Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/435d45-bee2-491a-b287-65f42efe59de/1/rAsK5lTCnX8fDU4tNRarfe8Msp0.mft
File:                     rAsK5lTCnX8fDU4tNRarfe8Msp0.mft (raw, json)
Hash identifier:          ve4YJisLmsl0gKb5KlVHDaDbB6faGdP/fHmWbmlniNs=
Subject key identifier:   74:42:03:BA:9B:98:37:ED:61:34:3B:0C:02:49:31:DA:6A:76:73:4A
Authority key identifier: AC:0B:0A:E6:54:C2:9D:7F:1F:0D:4E:2D:35:16:AB:7D:EF:0C:B2:9D
Certificate issuer:       /CN=ac0b0ae654c29d7f1f0d4e2d3516ab7def0cb29d
Certificate serial:       019A7225ADE546B94235737ACD9B03304128
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rAsK5lTCnX8fDU4tNRarfe8Msp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/435d45-bee2-491a-b287-65f42efe59de/1/rAsK5lTCnX8fDU4tNRarfe8Msp0.mft
Manifest number:          063E
Signing time:             Tue 11 Nov 2025 09:01:03 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:03 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:03 +0000
Files and hashes:         1: rAsK5lTCnX8fDU4tNRarfe8Msp0.crl (hash: HliXlklXlxUCdeSgWh+DMUB8kgrhon7PaV4aEG6m6Ks=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4b/435d45-bee2-491a-b287-65f42efe59de/1/rAsK5lTCnX8fDU4tNRarfe8Msp0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4b/435d45-bee2-491a-b287-65f42efe59de/1/rAsK5lTCnX8fDU4tNRarfe8Msp0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rAsK5lTCnX8fDU4tNRarfe8Msp0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:ad:e5:46:b9:42:35:73:7a:cd:9b:03:30:41:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ac0b0ae654c29d7f1f0d4e2d3516ab7def0cb29d
        Validity
            Not Before: Nov 11 09:01:03 2025 GMT
            Not After : Nov 12 09:01:03 2025 GMT
        Subject: CN=744203ba9b9837ed61343b0c024931da6a76734a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:3d:17:af:74:08:3e:34:78:f4:48:d3:31:5d:
                    0d:8b:39:ce:a2:22:9b:8b:0d:3b:aa:f5:ce:22:f1:
                    0b:36:79:63:6c:4e:63:80:ff:2a:32:68:32:c4:ef:
                    63:95:63:3d:b8:93:b3:7f:c0:8b:28:9b:f0:98:95:
                    ff:49:e3:a3:7d:71:a1:4e:83:c2:d2:d0:55:22:62:
                    9c:10:eb:cc:0f:35:59:d3:e7:f6:b1:c5:69:2a:e6:
                    4e:0e:a5:5b:e3:ea:d4:22:4b:52:2c:0c:41:84:f5:
                    be:91:78:98:14:a8:94:91:82:ce:cc:4e:8e:1e:c3:
                    16:19:c1:d7:e7:de:00:9d:6b:91:ec:62:87:4b:d5:
                    5c:32:22:a6:23:7f:41:02:ee:4e:af:0f:40:b0:f1:
                    3e:c3:d2:87:f5:42:76:e7:92:fa:5a:f0:fa:26:bc:
                    14:37:f6:6d:f4:04:56:97:56:84:62:87:5d:ec:60:
                    97:6f:30:21:04:b4:6b:03:6b:6b:b8:33:f0:e0:ff:
                    05:64:36:34:09:9d:c3:12:01:41:f4:1c:a5:ad:5f:
                    8b:fd:18:e3:62:60:3c:1c:3e:1d:fb:44:1c:76:1f:
                    ef:5c:82:ea:59:12:a4:ee:90:72:e2:ce:37:e5:b6:
                    c5:91:7a:5c:22:6c:b6:49:9e:85:78:97:13:d2:22:
                    e0:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:42:03:BA:9B:98:37:ED:61:34:3B:0C:02:49:31:DA:6A:76:73:4A
            X509v3 Authority Key Identifier:
                keyid:AC:0B:0A:E6:54:C2:9D:7F:1F:0D:4E:2D:35:16:AB:7D:EF:0C:B2:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rAsK5lTCnX8fDU4tNRarfe8Msp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/435d45-bee2-491a-b287-65f42efe59de/1/rAsK5lTCnX8fDU4tNRarfe8Msp0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/435d45-bee2-491a-b287-65f42efe59de/1/rAsK5lTCnX8fDU4tNRarfe8Msp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:09:99:9e:93:5f:e5:e9:38:b2:01:8b:6e:b8:13:ca:86:21:
         44:5a:2b:7e:c3:94:ad:3f:63:d7:91:cf:76:c2:a4:6a:f8:ae:
         bf:c2:41:e1:40:92:8d:6e:ee:c3:85:51:55:04:09:e4:46:4a:
         9b:d8:f9:0a:9d:2a:0b:5a:9c:48:92:2e:10:8f:39:85:94:30:
         66:cf:9e:84:5d:41:f5:3c:04:ae:32:d4:0f:a6:bd:60:89:cf:
         1c:eb:60:b8:26:2b:fc:a7:66:11:e3:f8:d5:c0:71:b5:4a:c0:
         56:fd:e4:34:9c:67:02:8e:94:5c:52:b4:fe:95:2f:61:42:cb:
         0f:34:e4:6e:9d:ca:97:8b:f9:ca:3f:96:e3:90:2b:12:a3:e9:
         47:1e:a4:71:f8:25:0d:38:ef:14:f2:e5:0c:ca:c9:12:17:6b:
         a1:1e:05:e0:db:6e:a9:68:fa:2a:5c:b7:7d:8e:38:5f:a8:4c:
         82:4a:78:0e:38:05:a2:28:ef:b5:e0:7e:63:1b:a0:8a:57:d8:
         62:21:9c:cd:49:44:4d:c8:97:0c:31:63:39:0c:63:ad:e0:64:
         ce:49:46:9b:69:16:34:6e:80:97:1f:0b:a2:40:87:67:99:63:
         5d:de:5f:90:7c:1f:fe:4e:14:32:e1:57:0e:91:c7:36:fe:34:
         9c:b0:cd:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJa3lRrlCNXN6zZsDMEEoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMGIwYWU2NTRjMjlkN2YxZjBkNGUyZDM1MTZhYjdkZWYw
Y2IyOWQwHhcNMjUxMTExMDkwMTAzWhcNMjUxMTEyMDkwMTAzWjAzMTEwLwYDVQQD
Eyg3NDQyMDNiYTliOTgzN2VkNjEzNDNiMGMwMjQ5MzFkYTZhNzY3MzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtz0Xr3QIPjR49EjTMV0NiznOoiKb
iw07qvXOIvELNnljbE5jgP8qMmgyxO9jlWM9uJOzf8CLKJvwmJX/SeOjfXGhToPC
0tBVImKcEOvMDzVZ0+f2scVpKuZODqVb4+rUIktSLAxBhPW+kXiYFKiUkYLOzE6O
HsMWGcHX594AnWuR7GKHS9VcMiKmI39BAu5Orw9AsPE+w9KH9UJ255L6WvD6JrwU
N/Zt9ARWl1aEYodd7GCXbzAhBLRrA2truDPw4P8FZDY0CZ3DEgFB9BylrV+L/Rjj
YmA8HD4d+0Qcdh/vXILqWRKk7pBy4s435bbFkXpcImy2SZ6FeJcT0iLgHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHRCA7qbmDftYTQ7DAJJMdpqdnNKMB8GA1UdIwQY
MBaAFKwLCuZUwp1/Hw1OLTUWq33vDLKdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckFzSzVsVENuWDhmRFU0dE5SYXJmZThNc3AwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi80MzVkNDUtYmVlMi00OTFhLWIyODct
NjVmNDJlZmU1OWRlLzEvckFzSzVsVENuWDhmRFU0dE5SYXJmZThNc3AwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi80MzVkNDUtYmVlMi00OTFhLWIyODctNjVmNDJlZmU1OWRl
LzEvckFzSzVsVENuWDhmRFU0dE5SYXJmZThNc3AwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgAmZnpNf
5ek4sgGLbrgTyoYhRForfsOUrT9j15HPdsKkaviuv8JB4UCSjW7uw4VRVQQJ5EZK
m9j5Cp0qC1qcSJIuEI85hZQwZs+ehF1B9TwErjLUD6a9YInPHOtguCYr/KdmEeP4
1cBxtUrAVv3kNJxnAo6UXFK0/pUvYULLDzTkbp3Kl4v5yj+W45ArEqPpRx6kcfgl
DTjvFPLlDMrJEhdroR4F4NtuqWj6Kly3fY44X6hMgkp4DjgFoijvteB+YxugilfY
YiGczUlETciXDDFjOQxjreBkzklGm2kWNG6Alx8LokCHZ5ljXd5fkHwf/k4UMuFX
DpHHNv40nLDNWw==
-----END CERTIFICATE-----