Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
File:                     3APMhzX27sAjqfI6BLLpDVOpIVI.mft (raw, json)
Hash identifier:          vghOtbNN4tEeW8DtXaV3pnf0niPZQd9b5tTE5cKXA+A=
Subject key identifier:   48:1A:E5:77:EB:F5:6D:09:66:3C:5D:D2:6B:E8:ED:73:32:50:BB:1D
Authority key identifier: DC:03:CC:87:35:F6:EE:C0:23:A9:F2:3A:04:B2:E9:0D:53:A9:21:52
Certificate issuer:       /CN=dc03cc8735f6eec023a9f23a04b2e90d53a92152
Certificate serial:       019A71B7DCCA7EE9655FDF3525EDA048F90C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
Manifest number:          07B0
Signing time:             Tue 11 Nov 2025 07:01:06 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:06 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:06 +0000
Files and hashes:         1: 3APMhzX27sAjqfI6BLLpDVOpIVI.crl (hash: dtK7Xke1RggnTi3tefrNFjZu+JBbJpgac1v9dO3Fl5M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:dc:ca:7e:e9:65:5f:df:35:25:ed:a0:48:f9:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc03cc8735f6eec023a9f23a04b2e90d53a92152
        Validity
            Not Before: Nov 11 07:01:06 2025 GMT
            Not After : Nov 12 07:01:06 2025 GMT
        Subject: CN=481ae577ebf56d09663c5dd26be8ed733250bb1d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:5a:22:ac:c7:42:73:89:3b:55:36:57:ac:20:
                    63:77:93:0a:e6:58:8f:4b:a0:58:04:e7:c7:d0:2f:
                    83:71:7a:2a:bd:ab:ab:68:58:f0:6e:22:c6:ce:c5:
                    41:cc:f2:52:04:44:2f:40:55:1a:7c:cd:ae:21:ad:
                    22:f9:a8:ac:28:e6:41:ae:a6:b2:34:2b:bb:ca:cc:
                    0d:97:f6:b9:d6:a7:17:22:60:7e:9b:ea:8c:76:a6:
                    b8:c1:1e:7f:4b:0a:94:4e:d4:7c:c3:f0:af:8d:1e:
                    e3:37:3f:0e:50:8f:e6:5d:ec:4d:73:f8:91:f5:0b:
                    e0:cc:28:44:43:43:d0:6a:bb:c5:be:e2:14:9b:a3:
                    b6:55:43:cc:00:25:9a:17:e7:e0:8b:83:90:93:4b:
                    d3:c8:2d:e9:4c:be:75:ea:46:e6:51:b9:36:07:67:
                    dc:37:62:fe:dd:47:4e:f4:1e:59:4e:0b:c4:fc:95:
                    e3:f9:52:a4:c0:6c:40:c5:b4:ec:ac:39:02:52:27:
                    e0:b2:06:e6:4c:1c:01:84:8d:50:05:31:0f:fd:ab:
                    9b:01:32:ed:40:6a:98:64:4b:ef:29:f6:74:3f:39:
                    c8:f7:df:97:10:22:01:2e:9c:3e:aa:85:f0:37:c9:
                    ef:cf:e5:0b:3e:8c:da:80:b1:29:bd:ef:71:4f:43:
                    d4:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:1A:E5:77:EB:F5:6D:09:66:3C:5D:D2:6B:E8:ED:73:32:50:BB:1D
            X509v3 Authority Key Identifier:
                keyid:DC:03:CC:87:35:F6:EE:C0:23:A9:F2:3A:04:B2:E9:0D:53:A9:21:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b8:ef:70:93:90:49:e6:2b:2f:e5:0a:84:cb:88:b6:98:61:24:
         bb:dc:91:ba:17:85:26:0f:66:3f:85:3b:b3:23:33:f0:77:bd:
         cc:2d:90:2b:9c:bc:01:72:31:1b:18:cb:55:5e:6c:a5:d9:e5:
         70:e2:bc:61:04:af:a3:ce:58:ca:ca:73:ed:0b:f1:b7:f0:c1:
         f5:49:65:50:33:58:68:11:79:b8:2d:24:51:a3:5a:31:f0:65:
         de:16:a6:0d:30:00:76:70:30:89:5a:be:e0:7e:69:21:b1:2f:
         b9:05:2a:69:32:7e:ab:b7:c7:b7:06:fd:63:41:e1:71:14:5c:
         dd:9c:c9:be:8c:ec:79:63:5d:19:66:b3:10:59:6e:41:35:98:
         c5:e0:d3:73:20:4f:6d:8b:65:ac:8a:47:d5:b1:98:6d:4a:a5:
         22:2d:bb:66:b1:41:c8:7c:89:77:fe:6b:7d:82:36:86:a5:ba:
         b0:9c:ac:21:f2:23:36:0e:50:f4:3e:0a:1b:81:6c:bc:ad:1c:
         c7:33:46:e5:35:74:0f:44:b5:48:a9:c5:a3:6c:ea:2b:fd:06:
         75:fa:74:5e:31:14:e1:bc:c7:0d:f5:7e:17:cb:1d:d7:e7:c4:
         ce:86:75:8f:82:cf:e7:e3:f1:6b:4b:dd:95:ff:d0:19:2a:c9:
         a5:b7:74:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt9zKfullX981Je2gSPkMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMDNjYzg3MzVmNmVlYzAyM2E5ZjIzYTA0YjJlOTBkNTNh
OTIxNTIwHhcNMjUxMTExMDcwMTA2WhcNMjUxMTEyMDcwMTA2WjAzMTEwLwYDVQQD
Eyg0ODFhZTU3N2ViZjU2ZDA5NjYzYzVkZDI2YmU4ZWQ3MzMyNTBiYjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1VoirMdCc4k7VTZXrCBjd5MK5liP
S6BYBOfH0C+DcXoqvauraFjwbiLGzsVBzPJSBEQvQFUafM2uIa0i+aisKOZBrqay
NCu7yswNl/a51qcXImB+m+qMdqa4wR5/SwqUTtR8w/CvjR7jNz8OUI/mXexNc/iR
9QvgzChEQ0PQarvFvuIUm6O2VUPMACWaF+fgi4OQk0vTyC3pTL516kbmUbk2B2fc
N2L+3UdO9B5ZTgvE/JXj+VKkwGxAxbTsrDkCUifgsgbmTBwBhI1QBTEP/aubATLt
QGqYZEvvKfZ0PznI99+XECIBLpw+qoXwN8nvz+ULPozagLEpve9xT0PUjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEga5Xfr9W0JZjxd0mvo7XMyULsdMB8GA1UdIwQY
MBaAFNwDzIc19u7AI6nyOgSy6Q1TqSFSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9iNTY2MmEtNjFhNS00OGE5LTg3N2It
YzQ0NTNhZmIyOTMzLzEvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9iNTY2MmEtNjFhNS00OGE5LTg3N2ItYzQ0NTNhZmIyOTMz
LzEvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuO9wk5BJ
5isv5QqEy4i2mGEku9yRuheFJg9mP4U7syMz8He9zC2QK5y8AXIxGxjLVV5spdnl
cOK8YQSvo85Yyspz7Qvxt/DB9UllUDNYaBF5uC0kUaNaMfBl3hamDTAAdnAwiVq+
4H5pIbEvuQUqaTJ+q7fHtwb9Y0HhcRRc3ZzJvozseWNdGWazEFluQTWYxeDTcyBP
bYtlrIpH1bGYbUqlIi27ZrFByHyJd/5rfYI2hqW6sJysIfIjNg5Q9D4KG4FsvK0c
xzNG5TV0D0S1SKnFo2zqK/0Gdfp0XjEU4bzHDfV+F8sd1+fEzoZ1j4LP5+Pxa0vd
lf/QGSrJpbd0FQ==
-----END CERTIFICATE-----