Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft
File:                     2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft (raw, json)
Hash identifier:          AeVv+tSmjCbUM8itNEqFfU2HXWQEzW2LyD58B5+h534=
Subject key identifier:   AD:44:8D:E6:26:DB:15:8C:71:59:16:06:9F:D9:F2:A1:03:35:B6:CC
Authority key identifier: DB:FE:F0:D0:E3:F3:A1:13:43:BB:91:7F:CB:79:33:F4:E9:DA:E4:AD
Certificate issuer:       /CN=dbfef0d0e3f3a11343bb917fcb7933f4e9dae4ad
Certificate serial:       019A71B83E5FF6DEFF318A23A7D6DDF8219B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2_7w0OPzoRNDu5F_y3kz9Ona5K0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft
Manifest number:          0A00
Signing time:             Tue 11 Nov 2025 07:01:31 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:31 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:31 +0000
Files and hashes:         1: 2_7w0OPzoRNDu5F_y3kz9Ona5K0.crl (hash: T7AKgE4NRqKX6jZQrGhtwv+MNV7i38lMwhw2xMBem2Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2_7w0OPzoRNDu5F_y3kz9Ona5K0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:3e:5f:f6:de:ff:31:8a:23:a7:d6:dd:f8:21:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbfef0d0e3f3a11343bb917fcb7933f4e9dae4ad
        Validity
            Not Before: Nov 11 07:01:31 2025 GMT
            Not After : Nov 12 07:01:31 2025 GMT
        Subject: CN=ad448de626db158c715916069fd9f2a10335b6cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:91:8e:b0:cc:7a:51:bb:9d:16:ba:8e:28:8c:
                    93:71:7f:d5:3f:24:fc:3c:0c:d9:e8:35:0e:cb:7d:
                    a2:83:17:80:9f:c8:ea:65:89:df:e0:c6:57:fc:07:
                    6a:95:7c:d2:95:ea:79:f8:0e:1c:de:97:ee:0c:bd:
                    0c:cb:48:f4:84:a5:11:17:58:cf:ff:99:a7:95:eb:
                    37:b5:90:a3:64:c8:91:3e:6f:da:66:58:1e:1f:f9:
                    3d:84:50:58:bc:e1:1d:8d:9c:30:49:f3:ce:cb:d2:
                    2a:76:87:ea:44:5c:70:1f:e8:e0:d6:81:e5:a2:9f:
                    a8:3e:27:40:bf:02:1b:c0:84:0d:5f:27:ac:96:14:
                    b8:77:58:ef:35:0c:2d:02:64:2a:2e:b4:82:47:1e:
                    47:3b:ce:79:a0:c6:33:65:8e:81:86:92:e2:c4:f1:
                    f7:28:cb:59:ea:0d:b9:b6:04:e3:cd:cf:87:8c:f6:
                    5a:f1:d5:7c:e9:55:85:69:c2:3e:8c:2d:0c:f3:d3:
                    3e:6a:fc:5d:d8:3b:61:de:bf:85:d0:ab:f7:60:fd:
                    3f:8a:b0:c2:5c:cd:1f:e6:de:ed:d7:75:e8:63:f2:
                    fa:b3:15:f5:a3:3a:95:c5:3e:81:98:51:40:ec:de:
                    30:f7:03:11:4b:59:a9:d0:23:39:09:7d:bc:e7:67:
                    14:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:44:8D:E6:26:DB:15:8C:71:59:16:06:9F:D9:F2:A1:03:35:B6:CC
            X509v3 Authority Key Identifier:
                keyid:DB:FE:F0:D0:E3:F3:A1:13:43:BB:91:7F:CB:79:33:F4:E9:DA:E4:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2_7w0OPzoRNDu5F_y3kz9Ona5K0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:ee:e4:bd:b2:d7:f5:07:8a:f3:d0:a1:6e:4a:31:ae:92:6c:
         14:5b:4e:d5:2f:15:7a:6b:57:1b:ed:3a:97:de:9a:9f:f6:ae:
         03:4e:70:0b:0f:97:d4:e2:7f:68:64:9f:e0:cd:5d:4a:32:ba:
         d1:67:70:d2:ce:a7:07:97:1e:64:c2:b4:eb:e2:a3:a5:de:f7:
         8b:d4:38:89:78:f9:68:d7:93:bd:84:36:3d:24:16:51:19:96:
         cf:23:cf:9e:65:69:42:40:5a:1f:32:d0:00:99:c3:f9:48:55:
         63:bf:51:76:c8:30:bd:5f:fd:bb:39:56:f6:95:af:18:d3:8a:
         d0:27:99:b1:18:58:d9:ee:70:ed:94:c2:08:de:9f:c1:36:fd:
         ae:27:64:c1:b4:42:f1:dc:83:dd:33:29:65:c2:db:50:f9:2f:
         8f:85:b6:c3:e1:4c:1f:ba:e1:06:07:55:d4:e0:82:0e:10:fa:
         88:79:ca:63:b7:a8:50:a0:c3:f8:df:20:ab:a3:3f:d4:64:31:
         c0:ff:d8:a0:79:37:4c:60:d0:96:d8:20:f3:30:0d:5e:39:43:
         9a:ac:76:17:be:c6:0b:0a:4f:09:a6:0f:7f:c9:85:bb:e4:b0:
         9e:a8:58:b8:46:33:52:99:de:4a:88:6b:2a:91:96:18:10:69:
         16:8a:ab:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuD5f9t7/MYojp9bd+CGbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZmVmMGQwZTNmM2ExMTM0M2JiOTE3ZmNiNzkzM2Y0ZTlk
YWU0YWQwHhcNMjUxMTExMDcwMTMxWhcNMjUxMTEyMDcwMTMxWjAzMTEwLwYDVQQD
EyhhZDQ0OGRlNjI2ZGIxNThjNzE1OTE2MDY5ZmQ5ZjJhMTAzMzViNmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpGOsMx6UbudFrqOKIyTcX/VPyT8
PAzZ6DUOy32igxeAn8jqZYnf4MZX/AdqlXzSlep5+A4c3pfuDL0My0j0hKURF1jP
/5mnles3tZCjZMiRPm/aZlgeH/k9hFBYvOEdjZwwSfPOy9IqdofqRFxwH+jg1oHl
op+oPidAvwIbwIQNXyeslhS4d1jvNQwtAmQqLrSCRx5HO855oMYzZY6BhpLixPH3
KMtZ6g25tgTjzc+HjPZa8dV86VWFacI+jC0M89M+avxd2Dth3r+F0Kv3YP0/irDC
XM0f5t7t13XoY/L6sxX1ozqVxT6BmFFA7N4w9wMRS1mp0CM5CX2852cU1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK1EjeYm2xWMcVkWBp/Z8qEDNbbMMB8GA1UdIwQY
MBaAFNv+8NDj86ETQ7uRf8t5M/Tp2uStMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMl83dzBPUHpvUk5EdTVGX3kza3o5T25hNUswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy8wYThlMjMtYjYzMS00NDQ0LTk2Mjkt
ZTY0YzRlYzNjOTE5LzEvMl83dzBPUHpvUk5EdTVGX3kza3o5T25hNUswLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy8wYThlMjMtYjYzMS00NDQ0LTk2MjktZTY0YzRlYzNjOTE5
LzEvMl83dzBPUHpvUk5EdTVGX3kza3o5T25hNUswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAae7kvbLX
9QeK89ChbkoxrpJsFFtO1S8VemtXG+06l96an/auA05wCw+X1OJ/aGSf4M1dSjK6
0Wdw0s6nB5ceZMK06+Kjpd73i9Q4iXj5aNeTvYQ2PSQWURmWzyPPnmVpQkBaHzLQ
AJnD+UhVY79RdsgwvV/9uzlW9pWvGNOK0CeZsRhY2e5w7ZTCCN6fwTb9ridkwbRC
8dyD3TMpZcLbUPkvj4W2w+FMH7rhBgdV1OCCDhD6iHnKY7eoUKDD+N8gq6M/1GQx
wP/YoHk3TGDQltgg8zANXjlDmqx2F77GCwpPCaYPf8mFu+SwnqhYuEYzUpneSohr
KpGWGBBpFoqr4Q==
-----END CERTIFICATE-----