Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/69f1e5-28a3-4008-9dcd-5c47ca28112b/1/vkFhezq6Mltoxn6z0ghK3RnmTt8.mft
File:                     vkFhezq6Mltoxn6z0ghK3RnmTt8.mft (raw, json)
Hash identifier:          ydoPj1NOHsKKXyiRvaLbmWbfIoN58ZqTXJNPdod4rus=
Subject key identifier:   9F:5C:D8:25:BF:D2:58:37:42:F1:49:A3:6C:37:39:28:71:F7:54:8D
Authority key identifier: BE:41:61:7B:3A:BA:32:5B:68:C6:7E:B3:D2:08:4A:DD:19:E6:4E:DF
Certificate issuer:       /CN=be41617b3aba325b68c67eb3d2084add19e64edf
Certificate serial:       019A706E8CBE4ABE01C114805EBD14983457
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vkFhezq6Mltoxn6z0ghK3RnmTt8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/77/69f1e5-28a3-4008-9dcd-5c47ca28112b/1/vkFhezq6Mltoxn6z0ghK3RnmTt8.mft
Manifest number:          05
Signing time:             Tue 11 Nov 2025 01:01:24 +0000
Manifest this update:     Tue 11 Nov 2025 01:01:24 +0000
Manifest next update:     Wed 12 Nov 2025 01:01:24 +0000
Files and hashes:         1: vkFhezq6Mltoxn6z0ghK3RnmTt8.crl (hash: BXT4w5W0c8BcnVTlhZ45LVlKzYLfN6qZinuLtvyGjqg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/77/69f1e5-28a3-4008-9dcd-5c47ca28112b/1/vkFhezq6Mltoxn6z0ghK3RnmTt8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/77/69f1e5-28a3-4008-9dcd-5c47ca28112b/1/vkFhezq6Mltoxn6z0ghK3RnmTt8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vkFhezq6Mltoxn6z0ghK3RnmTt8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 01:01:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:6e:8c:be:4a:be:01:c1:14:80:5e:bd:14:98:34:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=be41617b3aba325b68c67eb3d2084add19e64edf
        Validity
            Not Before: Nov 11 01:01:24 2025 GMT
            Not After : Nov 12 01:01:24 2025 GMT
        Subject: CN=9f5cd825bfd2583742f149a36c37392871f7548d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:94:9d:61:30:7e:fa:d4:89:5e:65:39:52:8f:
                    a1:bc:b4:9e:f2:3f:05:01:8c:12:f5:09:72:33:c6:
                    f0:83:54:cc:0a:00:c3:5f:d2:df:26:5f:78:0e:35:
                    18:25:4b:a1:dc:c1:ce:5a:a8:e7:e8:38:99:67:ed:
                    11:a6:72:b4:18:11:70:9b:c4:d9:3c:16:fa:dc:b9:
                    41:87:ec:52:63:05:4a:7f:9f:7a:b8:02:fe:89:b1:
                    d2:8c:c0:92:57:08:22:e2:b4:ff:b2:72:03:75:0b:
                    3a:6e:22:bd:e1:6d:e9:92:2d:7e:6f:e5:7f:3a:2a:
                    50:64:d0:d4:60:77:88:b4:c7:2b:5a:b0:2d:65:f9:
                    e7:7b:c8:a8:42:f8:9a:86:50:83:d2:b8:0a:6e:3b:
                    aa:af:64:43:d1:f2:8e:5b:4f:78:ab:99:5a:14:4a:
                    60:24:af:df:9b:f6:3b:52:b3:70:f3:72:a2:8e:7a:
                    45:ac:42:18:fe:30:9d:89:ab:e8:a9:6f:29:1e:51:
                    2f:fa:4e:4f:50:71:33:07:53:0e:67:1f:93:43:61:
                    67:5e:b2:40:fe:dd:1c:1d:03:58:a7:c7:59:98:a6:
                    d4:d5:6c:24:08:94:1a:35:fc:73:47:e5:e2:46:a1:
                    66:60:43:e0:54:40:90:39:58:19:12:b0:b4:77:a6:
                    19:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:5C:D8:25:BF:D2:58:37:42:F1:49:A3:6C:37:39:28:71:F7:54:8D
            X509v3 Authority Key Identifier:
                keyid:BE:41:61:7B:3A:BA:32:5B:68:C6:7E:B3:D2:08:4A:DD:19:E6:4E:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vkFhezq6Mltoxn6z0ghK3RnmTt8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/69f1e5-28a3-4008-9dcd-5c47ca28112b/1/vkFhezq6Mltoxn6z0ghK3RnmTt8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/77/69f1e5-28a3-4008-9dcd-5c47ca28112b/1/vkFhezq6Mltoxn6z0ghK3RnmTt8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:a3:e6:20:fb:60:20:36:a0:e9:73:bc:00:92:d4:d9:ee:36:
         cb:39:95:93:53:e8:c2:97:ba:b0:96:2e:bd:5a:9e:50:1a:1a:
         d1:b9:e1:d1:bc:0c:6b:ae:81:6d:50:dd:fd:0c:71:1e:c1:4d:
         e8:76:af:1e:40:c2:7b:48:7d:10:e0:6b:4d:a2:21:40:a6:12:
         60:e4:3b:0b:a1:68:e9:74:3c:c8:f1:03:0c:63:06:b4:87:e0:
         29:47:d4:17:87:31:0a:ec:86:9c:6b:95:df:c7:65:6e:1e:c2:
         6c:b7:c2:b5:f0:12:5c:4f:e1:6e:45:12:ce:70:00:dc:a8:52:
         93:97:12:3e:5c:a0:57:11:07:26:64:2a:40:30:bd:a3:80:9e:
         8c:4a:aa:c0:8d:11:8e:28:4b:53:4f:61:ba:54:84:b1:9a:90:
         67:5a:47:17:5d:15:21:a9:58:5d:e5:c2:9d:d6:73:71:07:ad:
         ba:96:04:2b:16:62:38:ec:8e:98:28:27:10:15:f7:90:5a:18:
         15:81:1d:65:9b:17:88:81:20:99:64:26:37:57:cb:ca:40:81:
         d0:b3:52:e2:be:05:c7:32:ad:75:5c:5e:19:81:84:b4:ad:16:
         8d:4d:43:85:5c:50:8f:d4:8d:4d:a3:a0:4e:97:e2:fa:63:30:
         93:97:67:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwboy+Sr4BwRSAXr0UmDRXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNDE2MTdiM2FiYTMyNWI2OGM2N2ViM2QyMDg0YWRkMTll
NjRlZGYwHhcNMjUxMTExMDEwMTI0WhcNMjUxMTEyMDEwMTI0WjAzMTEwLwYDVQQD
Eyg5ZjVjZDgyNWJmZDI1ODM3NDJmMTQ5YTM2YzM3MzkyODcxZjc1NDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJSdYTB++tSJXmU5Uo+hvLSe8j8F
AYwS9QlyM8bwg1TMCgDDX9LfJl94DjUYJUuh3MHOWqjn6DiZZ+0RpnK0GBFwm8TZ
PBb63LlBh+xSYwVKf596uAL+ibHSjMCSVwgi4rT/snIDdQs6biK94W3pki1+b+V/
OipQZNDUYHeItMcrWrAtZfnne8ioQviahlCD0rgKbjuqr2RD0fKOW094q5laFEpg
JK/fm/Y7UrNw83KijnpFrEIY/jCdiavoqW8pHlEv+k5PUHEzB1MOZx+TQ2FnXrJA
/t0cHQNYp8dZmKbU1WwkCJQaNfxzR+XiRqFmYEPgVECQOVgZErC0d6YZrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ9c2CW/0lg3QvFJo2w3OShx91SNMB8GA1UdIwQY
MBaAFL5BYXs6ujJbaMZ+s9IISt0Z5k7fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmtGaGV6cTZNbHRveG42ejBnaEszUm5tVHQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny82OWYxZTUtMjhhMy00MDA4LTlkY2Qt
NWM0N2NhMjgxMTJiLzEvdmtGaGV6cTZNbHRveG42ejBnaEszUm5tVHQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny82OWYxZTUtMjhhMy00MDA4LTlkY2QtNWM0N2NhMjgxMTJi
LzEvdmtGaGV6cTZNbHRveG42ejBnaEszUm5tVHQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKqPmIPtg
IDag6XO8AJLU2e42yzmVk1Powpe6sJYuvVqeUBoa0bnh0bwMa66BbVDd/QxxHsFN
6HavHkDCe0h9EOBrTaIhQKYSYOQ7C6Fo6XQ8yPEDDGMGtIfgKUfUF4cxCuyGnGuV
38dlbh7CbLfCtfASXE/hbkUSznAA3KhSk5cSPlygVxEHJmQqQDC9o4CejEqqwI0R
jihLU09hulSEsZqQZ1pHF10VIalYXeXCndZzcQetupYEKxZiOOyOmCgnEBX3kFoY
FYEdZZsXiIEgmWQmN1fLykCB0LNS4r4FxzKtdVxeGYGEtK0WjU1DhVxQj9SNTaOg
Tpfi+mMwk5dnrw==
-----END CERTIFICATE-----