Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/2c708b-b6e2-4def-a2d9-b31011137a57/1/4tccU1qnoKzpP62r22WD-ISmxiY.mft
File:                     4tccU1qnoKzpP62r22WD-ISmxiY.mft (raw, json)
Hash identifier:          FyR8k80OkIY0CJ3bFR6OwOQyHK+uuExsl/uPmIV5Rmg=
Subject key identifier:   7C:3F:81:71:B4:00:6E:5A:99:29:78:F0:D5:1C:5B:E0:92:CB:97:F3
Authority key identifier: E2:D7:1C:53:5A:A7:A0:AC:E9:3F:AD:AB:DB:65:83:F8:84:A6:C6:26
Certificate issuer:       /CN=e2d71c535aa7a0ace93fadabdb6583f884a6c626
Certificate serial:       019A71B86C9A952D0EC1F8EECACAA0FC5871
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4tccU1qnoKzpP62r22WD-ISmxiY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/2c708b-b6e2-4def-a2d9-b31011137a57/1/4tccU1qnoKzpP62r22WD-ISmxiY.mft
Manifest number:          07F8
Signing time:             Tue 11 Nov 2025 07:01:42 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:42 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:42 +0000
Files and hashes:         1: 4tccU1qnoKzpP62r22WD-ISmxiY.crl (hash: ScDkmNJiLsmym3ZMUlwdLiaLFFlmtzzF69OQfhcEaOI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/49/2c708b-b6e2-4def-a2d9-b31011137a57/1/4tccU1qnoKzpP62r22WD-ISmxiY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/49/2c708b-b6e2-4def-a2d9-b31011137a57/1/4tccU1qnoKzpP62r22WD-ISmxiY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4tccU1qnoKzpP62r22WD-ISmxiY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:6c:9a:95:2d:0e:c1:f8:ee:ca:ca:a0:fc:58:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2d71c535aa7a0ace93fadabdb6583f884a6c626
        Validity
            Not Before: Nov 11 07:01:42 2025 GMT
            Not After : Nov 12 07:01:42 2025 GMT
        Subject: CN=7c3f8171b4006e5a992978f0d51c5be092cb97f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:c5:d9:0b:f6:96:36:7b:e6:a3:3b:df:66:66:
                    24:a9:5f:6b:b4:53:02:19:e2:f8:97:42:01:c7:f1:
                    b6:5e:cd:7a:61:a0:1c:07:01:31:4f:2c:71:fc:33:
                    0a:b7:f6:12:56:5d:96:57:db:e8:5a:9c:1a:dc:b3:
                    2e:5c:9a:f9:27:a3:6e:5b:cf:20:bb:78:34:d6:48:
                    6f:07:8f:e2:f6:dd:2f:cd:f2:b2:6a:be:59:9e:5e:
                    8a:74:49:34:a2:17:a8:54:5b:2e:24:5a:a4:5d:8d:
                    15:17:28:d6:a0:d0:a5:38:8a:94:78:80:f4:40:c6:
                    19:3c:c6:42:a1:cc:8e:4b:7a:80:67:40:fb:02:40:
                    9b:df:d0:c8:86:57:b6:ac:56:5e:7f:80:b2:fd:50:
                    5a:5d:21:ad:30:4c:b6:21:58:04:72:87:8f:3a:49:
                    f4:25:e4:cd:bb:c1:3f:b1:12:5b:c5:e3:09:70:b3:
                    90:29:58:d8:cb:13:24:83:01:51:fe:a7:71:76:e3:
                    28:46:93:d0:50:71:d2:cc:19:2a:e9:58:54:cc:04:
                    fe:60:8a:e7:40:f8:fc:b3:9c:e7:42:b2:29:7b:5f:
                    6f:a2:84:a4:82:59:74:4c:3a:a2:41:68:af:ae:fc:
                    a5:ca:d6:d2:8c:57:49:af:68:30:6d:c3:a2:53:e4:
                    92:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:3F:81:71:B4:00:6E:5A:99:29:78:F0:D5:1C:5B:E0:92:CB:97:F3
            X509v3 Authority Key Identifier:
                keyid:E2:D7:1C:53:5A:A7:A0:AC:E9:3F:AD:AB:DB:65:83:F8:84:A6:C6:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tccU1qnoKzpP62r22WD-ISmxiY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/2c708b-b6e2-4def-a2d9-b31011137a57/1/4tccU1qnoKzpP62r22WD-ISmxiY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/2c708b-b6e2-4def-a2d9-b31011137a57/1/4tccU1qnoKzpP62r22WD-ISmxiY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:7d:26:c9:4e:9b:89:42:8b:aa:98:3f:74:5f:ed:40:da:80:
         fa:8b:9a:92:66:d7:e7:74:83:c8:4e:cf:9f:6e:e0:ed:60:be:
         06:9a:82:90:52:d3:5f:f4:18:70:98:96:dc:bb:dd:87:1b:43:
         91:e4:b4:0d:b7:86:ab:77:70:bf:5f:d0:1c:c9:41:f0:d1:b2:
         4a:f9:c2:8f:f3:b9:38:18:72:0d:cb:08:13:9f:eb:8a:cb:48:
         13:16:cb:b3:91:3b:32:bb:bc:2e:e3:49:e8:82:8a:06:be:e6:
         7e:e4:48:25:79:49:93:e8:c9:c4:9e:06:21:39:bd:19:7e:67:
         22:e0:b6:65:bd:6a:c0:82:c5:55:d9:12:88:51:fd:6d:e3:db:
         d2:f3:41:d2:64:45:ad:48:1a:4f:9f:0d:1b:66:7f:4c:ec:d8:
         62:58:84:e6:db:84:e0:a5:0d:b1:c7:60:56:63:6e:69:ad:02:
         17:f7:b9:c7:04:4c:c6:0e:9f:63:a7:cd:02:35:ba:17:b2:20:
         61:45:b8:d1:93:48:63:b8:df:9f:78:47:38:5c:0f:5d:c1:38:
         22:2e:31:4a:5c:1d:20:4c:a1:cf:cf:9e:51:73:99:58:fc:75:
         41:96:90:5f:ed:13:41:59:91:48:2d:6f:4b:a7:02:c8:ab:29:
         09:de:83:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuGyalS0Owfjuysqg/FhxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDcxYzUzNWFhN2EwYWNlOTNmYWRhYmRiNjU4M2Y4ODRh
NmM2MjYwHhcNMjUxMTExMDcwMTQyWhcNMjUxMTEyMDcwMTQyWjAzMTEwLwYDVQQD
Eyg3YzNmODE3MWI0MDA2ZTVhOTkyOTc4ZjBkNTFjNWJlMDkyY2I5N2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsXZC/aWNnvmozvfZmYkqV9rtFMC
GeL4l0IBx/G2Xs16YaAcBwExTyxx/DMKt/YSVl2WV9voWpwa3LMuXJr5J6NuW88g
u3g01khvB4/i9t0vzfKyar5Znl6KdEk0oheoVFsuJFqkXY0VFyjWoNClOIqUeID0
QMYZPMZCocyOS3qAZ0D7AkCb39DIhle2rFZef4Cy/VBaXSGtMEy2IVgEcoePOkn0
JeTNu8E/sRJbxeMJcLOQKVjYyxMkgwFR/qdxduMoRpPQUHHSzBkq6VhUzAT+YIrn
QPj8s5znQrIpe19vooSkgll0TDqiQWivrvylytbSjFdJr2gwbcOiU+SSEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHw/gXG0AG5amSl48NUcW+CSy5fzMB8GA1UdIwQY
MBaAFOLXHFNap6Cs6T+tq9tlg/iEpsYmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRjY1UxcW5vS3pwUDYycjIyV0QtSVNteGlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8yYzcwOGItYjZlMi00ZGVmLWEyZDkt
YjMxMDExMTM3YTU3LzEvNHRjY1UxcW5vS3pwUDYycjIyV0QtSVNteGlZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8yYzcwOGItYjZlMi00ZGVmLWEyZDktYjMxMDExMTM3YTU3
LzEvNHRjY1UxcW5vS3pwUDYycjIyV0QtSVNteGlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWX0myU6b
iUKLqpg/dF/tQNqA+ouakmbX53SDyE7Pn27g7WC+BpqCkFLTX/QYcJiW3LvdhxtD
keS0DbeGq3dwv1/QHMlB8NGySvnCj/O5OBhyDcsIE5/ristIExbLs5E7Mru8LuNJ
6IKKBr7mfuRIJXlJk+jJxJ4GITm9GX5nIuC2Zb1qwILFVdkSiFH9bePb0vNB0mRF
rUgaT58NG2Z/TOzYYliE5tuE4KUNscdgVmNuaa0CF/e5xwRMxg6fY6fNAjW6F7Ig
YUW40ZNIY7jfn3hHOFwPXcE4Ii4xSlwdIEyhz8+eUXOZWPx1QZaQX+0TQVmRSC1v
S6cCyKspCd6DPw==
-----END CERTIFICATE-----