Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.mft
File:                     gU3w5sDcpazuCDqMcwTUXz0z1W0.mft (raw, json)
Hash identifier:          dJoEi9UjEAdQhmkt3VnouGHcU0F+fnDYgvqwEtb9B0g=
Subject key identifier:   2C:C2:8C:73:82:A1:B0:22:15:09:88:84:BE:7C:D3:FF:AE:B4:20:E0
Authority key identifier: 81:4D:F0:E6:C0:DC:A5:AC:EE:08:3A:8C:73:04:D4:5F:3D:33:D5:6D
Certificate issuer:       /CN=814df0e6c0dca5acee083a8c7304d45f3d33d56d
Certificate serial:       019A71B7B40D834EF496E1634A53E104897E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gU3w5sDcpazuCDqMcwTUXz0z1W0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.mft
Manifest number:          0DFF
Signing time:             Tue 11 Nov 2025 07:00:55 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:55 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:55 +0000
Files and hashes:         1: gU3w5sDcpazuCDqMcwTUXz0z1W0.crl (hash: 562W5BiYsR1HVwKfjfdX4xs9wE0pXeU4V7EBEqlbhMQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gU3w5sDcpazuCDqMcwTUXz0z1W0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:b4:0d:83:4e:f4:96:e1:63:4a:53:e1:04:89:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=814df0e6c0dca5acee083a8c7304d45f3d33d56d
        Validity
            Not Before: Nov 11 07:00:55 2025 GMT
            Not After : Nov 12 07:00:55 2025 GMT
        Subject: CN=2cc28c7382a1b02215098884be7cd3ffaeb420e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:6d:ef:86:e8:e6:43:4b:1f:6a:97:87:ee:21:
                    c0:47:3e:b0:2e:75:09:bd:3e:f2:7a:b3:97:28:64:
                    31:5f:78:1e:59:18:c7:6b:0b:be:2a:9c:3f:68:7c:
                    50:a0:18:9f:b6:ef:81:28:95:23:86:1e:06:8d:f1:
                    e2:c1:be:49:3d:5e:c6:db:fa:88:5e:19:38:66:da:
                    c6:14:f2:ae:93:f7:84:50:21:33:0e:b1:6f:bb:6c:
                    55:0f:1d:4c:1d:5f:31:01:63:14:68:17:87:f8:5b:
                    af:40:76:e5:d6:63:23:9b:56:f6:b1:28:44:12:70:
                    b5:f2:d1:54:21:54:5c:45:9e:36:6a:d8:9d:72:c3:
                    9b:9c:a0:fa:b3:02:a8:6d:a1:05:47:ce:df:d7:24:
                    eb:04:ad:cb:5f:50:1a:4b:6d:3c:dd:24:66:c6:93:
                    e1:57:d4:9a:bd:7c:94:c3:ac:dd:e7:81:9a:90:8b:
                    5f:9a:bc:f6:92:1f:bb:5d:ba:7b:e5:61:bf:62:02:
                    e2:9f:7d:e2:26:0a:a9:93:1f:42:4d:19:df:bf:4f:
                    40:ec:78:87:2d:cd:14:3d:88:85:6f:df:ab:18:0d:
                    11:24:76:30:e8:f2:32:4e:7a:02:3d:bc:11:72:b0:
                    78:df:9f:e5:2f:34:fb:f0:2a:af:a0:fe:e6:72:2d:
                    3d:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:C2:8C:73:82:A1:B0:22:15:09:88:84:BE:7C:D3:FF:AE:B4:20:E0
            X509v3 Authority Key Identifier:
                keyid:81:4D:F0:E6:C0:DC:A5:AC:EE:08:3A:8C:73:04:D4:5F:3D:33:D5:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gU3w5sDcpazuCDqMcwTUXz0z1W0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:d9:33:f0:97:fc:36:2d:98:a9:96:b8:b7:d6:f8:85:df:bf:
         dd:a5:ca:1d:3f:09:45:53:07:ea:e2:a4:25:7a:69:69:fb:9a:
         0b:37:a9:01:4b:ad:42:1f:9d:d2:39:d9:1b:f1:76:c7:90:bf:
         47:85:18:3d:c9:32:a5:51:59:97:57:d0:96:6d:ec:ae:74:90:
         4e:5e:a0:76:1a:83:ad:67:5b:0e:af:bf:fc:3c:76:8c:7d:a2:
         92:9d:04:0f:3b:66:c0:97:76:31:f4:f3:66:ea:51:86:91:48:
         7c:bb:0b:bc:dd:31:1d:0d:48:fb:57:8b:4d:7b:0b:49:91:93:
         52:ae:d6:ba:29:db:6a:42:9e:f0:f1:8b:85:e2:69:39:50:9d:
         df:10:18:21:84:05:1b:ee:00:8e:29:7e:c9:82:29:1e:66:fb:
         7b:2d:b8:51:9f:45:65:1c:0a:e3:f8:80:e8:d3:28:c8:c6:95:
         16:39:79:11:9a:3c:59:26:3b:bf:fb:99:f7:07:d2:61:9d:c8:
         35:c8:68:72:de:09:10:d8:00:59:be:a4:bd:82:3d:46:cd:dd:
         76:a5:bd:e8:aa:f5:c8:a1:c1:23:7a:ec:4a:69:5f:0e:6c:d2:
         88:9b:dc:d9:28:95:21:0c:af:c0:55:ed:3c:15:34:53:70:85:
         cd:52:09:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt7QNg070luFjSlPhBIl+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxNGRmMGU2YzBkY2E1YWNlZTA4M2E4YzczMDRkNDVmM2Qz
M2Q1NmQwHhcNMjUxMTExMDcwMDU1WhcNMjUxMTEyMDcwMDU1WjAzMTEwLwYDVQQD
EygyY2MyOGM3MzgyYTFiMDIyMTUwOTg4ODRiZTdjZDNmZmFlYjQyMGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA123vhujmQ0sfapeH7iHARz6wLnUJ
vT7yerOXKGQxX3geWRjHawu+Kpw/aHxQoBiftu+BKJUjhh4GjfHiwb5JPV7G2/qI
Xhk4ZtrGFPKuk/eEUCEzDrFvu2xVDx1MHV8xAWMUaBeH+FuvQHbl1mMjm1b2sShE
EnC18tFUIVRcRZ42atidcsObnKD6swKobaEFR87f1yTrBK3LX1AaS2083SRmxpPh
V9SavXyUw6zd54GakItfmrz2kh+7Xbp75WG/YgLin33iJgqpkx9CTRnfv09A7HiH
Lc0UPYiFb9+rGA0RJHYw6PIyTnoCPbwRcrB435/lLzT78CqvoP7mci09RQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCzCjHOCobAiFQmIhL580/+utCDgMB8GA1UdIwQY
MBaAFIFN8ObA3KWs7gg6jHME1F89M9VtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1UzdzVzRGNwYXp1Q0RxTWN3VFVYejB6MVcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi81MTQwZWUtNmZlZi00NmFjLWJlMzIt
ZDBkMmYyY2E4Y2JjLzEvZ1UzdzVzRGNwYXp1Q0RxTWN3VFVYejB6MVcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi81MTQwZWUtNmZlZi00NmFjLWJlMzItZDBkMmYyY2E4Y2Jj
LzEvZ1UzdzVzRGNwYXp1Q0RxTWN3VFVYejB6MVcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhtkz8Jf8
Ni2YqZa4t9b4hd+/3aXKHT8JRVMH6uKkJXppafuaCzepAUutQh+d0jnZG/F2x5C/
R4UYPckypVFZl1fQlm3srnSQTl6gdhqDrWdbDq+//Dx2jH2ikp0EDztmwJd2MfTz
ZupRhpFIfLsLvN0xHQ1I+1eLTXsLSZGTUq7WuinbakKe8PGLheJpOVCd3xAYIYQF
G+4Ajil+yYIpHmb7ey24UZ9FZRwK4/iA6NMoyMaVFjl5EZo8WSY7v/uZ9wfSYZ3I
Nchoct4JENgAWb6kvYI9Rs3ddqW96Kr1yKHBI3rsSmlfDmzSiJvc2SiVIQyvwFXt
PBU0U3CFzVIJuw==
-----END CERTIFICATE-----