Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft
File:                     2Gcf4VfnflYoTFTVLi3w1_4609k.mft (raw, json)
Hash identifier:          IqLgRTm7y+lgUD0cUIp5dnhPsFCIpyJx3a0Gr1yljeg=
Subject key identifier:   27:97:D5:3D:5B:B6:3E:E0:90:24:6B:EC:3C:CE:99:29:DE:32:24:31
Authority key identifier: D8:67:1F:E1:57:E7:7E:56:28:4C:54:D5:2E:2D:F0:D7:FE:3A:D3:D9
Certificate issuer:       /CN=d8671fe157e77e56284c54d52e2df0d7fe3ad3d9
Certificate serial:       019A71130E5C296DCBC50B94E12C01993FF9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2Gcf4VfnflYoTFTVLi3w1_4609k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft
Manifest number:          13B0
Signing time:             Tue 11 Nov 2025 04:01:05 +0000
Manifest this update:     Tue 11 Nov 2025 04:01:05 +0000
Manifest next update:     Wed 12 Nov 2025 04:01:05 +0000
Files and hashes:         1: 2Gcf4VfnflYoTFTVLi3w1_4609k.crl (hash: s6g+uzbcDLYVh0UQuJM3QmLfY16GHFk/nyI4OlmlJJg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2Gcf4VfnflYoTFTVLi3w1_4609k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:01:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:13:0e:5c:29:6d:cb:c5:0b:94:e1:2c:01:99:3f:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8671fe157e77e56284c54d52e2df0d7fe3ad3d9
        Validity
            Not Before: Nov 11 04:01:05 2025 GMT
            Not After : Nov 12 04:01:05 2025 GMT
        Subject: CN=2797d53d5bb63ee090246bec3cce9929de322431
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:e1:7d:c6:a0:5f:70:a6:dd:ba:25:2f:8b:94:
                    92:22:1e:10:6b:5a:23:d3:d6:e7:90:44:cd:19:ad:
                    d8:33:15:9d:73:59:9a:83:11:a5:00:77:04:8d:62:
                    ee:a2:57:02:49:9b:50:51:ee:0b:5a:f0:34:e9:35:
                    56:39:17:04:af:32:33:aa:36:9d:c8:4e:c5:96:b3:
                    de:73:ba:3b:93:8c:72:46:f8:5b:52:2c:0f:ea:65:
                    9e:2d:80:17:6e:a0:25:17:f5:00:b7:5e:f1:88:96:
                    f9:bc:b6:f7:aa:8c:43:fd:2e:bb:54:cc:e3:82:3d:
                    3f:c3:cf:a6:f5:64:22:55:41:98:b1:1f:a0:51:ee:
                    1a:b9:3b:3b:13:71:f3:ce:64:1d:62:0c:62:7c:c5:
                    ce:e4:38:21:e1:26:0a:ba:80:e0:55:c8:e1:e1:40:
                    e8:a7:5f:40:67:30:c9:ee:fa:85:3b:f0:77:04:02:
                    33:9d:44:a0:c1:5d:7a:85:de:b5:a1:b3:d2:11:ad:
                    99:25:64:31:cc:ef:9d:c4:6a:de:c0:b0:7c:96:82:
                    dc:bd:55:6d:0d:6a:64:ba:b5:a2:89:5e:24:7d:d6:
                    9b:aa:7f:b5:ee:43:c6:a2:81:4a:30:dd:33:bb:22:
                    08:08:5f:2e:d9:e0:f9:69:dc:32:48:1e:2b:7d:f9:
                    35:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:97:D5:3D:5B:B6:3E:E0:90:24:6B:EC:3C:CE:99:29:DE:32:24:31
            X509v3 Authority Key Identifier:
                keyid:D8:67:1F:E1:57:E7:7E:56:28:4C:54:D5:2E:2D:F0:D7:FE:3A:D3:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Gcf4VfnflYoTFTVLi3w1_4609k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:36:cd:c1:9f:d0:dc:ab:f1:ff:b8:ce:f4:84:a8:ef:5c:22:
         bb:7e:80:9c:62:dc:da:56:5b:c2:d0:78:61:aa:44:2f:45:e9:
         f6:10:66:7c:e8:5f:f3:8e:02:40:f6:c2:ae:dc:58:6f:a3:fc:
         1c:5b:ce:12:3e:60:23:2c:62:b9:8d:7f:42:c7:9a:bd:87:af:
         d3:82:31:ca:00:96:6f:43:cf:f8:15:04:b8:16:e0:41:39:fd:
         f8:b6:22:ba:0c:1e:ee:41:19:88:8b:8f:05:66:78:7b:94:38:
         06:f1:80:4d:fd:80:67:72:dc:fe:09:be:f7:78:ce:13:c2:51:
         4d:c1:aa:84:b1:95:67:10:29:b3:72:e3:a7:ad:2e:40:ee:3a:
         7e:ca:75:1b:82:50:12:03:13:9e:95:3e:25:8b:86:ef:f9:93:
         8e:f3:65:eb:10:54:4b:9c:79:74:eb:4f:69:cc:41:2c:09:41:
         d8:0a:ce:17:ea:b9:1e:c5:70:80:ed:1a:9d:0f:33:cc:43:c8:
         10:3f:68:b5:43:fc:30:bd:55:f7:20:4d:0e:02:c0:93:a4:2f:
         a1:59:76:1d:a6:22:3c:76:a2:85:a1:31:5e:d8:8e:5b:f7:1d:
         03:fd:d6:a1:c2:c9:3c:0c:99:e4:f9:cf:92:0a:af:c4:14:3f:
         2d:90:c9:43
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEw5cKW3LxQuU4SwBmT/5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NjcxZmUxNTdlNzdlNTYyODRjNTRkNTJlMmRmMGQ3ZmUz
YWQzZDkwHhcNMjUxMTExMDQwMTA1WhcNMjUxMTEyMDQwMTA1WjAzMTEwLwYDVQQD
EygyNzk3ZDUzZDViYjYzZWUwOTAyNDZiZWMzY2NlOTkyOWRlMzIyNDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+F9xqBfcKbduiUvi5SSIh4Qa1oj
09bnkETNGa3YMxWdc1magxGlAHcEjWLuolcCSZtQUe4LWvA06TVWORcErzIzqjad
yE7FlrPec7o7k4xyRvhbUiwP6mWeLYAXbqAlF/UAt17xiJb5vLb3qoxD/S67VMzj
gj0/w8+m9WQiVUGYsR+gUe4auTs7E3HzzmQdYgxifMXO5Dgh4SYKuoDgVcjh4UDo
p19AZzDJ7vqFO/B3BAIznUSgwV16hd61obPSEa2ZJWQxzO+dxGrewLB8loLcvVVt
DWpkurWiiV4kfdabqn+17kPGooFKMN0zuyIICF8u2eD5adwySB4rffk1zwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCeX1T1btj7gkCRr7DzOmSneMiQxMB8GA1UdIwQY
MBaAFNhnH+FX535WKExU1S4t8Nf+OtPZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkdjZjRWZm5mbFlvVEZUVkxpM3cxXzQ2MDlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy83NjhiNzItMmE3Ny00MmI5LThiMGMt
MWVhYmZmYWFmZjE5LzEvMkdjZjRWZm5mbFlvVEZUVkxpM3cxXzQ2MDlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy83NjhiNzItMmE3Ny00MmI5LThiMGMtMWVhYmZmYWFmZjE5
LzEvMkdjZjRWZm5mbFlvVEZUVkxpM3cxXzQ2MDlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHjbNwZ/Q
3Kvx/7jO9ISo71wiu36AnGLc2lZbwtB4YapEL0Xp9hBmfOhf844CQPbCrtxYb6P8
HFvOEj5gIyxiuY1/QseavYev04IxygCWb0PP+BUEuBbgQTn9+LYiugwe7kEZiIuP
BWZ4e5Q4BvGATf2AZ3Lc/gm+93jOE8JRTcGqhLGVZxAps3Ljp60uQO46fsp1G4JQ
EgMTnpU+JYuG7/mTjvNl6xBUS5x5dOtPacxBLAlB2ArOF+q5HsVwgO0anQ8zzEPI
ED9otUP8ML1V9yBNDgLAk6QvoVl2HaYiPHaihaExXtiOW/cdA/3WocLJPAyZ5PnP
kgqvxBQ/LZDJQw==
-----END CERTIFICATE-----