Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/9b7108-e12f-4f8a-a5e0-38e805ff4c73/1/71j4Vyvdd9mBQRGA4u-aioAsdqw.mft
File:                     71j4Vyvdd9mBQRGA4u-aioAsdqw.mft (raw, json)
Hash identifier:          Wp+bqZOXchLNsZERfeP4nUOLUV1LC8E8AqSnDz8+0PQ=
Subject key identifier:   03:65:ED:1F:91:48:78:17:D5:67:71:4E:1F:90:90:CA:DB:67:62:CD
Authority key identifier: EF:58:F8:57:2B:DD:77:D9:81:41:11:80:E2:EF:9A:8A:80:2C:76:AC
Certificate issuer:       /CN=ef58f8572bdd77d981411180e2ef9a8a802c76ac
Certificate serial:       019A7113478805E84C25F801E3A8494B9B2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/71j4Vyvdd9mBQRGA4u-aioAsdqw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/9b7108-e12f-4f8a-a5e0-38e805ff4c73/1/71j4Vyvdd9mBQRGA4u-aioAsdqw.mft
Manifest number:          029A
Signing time:             Tue 11 Nov 2025 04:01:20 +0000
Manifest this update:     Tue 11 Nov 2025 04:01:20 +0000
Manifest next update:     Wed 12 Nov 2025 04:01:20 +0000
Files and hashes:         1: 71j4Vyvdd9mBQRGA4u-aioAsdqw.crl (hash: yE9w3eEmVIy4aqe42gDMjziIzgsjLCD4SNs+XKhtRPI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/9b7108-e12f-4f8a-a5e0-38e805ff4c73/1/71j4Vyvdd9mBQRGA4u-aioAsdqw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/9b7108-e12f-4f8a-a5e0-38e805ff4c73/1/71j4Vyvdd9mBQRGA4u-aioAsdqw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/71j4Vyvdd9mBQRGA4u-aioAsdqw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:01:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:13:47:88:05:e8:4c:25:f8:01:e3:a8:49:4b:9b:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ef58f8572bdd77d981411180e2ef9a8a802c76ac
        Validity
            Not Before: Nov 11 04:01:20 2025 GMT
            Not After : Nov 12 04:01:20 2025 GMT
        Subject: CN=0365ed1f91487817d567714e1f9090cadb6762cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:71:45:e5:0b:1d:c7:34:b7:08:59:dd:b0:6e:
                    77:e2:29:a0:af:d3:4e:38:e4:c7:eb:b0:57:44:67:
                    95:c1:ae:cd:7a:d5:d8:d1:bd:2d:03:ab:af:f5:fe:
                    8e:b6:5a:3d:8f:cb:40:a1:4c:83:3e:d0:3b:1b:d7:
                    12:19:12:1b:a0:91:1b:c1:be:4f:2b:5c:c9:c6:02:
                    0d:45:89:1e:26:a2:c1:4a:49:76:d3:bd:53:23:8f:
                    29:e6:63:3d:29:3c:18:dc:8e:89:a3:3b:33:fe:10:
                    a1:4e:a1:97:1a:6b:56:96:d3:ad:fe:ee:68:f7:fa:
                    71:ca:6b:d8:19:a8:2a:dc:22:ba:f2:c9:91:46:75:
                    5b:cd:45:43:a4:0e:d5:64:f3:b4:c4:e7:bc:bb:fc:
                    5c:4f:bc:5f:2d:1d:d9:f6:54:d2:3c:17:b5:d9:52:
                    95:fa:0a:b7:1c:8f:ce:30:43:f6:03:a0:94:de:af:
                    69:b1:8b:c8:5d:1d:49:08:ca:99:cb:4c:cd:31:96:
                    09:b7:c7:35:fb:21:a6:9f:d5:c1:b8:7c:f8:be:ff:
                    66:a3:26:ff:57:70:fd:e2:47:89:8c:a7:8a:dc:da:
                    44:c5:e0:37:1b:e2:eb:8c:6f:c2:06:28:8f:d5:1b:
                    d7:2f:7b:ac:43:d3:f6:8b:ed:40:d1:6e:8e:4e:31:
                    b9:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:65:ED:1F:91:48:78:17:D5:67:71:4E:1F:90:90:CA:DB:67:62:CD
            X509v3 Authority Key Identifier:
                keyid:EF:58:F8:57:2B:DD:77:D9:81:41:11:80:E2:EF:9A:8A:80:2C:76:AC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71j4Vyvdd9mBQRGA4u-aioAsdqw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/9b7108-e12f-4f8a-a5e0-38e805ff4c73/1/71j4Vyvdd9mBQRGA4u-aioAsdqw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/9b7108-e12f-4f8a-a5e0-38e805ff4c73/1/71j4Vyvdd9mBQRGA4u-aioAsdqw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:2e:fd:b0:29:68:fc:d4:b5:6a:5e:24:8e:db:13:e1:ec:23:
         e2:64:48:02:26:f4:7c:93:79:61:0c:14:24:5e:c1:de:eb:df:
         83:b7:38:e9:7b:50:3a:84:f8:a0:e0:09:24:48:1f:4c:0d:27:
         86:e9:12:fc:0c:80:46:36:4d:ef:e3:21:68:2d:d7:5f:17:0a:
         4b:bc:28:2b:76:a3:de:b9:be:18:6f:03:a1:97:00:3f:29:16:
         c5:e2:01:20:2a:b1:ab:8f:8e:1e:33:c2:d0:f4:00:29:10:fe:
         44:92:80:73:53:8e:0a:4d:f7:45:fa:4c:cf:fb:fc:66:96:db:
         3a:7a:45:f9:90:e6:10:29:69:cb:fa:99:56:df:30:51:c6:41:
         80:e9:d8:ff:f0:02:53:7d:81:58:c3:f2:85:da:7f:bc:17:44:
         a8:8c:87:6f:1c:8e:c9:3b:74:7b:14:c4:33:89:bc:23:4e:96:
         6c:1c:06:bf:bb:8d:4d:f6:43:a5:aa:e2:86:fe:7c:aa:29:69:
         aa:87:4b:fc:71:72:97:79:3b:b2:56:c8:53:35:e0:a5:52:cb:
         d0:32:73:9d:75:df:64:1d:ae:a6:4a:ba:fa:92:82:12:72:b6:
         da:37:a9:79:81:67:5e:68:fe:55:bb:32:1c:2c:d2:fd:bd:c7:
         94:d3:55:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxE0eIBehMJfgB46hJS5svMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNThmODU3MmJkZDc3ZDk4MTQxMTE4MGUyZWY5YThhODAy
Yzc2YWMwHhcNMjUxMTExMDQwMTIwWhcNMjUxMTEyMDQwMTIwWjAzMTEwLwYDVQQD
EygwMzY1ZWQxZjkxNDg3ODE3ZDU2NzcxNGUxZjkwOTBjYWRiNjc2MmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3FF5QsdxzS3CFndsG534imgr9NO
OOTH67BXRGeVwa7NetXY0b0tA6uv9f6Otlo9j8tAoUyDPtA7G9cSGRIboJEbwb5P
K1zJxgINRYkeJqLBSkl2071TI48p5mM9KTwY3I6Jozsz/hChTqGXGmtWltOt/u5o
9/pxymvYGagq3CK68smRRnVbzUVDpA7VZPO0xOe8u/xcT7xfLR3Z9lTSPBe12VKV
+gq3HI/OMEP2A6CU3q9psYvIXR1JCMqZy0zNMZYJt8c1+yGmn9XBuHz4vv9moyb/
V3D94keJjKeK3NpExeA3G+LrjG/CBiiP1RvXL3usQ9P2i+1A0W6OTjG5+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFANl7R+RSHgX1WdxTh+QkMrbZ2LNMB8GA1UdIwQY
MBaAFO9Y+Fcr3XfZgUERgOLvmoqALHasMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFqNFZ5dmRkOW1CUVJHQTR1LWFpb0FzZHF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni85YjcxMDgtZTEyZi00ZjhhLWE1ZTAt
MzhlODA1ZmY0YzczLzEvNzFqNFZ5dmRkOW1CUVJHQTR1LWFpb0FzZHF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni85YjcxMDgtZTEyZi00ZjhhLWE1ZTAtMzhlODA1ZmY0Yzcz
LzEvNzFqNFZ5dmRkOW1CUVJHQTR1LWFpb0FzZHF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHS79sClo
/NS1al4kjtsT4ewj4mRIAib0fJN5YQwUJF7B3uvfg7c46XtQOoT4oOAJJEgfTA0n
hukS/AyARjZN7+MhaC3XXxcKS7woK3aj3rm+GG8DoZcAPykWxeIBICqxq4+OHjPC
0PQAKRD+RJKAc1OOCk33RfpMz/v8ZpbbOnpF+ZDmEClpy/qZVt8wUcZBgOnY//AC
U32BWMPyhdp/vBdEqIyHbxyOyTt0exTEM4m8I06WbBwGv7uNTfZDparihv58qilp
qodL/HFyl3k7slbIUzXgpVLL0DJznXXfZB2upkq6+pKCEnK22jepeYFnXmj+Vbsy
HCzS/b3HlNNVRQ==
-----END CERTIFICATE-----