Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/17e936-1630-4a85-a93b-3955e0786092/1/4q7lpZKzp-xztUlEJJlvfr7Gj7w.mft
File:                     4q7lpZKzp-xztUlEJJlvfr7Gj7w.mft (raw, json)
Hash identifier:          TWKdwrPX0icEQVx9C7cNQupY/CjM8n5J5tZgAOpf6e0=
Subject key identifier:   40:D7:A8:AC:4D:BE:EC:D1:82:FC:A2:64:F4:E1:BC:C0:CE:2F:C4:23
Authority key identifier: E2:AE:E5:A5:92:B3:A7:EC:73:B5:49:44:24:99:6F:7E:BE:C6:8F:BC
Certificate issuer:       /CN=e2aee5a592b3a7ec73b5494424996f7ebec68fbc
Certificate serial:       019A71B86A7AA6A5587A6E34BB269D077A5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4q7lpZKzp-xztUlEJJlvfr7Gj7w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/17e936-1630-4a85-a93b-3955e0786092/1/4q7lpZKzp-xztUlEJJlvfr7Gj7w.mft
Manifest number:          171C
Signing time:             Tue 11 Nov 2025 07:01:42 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:42 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:42 +0000
Files and hashes:         1: 4q7lpZKzp-xztUlEJJlvfr7Gj7w.crl (hash: WZCu2mcYuLqYkWLlQnRlRv6MOTjaAKmMWovtz510x+0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/17e936-1630-4a85-a93b-3955e0786092/1/4q7lpZKzp-xztUlEJJlvfr7Gj7w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/17e936-1630-4a85-a93b-3955e0786092/1/4q7lpZKzp-xztUlEJJlvfr7Gj7w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4q7lpZKzp-xztUlEJJlvfr7Gj7w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:6a:7a:a6:a5:58:7a:6e:34:bb:26:9d:07:7a:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2aee5a592b3a7ec73b5494424996f7ebec68fbc
        Validity
            Not Before: Nov 11 07:01:42 2025 GMT
            Not After : Nov 12 07:01:42 2025 GMT
        Subject: CN=40d7a8ac4dbeecd182fca264f4e1bcc0ce2fc423
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:12:d4:eb:20:19:ff:73:ae:f4:b5:b8:b9:90:
                    48:7c:5c:c8:b2:06:f7:30:89:01:80:81:af:76:07:
                    44:a0:0a:d9:4c:ca:c6:1f:6a:7b:1d:86:08:4d:47:
                    d2:48:5b:33:d7:ec:9b:e6:48:5a:b8:24:b5:8b:6a:
                    50:4a:a6:50:5d:23:db:60:d1:07:bb:86:51:1b:c0:
                    20:14:6e:05:3a:d0:8c:20:6a:68:0c:23:95:2f:e8:
                    56:19:be:25:a7:17:47:92:44:07:56:b0:b2:38:ed:
                    f8:2b:3d:5c:97:05:71:74:db:ac:a6:aa:e8:40:ff:
                    f2:73:79:a6:c6:84:c4:c1:b7:7e:09:6d:c9:65:fb:
                    d5:49:75:1d:8b:b6:d4:b7:3e:fa:12:03:7c:0f:c5:
                    e3:6a:a8:4f:9e:c0:4e:27:9e:9e:26:53:61:51:a9:
                    f7:d1:bb:dc:47:f4:f6:7d:a8:c4:06:ed:05:48:3f:
                    41:ff:50:95:10:a4:ef:e1:e3:ba:12:c3:eb:fe:96:
                    21:06:4d:00:9d:8b:6b:2b:08:0f:3e:f2:03:49:99:
                    3f:31:dd:49:4e:d3:4f:7d:ce:65:d4:d0:a7:d8:8d:
                    b1:6b:d7:de:b4:73:28:03:04:50:d9:5c:3d:37:c9:
                    52:e2:9e:3b:5c:9b:0b:b5:71:17:69:ec:53:65:04:
                    b2:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:D7:A8:AC:4D:BE:EC:D1:82:FC:A2:64:F4:E1:BC:C0:CE:2F:C4:23
            X509v3 Authority Key Identifier:
                keyid:E2:AE:E5:A5:92:B3:A7:EC:73:B5:49:44:24:99:6F:7E:BE:C6:8F:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4q7lpZKzp-xztUlEJJlvfr7Gj7w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/17e936-1630-4a85-a93b-3955e0786092/1/4q7lpZKzp-xztUlEJJlvfr7Gj7w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/17e936-1630-4a85-a93b-3955e0786092/1/4q7lpZKzp-xztUlEJJlvfr7Gj7w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:09:94:3a:9e:3c:4b:5c:81:38:e2:3a:d5:18:10:ff:f7:ee:
         98:36:94:f7:da:53:56:11:3a:3c:47:42:6e:28:c7:f8:41:7b:
         09:dc:ce:52:f0:bd:9d:92:ce:06:93:2e:7d:dd:ab:b5:63:64:
         fb:01:a3:d2:fe:b0:b8:4f:fa:2f:76:2d:91:8c:32:f0:3d:96:
         d6:e2:77:e2:c9:29:c6:b3:fc:70:8c:93:f4:53:bf:b1:90:f6:
         34:56:02:e5:73:0d:35:4f:a9:d4:57:e1:b2:37:b3:ed:89:9d:
         95:ea:41:30:9a:99:b7:6a:f1:b0:4e:d7:41:c5:70:9b:d5:ac:
         15:bc:f0:78:f9:c9:49:f4:89:1c:c1:34:f7:e3:69:a9:d3:b2:
         d6:37:7e:da:82:af:8d:72:c5:40:9e:c3:5b:69:7b:b0:38:b9:
         55:a2:37:f3:38:db:63:51:9e:f4:e5:63:7c:47:f0:eb:66:ef:
         d9:f4:ad:d7:01:3b:29:11:ca:21:ce:05:69:7f:4b:87:60:db:
         90:2d:7b:59:72:95:ec:b7:bb:7d:39:86:00:d8:93:61:0a:c7:
         18:80:29:21:aa:c5:1e:22:7b:7e:36:5c:97:f4:42:c6:3b:ff:
         9d:e0:fe:f6:48:3b:2a:d3:3a:17:09:1f:8d:bf:d3:b7:46:5a:
         de:15:e0:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuGp6pqVYem40uyadB3pcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYWVlNWE1OTJiM2E3ZWM3M2I1NDk0NDI0OTk2ZjdlYmVj
NjhmYmMwHhcNMjUxMTExMDcwMTQyWhcNMjUxMTEyMDcwMTQyWjAzMTEwLwYDVQQD
Eyg0MGQ3YThhYzRkYmVlY2QxODJmY2EyNjRmNGUxYmNjMGNlMmZjNDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRLU6yAZ/3Ou9LW4uZBIfFzIsgb3
MIkBgIGvdgdEoArZTMrGH2p7HYYITUfSSFsz1+yb5khauCS1i2pQSqZQXSPbYNEH
u4ZRG8AgFG4FOtCMIGpoDCOVL+hWGb4lpxdHkkQHVrCyOO34Kz1clwVxdNuspqro
QP/yc3mmxoTEwbd+CW3JZfvVSXUdi7bUtz76EgN8D8XjaqhPnsBOJ56eJlNhUan3
0bvcR/T2fajEBu0FSD9B/1CVEKTv4eO6EsPr/pYhBk0AnYtrKwgPPvIDSZk/Md1J
TtNPfc5l1NCn2I2xa9fetHMoAwRQ2Vw9N8lS4p47XJsLtXEXaexTZQSyVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEDXqKxNvuzRgvyiZPThvMDOL8QjMB8GA1UdIwQY
MBaAFOKu5aWSs6fsc7VJRCSZb36+xo+8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHE3bHBaS3pwLXh6dFVsRUpKbHZmcjdHajd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8xN2U5MzYtMTYzMC00YTg1LWE5M2It
Mzk1NWUwNzg2MDkyLzEvNHE3bHBaS3pwLXh6dFVsRUpKbHZmcjdHajd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8xN2U5MzYtMTYzMC00YTg1LWE5M2ItMzk1NWUwNzg2MDky
LzEvNHE3bHBaS3pwLXh6dFVsRUpKbHZmcjdHajd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoAmUOp48
S1yBOOI61RgQ//fumDaU99pTVhE6PEdCbijH+EF7CdzOUvC9nZLOBpMufd2rtWNk
+wGj0v6wuE/6L3YtkYwy8D2W1uJ34skpxrP8cIyT9FO/sZD2NFYC5XMNNU+p1Ffh
sjez7YmdlepBMJqZt2rxsE7XQcVwm9WsFbzwePnJSfSJHME09+NpqdOy1jd+2oKv
jXLFQJ7DW2l7sDi5VaI38zjbY1Ge9OVjfEfw62bv2fSt1wE7KRHKIc4FaX9Lh2Db
kC17WXKV7Le7fTmGANiTYQrHGIApIarFHiJ7fjZcl/RCxjv/neD+9kg7KtM6Fwkf
jb/Tt0Za3hXgKQ==
-----END CERTIFICATE-----