Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/e24ec2-d956-4575-9287-157e3ed52f11/1/7nwowZyp0nBozrxpyBVBZ13BLN8.mft
File:                     7nwowZyp0nBozrxpyBVBZ13BLN8.mft (raw, json)
Hash identifier:          r8rqQO0ZNXr0QLRz2yYNE/A8+OFc/mp8Jps+xe+wZ/o=
Subject key identifier:   D2:A1:20:C7:B5:F6:C2:95:3B:18:D5:E7:2F:E7:57:D4:BB:54:25:D4
Authority key identifier: EE:7C:28:C1:9C:A9:D2:70:68:CE:BC:69:C8:15:41:67:5D:C1:2C:DF
Certificate issuer:       /CN=ee7c28c19ca9d27068cebc69c81541675dc12cdf
Certificate serial:       019A71B87C7977FB7C018CE5DBB001A190A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7nwowZyp0nBozrxpyBVBZ13BLN8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/e24ec2-d956-4575-9287-157e3ed52f11/1/7nwowZyp0nBozrxpyBVBZ13BLN8.mft
Manifest number:          171D
Signing time:             Tue 11 Nov 2025 07:01:47 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:47 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:47 +0000
Files and hashes:         1: 7nwowZyp0nBozrxpyBVBZ13BLN8.crl (hash: H8QjPdvuEMq/j0YnZqoHf6hzxf/kUwUOQlvjGNVcvgA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/e24ec2-d956-4575-9287-157e3ed52f11/1/7nwowZyp0nBozrxpyBVBZ13BLN8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/e24ec2-d956-4575-9287-157e3ed52f11/1/7nwowZyp0nBozrxpyBVBZ13BLN8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7nwowZyp0nBozrxpyBVBZ13BLN8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:7c:79:77:fb:7c:01:8c:e5:db:b0:01:a1:90:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ee7c28c19ca9d27068cebc69c81541675dc12cdf
        Validity
            Not Before: Nov 11 07:01:47 2025 GMT
            Not After : Nov 12 07:01:47 2025 GMT
        Subject: CN=d2a120c7b5f6c2953b18d5e72fe757d4bb5425d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:ca:18:4e:0a:2c:55:63:4d:7f:9d:fd:2d:93:
                    b6:32:34:c9:49:b7:df:3f:41:a1:7d:12:e7:a9:48:
                    32:6e:cc:06:44:87:8e:4b:62:fe:20:d7:49:2a:ea:
                    cb:ab:43:ba:a7:2d:db:fe:ba:cd:1e:73:39:f4:fc:
                    3f:43:f8:79:8d:84:11:52:fd:f2:f6:b9:21:56:48:
                    9e:9c:96:ba:a1:94:eb:ad:92:61:7e:a6:8e:4c:00:
                    da:f9:16:a8:22:a3:7d:0e:a0:82:14:3b:ca:83:d2:
                    78:19:8c:9d:30:14:0a:24:d5:cb:29:0a:e2:a1:80:
                    22:04:07:02:48:87:40:7a:80:09:0c:42:a7:4f:f8:
                    f6:da:9a:e4:85:8c:dc:73:b7:64:6e:18:6c:e6:87:
                    79:f9:be:56:4f:6e:b2:f7:6d:20:21:58:31:16:ea:
                    32:09:32:b7:25:77:84:f1:1a:15:ba:c4:b7:bf:63:
                    2a:4c:00:34:c4:f4:47:3d:cc:96:ee:1d:43:be:39:
                    c5:80:6b:7d:29:91:25:46:1d:21:f9:e6:6f:54:1a:
                    de:e5:6b:cf:4e:2f:84:52:66:a5:f3:6a:a3:36:e1:
                    5e:7f:f2:ce:95:b8:f9:6a:4d:c5:77:09:d0:b3:67:
                    82:e9:12:ee:4f:d9:8b:ee:c4:9c:18:95:3d:df:a1:
                    0f:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:A1:20:C7:B5:F6:C2:95:3B:18:D5:E7:2F:E7:57:D4:BB:54:25:D4
            X509v3 Authority Key Identifier:
                keyid:EE:7C:28:C1:9C:A9:D2:70:68:CE:BC:69:C8:15:41:67:5D:C1:2C:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7nwowZyp0nBozrxpyBVBZ13BLN8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/e24ec2-d956-4575-9287-157e3ed52f11/1/7nwowZyp0nBozrxpyBVBZ13BLN8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/e24ec2-d956-4575-9287-157e3ed52f11/1/7nwowZyp0nBozrxpyBVBZ13BLN8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:57:99:d6:a0:48:ae:d1:be:47:5b:96:1f:91:46:f4:a6:24:
         54:77:7d:7a:e8:9d:5d:37:16:67:cb:02:96:66:d4:73:77:44:
         bc:d3:07:f5:e4:2f:13:8c:be:c1:9c:36:e8:af:61:83:b4:3c:
         43:fd:d0:eb:c2:63:fd:50:95:17:db:54:55:65:3f:87:74:3f:
         54:2e:81:7f:3a:f9:3b:9e:b3:c1:75:23:10:ba:07:5e:01:9f:
         de:da:1a:a3:af:79:03:fb:2e:cb:96:60:f4:6b:8c:b2:ef:a2:
         8c:a8:d4:59:f7:15:44:4c:ff:95:d4:26:b0:66:72:f9:47:d7:
         bc:2c:b3:4e:c2:16:70:85:c8:ae:77:d9:c2:a6:97:36:ff:e2:
         88:7a:58:c8:6b:16:d3:73:af:28:be:fc:ce:0d:8d:17:5c:6e:
         6e:a7:1e:15:f7:58:ea:8e:77:3a:43:1d:37:7d:b0:e1:ab:6e:
         5b:06:eb:c0:90:7c:b0:2a:ce:1c:b2:81:fa:d9:31:cd:f2:8b:
         f1:c2:bc:0d:b6:1d:c9:04:e0:90:73:28:a8:ab:82:c2:5a:95:
         87:dc:6b:ad:25:a2:bd:fe:c9:ef:f7:ab:07:a0:13:bf:22:01:
         50:53:e1:14:14:c6:7a:d9:e5:a5:29:5c:e8:67:c2:8d:3c:ef:
         f4:b3:41:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuHx5d/t8AYzl27ABoZClMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlN2MyOGMxOWNhOWQyNzA2OGNlYmM2OWM4MTU0MTY3NWRj
MTJjZGYwHhcNMjUxMTExMDcwMTQ3WhcNMjUxMTEyMDcwMTQ3WjAzMTEwLwYDVQQD
EyhkMmExMjBjN2I1ZjZjMjk1M2IxOGQ1ZTcyZmU3NTdkNGJiNTQyNWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx8oYTgosVWNNf539LZO2MjTJSbff
P0GhfRLnqUgybswGRIeOS2L+INdJKurLq0O6py3b/rrNHnM59Pw/Q/h5jYQRUv3y
9rkhVkienJa6oZTrrZJhfqaOTADa+RaoIqN9DqCCFDvKg9J4GYydMBQKJNXLKQri
oYAiBAcCSIdAeoAJDEKnT/j22prkhYzcc7dkbhhs5od5+b5WT26y920gIVgxFuoy
CTK3JXeE8RoVusS3v2MqTAA0xPRHPcyW7h1DvjnFgGt9KZElRh0h+eZvVBre5WvP
Ti+EUmal82qjNuFef/LOlbj5ak3FdwnQs2eC6RLuT9mL7sScGJU936EPRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNKhIMe19sKVOxjV5y/nV9S7VCXUMB8GA1UdIwQY
MBaAFO58KMGcqdJwaM68acgVQWddwSzfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN253b3daeXAwbkJvenJ4cHlCVkJaMTNCTE44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9lMjRlYzItZDk1Ni00NTc1LTkyODct
MTU3ZTNlZDUyZjExLzEvN253b3daeXAwbkJvenJ4cHlCVkJaMTNCTE44Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9lMjRlYzItZDk1Ni00NTc1LTkyODctMTU3ZTNlZDUyZjEx
LzEvN253b3daeXAwbkJvenJ4cHlCVkJaMTNCTE44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIFeZ1qBI
rtG+R1uWH5FG9KYkVHd9euidXTcWZ8sClmbUc3dEvNMH9eQvE4y+wZw26K9hg7Q8
Q/3Q68Jj/VCVF9tUVWU/h3Q/VC6Bfzr5O56zwXUjELoHXgGf3toao695A/suy5Zg
9GuMsu+ijKjUWfcVREz/ldQmsGZy+UfXvCyzTsIWcIXIrnfZwqaXNv/iiHpYyGsW
03OvKL78zg2NF1xubqceFfdY6o53OkMdN32w4atuWwbrwJB8sCrOHLKB+tkxzfKL
8cK8DbYdyQTgkHMoqKuCwlqVh9xrrSWivf7J7/erB6ATvyIBUFPhFBTGetnlpSlc
6GfCjTzv9LNB1w==
-----END CERTIFICATE-----