVJ+yhmLX25HV9FN8WKrFPcwtbqjW3M3C3V6mkbJ/h8bvlTlp6xGAeUqr31
khFFdY4E0sINdkgbueeG8/T75+xQ3N0VKdIjhjV4k/3cvdFbbPADhI6imSX6oZc9
IdsmEm16CDrz9McpPWSPSdA4reiE1uO6dXTK+Kb7+Uxtkd99/vlao6ZL51DytWqZ
4CqprYArAndo2BB452y/XNDGo2Z5Nk7hgCaqdBtjXdZm36DAGTbUnTuL9tB0cwWm
plROqbeY1tSudys1nF3zc6FIp5cgxobTLDXekmJlVLgzNE7NBLVxncT/FzUt7mbU
hGdJJquy085vWg==
-----END CERTIFICATE-----