Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/4b5c18-8472-41db-b557-2269c1af2ad3/1/K5Ro565AOUbluk3mHMHEej2b794.mft
File:                     K5Ro565AOUbluk3mHMHEej2b794.mft (raw, json)
Hash identifier:          hWZsvInSrHXSBGUzlBb4UXjYAn5l21nrELdHD5aFG1A=
Subject key identifier:   9D:AF:05:10:86:D5:7D:9B:65:0B:39:AD:B5:54:52:5E:FD:68:D6:FB
Authority key identifier: 2B:94:68:E7:AE:40:39:46:E5:BA:4D:E6:1C:C1:C4:7A:3D:9B:EF:DE
Certificate issuer:       /CN=2b9468e7ae403946e5ba4de61cc1c47a3d9befde
Certificate serial:       019A71B8B7A7F627896424F67D12FCF700E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K5Ro565AOUbluk3mHMHEej2b794.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/4b5c18-8472-41db-b557-2269c1af2ad3/1/K5Ro565AOUbluk3mHMHEej2b794.mft
Manifest number:          0BD8
Signing time:             Tue 11 Nov 2025 07:02:02 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:02 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:02 +0000
Files and hashes:         1: K5Ro565AOUbluk3mHMHEej2b794.crl (hash: PFRKDS25EhoEDas+BdxLIyH+MiOWmXwwcZrvFV4f7XM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cb/4b5c18-8472-41db-b557-2269c1af2ad3/1/K5Ro565AOUbluk3mHMHEej2b794.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cb/4b5c18-8472-41db-b557-2269c1af2ad3/1/K5Ro565AOUbluk3mHMHEej2b794.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/K5Ro565AOUbluk3mHMHEej2b794.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:b7:a7:f6:27:89:64:24:f6:7d:12:fc:f7:00:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b9468e7ae403946e5ba4de61cc1c47a3d9befde
        Validity
            Not Before: Nov 11 07:02:02 2025 GMT
            Not After : Nov 12 07:02:02 2025 GMT
        Subject: CN=9daf051086d57d9b650b39adb554525efd68d6fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:88:aa:1b:00:b2:2a:9a:ef:7b:ea:8a:ea:be:
                    67:1f:b6:cf:ea:2d:58:38:af:8a:bb:e8:0a:00:a1:
                    9b:69:0f:80:66:1e:b8:91:e3:cd:cf:18:f0:c1:83:
                    e6:76:41:ab:01:a0:20:b1:96:5e:13:8b:3f:1d:f5:
                    16:29:fd:a5:28:83:c6:06:70:f2:b8:63:80:e2:43:
                    bc:03:25:00:19:fd:ea:56:75:fc:d7:c7:5c:98:20:
                    1f:3a:ab:8b:5d:c3:61:15:18:08:67:a5:6b:bb:67:
                    fe:df:f7:fa:26:cc:1a:89:a3:9e:57:e4:2b:11:92:
                    8d:40:28:01:37:c7:74:5e:12:b0:db:5f:5f:ae:63:
                    e4:65:25:76:b2:7b:e5:5b:fa:c7:22:68:e5:c5:1e:
                    8d:c6:ea:d4:53:c3:de:3c:2e:6b:76:0c:26:c6:06:
                    ee:db:e4:9c:ba:ae:4e:7a:18:1d:da:13:e3:50:e3:
                    25:51:3c:05:39:e0:f3:29:07:92:63:50:03:36:36:
                    83:6c:d3:ae:b1:7a:76:7b:3b:19:ed:7d:7e:ab:ec:
                    fa:41:c4:0c:be:9f:92:bd:17:9c:45:8e:13:c1:11:
                    d8:3f:f7:36:2b:e6:21:7c:a7:87:18:dc:e3:8f:93:
                    9c:7b:e0:7b:3f:2f:df:c8:2b:25:92:05:66:34:c9:
                    5e:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:AF:05:10:86:D5:7D:9B:65:0B:39:AD:B5:54:52:5E:FD:68:D6:FB
            X509v3 Authority Key Identifier:
                keyid:2B:94:68:E7:AE:40:39:46:E5:BA:4D:E6:1C:C1:C4:7A:3D:9B:EF:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5Ro565AOUbluk3mHMHEej2b794.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/4b5c18-8472-41db-b557-2269c1af2ad3/1/K5Ro565AOUbluk3mHMHEej2b794.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/4b5c18-8472-41db-b557-2269c1af2ad3/1/K5Ro565AOUbluk3mHMHEej2b794.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:d3:10:fd:ba:e4:e1:61:ed:09:f8:61:54:31:71:c4:eb:00:
         11:01:b2:fb:6a:10:1c:11:09:c9:4a:73:15:db:66:68:8a:09:
         23:4e:40:96:5d:fc:f5:7d:cd:da:34:10:63:d5:10:75:01:0a:
         6a:7a:a9:aa:fb:e7:53:35:c8:0a:5f:93:33:ca:bd:1a:51:8f:
         27:c6:d0:54:33:2f:61:bb:da:0b:b1:29:84:36:b0:fd:89:ee:
         f3:7b:4b:8b:fc:ba:11:b1:6a:05:8e:6b:3b:6f:89:68:22:1c:
         48:40:6c:53:e9:6b:42:7d:d0:4a:dd:dc:06:03:82:b1:67:92:
         21:e0:9b:ca:6a:d4:50:c6:df:3b:10:ea:dc:32:a1:fc:89:72:
         ce:f9:c2:a6:a7:25:8e:53:9b:4c:3f:cd:80:91:12:5f:77:94:
         b2:96:7d:02:8b:96:bf:a6:a7:1b:a2:7e:96:63:b2:2d:91:9e:
         3f:3b:2f:84:84:7a:02:82:61:07:ba:f0:b3:b5:41:f4:21:3c:
         5e:9e:fe:ee:dd:4a:ac:ec:ea:e5:06:36:42:3f:4f:66:41:0f:
         79:cf:da:c6:d3:12:f5:95:e3:39:5f:72:91:ae:ae:39:dd:08:
         aa:b1:2e:8f:89:39:d9:e4:32:3c:1b:e2:12:a3:ef:22:8d:d9:
         e4:fe:44:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuLen9ieJZCT2fRL89wDpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOTQ2OGU3YWU0MDM5NDZlNWJhNGRlNjFjYzFjNDdhM2Q5
YmVmZGUwHhcNMjUxMTExMDcwMjAyWhcNMjUxMTEyMDcwMjAyWjAzMTEwLwYDVQQD
Eyg5ZGFmMDUxMDg2ZDU3ZDliNjUwYjM5YWRiNTU0NTI1ZWZkNjhkNmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYiqGwCyKprve+qK6r5nH7bP6i1Y
OK+Ku+gKAKGbaQ+AZh64kePNzxjwwYPmdkGrAaAgsZZeE4s/HfUWKf2lKIPGBnDy
uGOA4kO8AyUAGf3qVnX818dcmCAfOquLXcNhFRgIZ6Vru2f+3/f6JswaiaOeV+Qr
EZKNQCgBN8d0XhKw219frmPkZSV2snvlW/rHImjlxR6NxurUU8PePC5rdgwmxgbu
2+Scuq5Oehgd2hPjUOMlUTwFOeDzKQeSY1ADNjaDbNOusXp2ezsZ7X1+q+z6QcQM
vp+SvRecRY4TwRHYP/c2K+YhfKeHGNzjj5Oce+B7Py/fyCslkgVmNMleJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ2vBRCG1X2bZQs5rbVUUl79aNb7MB8GA1UdIwQY
MBaAFCuUaOeuQDlG5bpN5hzBxHo9m+/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzVSbzU2NUFPVWJsdWszbUhNSEVlajJiNzk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi80YjVjMTgtODQ3Mi00MWRiLWI1NTct
MjI2OWMxYWYyYWQzLzEvSzVSbzU2NUFPVWJsdWszbUhNSEVlajJiNzk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi80YjVjMTgtODQ3Mi00MWRiLWI1NTctMjI2OWMxYWYyYWQz
LzEvSzVSbzU2NUFPVWJsdWszbUhNSEVlajJiNzk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQtMQ/brk
4WHtCfhhVDFxxOsAEQGy+2oQHBEJyUpzFdtmaIoJI05All389X3N2jQQY9UQdQEK
anqpqvvnUzXICl+TM8q9GlGPJ8bQVDMvYbvaC7EphDaw/Ynu83tLi/y6EbFqBY5r
O2+JaCIcSEBsU+lrQn3QSt3cBgOCsWeSIeCbymrUUMbfOxDq3DKh/IlyzvnCpqcl
jlObTD/NgJESX3eUspZ9AouWv6anG6J+lmOyLZGePzsvhIR6AoJhB7rws7VB9CE8
Xp7+7t1KrOzq5QY2Qj9PZkEPec/axtMS9ZXjOV9yka6uOd0IqrEuj4k52eQyPBvi
EqPvIo3Z5P5E7g==
-----END CERTIFICATE-----