Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft
File:                     lPO2Epw0Od376Q21BkyAZt6GSnI.mft (raw, json)
Hash identifier:          TkrQ7qr738sFxxGF79CXgVJl3iJ5DhoNu+E8ATQruE4=
Subject key identifier:   0C:BD:57:08:B9:82:E7:61:44:B4:FE:03:38:D8:7E:97:CC:AA:65:A9
Authority key identifier: 94:F3:B6:12:9C:34:39:DD:FB:E9:0D:B5:06:4C:80:66:DE:86:4A:72
Certificate issuer:       /CN=94f3b6129c3439ddfbe90db5064c8066de864a72
Certificate serial:       019A72262EB5D64EF17D719A35F35FBF0264
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lPO2Epw0Od376Q21BkyAZt6GSnI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft
Manifest number:          0633
Signing time:             Tue 11 Nov 2025 09:01:36 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:36 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:36 +0000
Files and hashes:         1: lPO2Epw0Od376Q21BkyAZt6GSnI.crl (hash: he0bEar2LgBRjvRo+hkzXYTq2BAIdfULxRBNGc9RxTY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lPO2Epw0Od376Q21BkyAZt6GSnI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:2e:b5:d6:4e:f1:7d:71:9a:35:f3:5f:bf:02:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94f3b6129c3439ddfbe90db5064c8066de864a72
        Validity
            Not Before: Nov 11 09:01:36 2025 GMT
            Not After : Nov 12 09:01:36 2025 GMT
        Subject: CN=0cbd5708b982e76144b4fe0338d87e97ccaa65a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:5c:56:55:ec:91:15:35:a6:6a:97:fd:7c:75:
                    0a:6b:a1:d1:bd:38:cc:d4:d4:5f:a1:3c:d9:63:06:
                    40:2c:76:75:88:69:b7:a9:98:71:ed:a6:af:57:81:
                    d5:09:12:15:0c:41:00:ce:9c:b6:de:2b:b4:40:73:
                    4a:be:2d:85:7e:80:a1:dd:94:37:a8:f1:66:fe:e4:
                    7c:90:0c:ee:69:cf:c9:45:65:61:9c:b2:9b:c8:6e:
                    e7:09:14:ad:28:41:cb:85:f5:f9:07:15:a1:f2:3f:
                    ff:f3:17:d1:df:f8:32:bf:a9:f3:88:20:d2:c0:a6:
                    66:9b:1c:1d:c7:1e:c9:d5:4c:5b:cd:2b:16:1e:ff:
                    ec:0a:29:75:c0:39:01:d4:5c:57:06:43:ce:dd:34:
                    9f:f3:fb:df:64:80:28:5e:3a:36:e0:9b:d0:17:af:
                    69:c0:67:79:cb:76:92:cf:cf:77:eb:e3:74:5d:30:
                    60:00:26:1a:2f:21:cd:8e:d1:af:c3:3d:7d:d4:0b:
                    6e:43:8c:7e:74:54:7d:f3:97:bf:3c:4a:07:d5:dd:
                    f4:7c:6e:2c:58:b2:47:d6:25:02:2f:f1:c1:57:fd:
                    67:ca:ac:c6:9b:d4:65:0e:f5:35:54:3c:4b:32:13:
                    50:53:31:60:e5:91:7b:5a:3b:d4:90:ac:7a:ff:ec:
                    7f:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:BD:57:08:B9:82:E7:61:44:B4:FE:03:38:D8:7E:97:CC:AA:65:A9
            X509v3 Authority Key Identifier:
                keyid:94:F3:B6:12:9C:34:39:DD:FB:E9:0D:B5:06:4C:80:66:DE:86:4A:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lPO2Epw0Od376Q21BkyAZt6GSnI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bf:f7:5c:a5:63:1e:55:02:7f:7d:23:a8:49:fa:49:e4:2c:79:
         10:09:bb:91:7d:a7:a7:9d:3f:9d:04:e0:d4:68:49:2a:bb:bb:
         3c:0f:03:13:0c:c2:85:f8:bd:aa:13:11:19:6b:74:fc:8e:7e:
         5a:bd:34:a3:6b:c1:20:18:9d:a7:b1:c9:40:8f:30:cf:89:97:
         a4:3a:8f:f1:50:94:3f:17:9c:ab:d1:b6:27:cd:a0:8d:c6:5b:
         4e:2a:7e:0b:8c:dd:52:4f:b9:66:76:9a:4e:0f:91:09:7c:7a:
         2c:7b:ec:07:de:19:84:6f:1d:52:1c:4f:6c:bc:f9:eb:16:d7:
         e4:43:88:1b:26:21:39:10:46:02:bd:49:f6:72:70:fa:58:39:
         e2:17:99:5a:27:3a:80:92:87:11:77:0b:d5:f6:aa:3a:ff:ba:
         61:db:f6:d5:a4:be:47:9c:82:89:40:81:62:08:0a:1d:b6:b2:
         78:a3:32:f7:86:a8:ec:f0:e3:22:ab:75:91:b1:31:4e:c0:09:
         2f:cf:99:0f:d7:79:14:82:4b:76:94:66:3a:5e:23:02:58:72:
         f4:d2:52:b7:de:fd:3b:d2:85:84:2b:94:0e:6e:ed:13:18:d0:
         7f:86:29:d4:08:16:63:09:ba:d9:21:ea:49:6d:44:27:7d:92:
         ed:2b:b3:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJi611k7xfXGaNfNfvwJkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZjNiNjEyOWMzNDM5ZGRmYmU5MGRiNTA2NGM4MDY2ZGU4
NjRhNzIwHhcNMjUxMTExMDkwMTM2WhcNMjUxMTEyMDkwMTM2WjAzMTEwLwYDVQQD
EygwY2JkNTcwOGI5ODJlNzYxNDRiNGZlMDMzOGQ4N2U5N2NjYWE2NWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1xWVeyRFTWmapf9fHUKa6HRvTjM
1NRfoTzZYwZALHZ1iGm3qZhx7aavV4HVCRIVDEEAzpy23iu0QHNKvi2FfoCh3ZQ3
qPFm/uR8kAzuac/JRWVhnLKbyG7nCRStKEHLhfX5BxWh8j//8xfR3/gyv6nziCDS
wKZmmxwdxx7J1UxbzSsWHv/sCil1wDkB1FxXBkPO3TSf8/vfZIAoXjo24JvQF69p
wGd5y3aSz8936+N0XTBgACYaLyHNjtGvwz191AtuQ4x+dFR985e/PEoH1d30fG4s
WLJH1iUCL/HBV/1nyqzGm9RlDvU1VDxLMhNQUzFg5ZF7WjvUkKx6/+x/sQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAy9Vwi5gudhRLT+AzjYfpfMqmWpMB8GA1UdIwQY
MBaAFJTzthKcNDnd++kNtQZMgGbehkpyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFBPMkVwdzBPZDM3NlEyMUJreUFadDZHU25JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9kNDM1NzItYWQ5MS00NGFkLWFmYTEt
YjMzODJlNGFhN2MzLzEvbFBPMkVwdzBPZDM3NlEyMUJreUFadDZHU25JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9kNDM1NzItYWQ5MS00NGFkLWFmYTEtYjMzODJlNGFhN2Mz
LzEvbFBPMkVwdzBPZDM3NlEyMUJreUFadDZHU25JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAv/dcpWMe
VQJ/fSOoSfpJ5Cx5EAm7kX2np50/nQTg1GhJKru7PA8DEwzChfi9qhMRGWt0/I5+
Wr00o2vBIBidp7HJQI8wz4mXpDqP8VCUPxecq9G2J82gjcZbTip+C4zdUk+5Znaa
Tg+RCXx6LHvsB94ZhG8dUhxPbLz56xbX5EOIGyYhORBGAr1J9nJw+lg54heZWic6
gJKHEXcL1faqOv+6Ydv21aS+R5yCiUCBYggKHbayeKMy94ao7PDjIqt1kbExTsAJ
L8+ZD9d5FIJLdpRmOl4jAlhy9NJSt979O9KFhCuUDm7tExjQf4Yp1AgWYwm62SHq
SW1EJ32S7Suz2g==
-----END CERTIFICATE-----