Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft
File:                     A2loTGfKqZ_8AYS-rMrw6oipISk.mft (raw, json)
Hash identifier:          Op2ZWYMzCCXZ1K2dJNg+4HtArPoofnA+pHQKSAhiBpI=
Subject key identifier:   59:59:DF:23:12:B3:35:25:6F:99:D1:53:15:0A:01:88:05:54:32:54
Authority key identifier: 03:69:68:4C:67:CA:A9:9F:FC:01:84:BE:AC:CA:F0:EA:88:A9:21:29
Certificate issuer:       /CN=0369684c67caa99ffc0184beaccaf0ea88a92129
Certificate serial:       019A72258E05CF865AD747B048A9233B3AC6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft
Manifest number:          09F6
Signing time:             Tue 11 Nov 2025 09:00:55 +0000
Manifest this update:     Tue 11 Nov 2025 09:00:55 +0000
Manifest next update:     Wed 12 Nov 2025 09:00:55 +0000
Files and hashes:         1: A2loTGfKqZ_8AYS-rMrw6oipISk.crl (hash: +Iwtqs7QtoFLwYRJD//oxBt8k9ToTlkvmdusfKSMyiQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:8e:05:cf:86:5a:d7:47:b0:48:a9:23:3b:3a:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0369684c67caa99ffc0184beaccaf0ea88a92129
        Validity
            Not Before: Nov 11 09:00:55 2025 GMT
            Not After : Nov 12 09:00:55 2025 GMT
        Subject: CN=5959df2312b335256f99d153150a018805543254
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:c1:aa:86:47:d4:d8:1d:0a:99:b7:ca:df:f4:
                    db:f1:55:ac:e6:9a:cb:18:40:98:f5:db:0f:4c:92:
                    ff:bd:dd:12:d0:71:a5:50:29:6f:0c:05:fe:90:ff:
                    23:a0:82:80:76:89:7f:97:05:12:b2:f3:e8:74:36:
                    c0:a4:72:a3:76:18:4d:46:2a:0c:8d:2c:1a:5c:c3:
                    d7:c1:f5:61:62:1b:c3:cb:55:2c:73:a0:1a:a7:a6:
                    39:97:ce:3d:38:4e:79:15:91:0a:6e:e4:d4:e2:cb:
                    23:2e:b7:6b:d6:0c:24:03:88:97:99:c7:e7:71:9f:
                    5b:d2:c3:22:3f:b9:78:99:a7:2a:ae:3a:67:9a:48:
                    0b:1e:24:7c:8d:59:1b:ad:5d:cd:8a:a6:10:81:15:
                    a8:c1:27:55:ce:da:98:01:59:11:11:de:ca:96:26:
                    0d:87:87:b8:dd:73:b8:8c:08:57:dd:23:7e:74:03:
                    12:d6:f9:87:27:42:25:fd:fe:52:dc:55:ca:82:57:
                    16:3b:99:39:0f:ff:63:da:3d:b4:10:ce:0d:ee:03:
                    1b:5e:77:9b:9e:3c:a5:b3:da:32:4c:3e:3f:93:4c:
                    23:43:38:cc:9b:f8:fa:17:f5:78:40:39:5f:2d:45:
                    2b:58:b2:38:d5:7a:e5:2f:2f:38:bb:f7:11:4f:78:
                    b0:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:59:DF:23:12:B3:35:25:6F:99:D1:53:15:0A:01:88:05:54:32:54
            X509v3 Authority Key Identifier:
                keyid:03:69:68:4C:67:CA:A9:9F:FC:01:84:BE:AC:CA:F0:EA:88:A9:21:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ad:12:dd:11:d7:96:24:29:23:a2:09:74:11:3d:24:32:80:a5:
         7e:76:2b:72:e5:22:a5:45:e9:03:1c:67:5c:f5:74:07:b7:71:
         ca:c8:4f:8c:19:cb:c7:53:4c:aa:42:44:20:61:f8:07:77:0e:
         67:e4:89:07:ea:1c:5e:19:03:ba:73:1d:a7:c7:b8:9f:b1:03:
         66:f8:f6:82:cd:b1:cd:cc:08:6a:6b:df:0c:4d:1c:08:8c:56:
         54:19:fc:cb:5f:18:80:4b:62:40:59:66:03:d0:f2:3c:41:54:
         60:75:f2:da:34:ec:28:f1:00:71:58:f3:d3:db:10:17:59:27:
         c7:5d:f1:52:72:cf:23:63:58:de:3e:7e:ca:52:31:7b:0e:05:
         90:b2:61:f0:ec:41:0d:da:61:d0:d3:6f:07:6c:0c:ac:b2:7a:
         c9:cd:d4:62:6c:96:a6:63:49:5f:3a:4b:a4:8d:60:d2:58:c2:
         5d:dd:33:dc:6c:4c:0e:a0:40:1e:36:79:2c:90:44:13:f2:f1:
         50:40:8d:55:ab:e5:b7:01:54:0b:50:5f:c9:8a:5c:1c:4b:16:
         a7:0b:5b:69:2b:19:a3:1c:d1:6d:2b:f8:1f:d3:ed:86:55:52:
         c9:01:d3:d7:d1:5b:ab:b6:c2:c4:4c:92:42:13:7e:b2:8f:8c:
         3b:63:47:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJY4Fz4Za10ewSKkjOzrGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNjk2ODRjNjdjYWE5OWZmYzAxODRiZWFjY2FmMGVhODhh
OTIxMjkwHhcNMjUxMTExMDkwMDU1WhcNMjUxMTEyMDkwMDU1WjAzMTEwLwYDVQQD
Eyg1OTU5ZGYyMzEyYjMzNTI1NmY5OWQxNTMxNTBhMDE4ODA1NTQzMjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusGqhkfU2B0KmbfK3/Tb8VWs5prL
GECY9dsPTJL/vd0S0HGlUClvDAX+kP8joIKAdol/lwUSsvPodDbApHKjdhhNRioM
jSwaXMPXwfVhYhvDy1Usc6Aap6Y5l849OE55FZEKbuTU4ssjLrdr1gwkA4iXmcfn
cZ9b0sMiP7l4macqrjpnmkgLHiR8jVkbrV3NiqYQgRWowSdVztqYAVkREd7KliYN
h4e43XO4jAhX3SN+dAMS1vmHJ0Il/f5S3FXKglcWO5k5D/9j2j20EM4N7gMbXneb
njyls9oyTD4/k0wjQzjMm/j6F/V4QDlfLUUrWLI41XrlLy84u/cRT3iwdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFlZ3yMSszUlb5nRUxUKAYgFVDJUMB8GA1UdIwQY
MBaAFANpaExnyqmf/AGEvqzK8OqIqSEpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8wYjM2MjEtODBkMy00Nzk2LTg3MzUt
MTU3NTYyNDk5OTA4LzEvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8wYjM2MjEtODBkMy00Nzk2LTg3MzUtMTU3NTYyNDk5OTA4
LzEvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArRLdEdeW
JCkjogl0ET0kMoClfnYrcuUipUXpAxxnXPV0B7dxyshPjBnLx1NMqkJEIGH4B3cO
Z+SJB+ocXhkDunMdp8e4n7EDZvj2gs2xzcwIamvfDE0cCIxWVBn8y18YgEtiQFlm
A9DyPEFUYHXy2jTsKPEAcVjz09sQF1knx13xUnLPI2NY3j5+ylIxew4FkLJh8OxB
Ddph0NNvB2wMrLJ6yc3UYmyWpmNJXzpLpI1g0ljCXd0z3GxMDqBAHjZ5LJBEE/Lx
UECNVavltwFUC1BfyYpcHEsWpwtbaSsZoxzRbSv4H9PthlVSyQHT19Fbq7bCxEyS
QhN+so+MO2NHEA==
-----END CERTIFICATE-----