Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/fb5a4f-198b-4711-9a73-c02945b483ee/1/cJqO-vp4VAEBLEWQ2mNECjRW0M4.mft
File:                     cJqO-vp4VAEBLEWQ2mNECjRW0M4.mft (raw, json)
Hash identifier:          /8CxAeBQwy6BQf+vmvY+jXCnRnskgu9zLhWyUPKx+1s=
Subject key identifier:   2A:48:31:6E:1F:A4:2E:CB:01:AE:90:5D:DD:FC:62:C0:8A:DF:C0:76
Authority key identifier: 70:9A:8E:FA:FA:78:54:01:01:2C:45:90:DA:63:44:0A:34:56:D0:CE
Certificate issuer:       /CN=709a8efafa785401012c4590da63440a3456d0ce
Certificate serial:       019A7149E199F185E23C3B4790B324D184CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cJqO-vp4VAEBLEWQ2mNECjRW0M4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/fb5a4f-198b-4711-9a73-c02945b483ee/1/cJqO-vp4VAEBLEWQ2mNECjRW0M4.mft
Manifest number:          04D7
Signing time:             Tue 11 Nov 2025 05:00:58 +0000
Manifest this update:     Tue 11 Nov 2025 05:00:58 +0000
Manifest next update:     Wed 12 Nov 2025 05:00:58 +0000
Files and hashes:         1: cJqO-vp4VAEBLEWQ2mNECjRW0M4.crl (hash: hUJcUNf9ecmGD4RxvS2U+37VMKBUjV0x+CIptC7anJI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/fb5a4f-198b-4711-9a73-c02945b483ee/1/cJqO-vp4VAEBLEWQ2mNECjRW0M4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/fb5a4f-198b-4711-9a73-c02945b483ee/1/cJqO-vp4VAEBLEWQ2mNECjRW0M4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cJqO-vp4VAEBLEWQ2mNECjRW0M4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 05:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:49:e1:99:f1:85:e2:3c:3b:47:90:b3:24:d1:84:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=709a8efafa785401012c4590da63440a3456d0ce
        Validity
            Not Before: Nov 11 05:00:58 2025 GMT
            Not After : Nov 12 05:00:58 2025 GMT
        Subject: CN=2a48316e1fa42ecb01ae905dddfc62c08adfc076
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:0c:10:49:d2:c0:a4:91:d8:b6:77:03:20:7f:
                    a9:a5:52:99:fe:74:f9:b8:60:a0:f4:07:2a:2f:4a:
                    e2:2a:c5:e8:41:2e:29:38:67:bd:16:fd:3a:ee:fc:
                    71:e6:e6:9c:58:a5:ec:8e:ef:05:91:f1:1d:41:c2:
                    ea:17:4e:a0:ab:36:ca:06:de:ae:f2:70:c2:d8:e8:
                    34:39:43:e3:ca:0c:86:7a:fb:9e:1a:0a:a4:e9:b5:
                    bd:36:80:82:86:47:79:eb:3e:78:a3:b1:e0:c4:bf:
                    0e:32:4a:ef:e4:fa:84:2f:89:35:b7:a5:b7:f0:8b:
                    2c:65:af:5a:ad:c1:3b:39:bf:13:05:27:4c:0f:31:
                    b2:ae:6f:12:3f:29:6a:9a:13:ea:4c:de:8f:3f:61:
                    01:df:90:73:85:fc:23:0d:c6:6d:8f:97:d0:e1:65:
                    9a:f0:f7:df:49:9f:07:87:ea:95:ea:74:aa:0c:da:
                    eb:fb:ed:6e:94:8c:3b:16:96:93:96:67:40:e8:83:
                    60:33:d4:6e:0c:23:f2:97:38:70:27:9f:12:c4:24:
                    4f:e7:c6:a0:12:14:fe:2f:cf:f9:3a:ae:e5:88:91:
                    77:2f:12:10:f1:63:24:46:b0:8b:8e:05:9f:90:5a:
                    00:48:c2:f9:31:54:8a:3b:bb:a9:1f:c0:6e:27:5d:
                    11:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:48:31:6E:1F:A4:2E:CB:01:AE:90:5D:DD:FC:62:C0:8A:DF:C0:76
            X509v3 Authority Key Identifier:
                keyid:70:9A:8E:FA:FA:78:54:01:01:2C:45:90:DA:63:44:0A:34:56:D0:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cJqO-vp4VAEBLEWQ2mNECjRW0M4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/fb5a4f-198b-4711-9a73-c02945b483ee/1/cJqO-vp4VAEBLEWQ2mNECjRW0M4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/fb5a4f-198b-4711-9a73-c02945b483ee/1/cJqO-vp4VAEBLEWQ2mNECjRW0M4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:f6:ab:38:1e:9c:13:d0:e7:db:aa:61:4a:53:59:11:c5:20:
         29:b0:d5:9e:4c:e2:ad:f5:cc:39:7d:5d:e1:6a:26:13:04:ca:
         ca:02:26:9d:ac:08:40:28:74:a7:f7:85:7b:cb:2d:1c:4b:1e:
         9a:72:d9:0b:7d:2f:17:bb:d7:b1:c2:15:6a:8b:c7:bd:14:44:
         c2:42:b8:53:93:40:06:e0:cc:4c:8c:64:a6:31:15:d6:80:62:
         b6:94:6b:a2:8f:5e:3c:0a:de:82:ef:1a:57:97:b1:0c:d7:b6:
         8b:7b:c7:a2:df:0b:6c:ce:73:dd:5b:77:a9:a3:9d:12:ae:6c:
         f5:d0:18:ca:47:65:a6:5b:63:2e:37:82:b7:40:ee:d4:78:dd:
         c9:5d:b5:bc:ea:7e:43:fe:b3:20:58:42:ff:01:e5:de:c8:80:
         26:82:1a:1c:d9:cf:91:f8:91:76:b1:84:58:da:97:92:84:0e:
         9e:00:cc:36:db:5e:22:7c:4f:23:d8:10:bf:08:46:da:e7:6c:
         7c:af:eb:1c:e7:2d:65:31:0d:39:0f:7b:ca:9e:e5:29:8b:e3:
         99:51:25:f1:34:a1:59:b8:fb:d0:a6:91:76:d3:e8:df:9a:6a:
         d2:17:0d:34:59:a3:27:35:1c:b2:15:52:85:bb:cc:b2:fa:cf:
         6f:4d:31:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSeGZ8YXiPDtHkLMk0YTKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwOWE4ZWZhZmE3ODU0MDEwMTJjNDU5MGRhNjM0NDBhMzQ1
NmQwY2UwHhcNMjUxMTExMDUwMDU4WhcNMjUxMTEyMDUwMDU4WjAzMTEwLwYDVQQD
EygyYTQ4MzE2ZTFmYTQyZWNiMDFhZTkwNWRkZGZjNjJjMDhhZGZjMDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2QwQSdLApJHYtncDIH+ppVKZ/nT5
uGCg9AcqL0riKsXoQS4pOGe9Fv067vxx5uacWKXsju8FkfEdQcLqF06gqzbKBt6u
8nDC2Og0OUPjygyGevueGgqk6bW9NoCChkd56z54o7HgxL8OMkrv5PqEL4k1t6W3
8IssZa9arcE7Ob8TBSdMDzGyrm8SPylqmhPqTN6PP2EB35BzhfwjDcZtj5fQ4WWa
8PffSZ8Hh+qV6nSqDNrr++1ulIw7FpaTlmdA6INgM9RuDCPylzhwJ58SxCRP58ag
EhT+L8/5Oq7liJF3LxIQ8WMkRrCLjgWfkFoASML5MVSKO7upH8BuJ10RZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCpIMW4fpC7LAa6QXd38YsCK38B2MB8GA1UdIwQY
MBaAFHCajvr6eFQBASxFkNpjRAo0VtDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0pxTy12cDRWQUVCTEVXUTJtTkVDalJXME00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9mYjVhNGYtMTk4Yi00NzExLTlhNzMt
YzAyOTQ1YjQ4M2VlLzEvY0pxTy12cDRWQUVCTEVXUTJtTkVDalJXME00Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9mYjVhNGYtMTk4Yi00NzExLTlhNzMtYzAyOTQ1YjQ4M2Vl
LzEvY0pxTy12cDRWQUVCTEVXUTJtTkVDalJXME00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI/arOB6c
E9Dn26phSlNZEcUgKbDVnkzirfXMOX1d4WomEwTKygImnawIQCh0p/eFe8stHEse
mnLZC30vF7vXscIVaovHvRREwkK4U5NABuDMTIxkpjEV1oBitpRroo9ePAregu8a
V5exDNe2i3vHot8LbM5z3Vt3qaOdEq5s9dAYykdlpltjLjeCt0Du1HjdyV21vOp+
Q/6zIFhC/wHl3siAJoIaHNnPkfiRdrGEWNqXkoQOngDMNtteInxPI9gQvwhG2uds
fK/rHOctZTENOQ97yp7lKYvjmVEl8TShWbj70KaRdtPo35pq0hcNNFmjJzUcshVS
hbvMsvrPb00xAg==
-----END CERTIFICATE-----