Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.mft
File:                     4zd5uDiNAB_cvdxIrOIn8AmFBmA.mft (raw, json)
Hash identifier:          BJxuEOI7TluemAscG79c31mng3/+U9Rxkc8JN3O0xEw=
Subject key identifier:   0F:F4:A6:AE:A1:55:5A:F0:C0:A4:0E:C0:1B:84:2D:C6:5C:F5:85:3B
Authority key identifier: E3:37:79:B8:38:8D:00:1F:DC:BD:DC:48:AC:E2:27:F0:09:85:06:60
Certificate issuer:       /CN=e33779b8388d001fdcbddc48ace227f009850660
Certificate serial:       019A71B7A6AED890AFD2FAF655D172417A4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4zd5uDiNAB_cvdxIrOIn8AmFBmA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.mft
Manifest number:          171A
Signing time:             Tue 11 Nov 2025 07:00:52 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:52 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:52 +0000
Files and hashes:         1: 4zd5uDiNAB_cvdxIrOIn8AmFBmA.crl (hash: wJw1YndOr9BUpPWCQLZ+Ok6CoNRRKJLOOpDTmWy1b7A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4zd5uDiNAB_cvdxIrOIn8AmFBmA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:a6:ae:d8:90:af:d2:fa:f6:55:d1:72:41:7a:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e33779b8388d001fdcbddc48ace227f009850660
        Validity
            Not Before: Nov 11 07:00:52 2025 GMT
            Not After : Nov 12 07:00:52 2025 GMT
        Subject: CN=0ff4a6aea1555af0c0a40ec01b842dc65cf5853b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:66:5a:f5:85:9d:36:5f:1c:34:68:50:70:21:
                    f8:0b:bb:0b:80:56:f9:00:5f:b7:d7:1d:6a:9f:5c:
                    e1:e4:a4:57:c7:f6:8d:62:ca:a3:22:26:03:2d:e9:
                    25:28:83:19:43:5b:54:b8:18:3b:7a:2a:f5:35:f5:
                    1a:5e:96:b3:61:71:a1:23:8c:14:cf:24:c8:77:c6:
                    8f:ab:19:e9:46:bb:0c:0d:9c:25:bf:9c:ed:72:d7:
                    68:ac:fd:01:f6:6f:87:9c:a5:01:44:ce:97:99:62:
                    6f:df:8c:0f:ec:c2:5a:ac:eb:9e:a4:40:7f:d7:a4:
                    83:37:42:bc:19:75:41:83:cd:a3:0b:eb:90:60:cc:
                    9a:df:97:e9:ec:e6:8b:3d:7e:44:c9:74:a7:3a:2f:
                    27:22:66:15:a1:9c:b2:83:2d:00:82:dc:45:2f:55:
                    f8:04:7a:e5:3b:19:51:4d:5d:5d:aa:6a:38:05:54:
                    d0:1d:51:d3:92:3f:d3:84:6a:70:70:27:66:4f:19:
                    b7:39:88:49:2c:32:d9:c0:71:7f:c7:5d:13:94:10:
                    94:3d:9b:f6:4b:2d:ab:18:e6:df:73:10:5a:c7:67:
                    6e:30:26:b8:31:9e:c4:e8:b7:0e:e3:fe:f6:21:c7:
                    77:a7:db:b1:be:3f:ee:dc:70:57:68:6d:7b:0b:60:
                    a6:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:F4:A6:AE:A1:55:5A:F0:C0:A4:0E:C0:1B:84:2D:C6:5C:F5:85:3B
            X509v3 Authority Key Identifier:
                keyid:E3:37:79:B8:38:8D:00:1F:DC:BD:DC:48:AC:E2:27:F0:09:85:06:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4zd5uDiNAB_cvdxIrOIn8AmFBmA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:4c:6d:d6:7d:f1:b9:06:63:b4:16:ab:9d:24:b8:50:26:80:
         96:ca:da:bb:f4:fb:2b:0e:91:9c:30:14:e9:72:d4:94:9d:86:
         c4:67:2f:ca:75:87:bb:0c:27:19:21:a7:4e:05:e1:dc:fa:07:
         2a:9f:71:0b:04:94:7f:12:fc:c9:82:c5:1e:28:f6:4b:65:8d:
         60:ef:00:56:50:d3:0e:88:04:4d:4f:d8:76:90:58:26:6c:34:
         fe:6e:92:da:09:73:e2:80:83:4b:b5:c2:20:0b:f6:02:38:af:
         b5:2b:dc:27:c4:54:de:7b:2e:66:9d:0a:42:c8:b2:f9:1d:79:
         f2:d2:01:91:d0:d5:ee:31:ce:e4:48:21:1b:bc:a4:c1:33:73:
         1d:c7:37:9e:8d:a9:be:13:03:b6:a3:65:ea:8b:dd:7f:40:cb:
         a0:0a:23:00:50:63:74:9d:e4:1d:15:e9:66:f3:b5:0a:c7:00:
         2a:1d:94:5d:e7:6c:94:b1:d2:fe:6d:02:5f:ae:db:1f:1c:b4:
         e8:2e:a0:ef:e4:fd:ba:d2:26:dc:7c:43:a8:70:29:19:7f:00:
         82:d7:62:2a:d0:a1:e6:d6:5f:c0:a8:31:c3:51:53:c4:05:35:
         20:76:da:d7:97:89:1f:6c:c4:ec:47:46:b8:5e:d7:a9:26:61:
         34:81:e2:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt6au2JCv0vr2VdFyQXpKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMzc3OWI4Mzg4ZDAwMWZkY2JkZGM0OGFjZTIyN2YwMDk4
NTA2NjAwHhcNMjUxMTExMDcwMDUyWhcNMjUxMTEyMDcwMDUyWjAzMTEwLwYDVQQD
EygwZmY0YTZhZWExNTU1YWYwYzBhNDBlYzAxYjg0MmRjNjVjZjU4NTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWZa9YWdNl8cNGhQcCH4C7sLgFb5
AF+31x1qn1zh5KRXx/aNYsqjIiYDLeklKIMZQ1tUuBg7eir1NfUaXpazYXGhI4wU
zyTId8aPqxnpRrsMDZwlv5ztctdorP0B9m+HnKUBRM6XmWJv34wP7MJarOuepEB/
16SDN0K8GXVBg82jC+uQYMya35fp7OaLPX5EyXSnOi8nImYVoZyygy0AgtxFL1X4
BHrlOxlRTV1dqmo4BVTQHVHTkj/ThGpwcCdmTxm3OYhJLDLZwHF/x10TlBCUPZv2
Sy2rGObfcxBax2duMCa4MZ7E6LcO4/72Icd3p9uxvj/u3HBXaG17C2CmbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA/0pq6hVVrwwKQOwBuELcZc9YU7MB8GA1UdIwQY
MBaAFOM3ebg4jQAf3L3cSKziJ/AJhQZgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHpkNXVEaU5BQl9jdmR4SXJPSW44QW1GQm1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi85ZGIzMjYtMTE4OS00YWM5LWI0MTIt
ZjI5NGQzYjEyY2ZkLzEvNHpkNXVEaU5BQl9jdmR4SXJPSW44QW1GQm1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi85ZGIzMjYtMTE4OS00YWM5LWI0MTItZjI5NGQzYjEyY2Zk
LzEvNHpkNXVEaU5BQl9jdmR4SXJPSW44QW1GQm1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFExt1n3x
uQZjtBarnSS4UCaAlsrau/T7Kw6RnDAU6XLUlJ2GxGcvynWHuwwnGSGnTgXh3PoH
Kp9xCwSUfxL8yYLFHij2S2WNYO8AVlDTDogETU/YdpBYJmw0/m6S2glz4oCDS7XC
IAv2AjivtSvcJ8RU3nsuZp0KQsiy+R158tIBkdDV7jHO5EghG7ykwTNzHcc3no2p
vhMDtqNl6ovdf0DLoAojAFBjdJ3kHRXpZvO1CscAKh2UXedslLHS/m0CX67bHxy0
6C6g7+T9utIm3HxDqHApGX8AgtdiKtCh5tZfwKgxw1FTxAU1IHba15eJH2zE7EdG
uF7XqSZhNIHiCw==
-----END CERTIFICATE-----