Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
File:                     0phnd6RO0JQPKaeVx19Fpi9EuzM.mft (raw, json)
Hash identifier:          uokga9mMYyUPiC4X831UHo1Y3RPODoU0YBs6Og0odF0=
Subject key identifier:   8A:46:2B:26:4D:75:DB:3F:7D:C9:DE:A2:16:E0:59:6C:CB:98:2C:A4
Authority key identifier: D2:98:67:77:A4:4E:D0:94:0F:29:A7:95:C7:5F:45:A6:2F:44:BB:33
Certificate issuer:       /CN=d2986777a44ed0940f29a795c75f45a62f44bb33
Certificate serial:       019A71B8EA0D8EB93BDF4A1997A33F62CA18
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
Manifest number:          0709
Signing time:             Tue 11 Nov 2025 07:02:15 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:15 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:15 +0000
Files and hashes:         1: 0phnd6RO0JQPKaeVx19Fpi9EuzM.crl (hash: YzAoRvJDd5xO/5P6XXvvm+shCjOkLOfcb8W8OCnxr4A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:ea:0d:8e:b9:3b:df:4a:19:97:a3:3f:62:ca:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2986777a44ed0940f29a795c75f45a62f44bb33
        Validity
            Not Before: Nov 11 07:02:15 2025 GMT
            Not After : Nov 12 07:02:15 2025 GMT
        Subject: CN=8a462b264d75db3f7dc9dea216e0596ccb982ca4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:e7:1a:9c:6c:26:72:b1:2d:4b:16:11:b6:b7:
                    39:41:94:d0:f8:8f:a6:b5:7e:49:8d:c3:dc:a6:1b:
                    d2:88:c7:b1:49:fb:f3:a3:42:a8:42:20:e8:23:b5:
                    4d:89:1b:a2:14:25:a6:16:1c:ac:ed:56:05:82:a4:
                    1f:df:c4:ea:a4:d9:ef:4a:27:f8:29:e2:d3:59:f4:
                    8e:38:c1:6a:b8:4d:e4:02:ac:ee:43:a7:14:c7:bb:
                    99:15:59:cb:ce:41:d6:9f:19:90:94:89:0f:af:8a:
                    00:c3:84:af:df:67:96:27:20:97:de:92:16:1d:5c:
                    d9:24:f6:cb:3a:9d:ca:ca:fa:c0:9d:a3:2d:42:6e:
                    68:b8:e3:7e:19:a9:c2:22:55:2e:4f:3b:86:2f:3a:
                    91:27:3b:3a:be:50:90:83:29:23:3f:25:46:7a:81:
                    e2:ae:1a:e0:37:d4:3e:63:fd:95:5e:31:4c:78:2c:
                    8e:a6:64:cb:fd:c6:91:e4:3a:0f:57:45:3c:fa:22:
                    73:91:b5:e5:3d:aa:e0:ef:c2:8c:51:0a:40:b5:29:
                    35:a0:4c:07:9a:f9:4c:f6:23:3d:27:bb:6f:78:68:
                    f5:06:02:ba:ca:9f:bc:b0:89:55:c5:fc:54:96:48:
                    eb:07:6a:9e:a7:cc:19:ea:f4:7c:4c:dd:fa:78:44:
                    b9:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:46:2B:26:4D:75:DB:3F:7D:C9:DE:A2:16:E0:59:6C:CB:98:2C:A4
            X509v3 Authority Key Identifier:
                keyid:D2:98:67:77:A4:4E:D0:94:0F:29:A7:95:C7:5F:45:A6:2F:44:BB:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:93:29:62:90:78:ed:d3:55:69:a0:19:7b:66:bb:20:77:48:
         97:16:2d:26:5a:af:00:44:08:af:6b:1f:fe:80:77:5d:3f:35:
         a7:67:2f:10:3e:51:43:dd:cd:fa:19:95:fa:5b:2f:9b:a1:2f:
         ac:a4:fe:14:58:63:cc:a2:06:c7:b8:1e:48:9c:8b:ca:b1:83:
         5f:46:4a:62:db:dd:86:44:1c:42:f7:ad:d7:67:d7:83:bb:de:
         89:1f:57:bc:74:6e:4e:9f:c6:30:bb:ca:9d:28:e8:b0:12:f1:
         6a:57:2c:c5:4b:dc:da:7a:94:80:59:35:c7:f7:60:1b:17:84:
         b2:1e:37:9e:2e:1c:e5:e5:02:83:21:83:f9:38:8e:0c:02:6a:
         3a:9a:37:d7:e8:aa:58:88:92:ae:bc:fc:ba:09:22:60:e4:2d:
         6e:af:5f:dd:a3:0a:f4:64:30:31:30:bf:1f:c8:f7:8d:34:73:
         6c:4c:9d:4d:8c:32:a0:5f:f4:9d:a1:84:ef:d4:0f:83:24:0a:
         83:93:6e:19:24:b1:05:74:9d:2a:9b:e6:f1:d0:d6:ea:90:89:
         ac:95:2f:f4:29:6f:be:c9:c0:99:49:e1:5a:74:25:8e:12:18:
         0b:e0:54:7d:84:33:79:6e:65:f6:78:f4:e3:79:3b:fd:66:da:
         e8:6c:1e:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuOoNjrk730oZl6M/YsoYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyOTg2Nzc3YTQ0ZWQwOTQwZjI5YTc5NWM3NWY0NWE2MmY0
NGJiMzMwHhcNMjUxMTExMDcwMjE1WhcNMjUxMTEyMDcwMjE1WjAzMTEwLwYDVQQD
Eyg4YTQ2MmIyNjRkNzVkYjNmN2RjOWRlYTIxNmUwNTk2Y2NiOTgyY2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoucanGwmcrEtSxYRtrc5QZTQ+I+m
tX5JjcPcphvSiMexSfvzo0KoQiDoI7VNiRuiFCWmFhys7VYFgqQf38TqpNnvSif4
KeLTWfSOOMFquE3kAqzuQ6cUx7uZFVnLzkHWnxmQlIkPr4oAw4Sv32eWJyCX3pIW
HVzZJPbLOp3KyvrAnaMtQm5ouON+GanCIlUuTzuGLzqRJzs6vlCQgykjPyVGeoHi
rhrgN9Q+Y/2VXjFMeCyOpmTL/caR5DoPV0U8+iJzkbXlParg78KMUQpAtSk1oEwH
mvlM9iM9J7tveGj1BgK6yp+8sIlVxfxUlkjrB2qep8wZ6vR8TN36eES5tQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIpGKyZNdds/fcneohbgWWzLmCykMB8GA1UdIwQY
MBaAFNKYZ3ekTtCUDymnlcdfRaYvRLszMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS85NzczZGMtZDhlOC00ODBkLTk4ZjIt
YzAwY2JjMTQ5MmJmLzEvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS85NzczZGMtZDhlOC00ODBkLTk4ZjItYzAwY2JjMTQ5MmJm
LzEvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQJMpYpB4
7dNVaaAZe2a7IHdIlxYtJlqvAEQIr2sf/oB3XT81p2cvED5RQ93N+hmV+lsvm6Ev
rKT+FFhjzKIGx7geSJyLyrGDX0ZKYtvdhkQcQvet12fXg7veiR9XvHRuTp/GMLvK
nSjosBLxalcsxUvc2nqUgFk1x/dgGxeEsh43ni4c5eUCgyGD+TiODAJqOpo31+iq
WIiSrrz8ugkiYOQtbq9f3aMK9GQwMTC/H8j3jTRzbEydTYwyoF/0naGE79QPgyQK
g5NuGSSxBXSdKpvm8dDW6pCJrJUv9ClvvsnAmUnhWnQljhIYC+BUfYQzeW5l9nj0
43k7/Wba6GwexA==
-----END CERTIFICATE-----