Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft
File:                     4VW0MN7doRMQ9shzieMgj8ZSnps.mft (raw, json)
Hash identifier:          2E1/Xd3UoOv2FESGzrG/JtoCAwxa6d2r7TKpk7/JPYk=
Subject key identifier:   84:C0:C1:C8:12:FD:28:80:29:1D:66:CF:7C:EA:6B:10:0B:57:7E:60
Authority key identifier: E1:55:B4:30:DE:DD:A1:13:10:F6:C8:73:89:E3:20:8F:C6:52:9E:9B
Certificate issuer:       /CN=e155b430dedda11310f6c87389e3208fc6529e9b
Certificate serial:       019A7226050E230F097CF465286D1D7FBC3B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft
Manifest number:          1048
Signing time:             Tue 11 Nov 2025 09:01:25 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:25 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:25 +0000
Files and hashes:         1: 4VW0MN7doRMQ9shzieMgj8ZSnps.crl (hash: OpUyJIFPUDLd4aciBN9mDWiEBdKXkdiF/xWsJGGiMi4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:05:0e:23:0f:09:7c:f4:65:28:6d:1d:7f:bc:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e155b430dedda11310f6c87389e3208fc6529e9b
        Validity
            Not Before: Nov 11 09:01:25 2025 GMT
            Not After : Nov 12 09:01:25 2025 GMT
        Subject: CN=84c0c1c812fd2880291d66cf7cea6b100b577e60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:38:71:48:ac:dc:a6:b5:92:94:2c:af:99:4c:
                    b9:c4:12:1b:e1:b6:11:85:a4:18:57:f6:8d:3a:d4:
                    8c:22:a1:74:c1:cd:8b:c6:e0:fd:0d:39:41:00:e5:
                    f9:f1:63:87:b5:a6:de:69:bc:d3:d7:d7:74:57:a6:
                    7c:05:aa:b5:87:8d:ba:df:3b:c3:cf:42:6b:a0:2f:
                    b1:ec:ea:dc:af:47:76:02:ab:d9:90:47:e2:15:45:
                    3c:07:b0:4a:54:a6:72:f5:f1:e6:86:71:e0:20:59:
                    6d:4d:61:11:bc:33:72:e6:c5:90:4d:73:4e:d3:f4:
                    45:2e:a7:66:83:3c:c1:c8:47:dd:99:53:4b:8f:d5:
                    fa:41:45:1e:7a:ef:00:dd:98:a8:56:32:59:ed:4c:
                    11:5b:11:ca:26:5b:4a:c8:1e:74:c8:d9:5d:4b:2e:
                    83:d5:48:82:c9:8a:bc:cf:93:03:82:c1:84:8d:38:
                    fe:34:fe:74:bc:bc:6e:06:c9:b0:4d:f0:f0:72:43:
                    81:8d:c1:37:b2:ba:92:20:fc:d8:a9:6e:3a:73:91:
                    5f:b9:aa:fa:d2:c3:68:e4:78:6e:74:26:a8:6e:7c:
                    54:a5:83:87:63:c8:ec:19:d3:e0:8e:da:e4:59:59:
                    74:1f:21:2d:9a:e0:d3:fe:84:03:d7:e2:20:6c:cf:
                    b1:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:C0:C1:C8:12:FD:28:80:29:1D:66:CF:7C:EA:6B:10:0B:57:7E:60
            X509v3 Authority Key Identifier:
                keyid:E1:55:B4:30:DE:DD:A1:13:10:F6:C8:73:89:E3:20:8F:C6:52:9E:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:75:b8:ea:e3:1a:8c:b2:75:42:99:53:0a:cc:ef:9a:01:c4:
         7e:a1:14:f3:5c:73:01:b7:79:35:f0:26:dc:03:ea:8e:9a:44:
         5e:43:be:09:c6:89:f1:24:1e:ad:6d:39:69:d2:30:6d:9a:ec:
         26:d5:76:0e:50:3e:08:66:02:95:f2:88:f3:42:ce:f7:48:bb:
         28:a9:86:0b:b1:49:90:52:aa:84:7d:69:48:da:d3:95:5e:23:
         b6:c7:ac:22:73:ac:a6:a3:a1:0d:75:4f:bc:b9:94:1d:fa:71:
         66:2d:12:11:b6:0a:a8:00:b2:de:37:23:94:66:3c:93:20:20:
         33:00:db:31:c1:b4:10:e5:f6:56:b4:15:ed:9e:6c:69:a7:85:
         91:dc:dc:70:1c:bf:86:25:dc:d2:ea:ba:d4:88:aa:5f:98:98:
         3d:c7:c8:c9:b9:d4:85:15:9a:78:fe:bc:14:58:34:ae:e7:fc:
         06:05:6c:01:ee:fa:cf:b3:6c:05:40:49:53:2e:dc:61:d9:79:
         65:83:28:52:b9:1c:56:d5:c7:8d:9a:bc:a3:14:aa:1c:a9:ba:
         f4:97:a2:34:34:45:f2:01:4e:17:16:c1:28:fb:8a:2c:81:52:
         c2:dd:10:a8:16:0f:6c:2d:af:50:30:03:38:bb:69:14:7c:55:
         3f:c6:92:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJgUOIw8JfPRlKG0df7w7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNTViNDMwZGVkZGExMTMxMGY2Yzg3Mzg5ZTMyMDhmYzY1
MjllOWIwHhcNMjUxMTExMDkwMTI1WhcNMjUxMTEyMDkwMTI1WjAzMTEwLwYDVQQD
Eyg4NGMwYzFjODEyZmQyODgwMjkxZDY2Y2Y3Y2VhNmIxMDBiNTc3ZTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzhxSKzcprWSlCyvmUy5xBIb4bYR
haQYV/aNOtSMIqF0wc2LxuD9DTlBAOX58WOHtabeabzT19d0V6Z8Baq1h4263zvD
z0JroC+x7Orcr0d2AqvZkEfiFUU8B7BKVKZy9fHmhnHgIFltTWERvDNy5sWQTXNO
0/RFLqdmgzzByEfdmVNLj9X6QUUeeu8A3ZioVjJZ7UwRWxHKJltKyB50yNldSy6D
1UiCyYq8z5MDgsGEjTj+NP50vLxuBsmwTfDwckOBjcE3srqSIPzYqW46c5Ffuar6
0sNo5HhudCaobnxUpYOHY8jsGdPgjtrkWVl0HyEtmuDT/oQD1+IgbM+xIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFITAwcgS/SiAKR1mz3zqaxALV35gMB8GA1UdIwQY
MBaAFOFVtDDe3aETEPbIc4njII/GUp6bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9iZjlkNTUtYjBkNS00YjA3LTkyYjAt
MGQ3NDA2MGExNmRkLzEvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9iZjlkNTUtYjBkNS00YjA3LTkyYjAtMGQ3NDA2MGExNmRk
LzEvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgHW46uMa
jLJ1QplTCszvmgHEfqEU81xzAbd5NfAm3APqjppEXkO+CcaJ8SQerW05adIwbZrs
JtV2DlA+CGYClfKI80LO90i7KKmGC7FJkFKqhH1pSNrTlV4jtsesInOspqOhDXVP
vLmUHfpxZi0SEbYKqACy3jcjlGY8kyAgMwDbMcG0EOX2VrQV7Z5saaeFkdzccBy/
hiXc0uq61IiqX5iYPcfIybnUhRWaeP68FFg0ruf8BgVsAe76z7NsBUBJUy7cYdl5
ZYMoUrkcVtXHjZq8oxSqHKm69JeiNDRF8gFOFxbBKPuKLIFSwt0QqBYPbC2vUDAD
OLtpFHxVP8aS+Q==
-----END CERTIFICATE-----