Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/28979b-0a34-4a5c-a2fe-698d912b7346/1/GNo6QLEX-yVyzPekwnLS7GklKRw.mft
File:                     GNo6QLEX-yVyzPekwnLS7GklKRw.mft (raw, json)
Hash identifier:          betMjZ3/9vsB5tGapWa62dtjEKnjjBoRMMeXrf8aBs8=
Subject key identifier:   21:75:04:CF:15:CD:93:33:CA:0F:29:E3:3B:30:24:3A:63:B6:95:DB
Authority key identifier: 18:DA:3A:40:B1:17:FB:25:72:CC:F7:A4:C2:72:D2:EC:69:25:29:1C
Certificate issuer:       /CN=18da3a40b117fb2572ccf7a4c272d2ec6925291c
Certificate serial:       019A714A2438720FD5E2C384151F36F1BCE6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GNo6QLEX-yVyzPekwnLS7GklKRw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/28979b-0a34-4a5c-a2fe-698d912b7346/1/GNo6QLEX-yVyzPekwnLS7GklKRw.mft
Manifest number:          171C
Signing time:             Tue 11 Nov 2025 05:01:15 +0000
Manifest this update:     Tue 11 Nov 2025 05:01:15 +0000
Manifest next update:     Wed 12 Nov 2025 05:01:15 +0000
Files and hashes:         1: GNo6QLEX-yVyzPekwnLS7GklKRw.crl (hash: g8z5tiulqse7BPpZ/CHFDuBFH+SZjJACrqa6boKGfzI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/28979b-0a34-4a5c-a2fe-698d912b7346/1/GNo6QLEX-yVyzPekwnLS7GklKRw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/28979b-0a34-4a5c-a2fe-698d912b7346/1/GNo6QLEX-yVyzPekwnLS7GklKRw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GNo6QLEX-yVyzPekwnLS7GklKRw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 05:01:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:4a:24:38:72:0f:d5:e2:c3:84:15:1f:36:f1:bc:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18da3a40b117fb2572ccf7a4c272d2ec6925291c
        Validity
            Not Before: Nov 11 05:01:15 2025 GMT
            Not After : Nov 12 05:01:15 2025 GMT
        Subject: CN=217504cf15cd9333ca0f29e33b30243a63b695db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:7e:36:20:46:c1:92:af:7d:7e:f7:51:f4:22:
                    4e:b8:6b:4f:1e:7d:11:d1:24:14:9d:9d:2d:98:a1:
                    c1:cd:74:5e:31:0a:b2:00:cf:2e:e3:3b:ba:dc:f8:
                    98:ab:81:05:d3:e4:ae:c7:fa:e6:23:85:4a:30:2b:
                    71:1a:4e:21:a3:b8:40:ca:3c:07:57:17:a7:ee:5c:
                    b3:00:92:ff:c2:38:b7:83:83:47:a5:91:55:ee:7b:
                    70:cf:b6:b4:e5:d9:ee:3b:55:e3:c3:de:ea:ed:73:
                    bb:49:32:a3:58:0c:ba:ee:09:dd:ed:4c:8d:c4:0f:
                    cc:d0:09:c2:3b:e1:8f:ac:ef:d2:4d:2a:83:89:b9:
                    b1:96:e6:c9:9f:24:98:35:e0:bd:e6:50:88:67:5f:
                    ac:70:4c:75:75:9a:0d:9b:9d:bf:85:17:9a:64:40:
                    2d:a0:ab:d3:03:3e:e4:c4:1d:20:7f:26:11:e9:7f:
                    4a:ab:23:b6:2d:71:00:1d:77:41:08:0f:e0:9d:a6:
                    e0:5b:4d:39:fd:83:e2:c9:1a:d1:8d:23:0d:90:19:
                    6d:76:5c:bd:0f:08:6f:5a:5b:6e:01:12:2a:17:68:
                    c8:53:e1:64:9a:03:5d:41:be:ee:ea:8a:0c:0e:b9:
                    6d:0d:3e:67:57:28:a4:6d:c5:f1:f6:a5:71:6f:95:
                    4d:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:75:04:CF:15:CD:93:33:CA:0F:29:E3:3B:30:24:3A:63:B6:95:DB
            X509v3 Authority Key Identifier:
                keyid:18:DA:3A:40:B1:17:FB:25:72:CC:F7:A4:C2:72:D2:EC:69:25:29:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GNo6QLEX-yVyzPekwnLS7GklKRw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/28979b-0a34-4a5c-a2fe-698d912b7346/1/GNo6QLEX-yVyzPekwnLS7GklKRw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/28979b-0a34-4a5c-a2fe-698d912b7346/1/GNo6QLEX-yVyzPekwnLS7GklKRw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:29:01:69:85:9b:a5:e5:74:ec:8f:e4:f2:04:0a:2b:04:41:
         9e:4a:f1:73:90:29:2a:6d:3c:84:49:34:83:b6:ed:87:89:71:
         b2:22:28:d0:4e:64:66:ce:8c:10:af:85:c7:82:bf:88:9b:20:
         d5:94:11:66:af:f9:22:36:4f:d3:23:17:67:81:31:d0:b4:83:
         cd:b4:f9:2b:5c:86:e9:59:71:60:24:d6:a1:52:3d:36:db:78:
         2a:32:55:8e:3b:79:51:d8:96:3f:85:2d:bb:46:7e:c7:1c:ad:
         68:ca:20:ca:76:d5:e3:c5:05:3b:72:e3:de:7c:77:fe:75:df:
         0f:d5:62:cd:01:68:0c:9e:bc:9b:ea:91:40:76:f4:94:bd:88:
         5a:c1:42:19:4c:e1:b1:2c:41:24:6b:af:eb:ab:a3:95:de:43:
         ea:3d:8b:d3:ea:82:6c:1d:a0:0b:eb:76:7d:25:c9:58:6a:53:
         a0:c9:f4:ab:4c:54:bb:a4:b3:3f:0d:35:52:c3:ad:a7:89:65:
         12:ee:8f:87:85:f0:9c:ba:da:ba:dc:f2:48:34:4b:4f:c9:ee:
         73:0a:b1:ab:2c:78:18:09:75:5f:b2:0b:36:34:bf:43:d1:b9:
         73:4b:cf:9f:4c:e5:34:a4:08:ac:04:b1:70:1b:3f:7b:36:83:
         03:7f:cc:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSiQ4cg/V4sOEFR828bzmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4ZGEzYTQwYjExN2ZiMjU3MmNjZjdhNGMyNzJkMmVjNjky
NTI5MWMwHhcNMjUxMTExMDUwMTE1WhcNMjUxMTEyMDUwMTE1WjAzMTEwLwYDVQQD
EygyMTc1MDRjZjE1Y2Q5MzMzY2EwZjI5ZTMzYjMwMjQzYTYzYjY5NWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu342IEbBkq99fvdR9CJOuGtPHn0R
0SQUnZ0tmKHBzXReMQqyAM8u4zu63PiYq4EF0+Sux/rmI4VKMCtxGk4ho7hAyjwH
Vxen7lyzAJL/wji3g4NHpZFV7ntwz7a05dnuO1Xjw97q7XO7STKjWAy67gnd7UyN
xA/M0AnCO+GPrO/STSqDibmxlubJnySYNeC95lCIZ1+scEx1dZoNm52/hReaZEAt
oKvTAz7kxB0gfyYR6X9KqyO2LXEAHXdBCA/gnabgW005/YPiyRrRjSMNkBltdly9
DwhvWltuARIqF2jIU+FkmgNdQb7u6ooMDrltDT5nVyikbcXx9qVxb5VNzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCF1BM8VzZMzyg8p4zswJDpjtpXbMB8GA1UdIwQY
MBaAFBjaOkCxF/slcsz3pMJy0uxpJSkcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR05vNlFMRVgteVZ5elBla3duTFM3R2tsS1J3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8yODk3OWItMGEzNC00YTVjLWEyZmUt
Njk4ZDkxMmI3MzQ2LzEvR05vNlFMRVgteVZ5elBla3duTFM3R2tsS1J3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8yODk3OWItMGEzNC00YTVjLWEyZmUtNjk4ZDkxMmI3MzQ2
LzEvR05vNlFMRVgteVZ5elBla3duTFM3R2tsS1J3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQCkBaYWb
peV07I/k8gQKKwRBnkrxc5ApKm08hEk0g7bth4lxsiIo0E5kZs6MEK+Fx4K/iJsg
1ZQRZq/5IjZP0yMXZ4Ex0LSDzbT5K1yG6VlxYCTWoVI9Ntt4KjJVjjt5UdiWP4Ut
u0Z+xxytaMogynbV48UFO3Lj3nx3/nXfD9VizQFoDJ68m+qRQHb0lL2IWsFCGUzh
sSxBJGuv66ujld5D6j2L0+qCbB2gC+t2fSXJWGpToMn0q0xUu6SzPw01UsOtp4ll
Eu6Ph4XwnLrautzySDRLT8nucwqxqyx4GAl1X7ILNjS/Q9G5c0vPn0zlNKQIrASx
cBs/ezaDA3/MWw==
-----END CERTIFICATE-----