Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/1d7727-a4de-4ae8-b6c5-c71845a01749/1/Rno4gRLmj0x9TYDDLTfPzWzSOkU.mft
File:                     Rno4gRLmj0x9TYDDLTfPzWzSOkU.mft (raw, json)
Hash identifier:          hRg8iAHBiYMr26ASivWBrZGrJV4/vzfqZFwvd28daNw=
Subject key identifier:   3F:7B:CA:3A:22:38:8B:C4:BC:69:F6:47:FF:94:61:86:88:A8:43:5C
Authority key identifier: 46:7A:38:81:12:E6:8F:4C:7D:4D:80:C3:2D:37:CF:CD:6C:D2:3A:45
Certificate issuer:       /CN=467a388112e68f4c7d4d80c32d37cfcd6cd23a45
Certificate serial:       019A725CA68D0D0350E8D67BC7B26570A1C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Rno4gRLmj0x9TYDDLTfPzWzSOkU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/1d7727-a4de-4ae8-b6c5-c71845a01749/1/Rno4gRLmj0x9TYDDLTfPzWzSOkU.mft
Manifest number:          13DC
Signing time:             Tue 11 Nov 2025 10:01:05 +0000
Manifest this update:     Tue 11 Nov 2025 10:01:05 +0000
Manifest next update:     Wed 12 Nov 2025 10:01:05 +0000
Files and hashes:         1: Rno4gRLmj0x9TYDDLTfPzWzSOkU.crl (hash: +NLFZUUTiIADInULzv2EuNXw9vqc2Ojfd3b3FBZFvGE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/1d7727-a4de-4ae8-b6c5-c71845a01749/1/Rno4gRLmj0x9TYDDLTfPzWzSOkU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/1d7727-a4de-4ae8-b6c5-c71845a01749/1/Rno4gRLmj0x9TYDDLTfPzWzSOkU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Rno4gRLmj0x9TYDDLTfPzWzSOkU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:5c:a6:8d:0d:03:50:e8:d6:7b:c7:b2:65:70:a1:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=467a388112e68f4c7d4d80c32d37cfcd6cd23a45
        Validity
            Not Before: Nov 11 10:01:05 2025 GMT
            Not After : Nov 12 10:01:05 2025 GMT
        Subject: CN=3f7bca3a22388bc4bc69f647ff94618688a8435c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:72:5b:57:a0:6f:c4:02:eb:f9:c5:fc:80:6c:
                    da:3d:d6:8b:4a:ba:fe:84:55:4a:38:ea:11:0d:9c:
                    17:6e:e5:99:fa:92:37:47:99:ef:e7:31:69:d4:c9:
                    a7:3e:81:08:db:dd:5c:c0:c1:85:ec:05:02:85:25:
                    8d:6a:4a:44:68:83:2f:21:7c:9c:80:39:68:f1:c1:
                    65:61:5e:5d:eb:61:c6:fb:e9:ce:cc:5b:13:80:ca:
                    83:d4:db:05:67:2a:6c:39:5a:a9:bb:10:5e:6d:31:
                    71:30:cc:31:e9:cf:ef:1f:15:1b:ba:64:d5:74:f5:
                    f7:41:47:b5:17:a3:11:b8:5a:e4:db:a5:50:4e:cc:
                    b8:c5:3a:be:79:dd:24:d0:21:a1:da:e2:c6:dc:7e:
                    0a:22:02:e5:ff:ab:28:34:4f:5d:bc:9b:21:4f:c4:
                    00:29:06:ce:cd:05:18:5a:3e:61:43:88:59:72:7a:
                    2d:e4:f7:8e:94:4e:2a:a1:a8:3f:8f:01:42:53:28:
                    56:21:68:11:6b:f8:f1:c4:6a:4b:90:e8:31:a5:82:
                    f7:99:ef:46:e3:e8:62:80:d5:d0:48:bf:4c:08:04:
                    9a:ae:34:7c:ca:e5:cf:b4:fc:29:34:79:a7:59:9c:
                    37:1e:28:05:06:0d:64:1c:96:bf:76:ba:92:7a:68:
                    05:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:7B:CA:3A:22:38:8B:C4:BC:69:F6:47:FF:94:61:86:88:A8:43:5C
            X509v3 Authority Key Identifier:
                keyid:46:7A:38:81:12:E6:8F:4C:7D:4D:80:C3:2D:37:CF:CD:6C:D2:3A:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rno4gRLmj0x9TYDDLTfPzWzSOkU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/1d7727-a4de-4ae8-b6c5-c71845a01749/1/Rno4gRLmj0x9TYDDLTfPzWzSOkU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/1d7727-a4de-4ae8-b6c5-c71845a01749/1/Rno4gRLmj0x9TYDDLTfPzWzSOkU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:b4:d3:79:62:4c:30:75:8e:f9:82:2f:78:96:db:ba:ec:54:
         0b:e5:90:22:86:7c:ab:0e:16:dc:3c:dc:f2:ca:47:88:a5:68:
         59:4e:56:bf:29:a1:76:dc:d2:a3:79:31:e3:8b:03:5c:1a:82:
         e7:e8:d7:2d:35:be:b8:27:39:9c:fc:19:6b:5e:a4:59:3a:10:
         36:03:d3:71:a3:af:24:9a:4a:c9:18:99:97:75:31:9b:cf:a1:
         85:15:61:8a:df:ce:11:02:d1:d9:a9:cc:e0:3d:86:eb:bf:69:
         ad:29:e1:82:d4:cc:99:47:f2:7b:db:80:92:8c:bc:8d:29:8c:
         4d:cc:b9:e4:17:9f:67:9f:7a:0f:c7:74:19:9f:4b:f4:23:0a:
         67:13:e4:43:a0:6a:45:c3:6e:b4:0b:19:59:5c:4d:7f:8a:1f:
         2d:c5:7c:9c:64:5b:bf:cb:ee:93:b6:ce:3e:68:b3:56:52:10:
         50:71:ab:39:08:87:21:a9:21:bf:84:3a:f0:7c:23:b7:02:81:
         49:80:ca:f5:c3:e2:c2:31:c4:3f:e5:87:9b:66:18:d4:b4:68:
         b1:3c:ff:e0:ef:04:cf:08:e8:be:17:af:e8:d7:1f:81:05:ce:
         c5:91:a3:48:ee:cb:4c:88:42:f4:70:45:30:10:3c:84:41:0b:
         8d:4f:37:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXKaNDQNQ6NZ7x7JlcKHHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2N2EzODgxMTJlNjhmNGM3ZDRkODBjMzJkMzdjZmNkNmNk
MjNhNDUwHhcNMjUxMTExMTAwMTA1WhcNMjUxMTEyMTAwMTA1WjAzMTEwLwYDVQQD
EygzZjdiY2EzYTIyMzg4YmM0YmM2OWY2NDdmZjk0NjE4Njg4YTg0MzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHJbV6BvxALr+cX8gGzaPdaLSrr+
hFVKOOoRDZwXbuWZ+pI3R5nv5zFp1MmnPoEI291cwMGF7AUChSWNakpEaIMvIXyc
gDlo8cFlYV5d62HG++nOzFsTgMqD1NsFZypsOVqpuxBebTFxMMwx6c/vHxUbumTV
dPX3QUe1F6MRuFrk26VQTsy4xTq+ed0k0CGh2uLG3H4KIgLl/6soNE9dvJshT8QA
KQbOzQUYWj5hQ4hZcnot5PeOlE4qoag/jwFCUyhWIWgRa/jxxGpLkOgxpYL3me9G
4+higNXQSL9MCASarjR8yuXPtPwpNHmnWZw3HigFBg1kHJa/drqSemgFJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD97yjoiOIvEvGn2R/+UYYaIqENcMB8GA1UdIwQY
MBaAFEZ6OIES5o9MfU2Awy03z81s0jpFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm5vNGdSTG1qMHg5VFlERExUZlB6V3pTT2tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xZDc3MjctYTRkZS00YWU4LWI2YzUt
YzcxODQ1YTAxNzQ5LzEvUm5vNGdSTG1qMHg5VFlERExUZlB6V3pTT2tVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xZDc3MjctYTRkZS00YWU4LWI2YzUtYzcxODQ1YTAxNzQ5
LzEvUm5vNGdSTG1qMHg5VFlERExUZlB6V3pTT2tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABbTTeWJM
MHWO+YIveJbbuuxUC+WQIoZ8qw4W3Dzc8spHiKVoWU5WvymhdtzSo3kx44sDXBqC
5+jXLTW+uCc5nPwZa16kWToQNgPTcaOvJJpKyRiZl3Uxm8+hhRVhit/OEQLR2anM
4D2G679prSnhgtTMmUfye9uAkoy8jSmMTcy55BefZ596D8d0GZ9L9CMKZxPkQ6Bq
RcNutAsZWVxNf4ofLcV8nGRbv8vuk7bOPmizVlIQUHGrOQiHIakhv4Q68HwjtwKB
SYDK9cPiwjHEP+WHm2YY1LRosTz/4O8Ezwjovhev6NcfgQXOxZGjSO7LTIhC9HBF
MBA8hEELjU83Dw==
-----END CERTIFICATE-----