Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dde736-2730-4bfe-a5b3-082e11363f0a/1/tWpL1vXr8vf_2ajRzZparN5iKFw.mft
File:                     tWpL1vXr8vf_2ajRzZparN5iKFw.mft (raw, json)
Hash identifier:          OWIzCG1WyzTYG7d0qy6+DnV1QCwVAVFUcjNunBeFSOo=
Subject key identifier:   26:28:CB:63:0A:48:AB:06:72:34:E6:76:57:CC:0A:CE:39:43:BE:A7
Authority key identifier: B5:6A:4B:D6:F5:EB:F2:F7:FF:D9:A8:D1:CD:9A:5A:AC:DE:62:28:5C
Certificate issuer:       /CN=b56a4bd6f5ebf2f7ffd9a8d1cd9a5aacde62285c
Certificate serial:       019A725C3E414FE0CABD953C95CCA4F87113
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tWpL1vXr8vf_2ajRzZparN5iKFw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/dde736-2730-4bfe-a5b3-082e11363f0a/1/tWpL1vXr8vf_2ajRzZparN5iKFw.mft
Manifest number:          08D9
Signing time:             Tue 11 Nov 2025 10:00:39 +0000
Manifest this update:     Tue 11 Nov 2025 10:00:39 +0000
Manifest next update:     Wed 12 Nov 2025 10:00:39 +0000
Files and hashes:         1: tWpL1vXr8vf_2ajRzZparN5iKFw.crl (hash: /piYRdRKOk5Ii0LwuybcnK/H8mYpp+r5pD/iEqcg1qE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/dde736-2730-4bfe-a5b3-082e11363f0a/1/tWpL1vXr8vf_2ajRzZparN5iKFw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/dde736-2730-4bfe-a5b3-082e11363f0a/1/tWpL1vXr8vf_2ajRzZparN5iKFw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tWpL1vXr8vf_2ajRzZparN5iKFw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:5c:3e:41:4f:e0:ca:bd:95:3c:95:cc:a4:f8:71:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b56a4bd6f5ebf2f7ffd9a8d1cd9a5aacde62285c
        Validity
            Not Before: Nov 11 10:00:39 2025 GMT
            Not After : Nov 12 10:00:39 2025 GMT
        Subject: CN=2628cb630a48ab067234e67657cc0ace3943bea7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:83:0b:e8:26:62:19:c2:2d:1f:86:69:7a:82:
                    aa:48:15:c4:ef:7a:10:47:97:d7:b6:b1:69:43:c9:
                    e6:13:4c:6a:2d:3a:84:ef:55:a1:1c:23:80:4b:14:
                    fa:bf:e6:01:89:5b:9d:7a:a6:6c:7b:a3:f9:b0:b5:
                    6c:1f:44:92:7c:cf:fa:13:06:4d:d7:89:26:50:9b:
                    c2:b4:4d:a5:3a:34:a5:54:76:86:cc:18:b0:48:08:
                    ad:78:2c:cc:3f:35:e1:14:b8:17:a3:1f:77:93:41:
                    3e:38:be:11:46:4a:f2:c5:0b:3b:7d:3b:f3:75:5b:
                    97:58:39:10:a6:c2:24:b7:06:3d:ba:fc:4b:06:e8:
                    f1:1e:f1:a0:4f:01:49:75:17:41:29:24:e0:a5:64:
                    74:79:20:8a:1f:15:99:1d:89:b8:63:a3:5a:aa:32:
                    4f:18:8c:2b:42:d5:4c:9e:54:14:fd:61:28:7b:9f:
                    b9:91:19:c3:c0:23:46:9e:01:04:78:6a:86:3c:3d:
                    1e:91:24:fa:de:c5:63:30:3a:cb:a1:76:7d:45:4c:
                    d6:62:80:a7:8c:27:69:de:57:15:72:58:2f:5e:d9:
                    9e:b0:6c:6d:f7:94:6c:26:d3:44:4b:ae:e3:44:d9:
                    cb:26:23:50:47:b7:be:14:13:b1:fc:69:b8:3c:d1:
                    bc:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:28:CB:63:0A:48:AB:06:72:34:E6:76:57:CC:0A:CE:39:43:BE:A7
            X509v3 Authority Key Identifier:
                keyid:B5:6A:4B:D6:F5:EB:F2:F7:FF:D9:A8:D1:CD:9A:5A:AC:DE:62:28:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tWpL1vXr8vf_2ajRzZparN5iKFw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dde736-2730-4bfe-a5b3-082e11363f0a/1/tWpL1vXr8vf_2ajRzZparN5iKFw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dde736-2730-4bfe-a5b3-082e11363f0a/1/tWpL1vXr8vf_2ajRzZparN5iKFw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:e8:3a:4e:93:7c:a1:c9:69:7b:a4:21:c2:56:a0:21:24:20:
         38:80:ec:b8:b0:ad:c7:0b:1a:17:f4:72:17:3e:d0:b5:cd:e3:
         de:48:1d:ed:50:60:7d:4a:4a:df:95:30:86:8a:dc:08:b5:8d:
         bd:b4:d6:83:18:22:4f:66:4f:7a:20:3a:d8:f1:be:0f:17:5d:
         e5:bd:e9:a0:da:69:3b:70:62:f9:f1:33:57:73:ef:1a:6e:f2:
         eb:a7:34:89:f0:da:8b:6a:8f:33:94:e5:67:c7:08:b3:e1:d4:
         94:22:84:d8:7e:b4:a4:59:c3:28:15:c6:3f:65:4b:00:53:9f:
         42:33:ab:cc:e2:9d:9c:33:5c:38:de:ff:37:09:08:1b:55:02:
         07:89:e1:b8:a3:66:6b:29:a6:1b:00:10:87:a6:f2:ab:44:66:
         2f:ac:c9:00:4b:10:8c:5e:74:a4:c4:0f:6d:93:c8:b2:4f:b7:
         66:b1:6f:64:61:81:2f:e4:19:3c:74:ed:6e:98:7e:1a:24:4e:
         2a:ba:31:10:df:22:e8:40:46:d5:b6:56:d4:bb:23:d1:7f:a6:
         99:b5:15:9c:58:c6:38:c1:13:49:5f:0e:a2:4b:bd:01:b6:3e:
         42:31:f3:2f:3f:d1:c6:e6:7a:e9:22:aa:08:ea:0b:84:fa:25:
         4e:21:6b:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXD5BT+DKvZU8lcyk+HETMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NmE0YmQ2ZjVlYmYyZjdmZmQ5YThkMWNkOWE1YWFjZGU2
MjI4NWMwHhcNMjUxMTExMTAwMDM5WhcNMjUxMTEyMTAwMDM5WjAzMTEwLwYDVQQD
EygyNjI4Y2I2MzBhNDhhYjA2NzIzNGU2NzY1N2NjMGFjZTM5NDNiZWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1IML6CZiGcItH4ZpeoKqSBXE73oQ
R5fXtrFpQ8nmE0xqLTqE71WhHCOASxT6v+YBiVudeqZse6P5sLVsH0SSfM/6EwZN
14kmUJvCtE2lOjSlVHaGzBiwSAiteCzMPzXhFLgXox93k0E+OL4RRkryxQs7fTvz
dVuXWDkQpsIktwY9uvxLBujxHvGgTwFJdRdBKSTgpWR0eSCKHxWZHYm4Y6NaqjJP
GIwrQtVMnlQU/WEoe5+5kRnDwCNGngEEeGqGPD0ekST63sVjMDrLoXZ9RUzWYoCn
jCdp3lcVclgvXtmesGxt95RsJtNES67jRNnLJiNQR7e+FBOx/Gm4PNG8PQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCYoy2MKSKsGcjTmdlfMCs45Q76nMB8GA1UdIwQY
MBaAFLVqS9b16/L3/9mo0c2aWqzeYihcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFdwTDF2WHI4dmZfMmFqUnpacGFyTjVpS0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kZGU3MzYtMjczMC00YmZlLWE1YjMt
MDgyZTExMzYzZjBhLzEvdFdwTDF2WHI4dmZfMmFqUnpacGFyTjVpS0Z3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kZGU3MzYtMjczMC00YmZlLWE1YjMtMDgyZTExMzYzZjBh
LzEvdFdwTDF2WHI4dmZfMmFqUnpacGFyTjVpS0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgOg6TpN8
oclpe6QhwlagISQgOIDsuLCtxwsaF/RyFz7Qtc3j3kgd7VBgfUpK35UwhorcCLWN
vbTWgxgiT2ZPeiA62PG+Dxdd5b3poNppO3Bi+fEzV3PvGm7y66c0ifDai2qPM5Tl
Z8cIs+HUlCKE2H60pFnDKBXGP2VLAFOfQjOrzOKdnDNcON7/NwkIG1UCB4nhuKNm
aymmGwAQh6byq0RmL6zJAEsQjF50pMQPbZPIsk+3ZrFvZGGBL+QZPHTtbph+GiRO
KroxEN8i6EBG1bZW1Lsj0X+mmbUVnFjGOMETSV8Ooku9AbY+QjHzLz/RxuZ66SKq
COoLhPolTiFrug==
-----END CERTIFICATE-----