Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft
File:                     PHQZW9u2a2A65joVGPBm-gsRUfU.mft (raw, json)
Hash identifier:          0cP2kn0LbXcaxqxf9KXwmYHD3mCSBD78C9yvKGLMH9k=
Subject key identifier:   6F:BB:57:9D:D6:6B:4F:F9:6C:A1:3B:E8:F6:EE:E4:22:9F:17:7D:0F
Authority key identifier: 3C:74:19:5B:DB:B6:6B:60:3A:E6:3A:15:18:F0:66:FA:0B:11:51:F5
Certificate issuer:       /CN=3c74195bdbb66b603ae63a1518f066fa0b1151f5
Certificate serial:       019A71B7A0D971E4736D0295F54C9FC5C048
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PHQZW9u2a2A65joVGPBm-gsRUfU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft
Manifest number:          0A51
Signing time:             Tue 11 Nov 2025 07:00:50 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:50 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:50 +0000
Files and hashes:         1: PHQZW9u2a2A65joVGPBm-gsRUfU.crl (hash: dQbtfAGNoFr/E6x39f/qhOmsFHyNoUReVUoLr5N77P0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PHQZW9u2a2A65joVGPBm-gsRUfU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:a0:d9:71:e4:73:6d:02:95:f5:4c:9f:c5:c0:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c74195bdbb66b603ae63a1518f066fa0b1151f5
        Validity
            Not Before: Nov 11 07:00:50 2025 GMT
            Not After : Nov 12 07:00:50 2025 GMT
        Subject: CN=6fbb579dd66b4ff96ca13be8f6eee4229f177d0f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:de:3c:4d:2f:7f:15:75:ff:09:7a:67:8c:29:
                    5f:97:f6:60:c7:53:f0:e5:59:b5:88:a8:21:b8:60:
                    97:d0:8b:48:1e:8d:df:d6:3c:c5:ea:43:11:97:75:
                    3e:b0:b2:7a:70:be:94:63:2d:25:ea:2a:6b:af:56:
                    8d:bc:42:2b:ee:52:58:b0:8a:77:bd:8a:64:96:2a:
                    0a:56:83:06:3a:48:6e:b1:ee:53:f7:29:de:3e:60:
                    51:2c:a6:39:80:1f:b4:a7:db:03:6b:a1:44:15:db:
                    f7:ff:3e:c2:fc:a4:f4:12:58:3a:cc:b8:14:c7:0c:
                    6b:2f:2d:bb:f6:ff:f5:97:29:35:98:a7:4f:6d:7d:
                    02:2c:17:e8:78:92:90:dd:f6:fa:50:1a:47:9c:c2:
                    5b:97:47:a8:f6:d3:7f:f7:ed:59:ab:46:2e:e9:cb:
                    84:7c:8e:0c:d0:ac:af:8b:4d:0c:bb:75:77:a8:0b:
                    3b:e6:8b:63:7c:9f:26:ea:6e:cc:d2:be:07:b2:17:
                    4b:50:64:b5:f8:67:a2:52:fc:a4:fd:36:7b:bc:4b:
                    7a:e1:93:bc:6d:92:45:22:8b:a8:0b:36:67:e9:f8:
                    a2:5b:cb:5b:5d:09:6f:90:12:85:2f:84:42:8c:b4:
                    b6:2c:8a:da:04:6f:0e:a7:d7:f8:5e:76:95:8d:a3:
                    78:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:BB:57:9D:D6:6B:4F:F9:6C:A1:3B:E8:F6:EE:E4:22:9F:17:7D:0F
            X509v3 Authority Key Identifier:
                keyid:3C:74:19:5B:DB:B6:6B:60:3A:E6:3A:15:18:F0:66:FA:0B:11:51:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PHQZW9u2a2A65joVGPBm-gsRUfU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:06:5e:cc:83:a1:66:bd:ed:71:98:22:5e:28:65:09:bf:15:
         99:21:e4:59:0a:75:d9:ae:86:67:02:23:2c:d4:90:d8:bc:b4:
         0b:fb:dd:3e:d8:43:57:e6:34:51:9a:f1:2c:8c:a2:33:d8:6d:
         bd:0b:e7:2c:4f:d6:0f:ea:0e:30:42:ff:4f:70:52:9f:fe:d5:
         17:ea:5b:ca:c5:3d:c4:1a:3d:37:ce:ec:6a:6e:1c:59:9d:da:
         56:38:ac:e8:c3:e7:8d:4c:f7:dc:17:83:d0:8e:aa:7c:2f:5f:
         e7:68:ce:4f:33:18:78:83:13:8f:b7:5f:05:00:b6:e5:96:08:
         d9:2f:bb:84:87:ad:a1:8a:3a:9a:b2:56:b9:11:2e:d4:74:4b:
         c5:a0:cb:0e:55:44:8a:bf:4c:eb:11:2d:87:6e:a7:df:2b:77:
         fd:a6:c6:92:fb:50:4b:3d:3b:10:ee:79:c3:13:b1:4a:16:f2:
         18:fd:89:a5:27:92:02:eb:72:82:fa:a6:2a:bb:e7:9d:1b:5f:
         ce:e8:90:21:1f:66:f2:07:aa:e1:e6:f0:20:86:68:18:86:12:
         f9:9e:69:13:2c:c5:a0:1b:57:4a:7f:c4:24:01:e8:3d:ef:5e:
         da:b9:b7:e1:c7:a3:60:92:92:82:a0:db:16:d9:bc:96:c3:89:
         91:8d:89:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt6DZceRzbQKV9UyfxcBIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNzQxOTViZGJiNjZiNjAzYWU2M2ExNTE4ZjA2NmZhMGIx
MTUxZjUwHhcNMjUxMTExMDcwMDUwWhcNMjUxMTEyMDcwMDUwWjAzMTEwLwYDVQQD
Eyg2ZmJiNTc5ZGQ2NmI0ZmY5NmNhMTNiZThmNmVlZTQyMjlmMTc3ZDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyt48TS9/FXX/CXpnjClfl/Zgx1Pw
5Vm1iKghuGCX0ItIHo3f1jzF6kMRl3U+sLJ6cL6UYy0l6iprr1aNvEIr7lJYsIp3
vYpklioKVoMGOkhuse5T9ynePmBRLKY5gB+0p9sDa6FEFdv3/z7C/KT0Elg6zLgU
xwxrLy279v/1lyk1mKdPbX0CLBfoeJKQ3fb6UBpHnMJbl0eo9tN/9+1Zq0Yu6cuE
fI4M0Kyvi00Mu3V3qAs75otjfJ8m6m7M0r4HshdLUGS1+GeiUvyk/TZ7vEt64ZO8
bZJFIouoCzZn6fiiW8tbXQlvkBKFL4RCjLS2LIraBG8Op9f4XnaVjaN4zwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG+7V53Wa0/5bKE76Pbu5CKfF30PMB8GA1UdIwQY
MBaAFDx0GVvbtmtgOuY6FRjwZvoLEVH1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEhRWlc5dTJhMkE2NWpvVkdQQm0tZ3NSVWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC83ODU4YTQtMmUzMy00M2M0LWIzM2Qt
MWUwNGIyMGQ4NTY3LzEvUEhRWlc5dTJhMkE2NWpvVkdQQm0tZ3NSVWZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC83ODU4YTQtMmUzMy00M2M0LWIzM2QtMWUwNGIyMGQ4NTY3
LzEvUEhRWlc5dTJhMkE2NWpvVkdQQm0tZ3NSVWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAggZezIOh
Zr3tcZgiXihlCb8VmSHkWQp12a6GZwIjLNSQ2Ly0C/vdPthDV+Y0UZrxLIyiM9ht
vQvnLE/WD+oOMEL/T3BSn/7VF+pbysU9xBo9N87sam4cWZ3aVjis6MPnjUz33BeD
0I6qfC9f52jOTzMYeIMTj7dfBQC25ZYI2S+7hIetoYo6mrJWuREu1HRLxaDLDlVE
ir9M6xEth26n3yt3/abGkvtQSz07EO55wxOxShbyGP2JpSeSAutygvqmKrvnnRtf
zuiQIR9m8geq4ebwIIZoGIYS+Z5pEyzFoBtXSn/EJAHoPe9e2rm34cejYJKSgqDb
Ftm8lsOJkY2JPQ==
-----END CERTIFICATE-----