Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft
File:                     0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft (raw, json)
Hash identifier:          So1pDCJEfbBV4mQhD1nqcHMuX6FE3xUGhg97OXbUEn8=
Subject key identifier:   1A:4F:AF:78:0A:AE:87:C8:46:8B:D7:B3:83:DB:FD:3E:AA:63:B6:AB
Authority key identifier: D1:DB:4A:7D:1E:6A:BF:FB:CD:A7:8B:FC:33:12:50:DD:16:BE:3D:E0
Certificate issuer:       /CN=d1db4a7d1e6abffbcda78bfc331250dd16be3de0
Certificate serial:       019A7225DF1C3990B159F69BF721578C2C54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft
Manifest number:          0DC9
Signing time:             Tue 11 Nov 2025 09:01:15 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:15 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:15 +0000
Files and hashes:         1: 0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl (hash: ynUWcDGEwp/mOxIUN9N92oqhG2HdDh3gWW+d3taJqKk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:df:1c:39:90:b1:59:f6:9b:f7:21:57:8c:2c:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d1db4a7d1e6abffbcda78bfc331250dd16be3de0
        Validity
            Not Before: Nov 11 09:01:15 2025 GMT
            Not After : Nov 12 09:01:15 2025 GMT
        Subject: CN=1a4faf780aae87c8468bd7b383dbfd3eaa63b6ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:85:4a:20:c9:19:23:40:4a:88:50:7f:37:70:
                    06:a0:4b:57:01:db:19:92:e6:aa:52:f0:5c:c9:dc:
                    fe:40:90:a8:a0:09:a1:a0:7f:84:83:ad:60:cf:1a:
                    56:8f:ad:8e:40:4d:9c:65:99:a2:f5:20:e7:ca:33:
                    b7:7c:74:02:93:95:ae:66:18:ef:ec:bd:76:f9:4d:
                    93:61:64:e2:32:0a:39:e2:49:25:e4:3a:c7:9b:db:
                    8b:a7:52:ae:5a:2e:f8:e8:a6:65:f1:12:14:7f:e0:
                    19:48:2c:49:31:e3:4a:9c:1b:f8:f8:e0:5b:b8:6d:
                    3c:bf:ee:82:89:f2:cb:4a:3b:16:31:4d:90:a9:e3:
                    67:44:25:54:49:1f:dd:b3:0a:9e:64:14:aa:b4:8a:
                    af:81:80:f9:f2:68:21:fa:78:d1:70:a3:4f:75:8d:
                    59:56:58:16:b8:7d:7b:22:ee:53:e4:df:af:45:15:
                    d8:06:3c:16:d1:8f:e6:3b:27:a7:38:90:7f:62:53:
                    48:e0:7e:fc:36:72:b0:5d:18:d6:04:72:51:65:78:
                    bf:6f:aa:92:30:70:c1:56:55:ad:c2:e0:cb:06:93:
                    e3:f6:4b:34:f8:dc:ea:9d:b0:e3:f6:9b:df:3f:b3:
                    e6:07:31:bd:ff:b1:9e:4a:b7:87:de:8e:c0:d5:3e:
                    55:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:4F:AF:78:0A:AE:87:C8:46:8B:D7:B3:83:DB:FD:3E:AA:63:B6:AB
            X509v3 Authority Key Identifier:
                keyid:D1:DB:4A:7D:1E:6A:BF:FB:CD:A7:8B:FC:33:12:50:DD:16:BE:3D:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:4b:ce:da:7e:1d:48:3b:4e:f7:52:ce:cb:86:2c:22:19:7b:
         dc:ab:f4:55:56:ec:2d:24:bc:c5:fd:82:d8:2f:12:54:e2:15:
         6b:bd:90:a0:46:5c:a6:4a:ae:81:76:11:8c:98:cf:21:f2:51:
         74:e3:d0:fd:8a:8c:f5:f5:54:b9:8d:94:1a:4c:0b:f6:7a:5f:
         0b:33:d5:ac:b2:5d:07:de:31:de:0e:6d:e8:0e:ff:71:29:50:
         06:9c:28:7e:f6:e7:2b:e4:31:77:ce:97:49:8e:f4:ab:ec:8a:
         2b:15:94:96:7e:41:3c:0a:89:fa:cf:db:e3:e9:a7:9e:a8:32:
         73:95:38:81:ed:b6:33:8c:7e:08:75:20:76:d3:e5:5a:05:e4:
         b4:f4:8c:75:5e:4c:25:ce:bc:2d:ed:09:fb:4e:6d:f4:46:87:
         12:56:25:d0:fd:41:af:00:f8:db:dd:8d:31:2e:fe:3f:ad:ae:
         82:81:73:2e:48:75:5b:f2:3a:4e:09:4e:e6:06:f5:be:ea:84:
         f1:64:30:e8:c2:df:1c:24:a6:b8:ff:52:7a:5a:eb:af:44:e3:
         d2:38:02:15:7a:38:ff:dd:96:e6:de:c7:8c:56:59:9c:7a:7c:
         e2:d8:b9:29:05:58:3c:c0:f7:9e:64:dd:fd:aa:dc:e4:35:ee:
         ef:3d:3a:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJd8cOZCxWfab9yFXjCxUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZGI0YTdkMWU2YWJmZmJjZGE3OGJmYzMzMTI1MGRkMTZi
ZTNkZTAwHhcNMjUxMTExMDkwMTE1WhcNMjUxMTEyMDkwMTE1WjAzMTEwLwYDVQQD
EygxYTRmYWY3ODBhYWU4N2M4NDY4YmQ3YjM4M2RiZmQzZWFhNjNiNmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYVKIMkZI0BKiFB/N3AGoEtXAdsZ
kuaqUvBcydz+QJCooAmhoH+Eg61gzxpWj62OQE2cZZmi9SDnyjO3fHQCk5WuZhjv
7L12+U2TYWTiMgo54kkl5DrHm9uLp1KuWi746KZl8RIUf+AZSCxJMeNKnBv4+OBb
uG08v+6CifLLSjsWMU2QqeNnRCVUSR/dswqeZBSqtIqvgYD58mgh+njRcKNPdY1Z
VlgWuH17Iu5T5N+vRRXYBjwW0Y/mOyenOJB/YlNI4H78NnKwXRjWBHJRZXi/b6qS
MHDBVlWtwuDLBpPj9ks0+NzqnbDj9pvfP7PmBzG9/7GeSreH3o7A1T5VtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBpPr3gKrofIRovXs4Pb/T6qY7arMB8GA1UdIwQY
MBaAFNHbSn0ear/7zaeL/DMSUN0Wvj3gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8xNWFkMDgtMGZkMC00MDAwLTk2NjIt
Y2M3OGFmNGU4MDE2LzEvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi8xNWFkMDgtMGZkMC00MDAwLTk2NjItY2M3OGFmNGU4MDE2
LzEvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIEvO2n4d
SDtO91LOy4YsIhl73Kv0VVbsLSS8xf2C2C8SVOIVa72QoEZcpkqugXYRjJjPIfJR
dOPQ/YqM9fVUuY2UGkwL9npfCzPVrLJdB94x3g5t6A7/cSlQBpwofvbnK+Qxd86X
SY70q+yKKxWUln5BPAqJ+s/b4+mnnqgyc5U4ge22M4x+CHUgdtPlWgXktPSMdV5M
Jc68Le0J+05t9EaHElYl0P1BrwD4292NMS7+P62ugoFzLkh1W/I6TglO5gb1vuqE
8WQw6MLfHCSmuP9Selrrr0Tj0jgCFXo4/92W5t7HjFZZnHp84ti5KQVYPMD3nmTd
/arc5DXu7z06og==
-----END CERTIFICATE-----