Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.mft
File:                     aAkoqR-PfmOX5sZdDgtmKReW01I.mft (raw, json)
Hash identifier:          BOqahEbxq4tRc/XljIYdt6A6ko1OWTLJ04ImzTwh1Yg=
Subject key identifier:   A0:14:62:09:D5:6B:5F:ED:05:2E:AB:D6:7B:64:5E:D0:45:4F:8A:0C
Authority key identifier: 68:09:28:A9:1F:8F:7E:63:97:E6:C6:5D:0E:0B:66:29:17:96:D3:52
Certificate issuer:       /CN=680928a91f8f7e6397e6c65d0e0b66291796d352
Certificate serial:       019A71132B186D6A945F4117F6CBB536324A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aAkoqR-PfmOX5sZdDgtmKReW01I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.mft
Manifest number:          12E2
Signing time:             Tue 11 Nov 2025 04:01:12 +0000
Manifest this update:     Tue 11 Nov 2025 04:01:12 +0000
Manifest next update:     Wed 12 Nov 2025 04:01:12 +0000
Files and hashes:         1: aAkoqR-PfmOX5sZdDgtmKReW01I.crl (hash: +EkCp7q+zfr+tXwIJFQC561WyWTUEW7orESY2HK2VTA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aAkoqR-PfmOX5sZdDgtmKReW01I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:01:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:13:2b:18:6d:6a:94:5f:41:17:f6:cb:b5:36:32:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=680928a91f8f7e6397e6c65d0e0b66291796d352
        Validity
            Not Before: Nov 11 04:01:12 2025 GMT
            Not After : Nov 12 04:01:12 2025 GMT
        Subject: CN=a0146209d56b5fed052eabd67b645ed0454f8a0c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:b1:35:9d:7d:fc:1b:bf:ab:19:01:12:99:b8:
                    c3:02:46:1d:79:cd:d0:bf:12:10:08:65:9e:df:f7:
                    d1:c1:66:2b:6a:8c:78:25:09:e0:7e:4a:33:74:3b:
                    88:f0:8a:ac:c6:de:65:2b:77:ad:11:30:a4:a3:17:
                    84:07:4d:2f:c7:71:02:1d:04:0a:08:45:d9:0d:cb:
                    46:ef:73:51:44:24:2e:46:11:e4:f7:99:9b:a7:44:
                    22:0a:b3:60:af:e1:d0:f3:9d:87:37:9e:25:73:d5:
                    eb:cb:d5:b3:f2:9a:e6:e1:e1:4f:bb:a0:54:a2:f6:
                    00:ec:cb:dc:ac:59:c2:0a:15:81:ba:03:e8:51:ff:
                    4b:74:06:27:4f:b0:c3:0a:92:ea:f6:e8:7a:51:8e:
                    b1:e7:eb:e2:33:6e:66:86:95:e6:04:0b:a6:51:be:
                    90:61:ef:6d:e8:e1:16:b7:49:91:95:96:fb:91:6e:
                    ec:cf:9c:35:97:fa:f2:94:82:64:58:ee:67:25:94:
                    6b:26:49:a1:9c:4f:85:c5:32:f5:fb:3b:e1:4f:0c:
                    94:8d:d1:27:0d:d2:b0:19:39:a3:43:74:63:6f:ce:
                    e3:e4:90:67:8c:c2:fe:dc:36:c8:0b:39:34:2a:70:
                    60:54:29:d7:be:26:2f:a3:fc:5e:a4:d5:b2:30:f3:
                    59:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:14:62:09:D5:6B:5F:ED:05:2E:AB:D6:7B:64:5E:D0:45:4F:8A:0C
            X509v3 Authority Key Identifier:
                keyid:68:09:28:A9:1F:8F:7E:63:97:E6:C6:5D:0E:0B:66:29:17:96:D3:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aAkoqR-PfmOX5sZdDgtmKReW01I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:fd:ba:86:13:61:11:e5:85:a2:42:45:1a:4f:5f:e9:55:2d:
         d0:8d:09:57:3e:46:61:94:53:b1:b8:78:73:43:3d:4b:ae:6f:
         b7:f9:13:94:91:b4:5c:22:8b:cc:02:6d:74:03:28:01:5a:d8:
         0a:a7:b9:3f:d7:fb:4a:d4:3d:58:69:88:26:cf:86:8d:a6:96:
         a7:32:3d:e0:c2:1e:a5:48:b0:97:9d:5d:94:c5:11:a7:02:b6:
         8d:d8:4b:29:60:e8:a2:2d:20:fe:9c:77:8f:9f:d1:ea:45:b2:
         02:f0:12:d9:6c:c3:47:d4:76:75:d2:9f:25:77:78:b3:ed:96:
         d0:e0:f0:a8:35:78:2a:f1:1b:af:7e:1b:7c:e2:c2:38:55:69:
         29:c1:f4:e9:c2:da:b9:7b:eb:55:d3:b0:86:0f:06:25:bd:c6:
         f3:f5:d6:b6:f3:34:fc:5b:46:e7:67:e7:30:ce:d8:cc:e5:2c:
         52:cd:81:04:59:b5:73:38:2b:29:15:82:10:48:87:ea:6c:7a:
         fb:f8:d8:75:06:10:45:f7:f4:31:b8:a2:5b:71:64:2b:64:13:
         8b:7c:14:df:59:b8:b8:15:31:a9:d2:68:0b:58:e2:cd:a3:ec:
         99:f6:ad:31:c3:ed:fa:15:2e:98:05:41:bd:26:7d:fc:2f:e1:
         2d:56:55:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEysYbWqUX0EX9su1NjJKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MDkyOGE5MWY4ZjdlNjM5N2U2YzY1ZDBlMGI2NjI5MTc5
NmQzNTIwHhcNMjUxMTExMDQwMTEyWhcNMjUxMTEyMDQwMTEyWjAzMTEwLwYDVQQD
EyhhMDE0NjIwOWQ1NmI1ZmVkMDUyZWFiZDY3YjY0NWVkMDQ1NGY4YTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzLE1nX38G7+rGQESmbjDAkYdec3Q
vxIQCGWe3/fRwWYraox4JQngfkozdDuI8Iqsxt5lK3etETCkoxeEB00vx3ECHQQK
CEXZDctG73NRRCQuRhHk95mbp0QiCrNgr+HQ852HN54lc9Xry9Wz8prm4eFPu6BU
ovYA7MvcrFnCChWBugPoUf9LdAYnT7DDCpLq9uh6UY6x5+viM25mhpXmBAumUb6Q
Ye9t6OEWt0mRlZb7kW7sz5w1l/rylIJkWO5nJZRrJkmhnE+FxTL1+zvhTwyUjdEn
DdKwGTmjQ3Rjb87j5JBnjML+3DbICzk0KnBgVCnXviYvo/xepNWyMPNZcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKAUYgnVa1/tBS6r1ntkXtBFT4oMMB8GA1UdIwQY
MBaAFGgJKKkfj35jl+bGXQ4LZikXltNSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUFrb3FSLVBmbU9YNXNaZERndG1LUmVXMDFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9lYjE5Y2ItYWM4My00NTFlLTliNTQt
OGJlM2RmODlmMzU5LzEvYUFrb3FSLVBmbU9YNXNaZERndG1LUmVXMDFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9lYjE5Y2ItYWM4My00NTFlLTliNTQtOGJlM2RmODlmMzU5
LzEvYUFrb3FSLVBmbU9YNXNaZERndG1LUmVXMDFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXv26hhNh
EeWFokJFGk9f6VUt0I0JVz5GYZRTsbh4c0M9S65vt/kTlJG0XCKLzAJtdAMoAVrY
Cqe5P9f7StQ9WGmIJs+GjaaWpzI94MIepUiwl51dlMURpwK2jdhLKWDooi0g/px3
j5/R6kWyAvAS2WzDR9R2ddKfJXd4s+2W0ODwqDV4KvEbr34bfOLCOFVpKcH06cLa
uXvrVdOwhg8GJb3G8/XWtvM0/FtG52fnMM7YzOUsUs2BBFm1czgrKRWCEEiH6mx6
+/jYdQYQRff0MbiiW3FkK2QTi3wU31m4uBUxqdJoC1jizaPsmfatMcPt+hUumAVB
vSZ9/C/hLVZVjA==
-----END CERTIFICATE-----