Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft
File:                     PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft (raw, json)
Hash identifier:          6LOGOzWHegFh/C29f0FkMryqxoXemFA5A274Xoxwa/Y=
Subject key identifier:   6F:A6:CB:A2:BE:34:06:D5:E3:02:C5:61:95:81:07:BF:96:22:DC:2B
Authority key identifier: 3D:1B:67:CC:DA:49:C8:DE:48:92:93:41:F6:DE:8A:2B:60:25:B3:A6
Certificate issuer:       /CN=3d1b67ccda49c8de48929341f6de8a2b6025b3a6
Certificate serial:       019A71B7838CCA87E749736D24FADFFA8407
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PRtnzNpJyN5IkpNB9t6KK2Als6Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft
Manifest number:          04A3
Signing time:             Tue 11 Nov 2025 07:00:43 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:43 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:43 +0000
Files and hashes:         1: PRtnzNpJyN5IkpNB9t6KK2Als6Y.crl (hash: BzrP9c+UQFt2EwJur/gMaAR7hOTuRPQ1FUC9/ndIcic=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PRtnzNpJyN5IkpNB9t6KK2Als6Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:83:8c:ca:87:e7:49:73:6d:24:fa:df:fa:84:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d1b67ccda49c8de48929341f6de8a2b6025b3a6
        Validity
            Not Before: Nov 11 07:00:43 2025 GMT
            Not After : Nov 12 07:00:43 2025 GMT
        Subject: CN=6fa6cba2be3406d5e302c561958107bf9622dc2b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:d3:15:39:ee:8d:3f:9a:d9:10:16:db:34:dc:
                    4c:3e:dc:53:21:35:3a:a9:0e:c1:d1:1f:9b:39:43:
                    fd:42:62:68:0b:b7:6e:4b:19:a5:53:c1:bf:c0:48:
                    f3:f6:83:e6:c5:75:94:32:7a:bd:d7:66:02:32:e6:
                    78:e7:4e:4f:2f:9b:5c:bc:37:e9:0a:73:2f:2c:a7:
                    cf:a7:e3:39:80:ed:7d:0b:5b:51:33:3e:a3:b6:ce:
                    6a:4f:67:18:2a:10:f3:64:af:5d:de:75:38:8e:f7:
                    9d:90:61:39:ea:9e:b7:63:97:8b:c4:3f:b5:44:88:
                    cd:b6:74:e9:a0:02:c0:cf:02:0a:f1:d6:fe:ff:91:
                    22:6d:45:13:3b:23:a1:35:6f:0f:6d:be:d8:c8:3c:
                    ac:33:9f:f9:73:3d:ed:6d:ab:cf:d0:8d:d6:3a:72:
                    92:a4:3d:c1:fe:fa:40:10:8b:0c:5c:a3:6b:f0:53:
                    cd:60:cc:e0:0d:5f:2a:86:ea:43:a6:4b:a5:48:ef:
                    a5:7c:78:c9:67:f3:6c:70:7b:cf:34:e0:c4:99:6b:
                    dd:f9:5d:1d:86:59:94:aa:c2:00:f9:cb:37:6f:25:
                    c0:63:9c:07:cb:7e:a7:1d:c2:33:44:94:fb:e0:e1:
                    6b:9c:b9:87:18:9f:a6:55:4b:75:39:7d:05:2c:16:
                    3f:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:A6:CB:A2:BE:34:06:D5:E3:02:C5:61:95:81:07:BF:96:22:DC:2B
            X509v3 Authority Key Identifier:
                keyid:3D:1B:67:CC:DA:49:C8:DE:48:92:93:41:F6:DE:8A:2B:60:25:B3:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PRtnzNpJyN5IkpNB9t6KK2Als6Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:79:a0:79:c3:e6:f3:16:17:c0:f8:84:e2:dc:f2:04:34:c6:
         49:92:3a:f5:cd:52:a9:81:3c:f1:82:99:84:b6:0e:b4:92:2d:
         9f:4b:10:55:6e:b3:a5:58:07:f8:e1:a7:89:eb:a3:a0:e7:0e:
         04:49:04:57:83:8f:df:9e:57:6b:48:d2:a8:08:47:17:7b:45:
         ba:0d:24:23:32:5f:6c:a9:01:36:20:87:88:d2:1d:99:46:5c:
         d5:1b:5a:46:42:f0:e5:75:b1:39:89:aa:0e:7f:bc:d5:94:26:
         d1:32:cd:28:e7:fd:90:9a:ab:fd:4a:66:8f:75:e9:c8:f6:cf:
         b0:18:c2:58:8d:63:39:d2:09:d6:37:0c:41:54:85:fb:ea:98:
         0b:41:d7:5a:19:a3:36:7f:bc:74:fc:ed:ba:d3:da:06:74:d9:
         01:5d:fb:f3:9c:6a:38:c8:0c:8f:bd:94:7d:4d:fc:c2:ca:41:
         42:1e:a3:50:8e:b0:02:11:bd:2a:c1:e5:d2:5c:b4:82:df:3e:
         44:db:8c:fd:25:b3:46:fe:ab:f5:42:88:cf:86:3f:6c:1e:28:
         d3:44:78:1f:52:36:0b:59:10:69:42:1d:be:36:a0:69:d3:7b:
         76:57:13:27:4c:0c:4e:a5:55:57:15:66:83:33:0e:15:d9:9b:
         c2:3b:34:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt4OMyofnSXNtJPrf+oQHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMWI2N2NjZGE0OWM4ZGU0ODkyOTM0MWY2ZGU4YTJiNjAy
NWIzYTYwHhcNMjUxMTExMDcwMDQzWhcNMjUxMTEyMDcwMDQzWjAzMTEwLwYDVQQD
Eyg2ZmE2Y2JhMmJlMzQwNmQ1ZTMwMmM1NjE5NTgxMDdiZjk2MjJkYzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtMVOe6NP5rZEBbbNNxMPtxTITU6
qQ7B0R+bOUP9QmJoC7duSxmlU8G/wEjz9oPmxXWUMnq912YCMuZ4505PL5tcvDfp
CnMvLKfPp+M5gO19C1tRMz6jts5qT2cYKhDzZK9d3nU4jvedkGE56p63Y5eLxD+1
RIjNtnTpoALAzwIK8db+/5EibUUTOyOhNW8Pbb7YyDysM5/5cz3tbavP0I3WOnKS
pD3B/vpAEIsMXKNr8FPNYMzgDV8qhupDpkulSO+lfHjJZ/NscHvPNODEmWvd+V0d
hlmUqsIA+cs3byXAY5wHy36nHcIzRJT74OFrnLmHGJ+mVUt1OX0FLBY/0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG+my6K+NAbV4wLFYZWBB7+WItwrMB8GA1UdIwQY
MBaAFD0bZ8zaScjeSJKTQfbeiitgJbOmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFJ0bnpOcEp5TjVJa3BOQjl0NktLMkFsczZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9kOGMwOTgtNzg2Mi00MmNkLWFkMDMt
MDhiMjRiZTEyNjg5LzEvUFJ0bnpOcEp5TjVJa3BOQjl0NktLMkFsczZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9kOGMwOTgtNzg2Mi00MmNkLWFkMDMtMDhiMjRiZTEyNjg5
LzEvUFJ0bnpOcEp5TjVJa3BOQjl0NktLMkFsczZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdXmgecPm
8xYXwPiE4tzyBDTGSZI69c1SqYE88YKZhLYOtJItn0sQVW6zpVgH+OGnieujoOcO
BEkEV4OP355Xa0jSqAhHF3tFug0kIzJfbKkBNiCHiNIdmUZc1RtaRkLw5XWxOYmq
Dn+81ZQm0TLNKOf9kJqr/Upmj3XpyPbPsBjCWI1jOdIJ1jcMQVSF++qYC0HXWhmj
Nn+8dPztutPaBnTZAV3785xqOMgMj72UfU38wspBQh6jUI6wAhG9KsHl0ly0gt8+
RNuM/SWzRv6r9UKIz4Y/bB4o00R4H1I2C1kQaUIdvjagadN7dlcTJ0wMTqVVVxVm
gzMOFdmbwjs0Vg==
-----END CERTIFICATE-----