Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/57542a-e1ac-4014-86fe-12e5e8173201/1/St2XYC4ZGOerwfYtz9TaynNJmz4.mft
File:                     St2XYC4ZGOerwfYtz9TaynNJmz4.mft (raw, json)
Hash identifier:          56l9iglaeNtMNNd0qcQwYZS2w6JspGOuluDNVmYMgOA=
Subject key identifier:   BF:6A:BB:98:EE:B4:C8:9E:74:00:B5:4A:A7:31:E3:E8:91:F6:3C:A0
Authority key identifier: 4A:DD:97:60:2E:19:18:E7:AB:C1:F6:2D:CF:D4:DA:CA:73:49:9B:3E
Certificate issuer:       /CN=4add97602e1918e7abc1f62dcfd4daca73499b3e
Certificate serial:       019A7226153B9EE127BE629B7E86450F1BC8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/St2XYC4ZGOerwfYtz9TaynNJmz4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/57542a-e1ac-4014-86fe-12e5e8173201/1/St2XYC4ZGOerwfYtz9TaynNJmz4.mft
Manifest number:          028B
Signing time:             Tue 11 Nov 2025 09:01:29 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:29 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:29 +0000
Files and hashes:         1: St2XYC4ZGOerwfYtz9TaynNJmz4.crl (hash: K9+vUO7RXHn0TPHPRU3ZC5jKfj2H9ZHjfzBLtEi6EIg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/57542a-e1ac-4014-86fe-12e5e8173201/1/St2XYC4ZGOerwfYtz9TaynNJmz4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/57542a-e1ac-4014-86fe-12e5e8173201/1/St2XYC4ZGOerwfYtz9TaynNJmz4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/St2XYC4ZGOerwfYtz9TaynNJmz4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:15:3b:9e:e1:27:be:62:9b:7e:86:45:0f:1b:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4add97602e1918e7abc1f62dcfd4daca73499b3e
        Validity
            Not Before: Nov 11 09:01:29 2025 GMT
            Not After : Nov 12 09:01:29 2025 GMT
        Subject: CN=bf6abb98eeb4c89e7400b54aa731e3e891f63ca0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:73:21:52:55:18:20:52:cd:e3:80:a7:75:27:
                    8e:b0:c7:03:34:c5:ef:09:92:e7:16:70:f5:72:e0:
                    ea:ed:12:e3:e6:d5:f7:cd:54:8c:22:92:b6:c5:cf:
                    8b:9c:16:49:19:07:53:c0:49:b7:a1:37:1d:48:7e:
                    44:78:44:a6:e6:2e:58:3a:59:cf:d2:8b:5e:13:dc:
                    e6:a7:32:8a:22:13:2e:24:6f:fb:04:ca:16:6a:e9:
                    71:68:98:36:ba:1d:08:51:3c:e2:4c:cc:59:f6:58:
                    b6:c6:90:52:ba:9a:3d:0f:64:35:a7:bd:1c:26:91:
                    03:5a:94:12:e8:e7:3a:a0:bd:c4:c5:18:c9:4b:2f:
                    fa:a2:e1:d1:7b:e9:de:1e:cc:2a:bb:78:95:42:91:
                    e5:af:15:aa:7a:ec:82:c7:1b:84:91:fa:df:96:80:
                    0d:57:f1:e2:cc:fb:b7:16:da:a6:91:26:2c:af:87:
                    84:2b:93:9c:84:6c:16:43:22:c9:94:9a:ee:ae:cc:
                    5c:84:d2:d0:47:d5:51:de:f3:fc:f6:fd:14:51:e6:
                    60:5d:18:03:39:a0:4f:fe:2e:8f:06:89:e7:39:2a:
                    13:81:63:ac:13:b0:1e:3c:33:50:21:a9:9f:68:8d:
                    e2:68:08:4d:d7:4f:c9:a8:33:01:ad:6c:24:d8:ca:
                    b2:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:6A:BB:98:EE:B4:C8:9E:74:00:B5:4A:A7:31:E3:E8:91:F6:3C:A0
            X509v3 Authority Key Identifier:
                keyid:4A:DD:97:60:2E:19:18:E7:AB:C1:F6:2D:CF:D4:DA:CA:73:49:9B:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/St2XYC4ZGOerwfYtz9TaynNJmz4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/57542a-e1ac-4014-86fe-12e5e8173201/1/St2XYC4ZGOerwfYtz9TaynNJmz4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/57542a-e1ac-4014-86fe-12e5e8173201/1/St2XYC4ZGOerwfYtz9TaynNJmz4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:e0:5c:f4:fd:f1:ff:30:6b:aa:f0:12:22:c1:0a:db:75:f9:
         bf:39:31:b9:65:d8:18:9c:b8:43:18:7b:79:8d:fb:da:85:e5:
         22:48:ea:fe:01:d1:f2:38:91:ac:78:30:34:40:66:4c:95:1a:
         89:6a:e3:6a:24:5a:0e:5a:c4:50:3c:d3:5e:4c:0e:be:b6:81:
         85:af:2e:2f:f9:44:e1:e6:9c:69:02:da:30:93:5f:6a:a2:a1:
         d2:a6:73:b4:02:0d:50:f6:91:17:9e:e7:6c:cc:16:d6:88:7e:
         6e:62:c7:8e:f4:fb:8d:9f:66:9b:d3:b6:2f:bf:af:29:3d:a4:
         74:b8:82:1e:20:08:a5:35:b3:39:8b:87:22:0b:a3:68:6b:03:
         04:17:b2:c8:91:b8:c3:3c:59:ad:5b:9b:cf:cf:77:9a:7a:21:
         f5:98:40:fb:65:48:d4:d1:5c:cc:b0:06:de:a6:6f:76:73:9f:
         1e:5f:1d:e2:38:83:72:fa:e7:fb:f5:df:2b:75:d2:50:47:73:
         fa:6d:16:ca:45:18:a7:2c:66:b3:32:e2:dd:51:c7:a6:1b:58:
         74:8f:bd:8f:f1:4b:1b:06:e9:1a:f7:62:7d:ea:8f:ac:c2:13:
         f9:a6:c1:6b:a9:1c:5e:6d:57:2a:84:0d:38:af:fb:a1:c5:ad:
         50:6e:77:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJhU7nuEnvmKbfoZFDxvIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhZGQ5NzYwMmUxOTE4ZTdhYmMxZjYyZGNmZDRkYWNhNzM0
OTliM2UwHhcNMjUxMTExMDkwMTI5WhcNMjUxMTEyMDkwMTI5WjAzMTEwLwYDVQQD
EyhiZjZhYmI5OGVlYjRjODllNzQwMGI1NGFhNzMxZTNlODkxZjYzY2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3MhUlUYIFLN44CndSeOsMcDNMXv
CZLnFnD1cuDq7RLj5tX3zVSMIpK2xc+LnBZJGQdTwEm3oTcdSH5EeESm5i5YOlnP
0oteE9zmpzKKIhMuJG/7BMoWaulxaJg2uh0IUTziTMxZ9li2xpBSupo9D2Q1p70c
JpEDWpQS6Oc6oL3ExRjJSy/6ouHRe+neHswqu3iVQpHlrxWqeuyCxxuEkfrfloAN
V/HizPu3FtqmkSYsr4eEK5OchGwWQyLJlJrursxchNLQR9VR3vP89v0UUeZgXRgD
OaBP/i6PBonnOSoTgWOsE7AePDNQIamfaI3iaAhN10/JqDMBrWwk2Mqy2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL9qu5jutMiedAC1Sqcx4+iR9jygMB8GA1UdIwQY
MBaAFErdl2AuGRjnq8H2Lc/U2spzSZs+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3QyWFlDNFpHT2Vyd2ZZdHo5VGF5bk5KbXo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My81NzU0MmEtZTFhYy00MDE0LTg2ZmUt
MTJlNWU4MTczMjAxLzEvU3QyWFlDNFpHT2Vyd2ZZdHo5VGF5bk5KbXo0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My81NzU0MmEtZTFhYy00MDE0LTg2ZmUtMTJlNWU4MTczMjAx
LzEvU3QyWFlDNFpHT2Vyd2ZZdHo5VGF5bk5KbXo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmuBc9P3x
/zBrqvASIsEK23X5vzkxuWXYGJy4Qxh7eY372oXlIkjq/gHR8jiRrHgwNEBmTJUa
iWrjaiRaDlrEUDzTXkwOvraBha8uL/lE4eacaQLaMJNfaqKh0qZztAINUPaRF57n
bMwW1oh+bmLHjvT7jZ9mm9O2L7+vKT2kdLiCHiAIpTWzOYuHIgujaGsDBBeyyJG4
wzxZrVubz893mnoh9ZhA+2VI1NFczLAG3qZvdnOfHl8d4jiDcvrn+/XfK3XSUEdz
+m0WykUYpyxmszLi3VHHphtYdI+9j/FLGwbpGvdifeqPrMIT+abBa6kcXm1XKoQN
OK/7ocWtUG53qg==
-----END CERTIFICATE-----