Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.mft
File:                     oewv8gIW07xkdbhQpGXjYvTs7s0.mft (raw, json)
Hash identifier:          HmHbZDCDMJIvL88YNbMRIwIXSnt1AQpoRyIy5nJiSdI=
Subject key identifier:   BA:F1:DA:A9:28:B3:80:42:54:71:9E:C5:75:AF:71:71:70:91:84:D9
Authority key identifier: A1:EC:2F:F2:02:16:D3:BC:64:75:B8:50:A4:65:E3:62:F4:EC:EE:CD
Certificate issuer:       /CN=a1ec2ff20216d3bc6475b850a465e362f4eceecd
Certificate serial:       019A70A4D750B2DB9965CE850F1FE3D9422A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oewv8gIW07xkdbhQpGXjYvTs7s0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.mft
Manifest number:          03A0
Signing time:             Tue 11 Nov 2025 02:00:42 +0000
Manifest this update:     Tue 11 Nov 2025 02:00:42 +0000
Manifest next update:     Wed 12 Nov 2025 02:00:42 +0000
Files and hashes:         1: oewv8gIW07xkdbhQpGXjYvTs7s0.crl (hash: C/im+G+eKhtCNbviZZKCKqXR0wkj4CB+X89hbaEihrI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oewv8gIW07xkdbhQpGXjYvTs7s0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 02:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:a4:d7:50:b2:db:99:65:ce:85:0f:1f:e3:d9:42:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1ec2ff20216d3bc6475b850a465e362f4eceecd
        Validity
            Not Before: Nov 11 02:00:42 2025 GMT
            Not After : Nov 12 02:00:42 2025 GMT
        Subject: CN=baf1daa928b3804254719ec575af7171709184d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:bf:4e:61:1a:ac:91:e3:fd:12:5c:7e:06:a7:
                    7b:1d:83:bd:08:5b:24:d3:58:86:ab:b0:84:cc:28:
                    fc:fa:80:a8:f9:fc:28:0d:8d:0b:9a:e0:90:3d:dc:
                    1a:d7:9f:fd:d8:51:f3:6d:ff:43:7e:af:76:82:c9:
                    18:3b:05:9a:d8:6c:40:59:5d:17:04:92:eb:6d:11:
                    c5:5d:85:a8:75:ea:89:90:db:9e:4b:7f:4a:90:bf:
                    7e:ff:e2:bd:24:b1:7e:9b:4a:af:8b:37:e4:f4:98:
                    db:62:17:db:ee:c0:64:4c:b8:8b:14:5d:38:b5:c0:
                    1e:27:73:a3:f8:13:a8:fb:b1:02:39:aa:88:51:cd:
                    00:3b:0a:b9:fa:f0:d4:7c:bb:3e:a8:14:d1:3a:69:
                    d1:c2:eb:de:73:a7:4a:e8:c3:20:79:6f:5c:15:0d:
                    12:c6:ae:ed:18:ca:01:ea:cf:28:f3:eb:2b:8d:08:
                    a9:29:d7:63:0c:65:53:72:48:3a:d4:66:58:c6:b5:
                    60:a7:b4:52:ec:a8:11:6a:ab:53:f1:67:f0:be:46:
                    87:d2:6d:51:ba:8e:3a:54:56:15:75:ac:5a:37:ae:
                    0b:69:7e:e0:f5:f1:4e:0f:14:2a:56:f9:d4:93:13:
                    d8:4f:9a:92:c9:13:04:bf:fe:55:3c:e5:0e:77:ff:
                    56:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:F1:DA:A9:28:B3:80:42:54:71:9E:C5:75:AF:71:71:70:91:84:D9
            X509v3 Authority Key Identifier:
                keyid:A1:EC:2F:F2:02:16:D3:BC:64:75:B8:50:A4:65:E3:62:F4:EC:EE:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oewv8gIW07xkdbhQpGXjYvTs7s0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:96:57:8e:de:8b:7a:cb:c6:7c:26:91:bc:f5:d8:f4:44:95:
         b2:93:7a:b7:d3:4b:18:92:7d:a1:9c:a9:4e:23:86:19:4c:18:
         7b:b1:94:32:f9:d0:bc:03:37:bc:d5:08:a7:66:00:bd:e5:e1:
         fc:0f:8a:76:b2:b4:58:2e:5c:18:88:7e:29:48:ad:87:e9:6f:
         2c:0a:65:b3:89:98:96:01:33:8f:63:92:09:7f:60:ab:1a:18:
         20:3a:f8:3b:db:62:e7:dc:cc:fc:6d:cd:2a:c4:b8:bb:b1:37:
         6b:24:22:41:21:a0:25:9a:f2:ed:15:d6:e5:f0:a1:61:f2:ff:
         e7:f7:f0:e0:59:3d:6a:8e:66:cc:dc:86:10:2b:fb:6c:43:7d:
         6c:00:ec:7c:b6:8f:63:df:c0:8f:8b:4a:f1:84:e5:ec:1a:b9:
         95:82:f2:1a:47:34:a5:b9:90:50:b9:8f:d3:82:40:54:2e:f6:
         80:f9:be:67:9e:3b:50:45:44:6b:91:a4:2a:d1:69:6b:d9:a3:
         d8:ab:63:45:55:0f:a2:ba:77:7f:c2:ea:76:1f:24:f7:3b:d6:
         16:ca:41:80:e3:40:1a:68:48:3a:c8:31:c4:cc:29:1d:64:60:
         ff:f5:3d:de:6a:96:53:03:f3:8c:ea:65:cc:5b:2d:bc:2c:c9:
         32:79:5f:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwpNdQstuZZc6FDx/j2UIqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExZWMyZmYyMDIxNmQzYmM2NDc1Yjg1MGE0NjVlMzYyZjRl
Y2VlY2QwHhcNMjUxMTExMDIwMDQyWhcNMjUxMTEyMDIwMDQyWjAzMTEwLwYDVQQD
EyhiYWYxZGFhOTI4YjM4MDQyNTQ3MTllYzU3NWFmNzE3MTcwOTE4NGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnr9OYRqskeP9Elx+Bqd7HYO9CFsk
01iGq7CEzCj8+oCo+fwoDY0LmuCQPdwa15/92FHzbf9Dfq92gskYOwWa2GxAWV0X
BJLrbRHFXYWodeqJkNueS39KkL9+/+K9JLF+m0qvizfk9JjbYhfb7sBkTLiLFF04
tcAeJ3Oj+BOo+7ECOaqIUc0AOwq5+vDUfLs+qBTROmnRwuvec6dK6MMgeW9cFQ0S
xq7tGMoB6s8o8+srjQipKddjDGVTckg61GZYxrVgp7RS7KgRaqtT8WfwvkaH0m1R
uo46VFYVdaxaN64LaX7g9fFODxQqVvnUkxPYT5qSyRMEv/5VPOUOd/9WiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLrx2qkos4BCVHGexXWvcXFwkYTZMB8GA1UdIwQY
MBaAFKHsL/ICFtO8ZHW4UKRl42L07O7NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2V3djhnSVcwN3hrZGJoUXBHWGpZdlRzN3MwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yM2JkNWUtZjdlNC00ZDlkLWI1NzMt
NTA3NTYzODg1NDAzLzEvb2V3djhnSVcwN3hrZGJoUXBHWGpZdlRzN3MwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8yM2JkNWUtZjdlNC00ZDlkLWI1NzMtNTA3NTYzODg1NDAz
LzEvb2V3djhnSVcwN3hrZGJoUXBHWGpZdlRzN3MwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ5ZXjt6L
esvGfCaRvPXY9ESVspN6t9NLGJJ9oZypTiOGGUwYe7GUMvnQvAM3vNUIp2YAveXh
/A+KdrK0WC5cGIh+KUith+lvLApls4mYlgEzj2OSCX9gqxoYIDr4O9ti59zM/G3N
KsS4u7E3ayQiQSGgJZry7RXW5fChYfL/5/fw4Fk9ao5mzNyGECv7bEN9bADsfLaP
Y9/Aj4tK8YTl7Bq5lYLyGkc0pbmQULmP04JAVC72gPm+Z547UEVEa5GkKtFpa9mj
2KtjRVUPorp3f8Lqdh8k9zvWFspBgONAGmhIOsgxxMwpHWRg//U93mqWUwPzjOpl
zFstvCzJMnlfQg==
-----END CERTIFICATE-----