Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/3c02b9-25c4-488f-a975-455a0a61f1ea/1/TStBlpVqQxU0D4J9mSoPeikoTD4.mft
File:                     TStBlpVqQxU0D4J9mSoPeikoTD4.mft (raw, json)
Hash identifier:          noj01D+DAUCIbmb2QYxKmykr7gXPuI9It1Z4shqSfuw=
Subject key identifier:   03:6B:7B:6A:9A:63:E6:D6:9D:AB:EF:B3:7E:AE:60:D2:52:8A:95:80
Authority key identifier: 4D:2B:41:96:95:6A:43:15:34:0F:82:7D:99:2A:0F:7A:29:28:4C:3E
Certificate issuer:       /CN=4d2b4196956a4315340f827d992a0f7a29284c3e
Certificate serial:       019A7301585BFB3DE9E39229C1BACCB8A209
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TStBlpVqQxU0D4J9mSoPeikoTD4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/3c02b9-25c4-488f-a975-455a0a61f1ea/1/TStBlpVqQxU0D4J9mSoPeikoTD4.mft
Manifest number:          13AF
Signing time:             Tue 11 Nov 2025 13:00:59 +0000
Manifest this update:     Tue 11 Nov 2025 13:00:59 +0000
Manifest next update:     Wed 12 Nov 2025 13:00:59 +0000
Files and hashes:         1: TStBlpVqQxU0D4J9mSoPeikoTD4.crl (hash: D2E4KP3U3Kywt22f/0ZXpM6XmFV56VjzyLU1NABb2aM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/13/3c02b9-25c4-488f-a975-455a0a61f1ea/1/TStBlpVqQxU0D4J9mSoPeikoTD4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/13/3c02b9-25c4-488f-a975-455a0a61f1ea/1/TStBlpVqQxU0D4J9mSoPeikoTD4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TStBlpVqQxU0D4J9mSoPeikoTD4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:73:01:58:5b:fb:3d:e9:e3:92:29:c1:ba:cc:b8:a2:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d2b4196956a4315340f827d992a0f7a29284c3e
        Validity
            Not Before: Nov 11 13:00:59 2025 GMT
            Not After : Nov 12 13:00:59 2025 GMT
        Subject: CN=036b7b6a9a63e6d69dabefb37eae60d2528a9580
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:c6:4a:4f:f9:85:c8:d8:b8:bc:dc:73:d0:5f:
                    02:d3:3e:ab:b1:7e:c4:76:a8:61:d1:db:fa:57:a3:
                    3e:e2:b4:c6:c3:8e:5d:81:d0:ad:2f:2e:3e:37:96:
                    04:85:b8:36:0b:54:fa:2b:0d:75:56:9a:ee:4f:e5:
                    46:d7:5f:4e:17:5e:36:7b:03:2a:ec:87:e8:73:62:
                    a8:06:27:6a:c2:8d:87:a9:08:32:f3:1b:ca:19:5e:
                    21:ad:07:6d:02:b3:8d:07:1d:f1:50:5e:d2:1b:14:
                    73:e0:f4:78:b6:98:f6:77:4b:e4:b9:5a:88:b0:e1:
                    ea:3f:c0:57:01:4b:a8:64:23:8d:90:93:0c:93:58:
                    ea:92:48:74:1e:d7:be:64:14:0f:fb:86:f9:2e:de:
                    b5:63:66:44:6f:5d:bf:5b:21:29:2e:b8:63:c7:91:
                    fd:a5:21:94:78:16:63:ea:68:b4:32:22:44:40:22:
                    cf:ad:aa:8b:59:a2:27:b8:d0:ff:65:81:46:4a:41:
                    cf:18:c8:e8:51:9e:6f:f2:4f:75:a4:2d:63:4f:c1:
                    40:fc:50:ac:b1:e6:ca:12:6f:39:16:f8:5f:68:7f:
                    2f:f1:98:96:64:dc:93:58:dc:63:61:9b:de:57:07:
                    a6:91:35:38:83:4b:87:54:59:c8:76:2c:c2:f5:85:
                    44:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:6B:7B:6A:9A:63:E6:D6:9D:AB:EF:B3:7E:AE:60:D2:52:8A:95:80
            X509v3 Authority Key Identifier:
                keyid:4D:2B:41:96:95:6A:43:15:34:0F:82:7D:99:2A:0F:7A:29:28:4C:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TStBlpVqQxU0D4J9mSoPeikoTD4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/3c02b9-25c4-488f-a975-455a0a61f1ea/1/TStBlpVqQxU0D4J9mSoPeikoTD4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/3c02b9-25c4-488f-a975-455a0a61f1ea/1/TStBlpVqQxU0D4J9mSoPeikoTD4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:06:a1:27:51:ef:47:d0:b0:27:96:dd:74:18:bb:4b:86:3f:
         29:7f:d4:ee:8e:4c:49:86:09:6e:65:6d:a7:ee:7d:63:f6:18:
         73:f3:a0:d4:f1:9b:5f:3f:b6:6a:0e:9a:b8:c5:bb:7b:a1:17:
         bd:1a:20:60:6f:ea:fc:cc:00:37:0a:af:39:16:02:3b:8b:eb:
         bd:24:63:82:d1:25:4a:11:79:80:e4:b0:ba:2d:e2:32:c8:21:
         d9:b8:9f:12:17:21:cc:5e:0e:88:c2:6c:5d:cb:10:a9:5f:50:
         53:8c:35:31:b8:22:4d:e3:1c:0e:32:20:0e:c7:d5:1e:19:c0:
         d4:ac:34:04:21:66:8b:c6:23:2e:8c:30:1c:5f:3e:89:5e:90:
         a1:60:8d:a1:0f:3a:6d:0c:ad:11:0b:55:bb:c1:e3:9d:30:02:
         2e:79:8c:76:5c:aa:4d:2a:84:e5:68:ca:84:6a:05:26:00:e7:
         06:de:75:2a:31:2f:e0:45:29:85:6a:ba:7c:32:04:a9:26:bc:
         bc:2c:6b:6a:11:5f:52:93:ed:29:b1:04:04:34:64:65:c6:db:
         c7:a4:ab:36:f3:1e:fb:05:09:c9:e7:16:93:f1:c7:39:ec:98:
         cd:bb:d5:26:a7:0d:48:99:f7:d8:82:47:91:9b:76:51:99:ec:
         65:0b:36:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzAVhb+z3p45IpwbrMuKIJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMmI0MTk2OTU2YTQzMTUzNDBmODI3ZDk5MmEwZjdhMjky
ODRjM2UwHhcNMjUxMTExMTMwMDU5WhcNMjUxMTEyMTMwMDU5WjAzMTEwLwYDVQQD
EygwMzZiN2I2YTlhNjNlNmQ2OWRhYmVmYjM3ZWFlNjBkMjUyOGE5NTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsZKT/mFyNi4vNxz0F8C0z6rsX7E
dqhh0dv6V6M+4rTGw45dgdCtLy4+N5YEhbg2C1T6Kw11VpruT+VG119OF142ewMq
7Ifoc2KoBidqwo2HqQgy8xvKGV4hrQdtArONBx3xUF7SGxRz4PR4tpj2d0vkuVqI
sOHqP8BXAUuoZCONkJMMk1jqkkh0Hte+ZBQP+4b5Lt61Y2ZEb12/WyEpLrhjx5H9
pSGUeBZj6mi0MiJEQCLPraqLWaInuND/ZYFGSkHPGMjoUZ5v8k91pC1jT8FA/FCs
sebKEm85FvhfaH8v8ZiWZNyTWNxjYZveVwemkTU4g0uHVFnIdizC9YVEBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFANre2qaY+bWnavvs36uYNJSipWAMB8GA1UdIwQY
MBaAFE0rQZaVakMVNA+CfZkqD3opKEw+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFN0QmxwVnFReFUwRDRKOW1Tb1BlaWtvVEQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8zYzAyYjktMjVjNC00ODhmLWE5NzUt
NDU1YTBhNjFmMWVhLzEvVFN0QmxwVnFReFUwRDRKOW1Tb1BlaWtvVEQ0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8zYzAyYjktMjVjNC00ODhmLWE5NzUtNDU1YTBhNjFmMWVh
LzEvVFN0QmxwVnFReFUwRDRKOW1Tb1BlaWtvVEQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASgahJ1Hv
R9CwJ5bddBi7S4Y/KX/U7o5MSYYJbmVtp+59Y/YYc/Og1PGbXz+2ag6auMW7e6EX
vRogYG/q/MwANwqvORYCO4vrvSRjgtElShF5gOSwui3iMsgh2bifEhchzF4OiMJs
XcsQqV9QU4w1MbgiTeMcDjIgDsfVHhnA1Kw0BCFmi8YjLowwHF8+iV6QoWCNoQ86
bQytEQtVu8HjnTACLnmMdlyqTSqE5WjKhGoFJgDnBt51KjEv4EUphWq6fDIEqSa8
vCxrahFfUpPtKbEEBDRkZcbbx6SrNvMe+wUJyecWk/HHOeyYzbvVJqcNSJn32IJH
kZt2UZnsZQs2og==
-----END CERTIFICATE-----