Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/18c999-b73a-4214-a22c-728fd6babaff/1/k0F7oKbrs_OxuCr3UPviioakGzU.mft
File:                     k0F7oKbrs_OxuCr3UPviioakGzU.mft (raw, json)
Hash identifier:          VJ+MNqbGUzXSy9GmcLp+vvYOwttqxhVeVrZzkapORZQ=
Subject key identifier:   97:A6:97:36:73:C0:A5:FF:D6:5B:95:4B:B7:A9:B8:37:3D:56:AF:49
Authority key identifier: 93:41:7B:A0:A6:EB:B3:F3:B1:B8:2A:F7:50:FB:E2:8A:86:A4:1B:35
Certificate issuer:       /CN=93417ba0a6ebb3f3b1b82af750fbe28a86a41b35
Certificate serial:       019A71B78535BBBB8EA4CEE5CE401DD6724D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k0F7oKbrs_OxuCr3UPviioakGzU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/18c999-b73a-4214-a22c-728fd6babaff/1/k0F7oKbrs_OxuCr3UPviioakGzU.mft
Manifest number:          0A40
Signing time:             Tue 11 Nov 2025 07:00:43 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:43 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:43 +0000
Files and hashes:         1: k0F7oKbrs_OxuCr3UPviioakGzU.crl (hash: Z0yDvAjJFzJQfb3ujvrGNopEiiCvhHf2Yuad7b/o1V0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/48/18c999-b73a-4214-a22c-728fd6babaff/1/k0F7oKbrs_OxuCr3UPviioakGzU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/48/18c999-b73a-4214-a22c-728fd6babaff/1/k0F7oKbrs_OxuCr3UPviioakGzU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/k0F7oKbrs_OxuCr3UPviioakGzU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:85:35:bb:bb:8e:a4:ce:e5:ce:40:1d:d6:72:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=93417ba0a6ebb3f3b1b82af750fbe28a86a41b35
        Validity
            Not Before: Nov 11 07:00:43 2025 GMT
            Not After : Nov 12 07:00:43 2025 GMT
        Subject: CN=97a6973673c0a5ffd65b954bb7a9b8373d56af49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:4e:97:9d:f9:7d:36:5f:70:32:78:5c:d0:13:
                    00:64:37:af:bd:66:e1:68:56:85:f1:62:c4:15:0a:
                    50:49:9d:b6:47:7f:9f:d5:c8:3c:54:50:41:d5:fc:
                    d3:a8:d1:4e:4b:c7:a4:3f:58:49:9a:80:fe:a2:dd:
                    57:5e:9a:b7:d4:2c:1c:8f:3f:89:77:eb:87:07:2e:
                    b7:53:7f:3f:18:ed:e2:cc:74:eb:e0:ed:11:e4:33:
                    fa:82:cf:30:d5:67:a1:9e:af:1a:27:65:3b:6a:9b:
                    64:f9:09:16:b9:b5:5e:10:8b:07:18:1a:82:72:c9:
                    2b:8c:96:79:42:81:88:15:50:1a:c3:e9:52:a5:62:
                    2d:75:dd:76:f7:0a:cb:9e:f8:06:10:41:c2:88:f2:
                    9f:e9:af:13:2c:b1:72:3e:b5:0b:95:92:cd:35:55:
                    fb:14:6a:ac:ee:bd:65:b2:81:eb:f0:e4:7c:64:4e:
                    2e:76:f5:fb:c4:61:87:bf:28:e4:c0:61:91:3c:da:
                    5d:d0:78:2e:d9:00:9d:bf:0f:4d:c1:12:07:ad:1a:
                    cd:6c:35:19:b5:9f:6a:02:bb:ec:d9:d1:e8:55:5e:
                    24:28:53:ba:a3:96:00:33:a1:92:84:4d:a2:50:7a:
                    7d:7e:68:6d:cc:86:63:47:4d:e9:14:5c:28:9f:3d:
                    28:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:A6:97:36:73:C0:A5:FF:D6:5B:95:4B:B7:A9:B8:37:3D:56:AF:49
            X509v3 Authority Key Identifier:
                keyid:93:41:7B:A0:A6:EB:B3:F3:B1:B8:2A:F7:50:FB:E2:8A:86:A4:1B:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k0F7oKbrs_OxuCr3UPviioakGzU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/18c999-b73a-4214-a22c-728fd6babaff/1/k0F7oKbrs_OxuCr3UPviioakGzU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/18c999-b73a-4214-a22c-728fd6babaff/1/k0F7oKbrs_OxuCr3UPviioakGzU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:6c:a7:e6:b7:8e:5e:07:8b:6d:c0:3c:c3:2a:64:39:e4:b5:
         50:32:59:53:75:7d:ca:90:36:70:b3:6b:35:9c:82:9c:14:8e:
         53:4f:df:e8:6d:b4:21:60:90:49:11:4c:58:6d:c2:6d:64:61:
         1e:b1:9a:c4:d6:88:c4:22:80:4f:16:ad:10:bc:ac:77:3c:8a:
         53:6c:43:b6:4f:6d:73:89:32:1b:04:12:a0:e0:8d:42:01:15:
         73:7e:79:96:62:0e:62:99:2c:37:2f:61:be:c2:05:30:a9:d4:
         19:1a:e5:7a:36:e9:13:1d:43:e9:b0:3b:8d:9a:47:9d:38:3c:
         84:b3:12:bc:89:b3:82:c4:77:7c:d8:c5:dd:bf:78:ba:14:ca:
         fc:1f:a1:c2:f4:4e:4c:48:04:bd:ab:92:ed:68:fe:18:c7:23:
         2a:b9:48:92:ce:e8:ff:f4:85:d2:24:4a:5f:31:4a:47:80:30:
         c5:bc:8b:46:b2:a9:87:1d:30:f5:c0:d1:ca:2d:8c:0d:00:11:
         88:eb:a1:cf:1a:c4:51:d4:13:74:38:70:b1:5e:7a:21:7c:c3:
         7a:92:ce:4f:b2:31:d2:21:a1:92:f8:05:be:9a:f6:b1:98:5b:
         2b:69:6a:00:3d:ea:7e:0e:61:07:88:3b:25:71:60:83:7e:f6:
         20:e3:de:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt4U1u7uOpM7lzkAd1nJNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNDE3YmEwYTZlYmIzZjNiMWI4MmFmNzUwZmJlMjhhODZh
NDFiMzUwHhcNMjUxMTExMDcwMDQzWhcNMjUxMTEyMDcwMDQzWjAzMTEwLwYDVQQD
Eyg5N2E2OTczNjczYzBhNWZmZDY1Yjk1NGJiN2E5YjgzNzNkNTZhZjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6U6Xnfl9Nl9wMnhc0BMAZDevvWbh
aFaF8WLEFQpQSZ22R3+f1cg8VFBB1fzTqNFOS8ekP1hJmoD+ot1XXpq31Cwcjz+J
d+uHBy63U38/GO3izHTr4O0R5DP6gs8w1Wehnq8aJ2U7aptk+QkWubVeEIsHGBqC
cskrjJZ5QoGIFVAaw+lSpWItdd129wrLnvgGEEHCiPKf6a8TLLFyPrULlZLNNVX7
FGqs7r1lsoHr8OR8ZE4udvX7xGGHvyjkwGGRPNpd0Hgu2QCdvw9NwRIHrRrNbDUZ
tZ9qArvs2dHoVV4kKFO6o5YAM6GShE2iUHp9fmhtzIZjR03pFFwonz0oWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJemlzZzwKX/1luVS7epuDc9Vq9JMB8GA1UdIwQY
MBaAFJNBe6Cm67Pzsbgq91D74oqGpBs1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazBGN29LYnJzX094dUNyM1VQdmlpb2FrR3pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8xOGM5OTktYjczYS00MjE0LWEyMmMt
NzI4ZmQ2YmFiYWZmLzEvazBGN29LYnJzX094dUNyM1VQdmlpb2FrR3pVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8xOGM5OTktYjczYS00MjE0LWEyMmMtNzI4ZmQ2YmFiYWZm
LzEvazBGN29LYnJzX094dUNyM1VQdmlpb2FrR3pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhGyn5reO
XgeLbcA8wypkOeS1UDJZU3V9ypA2cLNrNZyCnBSOU0/f6G20IWCQSRFMWG3CbWRh
HrGaxNaIxCKATxatELysdzyKU2xDtk9tc4kyGwQSoOCNQgEVc355lmIOYpksNy9h
vsIFMKnUGRrlejbpEx1D6bA7jZpHnTg8hLMSvImzgsR3fNjF3b94uhTK/B+hwvRO
TEgEvauS7Wj+GMcjKrlIks7o//SF0iRKXzFKR4AwxbyLRrKphx0w9cDRyi2MDQAR
iOuhzxrEUdQTdDhwsV56IXzDepLOT7Ix0iGhkvgFvpr2sZhbK2lqAD3qfg5hB4g7
JXFgg372IOPesQ==
-----END CERTIFICATE-----