Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f0ff5a-516c-4b8e-b9a2-cbfde0290708/1/IsOFEHH5YIjHtxGcteFGPLq5jFk.mft
File:                     IsOFEHH5YIjHtxGcteFGPLq5jFk.mft (raw, json)
Hash identifier:          siIvmtPHyX80oRdok5s1p4ESBbwvVbazo4c9Tnp4Wm0=
Subject key identifier:   AF:1F:94:67:5E:B9:34:B1:50:DF:7A:92:0F:06:4F:4F:9F:FA:19:DD
Authority key identifier: 22:C3:85:10:71:F9:60:88:C7:B7:11:9C:B5:E1:46:3C:BA:B9:8C:59
Certificate issuer:       /CN=22c3851071f96088c7b7119cb5e1463cbab98c59
Certificate serial:       019A71B7D65D745D031CC0B24A0E257A92C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsOFEHH5YIjHtxGcteFGPLq5jFk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/f0ff5a-516c-4b8e-b9a2-cbfde0290708/1/IsOFEHH5YIjHtxGcteFGPLq5jFk.mft
Manifest number:          116C
Signing time:             Tue 11 Nov 2025 07:01:04 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:04 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:04 +0000
Files and hashes:         1: IsOFEHH5YIjHtxGcteFGPLq5jFk.crl (hash: 4KYINjbOs7aJcDhYJcBliPZ8FbPu3rXg+WrLCxnNWHM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9e/f0ff5a-516c-4b8e-b9a2-cbfde0290708/1/IsOFEHH5YIjHtxGcteFGPLq5jFk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9e/f0ff5a-516c-4b8e-b9a2-cbfde0290708/1/IsOFEHH5YIjHtxGcteFGPLq5jFk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IsOFEHH5YIjHtxGcteFGPLq5jFk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:d6:5d:74:5d:03:1c:c0:b2:4a:0e:25:7a:92:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c3851071f96088c7b7119cb5e1463cbab98c59
        Validity
            Not Before: Nov 11 07:01:04 2025 GMT
            Not After : Nov 12 07:01:04 2025 GMT
        Subject: CN=af1f94675eb934b150df7a920f064f4f9ffa19dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:46:e4:7f:63:9a:3e:77:55:52:d7:e7:05:ea:
                    c8:b4:a9:d1:51:28:57:28:e9:4b:1a:7a:0e:ad:f0:
                    d7:13:7f:01:33:65:0a:4b:af:57:65:24:52:7f:72:
                    ff:f6:e9:4a:ea:33:79:fe:ce:53:44:92:ac:ef:b5:
                    42:c2:a7:80:a5:8d:0a:91:fe:66:db:6a:e6:9f:68:
                    d8:b6:aa:94:04:c3:8f:6c:b4:6f:5b:e1:e8:32:c9:
                    0f:7a:16:12:72:44:f1:ec:c5:17:3c:ea:5a:a8:e8:
                    4b:25:61:cd:e7:f2:66:01:50:d2:ff:2f:6e:8a:31:
                    4b:60:34:fe:d2:59:51:49:8a:8e:85:be:93:63:13:
                    43:0b:75:53:11:53:1b:26:d3:34:2b:da:3a:f5:e5:
                    a9:e9:54:43:e3:5f:63:75:88:5f:fa:3d:35:ef:d1:
                    c6:82:0e:74:f0:86:63:2b:09:76:5f:8f:d5:29:69:
                    31:fd:43:5c:42:54:30:1c:a3:32:77:9b:45:20:ed:
                    4a:61:7c:1e:6e:e2:7a:15:c1:cb:7b:4a:45:f3:42:
                    e1:30:65:25:68:5a:44:66:f1:61:23:c1:89:a8:80:
                    4a:4b:fb:ab:86:cd:98:4b:c8:41:17:05:4e:e8:25:
                    cc:04:a1:95:a3:31:eb:3d:d3:07:b8:cc:5f:dd:d9:
                    c4:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:1F:94:67:5E:B9:34:B1:50:DF:7A:92:0F:06:4F:4F:9F:FA:19:DD
            X509v3 Authority Key Identifier:
                keyid:22:C3:85:10:71:F9:60:88:C7:B7:11:9C:B5:E1:46:3C:BA:B9:8C:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsOFEHH5YIjHtxGcteFGPLq5jFk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f0ff5a-516c-4b8e-b9a2-cbfde0290708/1/IsOFEHH5YIjHtxGcteFGPLq5jFk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f0ff5a-516c-4b8e-b9a2-cbfde0290708/1/IsOFEHH5YIjHtxGcteFGPLq5jFk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:67:12:a1:fc:c1:e5:12:9c:46:80:62:2b:56:e9:88:14:c3:
         6e:e2:a6:1b:ca:1d:28:97:ae:4b:08:8c:ed:e9:72:ff:77:6b:
         72:64:92:e9:fd:eb:34:88:25:e4:f6:2d:85:0c:6b:20:65:65:
         2c:74:f1:2f:b8:d9:bc:f1:8d:49:fc:2b:aa:42:bf:27:63:f0:
         80:84:3c:5e:a4:15:20:fb:cf:cc:1c:00:4b:1a:c0:4c:67:18:
         d0:33:43:cd:c7:fc:c4:77:b7:dc:88:b7:9f:24:fb:d7:19:5e:
         32:18:d6:5d:c2:8c:e8:c8:c7:20:00:98:13:d5:e7:d4:ac:fd:
         64:57:2a:d4:69:3f:11:40:39:2f:d6:25:58:fa:e4:67:c2:5f:
         ba:79:b7:f8:ad:ee:b5:fc:e1:ff:83:ca:9e:d0:ac:c0:67:45:
         40:47:d4:9f:62:7d:11:62:ef:f5:52:49:de:7d:66:1b:ae:88:
         c3:60:ba:ef:09:3a:02:c7:1b:f1:8a:84:c1:54:aa:0e:ca:80:
         00:ff:60:1d:9e:65:d4:03:dc:a8:92:c3:f6:e4:4f:9d:41:50:
         48:fe:28:7b:20:4d:1e:51:3e:fa:e2:9b:61:ea:93:ca:2f:b4:
         e1:b1:e1:2a:83:a0:0d:45:81:dd:55:ba:fd:ae:61:d1:89:41:
         8f:78:db:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt9ZddF0DHMCySg4lepLHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzM4NTEwNzFmOTYwODhjN2I3MTE5Y2I1ZTE0NjNjYmFi
OThjNTkwHhcNMjUxMTExMDcwMTA0WhcNMjUxMTEyMDcwMTA0WjAzMTEwLwYDVQQD
EyhhZjFmOTQ2NzVlYjkzNGIxNTBkZjdhOTIwZjA2NGY0ZjlmZmExOWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxkbkf2OaPndVUtfnBerItKnRUShX
KOlLGnoOrfDXE38BM2UKS69XZSRSf3L/9ulK6jN5/s5TRJKs77VCwqeApY0Kkf5m
22rmn2jYtqqUBMOPbLRvW+HoMskPehYSckTx7MUXPOpaqOhLJWHN5/JmAVDS/y9u
ijFLYDT+0llRSYqOhb6TYxNDC3VTEVMbJtM0K9o69eWp6VRD419jdYhf+j0179HG
gg508IZjKwl2X4/VKWkx/UNcQlQwHKMyd5tFIO1KYXwebuJ6FcHLe0pF80LhMGUl
aFpEZvFhI8GJqIBKS/urhs2YS8hBFwVO6CXMBKGVozHrPdMHuMxf3dnEBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK8flGdeuTSxUN96kg8GT0+f+hndMB8GA1UdIwQY
MBaAFCLDhRBx+WCIx7cRnLXhRjy6uYxZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNPRkVISDVZSWpIdHhHY3RlRkdQTHE1akZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mMGZmNWEtNTE2Yy00YjhlLWI5YTIt
Y2JmZGUwMjkwNzA4LzEvSXNPRkVISDVZSWpIdHhHY3RlRkdQTHE1akZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mMGZmNWEtNTE2Yy00YjhlLWI5YTItY2JmZGUwMjkwNzA4
LzEvSXNPRkVISDVZSWpIdHhHY3RlRkdQTHE1akZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR2cSofzB
5RKcRoBiK1bpiBTDbuKmG8odKJeuSwiM7ely/3drcmSS6f3rNIgl5PYthQxrIGVl
LHTxL7jZvPGNSfwrqkK/J2PwgIQ8XqQVIPvPzBwASxrATGcY0DNDzcf8xHe33Ii3
nyT71xleMhjWXcKM6MjHIACYE9Xn1Kz9ZFcq1Gk/EUA5L9YlWPrkZ8Jfunm3+K3u
tfzh/4PKntCswGdFQEfUn2J9EWLv9VJJ3n1mG66Iw2C67wk6Ascb8YqEwVSqDsqA
AP9gHZ5l1APcqJLD9uRPnUFQSP4oeyBNHlE++uKbYeqTyi+04bHhKoOgDUWB3VW6
/a5h0YlBj3jb0w==
-----END CERTIFICATE-----