Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft
File:                     H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft (raw, json)
Hash identifier:          lqnjkfGEu0dgtBMr6KUW83UeKwwUOeED7kvKUMaScmo=
Subject key identifier:   F4:CF:57:88:32:8E:70:CA:49:26:17:28:73:21:04:F7:E8:6B:76:61
Authority key identifier: 1F:B4:B2:3A:44:DF:C5:AE:56:9E:74:CF:BB:0F:03:E9:27:B5:61:E2
Certificate issuer:       /CN=1fb4b23a44dfc5ae569e74cfbb0f03e927b561e2
Certificate serial:       019A71B7D16320B9BE819897751A710A9327
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H7SyOkTfxa5WnnTPuw8D6Se1YeI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft
Manifest number:          0E94
Signing time:             Tue 11 Nov 2025 07:01:03 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:03 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:03 +0000
Files and hashes:         1: H7SyOkTfxa5WnnTPuw8D6Se1YeI.crl (hash: m+jehkha3+ffM7gsgo4DAs0C/jZvw/3zGvEkQO+ANiI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H7SyOkTfxa5WnnTPuw8D6Se1YeI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:d1:63:20:b9:be:81:98:97:75:1a:71:0a:93:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1fb4b23a44dfc5ae569e74cfbb0f03e927b561e2
        Validity
            Not Before: Nov 11 07:01:03 2025 GMT
            Not After : Nov 12 07:01:03 2025 GMT
        Subject: CN=f4cf5788328e70ca49261728732104f7e86b7661
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:b5:d3:f1:4d:b2:fe:4e:96:94:86:a7:93:80:
                    5e:19:1a:cc:75:e8:c6:35:f8:9a:59:4d:52:df:3a:
                    4e:12:c8:f2:81:14:7c:49:2d:05:25:fc:cc:f5:2d:
                    d9:c2:7b:96:93:99:0b:33:27:43:31:0a:6f:03:a2:
                    78:82:46:a1:be:38:57:a7:43:af:e3:c4:ec:4d:cd:
                    c3:b0:2c:92:91:b2:d6:36:d9:4a:d9:65:e1:7a:4f:
                    7d:6c:d1:db:80:d4:d8:01:9f:4a:88:7a:e2:e2:6f:
                    b9:58:4a:d2:05:bb:2a:54:2e:12:da:1d:c0:6b:c6:
                    e2:05:17:f5:f9:7a:ae:d6:37:28:e0:7d:30:b4:a8:
                    cb:c0:6d:fc:f1:10:20:c5:ae:96:bb:fd:7a:be:08:
                    38:3c:d4:d7:a9:8e:a6:49:c1:0b:60:3a:bc:ba:24:
                    8e:05:af:e2:40:72:46:57:96:80:e6:07:22:0d:4f:
                    1d:31:47:fc:9c:57:c7:69:b2:56:71:64:4d:6b:7d:
                    22:83:fa:a6:9e:fb:2c:8b:38:e8:26:3c:3f:92:33:
                    b9:3a:84:d2:7d:fd:1f:10:6a:ba:b9:9e:b6:4d:a6:
                    40:4a:3c:0c:1e:a6:d2:a3:58:f2:93:a0:24:9c:cc:
                    fc:77:b5:e6:55:6e:b3:5e:d2:5d:a5:c2:d4:77:e8:
                    bc:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:CF:57:88:32:8E:70:CA:49:26:17:28:73:21:04:F7:E8:6B:76:61
            X509v3 Authority Key Identifier:
                keyid:1F:B4:B2:3A:44:DF:C5:AE:56:9E:74:CF:BB:0F:03:E9:27:B5:61:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H7SyOkTfxa5WnnTPuw8D6Se1YeI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:e4:4e:1a:f2:b9:54:19:c5:fe:5f:64:96:74:77:b6:c8:45:
         e6:0c:8e:97:24:04:ab:46:60:9e:79:d4:04:37:ec:2a:38:14:
         aa:9d:d1:78:72:c8:a2:19:c1:2c:49:da:3c:2b:5a:e6:6f:ab:
         1a:4c:cf:ff:0a:f8:b6:1d:51:4f:f4:b3:01:24:e3:c0:81:9e:
         ab:2b:a1:e9:5c:13:0f:97:9f:51:ff:4c:22:94:40:b9:6c:49:
         1d:4a:25:d3:65:19:47:96:6f:cb:87:52:40:81:6a:5e:36:66:
         aa:f5:60:e3:2c:6b:a9:ad:12:1c:db:07:9b:c9:8a:ac:03:77:
         68:13:a8:1d:fe:ff:93:b8:23:5a:a9:b8:26:93:54:f5:13:03:
         49:d1:3e:eb:4f:7e:48:13:08:f8:44:18:a2:98:30:d8:a4:8c:
         12:90:69:36:c8:e3:35:58:76:47:d9:06:80:ff:72:9f:8c:2d:
         c3:cc:19:f5:e3:f2:16:43:0f:b0:10:5b:87:d0:d6:3e:f2:ff:
         33:86:75:01:58:eb:c5:91:7f:b7:7a:31:5e:e4:2b:93:43:53:
         ac:68:ce:99:ce:d7:db:e3:64:d6:58:7c:ce:ce:bc:6a:09:c0:
         3e:b0:4c:19:29:f5:3e:b5:ce:34:e3:64:32:b1:01:d1:af:75:
         07:af:06:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt9FjILm+gZiXdRpxCpMnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmYjRiMjNhNDRkZmM1YWU1NjllNzRjZmJiMGYwM2U5Mjdi
NTYxZTIwHhcNMjUxMTExMDcwMTAzWhcNMjUxMTEyMDcwMTAzWjAzMTEwLwYDVQQD
EyhmNGNmNTc4ODMyOGU3MGNhNDkyNjE3Mjg3MzIxMDRmN2U4NmI3NjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbXT8U2y/k6WlIank4BeGRrMdejG
NfiaWU1S3zpOEsjygRR8SS0FJfzM9S3ZwnuWk5kLMydDMQpvA6J4gkahvjhXp0Ov
48TsTc3DsCySkbLWNtlK2WXhek99bNHbgNTYAZ9KiHri4m+5WErSBbsqVC4S2h3A
a8biBRf1+Xqu1jco4H0wtKjLwG388RAgxa6Wu/16vgg4PNTXqY6mScELYDq8uiSO
Ba/iQHJGV5aA5gciDU8dMUf8nFfHabJWcWRNa30ig/qmnvssizjoJjw/kjO5OoTS
ff0fEGq6uZ62TaZASjwMHqbSo1jyk6AknMz8d7XmVW6zXtJdpcLUd+i8gQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPTPV4gyjnDKSSYXKHMhBPfoa3ZhMB8GA1UdIwQY
MBaAFB+0sjpE38WuVp50z7sPA+kntWHiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDdTeU9rVGZ4YTVXbm5UUHV3OEQ2U2UxWWVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zYmRlN2UtNjE5YS00ODRmLTlkNmEt
NDlhMjU0MmY2MzllLzEvSDdTeU9rVGZ4YTVXbm5UUHV3OEQ2U2UxWWVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zYmRlN2UtNjE5YS00ODRmLTlkNmEtNDlhMjU0MmY2Mzll
LzEvSDdTeU9rVGZ4YTVXbm5UUHV3OEQ2U2UxWWVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeuROGvK5
VBnF/l9klnR3tshF5gyOlyQEq0ZgnnnUBDfsKjgUqp3ReHLIohnBLEnaPCta5m+r
GkzP/wr4th1RT/SzASTjwIGeqyuh6VwTD5efUf9MIpRAuWxJHUol02UZR5Zvy4dS
QIFqXjZmqvVg4yxrqa0SHNsHm8mKrAN3aBOoHf7/k7gjWqm4JpNU9RMDSdE+609+
SBMI+EQYopgw2KSMEpBpNsjjNVh2R9kGgP9yn4wtw8wZ9ePyFkMPsBBbh9DWPvL/
M4Z1AVjrxZF/t3oxXuQrk0NTrGjOmc7X2+Nk1lh8zs68agnAPrBMGSn1PrXONONk
MrEB0a91B68GCQ==
-----END CERTIFICATE-----