Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/ecfafc-9115-4ec2-ae11-07f1259feb13/1/kwk3JGTFmj3Y7NYyFbAYGXBlWKY.mft
File:                     kwk3JGTFmj3Y7NYyFbAYGXBlWKY.mft (raw, json)
Hash identifier:          7+KBihTBsrAZAV3CFsKqIED3oh9x9P4TJe+J+GhVmNM=
Subject key identifier:   DC:E6:63:8A:EB:8E:55:E2:7A:C7:67:1D:D3:FE:EE:D2:24:74:7E:DA
Authority key identifier: 93:09:37:24:64:C5:9A:3D:D8:EC:D6:32:15:B0:18:19:70:65:58:A6
Certificate issuer:       /CN=9309372464c59a3dd8ecd63215b01819706558a6
Certificate serial:       019A72261754B9CB19DCE108E71312F198B2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kwk3JGTFmj3Y7NYyFbAYGXBlWKY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/ecfafc-9115-4ec2-ae11-07f1259feb13/1/kwk3JGTFmj3Y7NYyFbAYGXBlWKY.mft
Manifest number:          0749
Signing time:             Tue 11 Nov 2025 09:01:30 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:30 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:30 +0000
Files and hashes:         1: kwk3JGTFmj3Y7NYyFbAYGXBlWKY.crl (hash: lKhZFjdy3Q7iV/0dVbitJpccMWXaQSTu61YvrkczlUQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/ecfafc-9115-4ec2-ae11-07f1259feb13/1/kwk3JGTFmj3Y7NYyFbAYGXBlWKY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/ecfafc-9115-4ec2-ae11-07f1259feb13/1/kwk3JGTFmj3Y7NYyFbAYGXBlWKY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kwk3JGTFmj3Y7NYyFbAYGXBlWKY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:17:54:b9:cb:19:dc:e1:08:e7:13:12:f1:98:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9309372464c59a3dd8ecd63215b01819706558a6
        Validity
            Not Before: Nov 11 09:01:30 2025 GMT
            Not After : Nov 12 09:01:30 2025 GMT
        Subject: CN=dce6638aeb8e55e27ac7671dd3feeed224747eda
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:f5:98:57:7c:a9:64:34:d5:bc:66:bd:45:d8:
                    ec:12:ca:5c:e5:8c:82:c4:5b:87:ec:9e:dd:19:0e:
                    b0:42:4b:23:3c:04:c7:54:d5:8f:bc:c8:a5:db:ec:
                    b8:04:65:0d:09:ad:41:ac:e5:d8:ce:e5:a6:ac:1b:
                    96:41:cc:cc:58:24:f8:b1:80:d7:99:28:a4:af:e6:
                    d7:ac:a3:b8:89:50:4c:bc:8a:b2:3a:52:68:4b:c9:
                    03:1d:4d:68:ee:b3:b6:65:ae:7f:62:78:fd:a6:77:
                    c8:e7:99:a4:56:92:8b:c7:6a:a0:c6:65:72:1e:fd:
                    f0:f3:28:d2:f6:e1:69:35:0a:88:6e:2c:35:3f:dd:
                    d3:55:3c:1e:d8:2a:61:a0:81:42:9f:d3:cc:74:5d:
                    d6:ac:e4:50:f7:6a:74:3b:45:15:99:00:18:97:42:
                    de:a7:9f:96:55:e0:cc:e8:4a:e1:f9:20:78:16:c1:
                    19:3b:f1:f0:4d:2f:45:74:54:ba:9c:8b:ed:90:b2:
                    f0:93:37:98:fc:49:5d:e5:38:ea:be:34:43:28:b8:
                    ac:b9:61:20:b0:4e:0a:5b:44:9c:d6:3e:db:35:6e:
                    ec:97:47:fa:37:e4:1a:0e:15:17:e6:8e:af:85:2c:
                    14:bb:a0:31:50:f6:7f:02:8f:ec:4b:61:22:1b:2b:
                    cf:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:E6:63:8A:EB:8E:55:E2:7A:C7:67:1D:D3:FE:EE:D2:24:74:7E:DA
            X509v3 Authority Key Identifier:
                keyid:93:09:37:24:64:C5:9A:3D:D8:EC:D6:32:15:B0:18:19:70:65:58:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kwk3JGTFmj3Y7NYyFbAYGXBlWKY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/ecfafc-9115-4ec2-ae11-07f1259feb13/1/kwk3JGTFmj3Y7NYyFbAYGXBlWKY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/ecfafc-9115-4ec2-ae11-07f1259feb13/1/kwk3JGTFmj3Y7NYyFbAYGXBlWKY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:77:57:c5:10:83:b9:d6:1f:ca:7f:3e:08:b6:fa:11:34:c8:
         aa:10:ba:1e:34:cc:e6:c3:6d:1c:5c:53:35:9f:f7:2f:28:27:
         08:b4:1f:bc:2d:6f:ac:41:16:42:17:47:58:27:b2:1a:78:7f:
         17:78:fe:9f:d8:33:de:dd:31:44:00:e6:24:b8:8a:59:d6:93:
         ac:a0:7e:2d:36:03:0b:20:e3:73:f6:cb:8f:e7:4a:a3:df:2c:
         29:3f:38:39:33:91:ec:7a:b8:69:89:7b:1a:ae:1c:b3:9c:de:
         8d:32:de:a3:95:69:49:ce:9e:68:4c:6c:94:fe:85:34:8f:cf:
         c5:98:61:ba:9a:cd:a0:9a:3b:22:db:c0:f5:43:de:36:2a:d3:
         97:9b:8d:d6:c3:d3:65:16:98:4b:48:9e:cb:49:9e:1e:58:c1:
         36:b2:16:30:9c:18:dd:8d:10:6f:ff:cc:fa:fd:68:d3:ba:1f:
         07:e5:98:37:93:03:ec:86:d8:81:e9:82:8e:45:d9:72:c7:20:
         b7:d1:26:c3:c2:a4:1c:a6:b7:dc:71:87:53:83:98:32:a2:79:
         81:87:be:13:15:0b:cd:16:4a:a4:88:d2:24:45:d6:d5:73:81:
         08:21:31:10:25:f5:50:20:6d:f8:aa:73:f2:4e:bb:70:98:2c:
         4f:a5:76:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJhdUucsZ3OEI5xMS8ZiyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMDkzNzI0NjRjNTlhM2RkOGVjZDYzMjE1YjAxODE5NzA2
NTU4YTYwHhcNMjUxMTExMDkwMTMwWhcNMjUxMTEyMDkwMTMwWjAzMTEwLwYDVQQD
EyhkY2U2NjM4YWViOGU1NWUyN2FjNzY3MWRkM2ZlZWVkMjI0NzQ3ZWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvWYV3ypZDTVvGa9RdjsEspc5YyC
xFuH7J7dGQ6wQksjPATHVNWPvMil2+y4BGUNCa1BrOXYzuWmrBuWQczMWCT4sYDX
mSikr+bXrKO4iVBMvIqyOlJoS8kDHU1o7rO2Za5/Ynj9pnfI55mkVpKLx2qgxmVy
Hv3w8yjS9uFpNQqIbiw1P93TVTwe2CphoIFCn9PMdF3WrORQ92p0O0UVmQAYl0Le
p5+WVeDM6Erh+SB4FsEZO/HwTS9FdFS6nIvtkLLwkzeY/Eld5TjqvjRDKLisuWEg
sE4KW0Sc1j7bNW7sl0f6N+QaDhUX5o6vhSwUu6AxUPZ/Ao/sS2EiGyvPqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNzmY4rrjlXiesdnHdP+7tIkdH7aMB8GA1UdIwQY
MBaAFJMJNyRkxZo92OzWMhWwGBlwZVimMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3drM0pHVEZtajNZN05ZeUZiQVlHWEJsV0tZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9lY2ZhZmMtOTExNS00ZWMyLWFlMTEt
MDdmMTI1OWZlYjEzLzEva3drM0pHVEZtajNZN05ZeUZiQVlHWEJsV0tZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9lY2ZhZmMtOTExNS00ZWMyLWFlMTEtMDdmMTI1OWZlYjEz
LzEva3drM0pHVEZtajNZN05ZeUZiQVlHWEJsV0tZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASHdXxRCD
udYfyn8+CLb6ETTIqhC6HjTM5sNtHFxTNZ/3LygnCLQfvC1vrEEWQhdHWCeyGnh/
F3j+n9gz3t0xRADmJLiKWdaTrKB+LTYDCyDjc/bLj+dKo98sKT84OTOR7Hq4aYl7
Gq4cs5zejTLeo5VpSc6eaExslP6FNI/PxZhhuprNoJo7ItvA9UPeNirTl5uN1sPT
ZRaYS0iey0meHljBNrIWMJwY3Y0Qb//M+v1o07ofB+WYN5MD7IbYgemCjkXZcscg
t9Emw8KkHKa33HGHU4OYMqJ5gYe+ExULzRZKpIjSJEXW1XOBCCExECX1UCBt+Kpz
8k67cJgsT6V2ww==
-----END CERTIFICATE-----