Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/44981c-96f8-4866-b7fe-f898d204eb4e/1/orO6gtodtcGUN6wzeDhG8vK_9GI.mft
File:                     orO6gtodtcGUN6wzeDhG8vK_9GI.mft (raw, json)
Hash identifier:          1e6fR1LkzWA+1K+8KHASx5GxCph42ofKbwQym5zVu/w=
Subject key identifier:   35:40:1E:CA:FA:E1:F3:F6:68:83:6A:8E:32:3C:29:6B:AB:0C:D1:13
Authority key identifier: A2:B3:BA:82:DA:1D:B5:C1:94:37:AC:33:78:38:46:F2:F2:BF:F4:62
Certificate issuer:       /CN=a2b3ba82da1db5c19437ac33783846f2f2bff462
Certificate serial:       019A71B841E3B2421C385BF11ECCB6A735DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/orO6gtodtcGUN6wzeDhG8vK_9GI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/44981c-96f8-4866-b7fe-f898d204eb4e/1/orO6gtodtcGUN6wzeDhG8vK_9GI.mft
Manifest number:          04BF
Signing time:             Tue 11 Nov 2025 07:01:32 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:32 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:32 +0000
Files and hashes:         1: orO6gtodtcGUN6wzeDhG8vK_9GI.crl (hash: MIU+yeF7gkYrQIyYlMvaQYNQjJOAo5ZhyQeZ+yXXWyg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/44981c-96f8-4866-b7fe-f898d204eb4e/1/orO6gtodtcGUN6wzeDhG8vK_9GI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/44981c-96f8-4866-b7fe-f898d204eb4e/1/orO6gtodtcGUN6wzeDhG8vK_9GI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/orO6gtodtcGUN6wzeDhG8vK_9GI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:41:e3:b2:42:1c:38:5b:f1:1e:cc:b6:a7:35:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a2b3ba82da1db5c19437ac33783846f2f2bff462
        Validity
            Not Before: Nov 11 07:01:32 2025 GMT
            Not After : Nov 12 07:01:32 2025 GMT
        Subject: CN=35401ecafae1f3f668836a8e323c296bab0cd113
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:69:0b:9c:d2:c6:41:57:11:4c:b6:f5:8b:22:
                    95:7b:7f:d4:cc:bc:da:44:a0:db:11:13:34:2f:5f:
                    c5:e0:9d:c5:a3:3c:66:48:34:00:eb:30:b7:76:39:
                    13:83:e8:eb:92:40:db:29:c6:9f:51:9a:d3:7f:49:
                    5b:90:14:14:0e:35:1f:ba:41:af:6c:d7:f7:8f:6a:
                    1c:63:48:e6:a6:33:e6:12:2b:20:91:43:78:9c:71:
                    2b:77:ae:b1:61:a3:9f:7c:f2:e9:f2:e5:83:b9:fe:
                    e7:33:19:d1:4c:3f:f2:9b:f3:cc:8f:93:13:59:a6:
                    86:05:db:21:64:76:0a:17:c5:19:fa:50:6c:59:a1:
                    45:eb:2b:e4:2d:8b:8a:1a:20:1e:78:ff:e2:9b:c8:
                    3c:18:8a:fc:4f:e8:1e:a3:70:cf:2a:61:13:90:53:
                    b6:58:aa:16:d3:30:ce:73:a6:de:47:bf:91:cc:30:
                    65:cb:1c:33:e6:f0:09:15:fb:07:13:ed:30:11:ae:
                    32:3c:4d:05:0b:66:3d:05:f2:c9:db:68:fb:21:85:
                    a4:2f:38:90:df:aa:06:91:e6:b8:a0:a8:e2:65:40:
                    0c:d3:a3:5d:8c:1a:63:a8:2a:dd:19:e4:26:87:93:
                    96:35:7d:3b:99:ee:2d:1d:2b:b0:f1:8d:73:af:20:
                    c7:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:40:1E:CA:FA:E1:F3:F6:68:83:6A:8E:32:3C:29:6B:AB:0C:D1:13
            X509v3 Authority Key Identifier:
                keyid:A2:B3:BA:82:DA:1D:B5:C1:94:37:AC:33:78:38:46:F2:F2:BF:F4:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/orO6gtodtcGUN6wzeDhG8vK_9GI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/44981c-96f8-4866-b7fe-f898d204eb4e/1/orO6gtodtcGUN6wzeDhG8vK_9GI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/44981c-96f8-4866-b7fe-f898d204eb4e/1/orO6gtodtcGUN6wzeDhG8vK_9GI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:82:7c:a5:ac:82:9d:ff:68:e0:43:c8:90:63:30:90:d0:2e:
         94:a9:79:47:69:9f:01:7a:ac:2d:f3:c6:25:4d:2f:7f:47:c0:
         9a:03:60:d5:09:db:f8:41:dd:16:aa:49:dc:da:97:c7:7c:42:
         bd:4c:01:c2:71:02:53:c4:a8:45:f3:1f:70:80:6d:a6:1a:e2:
         38:2a:04:93:94:b1:35:34:26:e2:fd:53:a8:91:94:4f:7b:df:
         b0:4b:e9:04:44:26:02:4f:3e:ee:99:f3:7f:bc:5b:0e:f4:ef:
         48:8b:eb:49:86:61:04:ae:e5:16:cb:6f:0b:1c:46:5b:d1:a0:
         0c:eb:c3:c4:22:50:4e:87:8d:3b:49:09:35:65:89:59:81:12:
         9f:12:1b:9c:18:c8:bf:33:4b:8f:e5:53:e1:a2:0e:0d:a1:1b:
         ec:97:41:00:6a:63:db:04:53:f2:bc:29:0d:db:a0:98:21:a5:
         13:97:5d:38:3e:fe:d2:df:d7:bf:26:61:2c:8a:2d:4c:c6:c1:
         20:d8:71:78:33:06:bd:23:94:c3:53:38:ea:52:40:24:d0:a6:
         e7:8d:36:fc:42:c4:c1:d4:78:8a:37:53:9a:a1:41:49:ae:7f:
         bb:13:5a:1c:bb:54:61:7b:78:9f:c1:e5:3a:31:03:1c:5e:0f:
         e7:65:4e:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuEHjskIcOFvxHsy2pzXdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyYjNiYTgyZGExZGI1YzE5NDM3YWMzMzc4Mzg0NmYyZjJi
ZmY0NjIwHhcNMjUxMTExMDcwMTMyWhcNMjUxMTEyMDcwMTMyWjAzMTEwLwYDVQQD
EygzNTQwMWVjYWZhZTFmM2Y2Njg4MzZhOGUzMjNjMjk2YmFiMGNkMTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2kLnNLGQVcRTLb1iyKVe3/UzLza
RKDbERM0L1/F4J3FozxmSDQA6zC3djkTg+jrkkDbKcafUZrTf0lbkBQUDjUfukGv
bNf3j2ocY0jmpjPmEisgkUN4nHErd66xYaOffPLp8uWDuf7nMxnRTD/ym/PMj5MT
WaaGBdshZHYKF8UZ+lBsWaFF6yvkLYuKGiAeeP/im8g8GIr8T+geo3DPKmETkFO2
WKoW0zDOc6beR7+RzDBlyxwz5vAJFfsHE+0wEa4yPE0FC2Y9BfLJ22j7IYWkLziQ
36oGkea4oKjiZUAM06NdjBpjqCrdGeQmh5OWNX07me4tHSuw8Y1zryDHZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDVAHsr64fP2aINqjjI8KWurDNETMB8GA1UdIwQY
MBaAFKKzuoLaHbXBlDesM3g4RvLyv/RiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3JPNmd0b2R0Y0dVTjZ3emVEaEc4dktfOUdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS80NDk4MWMtOTZmOC00ODY2LWI3ZmUt
Zjg5OGQyMDRlYjRlLzEvb3JPNmd0b2R0Y0dVTjZ3emVEaEc4dktfOUdJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS80NDk4MWMtOTZmOC00ODY2LWI3ZmUtZjg5OGQyMDRlYjRl
LzEvb3JPNmd0b2R0Y0dVTjZ3emVEaEc4dktfOUdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN4J8payC
nf9o4EPIkGMwkNAulKl5R2mfAXqsLfPGJU0vf0fAmgNg1Qnb+EHdFqpJ3NqXx3xC
vUwBwnECU8SoRfMfcIBtphriOCoEk5SxNTQm4v1TqJGUT3vfsEvpBEQmAk8+7pnz
f7xbDvTvSIvrSYZhBK7lFstvCxxGW9GgDOvDxCJQToeNO0kJNWWJWYESnxIbnBjI
vzNLj+VT4aIODaEb7JdBAGpj2wRT8rwpDdugmCGlE5ddOD7+0t/XvyZhLIotTMbB
INhxeDMGvSOUw1M46lJAJNCm5402/ELEwdR4ijdTmqFBSa5/uxNaHLtUYXt4n8Hl
OjEDHF4P52VO2w==
-----END CERTIFICATE-----