Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.mft
File:                     G7Qd9-pn1O3-D60S99XOzYPhjZo.mft (raw, json)
Hash identifier:          O+Yh2g8BeOqtDyb0/EGaFfZej56OCP8EhslthLHGeuE=
Subject key identifier:   B7:D6:E5:EB:B3:52:00:6D:C0:80:BC:0E:3A:EA:F0:30:DC:DF:8F:37
Authority key identifier: 1B:B4:1D:F7:EA:67:D4:ED:FE:0F:AD:12:F7:D5:CE:CD:83:E1:8D:9A
Certificate issuer:       /CN=1bb41df7ea67d4edfe0fad12f7d5cecd83e18d9a
Certificate serial:       019A71EEDA6D9E544188A151914E7D7683CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/G7Qd9-pn1O3-D60S99XOzYPhjZo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.mft
Manifest number:          04FC
Signing time:             Tue 11 Nov 2025 08:01:10 +0000
Manifest this update:     Tue 11 Nov 2025 08:01:10 +0000
Manifest next update:     Wed 12 Nov 2025 08:01:10 +0000
Files and hashes:         1: G7Qd9-pn1O3-D60S99XOzYPhjZo.crl (hash: /7JWa1A+ayHQWRlqk63E6IVULJuL4/WSPC8rdTtxEeM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/G7Qd9-pn1O3-D60S99XOzYPhjZo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 08:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:ee:da:6d:9e:54:41:88:a1:51:91:4e:7d:76:83:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1bb41df7ea67d4edfe0fad12f7d5cecd83e18d9a
        Validity
            Not Before: Nov 11 08:01:10 2025 GMT
            Not After : Nov 12 08:01:10 2025 GMT
        Subject: CN=b7d6e5ebb352006dc080bc0e3aeaf030dcdf8f37
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:4f:d8:1d:b2:d6:a5:d4:6e:60:48:9c:03:82:
                    70:55:77:bc:63:ed:8a:23:2f:ef:ff:22:dd:6c:c7:
                    13:61:36:f3:b0:9a:3c:32:ab:6b:db:44:89:76:c7:
                    22:18:9f:2f:bd:38:40:b4:d6:05:db:6e:8e:c5:eb:
                    4d:b3:31:b9:f1:89:40:18:4d:e8:9b:a0:71:09:f5:
                    d9:0d:3c:1a:46:11:90:f5:bf:b6:98:ba:0f:ab:da:
                    e8:f3:01:23:e0:19:be:aa:b1:a1:72:d8:70:8a:fc:
                    31:33:0c:94:bb:ac:a6:e6:92:23:fc:62:d6:ee:c3:
                    24:ec:46:6b:51:7a:c7:dd:4d:c0:b8:d1:c5:57:60:
                    f5:cb:5b:3b:cc:64:36:0a:08:d1:da:45:5c:c1:b2:
                    d1:36:45:81:69:75:22:b4:67:f8:21:cf:69:76:1d:
                    3d:aa:c6:8e:ae:35:48:a2:ab:c8:75:e1:c7:ea:00:
                    b0:9b:b6:b1:9c:cb:8f:5e:87:f9:09:bb:2a:a2:ab:
                    c3:b7:b3:3b:c7:a9:4f:08:7a:72:38:7d:56:f9:c9:
                    3a:d4:4d:6d:79:40:7e:70:64:43:28:49:c6:f2:dc:
                    e0:a2:12:6f:70:2b:e9:76:70:b3:95:44:aa:91:ee:
                    55:69:95:51:8e:39:65:0e:6f:04:44:f1:7f:a2:92:
                    42:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:D6:E5:EB:B3:52:00:6D:C0:80:BC:0E:3A:EA:F0:30:DC:DF:8F:37
            X509v3 Authority Key Identifier:
                keyid:1B:B4:1D:F7:EA:67:D4:ED:FE:0F:AD:12:F7:D5:CE:CD:83:E1:8D:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G7Qd9-pn1O3-D60S99XOzYPhjZo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:4a:91:55:a8:b0:17:84:33:b2:52:cd:46:ad:ae:c3:46:e1:
         45:5a:13:1d:53:f8:dc:86:05:9f:2c:4c:bf:c3:19:27:14:bc:
         5b:ec:41:1e:44:d7:65:ca:e8:1f:46:6e:6a:4f:0e:89:ec:6b:
         1d:d8:53:4c:82:42:f6:31:a2:e3:ff:ba:56:1d:8f:ed:96:44:
         f0:a2:71:74:24:b6:ce:c8:c0:af:e9:b8:e3:2f:7f:f6:cc:18:
         43:e0:bf:c1:60:2f:98:a8:8d:30:e3:2f:c6:89:f0:61:9a:fc:
         0e:41:7b:27:ca:33:f1:5f:6c:fb:f6:af:b7:0b:fe:47:5d:9b:
         02:de:08:5f:1c:38:b5:65:82:85:e8:05:45:16:90:60:d8:94:
         e0:9a:c0:33:7e:72:e2:fc:32:fd:82:9a:6d:3c:26:c3:f4:6b:
         37:cf:f0:c3:c9:be:5a:84:fc:e3:f7:28:20:fa:41:89:6e:3a:
         a6:62:bf:7f:b4:f5:a3:72:fa:e5:5a:1a:d6:a4:21:8b:c4:e7:
         37:7b:d0:39:c5:0f:c1:6b:ba:1a:9d:ea:7f:e9:20:e0:17:fe:
         91:9e:bb:64:0d:25:a6:8f:73:ee:55:11:4e:21:28:18:10:59:
         74:18:7a:f2:70:66:f4:f9:8f:ee:6d:d1:5c:45:b3:66:bd:2d:
         1f:c3:f2:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7tptnlRBiKFRkU59doPMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiYjQxZGY3ZWE2N2Q0ZWRmZTBmYWQxMmY3ZDVjZWNkODNl
MThkOWEwHhcNMjUxMTExMDgwMTEwWhcNMjUxMTEyMDgwMTEwWjAzMTEwLwYDVQQD
EyhiN2Q2ZTVlYmIzNTIwMDZkYzA4MGJjMGUzYWVhZjAzMGRjZGY4ZjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnk/YHbLWpdRuYEicA4JwVXe8Y+2K
Iy/v/yLdbMcTYTbzsJo8Mqtr20SJdsciGJ8vvThAtNYF226OxetNszG58YlAGE3o
m6BxCfXZDTwaRhGQ9b+2mLoPq9ro8wEj4Bm+qrGhcthwivwxMwyUu6ym5pIj/GLW
7sMk7EZrUXrH3U3AuNHFV2D1y1s7zGQ2CgjR2kVcwbLRNkWBaXUitGf4Ic9pdh09
qsaOrjVIoqvIdeHH6gCwm7axnMuPXof5CbsqoqvDt7M7x6lPCHpyOH1W+ck61E1t
eUB+cGRDKEnG8tzgohJvcCvpdnCzlUSqke5VaZVRjjllDm8ERPF/opJCRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLfW5euzUgBtwIC8Djrq8DDc3483MB8GA1UdIwQY
MBaAFBu0HffqZ9Tt/g+tEvfVzs2D4Y2aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzdRZDktcG4xTzMtRDYwUzk5WE96WVBoalpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy80NTkzOTYtZGU5MC00Y2M4LWE1NDIt
M2U2ZTdjZGVmNzNlLzEvRzdRZDktcG4xTzMtRDYwUzk5WE96WVBoalpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy80NTkzOTYtZGU5MC00Y2M4LWE1NDItM2U2ZTdjZGVmNzNl
LzEvRzdRZDktcG4xTzMtRDYwUzk5WE96WVBoalpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN0qRVaiw
F4QzslLNRq2uw0bhRVoTHVP43IYFnyxMv8MZJxS8W+xBHkTXZcroH0Zuak8Oiexr
HdhTTIJC9jGi4/+6Vh2P7ZZE8KJxdCS2zsjAr+m44y9/9swYQ+C/wWAvmKiNMOMv
xonwYZr8DkF7J8oz8V9s+/avtwv+R12bAt4IXxw4tWWChegFRRaQYNiU4JrAM35y
4vwy/YKabTwmw/RrN8/ww8m+WoT84/coIPpBiW46pmK/f7T1o3L65Voa1qQhi8Tn
N3vQOcUPwWu6Gp3qf+kg4Bf+kZ67ZA0lpo9z7lURTiEoGBBZdBh68nBm9PmP7m3R
XEWzZr0tH8PyNw==
-----END CERTIFICATE-----