Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft
File:                     4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft (raw, json)
Hash identifier:          vytdDVnjSCzZjp3SaqwggQCC+///X+Z8aPtEOhrFZPk=
Subject key identifier:   A2:D5:AC:1B:9D:AA:01:C6:33:A8:B8:E9:A4:17:2E:7D:3B:95:8B:3A
Authority key identifier: E2:11:4A:30:A6:7E:3C:FB:3C:AD:B6:36:8E:D2:02:C4:8C:D2:9B:A7
Certificate issuer:       /CN=e2114a30a67e3cfb3cadb6368ed202c48cd29ba7
Certificate serial:       019A7301B8EDBA15E8D55BAE058088D9CE08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4hFKMKZ-PPs8rbY2jtICxIzSm6c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft
Manifest number:          1251
Signing time:             Tue 11 Nov 2025 13:01:23 +0000
Manifest this update:     Tue 11 Nov 2025 13:01:23 +0000
Manifest next update:     Wed 12 Nov 2025 13:01:23 +0000
Files and hashes:         1: 4hFKMKZ-PPs8rbY2jtICxIzSm6c.crl (hash: P+Nq9wzFzO/ZOYg1mnxVBcnvJISyE2U+Sn8A69G7Os0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4hFKMKZ-PPs8rbY2jtICxIzSm6c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:73:01:b8:ed:ba:15:e8:d5:5b:ae:05:80:88:d9:ce:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2114a30a67e3cfb3cadb6368ed202c48cd29ba7
        Validity
            Not Before: Nov 11 13:01:23 2025 GMT
            Not After : Nov 12 13:01:23 2025 GMT
        Subject: CN=a2d5ac1b9daa01c633a8b8e9a4172e7d3b958b3a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:04:2f:66:ac:d0:3b:e8:d6:28:12:f9:25:4d:
                    21:13:7d:18:f3:b2:8f:5c:ef:9f:f7:d8:0d:4b:d8:
                    fe:d9:70:27:88:6d:7a:24:0a:35:aa:1e:9c:c8:89:
                    5d:c1:6c:c1:1d:ac:ed:59:1b:51:3a:f6:4c:b9:96:
                    43:d1:03:b1:34:aa:f3:77:b2:43:4f:80:27:91:60:
                    d4:c9:3d:2b:70:cf:4b:a1:04:0e:28:65:38:28:c7:
                    f1:68:a0:92:c1:af:1e:91:63:bf:73:57:27:bc:70:
                    48:9d:f1:3d:23:92:17:49:0a:4f:77:24:f1:a9:6e:
                    ec:0b:61:38:1c:96:8b:7e:70:94:72:99:15:f4:a2:
                    72:0b:0a:94:d6:2c:f2:4f:ba:22:07:0e:9a:86:bc:
                    0e:98:ca:84:dd:49:34:60:be:f3:55:f2:cd:4f:8c:
                    2a:f7:bd:b0:fe:71:42:62:27:d2:76:3e:49:64:60:
                    38:5a:41:09:a9:58:37:20:22:5c:ff:88:97:e8:16:
                    05:5d:9c:8f:cf:8c:5f:b8:3e:50:36:8c:a9:98:6e:
                    3a:db:64:d0:28:1c:d2:0e:1c:08:18:12:5a:c8:6a:
                    10:84:10:2a:f3:56:2d:ef:77:63:21:28:56:ee:09:
                    d9:db:b1:3d:15:7c:2b:48:f2:2f:82:e1:d3:7a:21:
                    bd:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:D5:AC:1B:9D:AA:01:C6:33:A8:B8:E9:A4:17:2E:7D:3B:95:8B:3A
            X509v3 Authority Key Identifier:
                keyid:E2:11:4A:30:A6:7E:3C:FB:3C:AD:B6:36:8E:D2:02:C4:8C:D2:9B:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4hFKMKZ-PPs8rbY2jtICxIzSm6c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:98:5d:8c:b0:a6:43:80:66:8f:66:d9:77:d4:8e:41:88:15:
         ee:71:96:8e:ba:ed:c8:ac:67:f6:c3:dd:ae:44:a4:4f:fb:2b:
         05:a1:73:ea:a4:65:5d:db:27:83:f7:5e:b6:4c:11:5e:63:71:
         a4:d9:7f:b7:96:86:7a:65:e4:9d:e4:cf:7a:f8:48:a0:77:08:
         59:23:ed:3b:fb:1a:3c:54:d3:a2:eb:54:f6:25:04:f9:4b:65:
         97:6b:25:ff:2e:e2:87:1b:58:25:04:77:4c:97:f5:29:7c:d5:
         e1:87:9c:d2:f2:a3:3e:bf:cc:74:ac:46:8a:ae:66:e6:38:d4:
         5f:0a:a2:4e:9c:e1:61:96:48:e5:7e:1d:4b:09:68:cb:cf:39:
         6c:7f:fd:ca:22:91:7b:fa:0a:ee:6d:b1:6d:4e:e9:97:96:15:
         c9:10:7e:ca:5c:9d:65:ba:20:3b:47:5f:2b:78:c7:32:ba:0c:
         58:7d:ea:bd:89:66:08:2f:d7:22:d7:22:28:bb:92:57:7a:64:
         05:1c:5f:34:4a:f6:dc:f5:d5:85:6b:0c:4d:17:6d:4b:b8:49:
         f8:a1:f9:65:cc:ea:5a:e3:74:8f:a2:df:a0:95:85:24:24:11:
         8a:22:f8:fc:fa:57:b5:bb:37:1e:ac:6e:ca:42:f5:91:35:10:
         82:ba:bb:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzAbjtuhXo1VuuBYCI2c4IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMTE0YTMwYTY3ZTNjZmIzY2FkYjYzNjhlZDIwMmM0OGNk
MjliYTcwHhcNMjUxMTExMTMwMTIzWhcNMjUxMTEyMTMwMTIzWjAzMTEwLwYDVQQD
EyhhMmQ1YWMxYjlkYWEwMWM2MzNhOGI4ZTlhNDE3MmU3ZDNiOTU4YjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwQvZqzQO+jWKBL5JU0hE30Y87KP
XO+f99gNS9j+2XAniG16JAo1qh6cyIldwWzBHaztWRtROvZMuZZD0QOxNKrzd7JD
T4AnkWDUyT0rcM9LoQQOKGU4KMfxaKCSwa8ekWO/c1cnvHBInfE9I5IXSQpPdyTx
qW7sC2E4HJaLfnCUcpkV9KJyCwqU1izyT7oiBw6ahrwOmMqE3Uk0YL7zVfLNT4wq
972w/nFCYifSdj5JZGA4WkEJqVg3ICJc/4iX6BYFXZyPz4xfuD5QNoypmG4622TQ
KBzSDhwIGBJayGoQhBAq81Yt73djIShW7gnZ27E9FXwrSPIvguHTeiG9hQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKLVrBudqgHGM6i46aQXLn07lYs6MB8GA1UdIwQY
MBaAFOIRSjCmfjz7PK22No7SAsSM0punMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGhGS01LWi1QUHM4cmJZMmp0SUN4SXpTbTZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8zZTQzYjEtNGQwOC00ODQ2LWEzOTMt
NTIzNmFjYzBhMTY2LzEvNGhGS01LWi1QUHM4cmJZMmp0SUN4SXpTbTZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8zZTQzYjEtNGQwOC00ODQ2LWEzOTMtNTIzNmFjYzBhMTY2
LzEvNGhGS01LWi1QUHM4cmJZMmp0SUN4SXpTbTZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeZhdjLCm
Q4Bmj2bZd9SOQYgV7nGWjrrtyKxn9sPdrkSkT/srBaFz6qRlXdsng/detkwRXmNx
pNl/t5aGemXkneTPevhIoHcIWSPtO/saPFTToutU9iUE+Utll2sl/y7ihxtYJQR3
TJf1KXzV4Yec0vKjPr/MdKxGiq5m5jjUXwqiTpzhYZZI5X4dSwloy885bH/9yiKR
e/oK7m2xbU7pl5YVyRB+ylydZbogO0dfK3jHMroMWH3qvYlmCC/XItciKLuSV3pk
BRxfNEr23PXVhWsMTRdtS7hJ+KH5ZczqWuN0j6LfoJWFJCQRiiL4/PpXtbs3Hqxu
ykL1kTUQgrq7AA==
-----END CERTIFICATE-----