Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/02240f-e080-4be9-93c4-396fcda6490c/1/lW4xbJg4BMJQHsxavqU6KoO1cyQ.mft
File:                     lW4xbJg4BMJQHsxavqU6KoO1cyQ.mft (raw, json)
Hash identifier:          Mpaag5yt+Y8U/KsjGPdC1niYqqnEmHXLwc8aos5r8UM=
Subject key identifier:   12:AB:A1:6B:48:77:93:08:BD:51:8F:60:FC:F1:0B:21:92:CF:A7:E3
Authority key identifier: 95:6E:31:6C:98:38:04:C2:50:1E:CC:5A:BE:A5:3A:2A:83:B5:73:24
Certificate issuer:       /CN=956e316c983804c2501ecc5abea53a2a83b57324
Certificate serial:       019A71B8BBE1F127A2E1E5E75C6941028499
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lW4xbJg4BMJQHsxavqU6KoO1cyQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/02240f-e080-4be9-93c4-396fcda6490c/1/lW4xbJg4BMJQHsxavqU6KoO1cyQ.mft
Manifest number:          16EF
Signing time:             Tue 11 Nov 2025 07:02:03 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:03 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:03 +0000
Files and hashes:         1: lW4xbJg4BMJQHsxavqU6KoO1cyQ.crl (hash: 1wBPOuq9oYJv3hdZmGl/gYTmDAEclnw5F0eXBCfKfa8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1f/02240f-e080-4be9-93c4-396fcda6490c/1/lW4xbJg4BMJQHsxavqU6KoO1cyQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1f/02240f-e080-4be9-93c4-396fcda6490c/1/lW4xbJg4BMJQHsxavqU6KoO1cyQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lW4xbJg4BMJQHsxavqU6KoO1cyQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:bb:e1:f1:27:a2:e1:e5:e7:5c:69:41:02:84:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=956e316c983804c2501ecc5abea53a2a83b57324
        Validity
            Not Before: Nov 11 07:02:03 2025 GMT
            Not After : Nov 12 07:02:03 2025 GMT
        Subject: CN=12aba16b48779308bd518f60fcf10b2192cfa7e3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:83:b2:8c:01:72:b7:ba:fe:ad:10:33:99:c6:
                    cd:cb:31:3f:ec:db:a7:42:46:b6:5e:46:12:09:f1:
                    25:9d:05:4a:06:9d:a7:c1:a9:0b:ae:23:25:ab:1a:
                    0c:f1:a0:20:0d:f3:02:a6:80:1f:37:c4:ce:9d:87:
                    a2:86:74:16:5a:7d:ed:9e:cc:fb:31:c1:65:e5:e7:
                    df:94:2b:b9:2e:37:07:a1:89:d2:1d:95:3d:1f:2b:
                    3e:06:c0:b8:ce:3c:d5:3b:eb:b1:0c:60:6b:80:48:
                    f0:45:ad:02:29:d4:60:8a:41:2f:04:8c:c3:26:6b:
                    f1:31:93:28:df:ba:94:96:f1:5c:2c:85:54:c6:5d:
                    03:d1:10:1f:cc:fa:57:68:ac:39:86:41:e3:94:c4:
                    ba:3a:fe:aa:e2:8b:3c:f7:65:0c:4d:35:ed:ad:25:
                    7a:81:53:95:a5:a6:ce:0b:0b:c9:17:3e:57:1a:fa:
                    aa:7b:37:b5:49:8d:31:e9:21:86:90:09:ba:c1:fa:
                    16:28:f8:a5:d4:13:7b:7e:db:7c:ea:63:76:43:5d:
                    14:2e:a4:bf:9e:e3:6a:46:a0:a2:ca:0d:53:73:83:
                    a1:e8:70:a0:04:10:13:ee:43:2d:87:6d:33:84:f1:
                    87:e7:a4:61:80:51:80:e3:eb:21:2f:3d:98:1f:f6:
                    1a:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:AB:A1:6B:48:77:93:08:BD:51:8F:60:FC:F1:0B:21:92:CF:A7:E3
            X509v3 Authority Key Identifier:
                keyid:95:6E:31:6C:98:38:04:C2:50:1E:CC:5A:BE:A5:3A:2A:83:B5:73:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lW4xbJg4BMJQHsxavqU6KoO1cyQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/02240f-e080-4be9-93c4-396fcda6490c/1/lW4xbJg4BMJQHsxavqU6KoO1cyQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/02240f-e080-4be9-93c4-396fcda6490c/1/lW4xbJg4BMJQHsxavqU6KoO1cyQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:5d:82:92:77:76:3c:42:71:f0:5e:ac:e1:0d:88:29:7b:e1:
         dd:14:45:37:fa:bc:23:ce:28:36:c6:f4:f8:a1:2e:3c:19:d6:
         62:da:e9:2c:43:f0:07:f8:75:9c:ba:97:95:98:db:d6:73:15:
         d8:48:8c:fd:f8:eb:2d:01:83:98:e4:69:44:1c:6c:ed:b2:c4:
         1c:cc:e8:99:14:ce:ef:c4:d3:af:5c:e1:a0:fd:99:74:4f:ed:
         49:08:08:29:b8:d4:5b:33:77:e1:ea:6b:ca:60:a1:b6:91:67:
         5c:e1:33:1f:f1:07:1b:c2:fa:8a:4c:f8:35:2a:ad:b0:93:d4:
         c5:5d:2a:66:f5:77:bf:9d:e7:04:86:12:e0:2c:93:70:9a:82:
         ca:56:3f:97:95:53:d8:be:35:b5:4f:02:6b:06:56:ea:ad:29:
         2e:36:ea:08:7e:17:bc:29:ce:45:a7:75:26:03:ac:84:57:b5:
         55:07:2c:58:0b:f4:6c:7e:0a:9b:75:4b:ff:d3:89:3f:8f:e5:
         63:20:07:1d:81:0f:1f:1c:3e:d5:71:2d:6f:40:e1:5a:54:a7:
         7e:3a:b3:7d:a9:5b:70:00:46:82:d0:2a:66:a0:c7:eb:73:20:
         9a:fe:c7:7a:72:da:63:09:b8:f4:46:34:46:cb:1a:f3:54:2a:
         d9:bf:89:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuLvh8Sei4eXnXGlBAoSZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1NmUzMTZjOTgzODA0YzI1MDFlY2M1YWJlYTUzYTJhODNi
NTczMjQwHhcNMjUxMTExMDcwMjAzWhcNMjUxMTEyMDcwMjAzWjAzMTEwLwYDVQQD
EygxMmFiYTE2YjQ4Nzc5MzA4YmQ1MThmNjBmY2YxMGIyMTkyY2ZhN2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4OyjAFyt7r+rRAzmcbNyzE/7Nun
Qka2XkYSCfElnQVKBp2nwakLriMlqxoM8aAgDfMCpoAfN8TOnYeihnQWWn3tnsz7
McFl5efflCu5LjcHoYnSHZU9Hys+BsC4zjzVO+uxDGBrgEjwRa0CKdRgikEvBIzD
JmvxMZMo37qUlvFcLIVUxl0D0RAfzPpXaKw5hkHjlMS6Ov6q4os892UMTTXtrSV6
gVOVpabOCwvJFz5XGvqqeze1SY0x6SGGkAm6wfoWKPil1BN7ftt86mN2Q10ULqS/
nuNqRqCiyg1Tc4Oh6HCgBBAT7kMth20zhPGH56RhgFGA4+shLz2YH/YavwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBKroWtId5MIvVGPYPzxCyGSz6fjMB8GA1UdIwQY
MBaAFJVuMWyYOATCUB7MWr6lOiqDtXMkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFc0eGJKZzRCTUpRSHN4YXZxVTZLb08xY3lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8wMjI0MGYtZTA4MC00YmU5LTkzYzQt
Mzk2ZmNkYTY0OTBjLzEvbFc0eGJKZzRCTUpRSHN4YXZxVTZLb08xY3lRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi8wMjI0MGYtZTA4MC00YmU5LTkzYzQtMzk2ZmNkYTY0OTBj
LzEvbFc0eGJKZzRCTUpRSHN4YXZxVTZLb08xY3lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf12Cknd2
PEJx8F6s4Q2IKXvh3RRFN/q8I84oNsb0+KEuPBnWYtrpLEPwB/h1nLqXlZjb1nMV
2EiM/fjrLQGDmORpRBxs7bLEHMzomRTO78TTr1zhoP2ZdE/tSQgIKbjUWzN34epr
ymChtpFnXOEzH/EHG8L6ikz4NSqtsJPUxV0qZvV3v53nBIYS4CyTcJqCylY/l5VT
2L41tU8CawZW6q0pLjbqCH4XvCnORad1JgOshFe1VQcsWAv0bH4Km3VL/9OJP4/l
YyAHHYEPHxw+1XEtb0DhWlSnfjqzfalbcABGgtAqZqDH63Mgmv7HenLaYwm49EY0
Rssa81Qq2b+JuQ==
-----END CERTIFICATE-----