Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/2d4858-dbcf-46d1-86d3-0c867457692b/1/RGMFqaHfoG26hXtD8N6eYi9JUaM.mft
File:                     RGMFqaHfoG26hXtD8N6eYi9JUaM.mft (raw, json)
Hash identifier:          BFaCMryatvm2NO4G+olW1OfAT0iueJJKfHVqDZ/q4MQ=
Subject key identifier:   2F:94:5D:6F:FB:02:DF:91:B2:CB:51:E0:6F:20:0A:D4:FF:20:7C:5E
Authority key identifier: 44:63:05:A9:A1:DF:A0:6D:BA:85:7B:43:F0:DE:9E:62:2F:49:51:A3
Certificate issuer:       /CN=446305a9a1dfa06dba857b43f0de9e622f4951a3
Certificate serial:       019A71B828ADFC73FBEC8EE7E45717679307
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RGMFqaHfoG26hXtD8N6eYi9JUaM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/2d4858-dbcf-46d1-86d3-0c867457692b/1/RGMFqaHfoG26hXtD8N6eYi9JUaM.mft
Manifest number:          0BAD
Signing time:             Tue 11 Nov 2025 07:01:25 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:25 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:25 +0000
Files and hashes:         1: RGMFqaHfoG26hXtD8N6eYi9JUaM.crl (hash: MixE0QCy4ZwNM0np9AAghAE30Htf7s4KkZymrSCSZ2o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f1/2d4858-dbcf-46d1-86d3-0c867457692b/1/RGMFqaHfoG26hXtD8N6eYi9JUaM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f1/2d4858-dbcf-46d1-86d3-0c867457692b/1/RGMFqaHfoG26hXtD8N6eYi9JUaM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RGMFqaHfoG26hXtD8N6eYi9JUaM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:28:ad:fc:73:fb:ec:8e:e7:e4:57:17:67:93:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=446305a9a1dfa06dba857b43f0de9e622f4951a3
        Validity
            Not Before: Nov 11 07:01:25 2025 GMT
            Not After : Nov 12 07:01:25 2025 GMT
        Subject: CN=2f945d6ffb02df91b2cb51e06f200ad4ff207c5e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:04:a6:ae:a3:c4:39:85:df:90:79:71:8a:b0:
                    33:0e:73:9c:1e:86:c6:66:55:7d:5d:5d:9a:fb:a8:
                    72:b0:2e:0e:d5:66:ed:0a:69:89:c0:3c:00:11:31:
                    11:5f:44:8d:be:fd:f6:48:9d:8c:79:28:25:31:fc:
                    a1:5f:80:78:33:ba:70:d0:4f:7f:24:46:8e:96:40:
                    3a:32:51:fe:5c:a5:15:9f:9a:e2:53:27:bc:ec:b8:
                    da:7a:a5:b4:9c:f2:9e:d7:d8:88:72:cb:37:ce:aa:
                    e9:41:b4:f1:ee:7d:d9:c7:21:fe:76:da:a5:ae:d6:
                    de:50:d5:5f:9e:78:8b:b9:51:fe:e3:a4:cc:56:de:
                    f1:99:4b:53:2b:4d:60:94:60:1f:9d:bb:da:65:e9:
                    f2:06:2d:32:fb:61:7d:4b:6e:ca:78:9a:32:3a:17:
                    59:2d:3c:3c:ae:b7:2c:f5:85:96:73:79:d2:75:09:
                    ba:60:0c:f0:76:b4:77:6d:e2:14:ee:04:a8:a0:b0:
                    bf:ca:1b:16:b5:80:d2:10:18:81:c6:fa:50:f7:c5:
                    a5:b3:1c:1e:69:87:bd:c6:61:bb:df:45:e5:c8:b2:
                    0d:d2:59:00:69:a3:71:d9:2a:62:46:e0:03:fa:b9:
                    5e:7e:b6:4a:16:e5:50:cc:b9:aa:49:d9:41:6a:59:
                    2e:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:94:5D:6F:FB:02:DF:91:B2:CB:51:E0:6F:20:0A:D4:FF:20:7C:5E
            X509v3 Authority Key Identifier:
                keyid:44:63:05:A9:A1:DF:A0:6D:BA:85:7B:43:F0:DE:9E:62:2F:49:51:A3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RGMFqaHfoG26hXtD8N6eYi9JUaM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/2d4858-dbcf-46d1-86d3-0c867457692b/1/RGMFqaHfoG26hXtD8N6eYi9JUaM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/2d4858-dbcf-46d1-86d3-0c867457692b/1/RGMFqaHfoG26hXtD8N6eYi9JUaM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:de:bf:e8:b2:b1:3f:29:79:f6:3d:c6:3b:75:d8:c5:b4:14:
         88:23:39:0e:a1:e9:ef:9c:fc:2e:47:c7:d2:1b:7f:04:bb:fa:
         76:29:05:52:0a:6b:37:99:82:f7:05:32:2c:2f:10:0c:d0:83:
         7c:d6:bd:67:40:ad:f7:01:c3:4a:c0:5c:29:6a:60:8a:1c:95:
         cc:f7:92:49:21:80:c9:e9:68:10:65:c0:81:bf:13:50:71:b6:
         42:57:da:c2:53:9b:df:48:11:b1:fa:e2:14:de:05:67:8b:3a:
         45:12:82:2b:6e:6c:c2:5a:2c:9a:74:1d:15:b1:ab:1f:b0:51:
         3e:90:8d:af:ff:50:45:9e:89:ce:81:c7:9a:8b:3c:33:26:03:
         54:0b:d4:3e:81:1b:f0:61:99:cc:12:75:09:40:dd:7e:63:42:
         41:67:de:52:32:41:bb:76:af:84:b0:5a:2f:04:68:01:34:33:
         13:27:80:4b:71:e1:2f:7c:d2:26:e3:9c:58:34:b2:f7:fe:75:
         7d:1c:58:40:4a:0a:70:d5:c0:70:5e:fc:c7:a7:77:96:12:d9:
         ae:06:1b:26:e2:d3:56:ed:af:d9:30:0f:e6:7a:9a:3c:dd:21:
         76:ba:08:8e:e7:81:ed:60:bd:47:e8:ef:61:96:43:25:9d:57:
         74:7c:c2:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuCit/HP77I7n5FcXZ5MHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NjMwNWE5YTFkZmEwNmRiYTg1N2I0M2YwZGU5ZTYyMmY0
OTUxYTMwHhcNMjUxMTExMDcwMTI1WhcNMjUxMTEyMDcwMTI1WjAzMTEwLwYDVQQD
EygyZjk0NWQ2ZmZiMDJkZjkxYjJjYjUxZTA2ZjIwMGFkNGZmMjA3YzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQSmrqPEOYXfkHlxirAzDnOcHobG
ZlV9XV2a+6hysC4O1WbtCmmJwDwAETERX0SNvv32SJ2MeSglMfyhX4B4M7pw0E9/
JEaOlkA6MlH+XKUVn5riUye87LjaeqW0nPKe19iIcss3zqrpQbTx7n3ZxyH+dtql
rtbeUNVfnniLuVH+46TMVt7xmUtTK01glGAfnbvaZenyBi0y+2F9S27KeJoyOhdZ
LTw8rrcs9YWWc3nSdQm6YAzwdrR3beIU7gSooLC/yhsWtYDSEBiBxvpQ98Wlsxwe
aYe9xmG730XlyLIN0lkAaaNx2SpiRuAD+rlefrZKFuVQzLmqSdlBalkuuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC+UXW/7At+RsstR4G8gCtT/IHxeMB8GA1UdIwQY
MBaAFERjBamh36BtuoV7Q/DenmIvSVGjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkdNRnFhSGZvRzI2aFh0RDhONmVZaTlKVWFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8yZDQ4NTgtZGJjZi00NmQxLTg2ZDMt
MGM4Njc0NTc2OTJiLzEvUkdNRnFhSGZvRzI2aFh0RDhONmVZaTlKVWFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8yZDQ4NTgtZGJjZi00NmQxLTg2ZDMtMGM4Njc0NTc2OTJi
LzEvUkdNRnFhSGZvRzI2aFh0RDhONmVZaTlKVWFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI96/6LKx
Pyl59j3GO3XYxbQUiCM5DqHp75z8LkfH0ht/BLv6dikFUgprN5mC9wUyLC8QDNCD
fNa9Z0Ct9wHDSsBcKWpgihyVzPeSSSGAyeloEGXAgb8TUHG2QlfawlOb30gRsfri
FN4FZ4s6RRKCK25swlosmnQdFbGrH7BRPpCNr/9QRZ6JzoHHmos8MyYDVAvUPoEb
8GGZzBJ1CUDdfmNCQWfeUjJBu3avhLBaLwRoATQzEyeAS3HhL3zSJuOcWDSy9/51
fRxYQEoKcNXAcF78x6d3lhLZrgYbJuLTVu2v2TAP5nqaPN0hdroIjueB7WC9R+jv
YZZDJZ1XdHzC4Q==
-----END CERTIFICATE-----