Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/242faa-eae3-46a5-b774-38820548755c/1/aajmjRKuKTryNpBDzVmgINrCQGI.mft
File:                     aajmjRKuKTryNpBDzVmgINrCQGI.mft (raw, json)
Hash identifier:          G1qi2pclWI4teh4C5fEWGUfIKrMw6lhE4mGKe2mT4Cg=
Subject key identifier:   A9:60:33:AC:AC:5B:BD:B1:4F:B5:3D:91:08:D9:45:86:69:88:A4:4D
Authority key identifier: 69:A8:E6:8D:12:AE:29:3A:F2:36:90:43:CD:59:A0:20:DA:C2:40:62
Certificate issuer:       /CN=69a8e68d12ae293af2369043cd59a020dac24062
Certificate serial:       019A722593FB888FB462B83287D386EA4ECE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aajmjRKuKTryNpBDzVmgINrCQGI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/242faa-eae3-46a5-b774-38820548755c/1/aajmjRKuKTryNpBDzVmgINrCQGI.mft
Manifest number:          0C11
Signing time:             Tue 11 Nov 2025 09:00:56 +0000
Manifest this update:     Tue 11 Nov 2025 09:00:56 +0000
Manifest next update:     Wed 12 Nov 2025 09:00:56 +0000
Files and hashes:         1: aajmjRKuKTryNpBDzVmgINrCQGI.crl (hash: rmFfLpDEg1nJyBsNU7rcOnHMoNDad1Qgn/o1IYe/yiA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2d/242faa-eae3-46a5-b774-38820548755c/1/aajmjRKuKTryNpBDzVmgINrCQGI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2d/242faa-eae3-46a5-b774-38820548755c/1/aajmjRKuKTryNpBDzVmgINrCQGI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aajmjRKuKTryNpBDzVmgINrCQGI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:93:fb:88:8f:b4:62:b8:32:87:d3:86:ea:4e:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69a8e68d12ae293af2369043cd59a020dac24062
        Validity
            Not Before: Nov 11 09:00:56 2025 GMT
            Not After : Nov 12 09:00:56 2025 GMT
        Subject: CN=a96033acac5bbdb14fb53d9108d945866988a44d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:9a:81:4c:0d:f2:27:78:d2:14:05:16:8d:68:
                    e9:f3:43:bc:27:e2:c3:ff:be:e7:98:d2:19:4d:8b:
                    8a:b1:73:7c:6a:6c:9d:43:13:68:0d:3e:84:da:3e:
                    22:74:8f:d4:7e:7e:77:83:d4:92:2e:c8:b2:f6:47:
                    5b:36:1a:63:2f:f3:9b:5b:92:53:bd:66:73:e9:c0:
                    3c:d9:7d:e9:4e:b3:3a:b8:cf:c9:b9:2c:37:c3:16:
                    c1:bc:93:79:16:65:50:47:07:1e:d0:d2:c5:73:ad:
                    f1:ab:b5:ea:b2:3b:53:54:95:16:69:48:cf:7e:30:
                    cf:80:2e:c7:0e:ff:cb:68:fc:57:85:b8:95:53:af:
                    c5:b6:ee:50:6f:cc:c1:65:d8:3b:d1:fe:32:1d:43:
                    2c:0e:76:15:dd:49:58:0f:6a:97:4e:77:ff:1f:21:
                    89:23:f3:23:8e:65:39:dd:d4:9f:c6:6c:13:12:6c:
                    30:36:72:ca:be:b5:b8:ae:70:8b:4d:a6:ce:e2:48:
                    e2:c5:aa:eb:12:9f:14:7f:ce:61:d6:74:b9:89:01:
                    84:e5:c9:19:18:c1:55:04:1e:e5:fb:95:a2:83:12:
                    56:b5:7a:84:9e:d3:f3:8e:6e:4a:63:1d:ae:7b:b2:
                    9a:6f:a7:a3:33:eb:c8:c5:4d:68:7a:cb:15:db:e3:
                    a9:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:60:33:AC:AC:5B:BD:B1:4F:B5:3D:91:08:D9:45:86:69:88:A4:4D
            X509v3 Authority Key Identifier:
                keyid:69:A8:E6:8D:12:AE:29:3A:F2:36:90:43:CD:59:A0:20:DA:C2:40:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aajmjRKuKTryNpBDzVmgINrCQGI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/242faa-eae3-46a5-b774-38820548755c/1/aajmjRKuKTryNpBDzVmgINrCQGI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/242faa-eae3-46a5-b774-38820548755c/1/aajmjRKuKTryNpBDzVmgINrCQGI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:bc:eb:49:83:95:53:f9:84:84:ed:d4:d6:34:33:59:ef:bf:
         bf:18:09:2f:4e:5d:46:a8:64:ca:e5:5a:a6:71:28:1f:0e:ec:
         86:d0:b1:32:6a:f3:4c:40:04:b4:fd:49:3e:e3:72:66:78:91:
         2a:72:2a:55:e0:64:ca:8c:7d:0d:26:53:f1:d2:f8:cd:c1:aa:
         ed:c4:7b:bc:a5:55:aa:cf:5c:d6:d1:19:54:f5:24:d7:c2:39:
         2c:29:ee:72:1b:e6:e5:c8:31:9b:41:22:e4:b4:69:7c:ef:f5:
         ba:16:53:ef:3b:3f:3f:13:9a:95:1a:3d:53:0b:94:36:7a:30:
         47:8c:72:1c:f1:39:bf:75:26:d4:6b:ed:e2:f4:7f:78:0b:6a:
         74:59:cb:b2:4b:3e:ba:1a:32:65:c5:13:51:9b:68:4b:c4:5c:
         52:0a:3e:b1:07:8a:d7:d9:f5:47:9d:02:19:fb:d5:15:49:f9:
         80:d0:8b:5c:c7:33:19:10:3f:75:f7:d6:e6:e3:e3:c2:c1:8f:
         ab:98:7c:6e:71:e9:9f:ad:b9:d9:e6:e8:bc:48:b6:6f:c1:6c:
         72:a7:a6:53:2b:55:76:69:ae:92:55:0c:51:5c:5a:f6:2f:2c:
         f7:76:29:f9:72:da:de:1b:40:4e:2c:3d:96:9b:aa:1c:f6:30:
         5c:96:4a:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJZP7iI+0Yrgyh9OG6k7OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5YThlNjhkMTJhZTI5M2FmMjM2OTA0M2NkNTlhMDIwZGFj
MjQwNjIwHhcNMjUxMTExMDkwMDU2WhcNMjUxMTEyMDkwMDU2WjAzMTEwLwYDVQQD
EyhhOTYwMzNhY2FjNWJiZGIxNGZiNTNkOTEwOGQ5NDU4NjY5ODhhNDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA35qBTA3yJ3jSFAUWjWjp80O8J+LD
/77nmNIZTYuKsXN8amydQxNoDT6E2j4idI/Ufn53g9SSLsiy9kdbNhpjL/ObW5JT
vWZz6cA82X3pTrM6uM/JuSw3wxbBvJN5FmVQRwce0NLFc63xq7XqsjtTVJUWaUjP
fjDPgC7HDv/LaPxXhbiVU6/Ftu5Qb8zBZdg70f4yHUMsDnYV3UlYD2qXTnf/HyGJ
I/MjjmU53dSfxmwTEmwwNnLKvrW4rnCLTabO4kjixarrEp8Uf85h1nS5iQGE5ckZ
GMFVBB7l+5WigxJWtXqEntPzjm5KYx2ue7Kab6ejM+vIxU1oessV2+OptwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKlgM6ysW72xT7U9kQjZRYZpiKRNMB8GA1UdIwQY
MBaAFGmo5o0Srik68jaQQ81ZoCDawkBiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWFqbWpSS3VLVHJ5TnBCRHpWbWdJTnJDUUdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8yNDJmYWEtZWFlMy00NmE1LWI3NzQt
Mzg4MjA1NDg3NTVjLzEvYWFqbWpSS3VLVHJ5TnBCRHpWbWdJTnJDUUdJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8yNDJmYWEtZWFlMy00NmE1LWI3NzQtMzg4MjA1NDg3NTVj
LzEvYWFqbWpSS3VLVHJ5TnBCRHpWbWdJTnJDUUdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWrzrSYOV
U/mEhO3U1jQzWe+/vxgJL05dRqhkyuVapnEoHw7shtCxMmrzTEAEtP1JPuNyZniR
KnIqVeBkyox9DSZT8dL4zcGq7cR7vKVVqs9c1tEZVPUk18I5LCnuchvm5cgxm0Ei
5LRpfO/1uhZT7zs/PxOalRo9UwuUNnowR4xyHPE5v3Um1Gvt4vR/eAtqdFnLsks+
uhoyZcUTUZtoS8RcUgo+sQeK19n1R50CGfvVFUn5gNCLXMczGRA/dffW5uPjwsGP
q5h8bnHpn6252ebovEi2b8FscqemUytVdmmuklUMUVxa9i8s93Yp+XLa3htATiw9
lpuqHPYwXJZKKw==
-----END CERTIFICATE-----