Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/ac63b6-55c6-46df-8c11-7de7a7c5bf72/1/miIdT5cAcYIi7es06TinZjQ_JOE.mft
File:                     miIdT5cAcYIi7es06TinZjQ_JOE.mft (raw, json)
Hash identifier:          bWuZh2kVSgl8w0HD+w3lPn/+Osv+a59YII40UOCnTxA=
Subject key identifier:   6F:25:A0:5F:15:19:B7:EF:71:41:36:63:15:B6:19:F6:B9:76:E7:93
Authority key identifier: 9A:22:1D:4F:97:00:71:82:22:ED:EB:34:E9:38:A7:66:34:3F:24:E1
Certificate issuer:       /CN=9a221d4f9700718222edeb34e938a766343f24e1
Certificate serial:       019A71B86D343738B47DCFE7B8922D1FC75B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/miIdT5cAcYIi7es06TinZjQ_JOE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/ac63b6-55c6-46df-8c11-7de7a7c5bf72/1/miIdT5cAcYIi7es06TinZjQ_JOE.mft
Manifest number:          15C9
Signing time:             Tue 11 Nov 2025 07:01:43 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:43 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:43 +0000
Files and hashes:         1: miIdT5cAcYIi7es06TinZjQ_JOE.crl (hash: 6EwxgszOnfuD2oD2TWQ1inFrcy36BykvSmzDvEogUX8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/ac63b6-55c6-46df-8c11-7de7a7c5bf72/1/miIdT5cAcYIi7es06TinZjQ_JOE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/ac63b6-55c6-46df-8c11-7de7a7c5bf72/1/miIdT5cAcYIi7es06TinZjQ_JOE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/miIdT5cAcYIi7es06TinZjQ_JOE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:6d:34:37:38:b4:7d:cf:e7:b8:92:2d:1f:c7:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9a221d4f9700718222edeb34e938a766343f24e1
        Validity
            Not Before: Nov 11 07:01:43 2025 GMT
            Not After : Nov 12 07:01:43 2025 GMT
        Subject: CN=6f25a05f1519b7ef7141366315b619f6b976e793
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:3c:f0:c3:08:8d:14:a9:7f:4c:b4:16:c0:63:
                    e6:52:d1:a3:f8:c5:27:76:ef:35:fa:0f:a4:f1:e7:
                    37:12:ce:55:ce:e3:4a:4d:ac:e4:6a:d9:c6:ff:e2:
                    53:f5:86:54:e9:28:e4:5c:40:b2:fd:f6:da:76:49:
                    21:ad:07:3a:99:9a:ba:55:bc:56:a4:d3:14:fc:8f:
                    26:e5:dc:91:64:9d:e0:00:91:f4:80:d0:ac:bd:87:
                    05:ff:b4:95:1a:89:a8:1e:28:d7:51:0d:f0:91:4d:
                    6a:e9:a6:98:73:b4:2e:b8:94:25:b3:0c:d1:ec:e2:
                    7e:7b:6b:da:7a:2e:f5:5f:c7:7a:d8:ff:3e:4c:93:
                    b8:43:67:c1:3a:e4:c3:73:56:01:c1:06:1a:b5:4c:
                    fa:0d:fe:46:15:af:ce:e3:39:b3:68:fc:61:e6:5c:
                    7d:05:8a:d9:68:d4:ee:9f:c2:27:4c:45:51:e2:98:
                    d3:2b:78:0b:5f:b1:c1:c9:c5:bc:c0:4c:36:81:86:
                    78:7a:90:5a:d9:95:c4:2b:c2:2a:96:81:8b:28:a8:
                    aa:5b:16:9e:42:b1:d6:b9:ec:b5:67:b9:60:a0:91:
                    93:32:88:c9:9a:47:42:8d:76:5c:18:06:c5:0e:0c:
                    05:ea:13:a5:ec:fb:55:6e:78:61:dd:74:5f:76:b8:
                    ce:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:25:A0:5F:15:19:B7:EF:71:41:36:63:15:B6:19:F6:B9:76:E7:93
            X509v3 Authority Key Identifier:
                keyid:9A:22:1D:4F:97:00:71:82:22:ED:EB:34:E9:38:A7:66:34:3F:24:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/miIdT5cAcYIi7es06TinZjQ_JOE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/ac63b6-55c6-46df-8c11-7de7a7c5bf72/1/miIdT5cAcYIi7es06TinZjQ_JOE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/ac63b6-55c6-46df-8c11-7de7a7c5bf72/1/miIdT5cAcYIi7es06TinZjQ_JOE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:66:65:c7:b2:5b:c7:be:0e:53:f7:ab:cc:5a:c0:37:b0:bc:
         16:16:e8:69:a9:ae:c6:6c:d1:87:c1:83:ce:59:cb:9d:3c:0d:
         cb:ed:b4:91:4f:b5:48:97:e4:44:53:e6:f3:d7:ab:02:11:26:
         fa:bf:c0:66:0a:92:38:a2:a3:26:35:2d:7e:5f:90:24:b4:e6:
         27:a7:68:88:8b:1e:db:28:a7:83:c1:cb:ae:6c:70:2d:d8:a6:
         42:5b:9e:7b:2a:c9:db:aa:c8:c4:18:41:08:41:71:9a:bb:40:
         79:3c:5b:ec:98:ec:e7:f2:5d:21:d0:38:5f:13:af:07:2d:8f:
         45:6f:4e:21:3c:71:b7:84:49:28:b8:f7:99:a0:c0:a0:af:53:
         91:ad:85:03:dd:0e:0f:4a:74:39:22:81:ff:d9:37:a7:e2:1f:
         77:b6:c1:8d:75:c7:4c:98:7c:ca:ae:80:b2:a0:b8:87:1e:ab:
         4f:ac:76:09:f7:27:c9:8e:e1:bd:de:02:65:78:82:ea:7a:9e:
         cc:26:63:e5:8b:d7:39:44:22:b5:d1:06:c2:49:e4:d4:ce:ea:
         da:15:c9:a3:89:fb:a3:69:fc:59:ba:c9:7b:59:bd:e5:6c:fd:
         b8:fc:2b:22:93:e0:00:c0:60:14:d2:42:34:bf:33:2f:77:50:
         6a:6a:5f:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuG00Nzi0fc/nuJItH8dbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMjIxZDRmOTcwMDcxODIyMmVkZWIzNGU5MzhhNzY2MzQz
ZjI0ZTEwHhcNMjUxMTExMDcwMTQzWhcNMjUxMTEyMDcwMTQzWjAzMTEwLwYDVQQD
Eyg2ZjI1YTA1ZjE1MTliN2VmNzE0MTM2NjMxNWI2MTlmNmI5NzZlNzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzzwwwiNFKl/TLQWwGPmUtGj+MUn
du81+g+k8ec3Es5VzuNKTazkatnG/+JT9YZU6SjkXECy/fbadkkhrQc6mZq6VbxW
pNMU/I8m5dyRZJ3gAJH0gNCsvYcF/7SVGomoHijXUQ3wkU1q6aaYc7QuuJQlswzR
7OJ+e2vaei71X8d62P8+TJO4Q2fBOuTDc1YBwQYatUz6Df5GFa/O4zmzaPxh5lx9
BYrZaNTun8InTEVR4pjTK3gLX7HBycW8wEw2gYZ4epBa2ZXEK8IqloGLKKiqWxae
QrHWuey1Z7lgoJGTMojJmkdCjXZcGAbFDgwF6hOl7PtVbnhh3XRfdrjORwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG8loF8VGbfvcUE2YxW2Gfa5dueTMB8GA1UdIwQY
MBaAFJoiHU+XAHGCIu3rNOk4p2Y0PyThMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWlJZFQ1Y0FjWUlpN2VzMDZUaW5aalFfSk9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9hYzYzYjYtNTVjNi00NmRmLThjMTEt
N2RlN2E3YzViZjcyLzEvbWlJZFQ1Y0FjWUlpN2VzMDZUaW5aalFfSk9FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9hYzYzYjYtNTVjNi00NmRmLThjMTEtN2RlN2E3YzViZjcy
LzEvbWlJZFQ1Y0FjWUlpN2VzMDZUaW5aalFfSk9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc2Zlx7Jb
x74OU/erzFrAN7C8FhboaamuxmzRh8GDzlnLnTwNy+20kU+1SJfkRFPm89erAhEm
+r/AZgqSOKKjJjUtfl+QJLTmJ6doiIse2ying8HLrmxwLdimQlueeyrJ26rIxBhB
CEFxmrtAeTxb7Jjs5/JdIdA4XxOvBy2PRW9OITxxt4RJKLj3maDAoK9Tka2FA90O
D0p0OSKB/9k3p+Ifd7bBjXXHTJh8yq6AsqC4hx6rT6x2CfcnyY7hvd4CZXiC6nqe
zCZj5YvXOUQitdEGwknk1M7q2hXJo4n7o2n8WbrJe1m95Wz9uPwrIpPgAMBgFNJC
NL8zL3dQampfAw==
-----END CERTIFICATE-----