Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft
File:                     maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft (raw, json)
Hash identifier:          SepodbJMudiwlQmzMDswLo8Sw0I/ZE0PMkGvf71CC8I=
Subject key identifier:   3D:F3:82:A7:54:5B:4D:B5:B0:F8:52:71:95:CB:56:98:48:7A:E8:AA
Authority key identifier: 99:A5:E4:C1:CD:E8:BC:B3:B8:42:07:70:D5:9A:83:A7:91:7C:8C:C8
Certificate issuer:       /CN=99a5e4c1cde8bcb3b8420770d59a83a7917c8cc8
Certificate serial:       019A7293B54E73044E15D7E2F1652CDAA940
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft
Manifest number:          12DD
Signing time:             Tue 11 Nov 2025 11:01:13 +0000
Manifest this update:     Tue 11 Nov 2025 11:01:13 +0000
Manifest next update:     Wed 12 Nov 2025 11:01:13 +0000
Files and hashes:         1: maXkwc3ovLO4Qgdw1ZqDp5F8jMg.crl (hash: NRPwJKKQdZ3G/O3+qflOi4WporiCM/0oc0DfefsEl9U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:93:b5:4e:73:04:4e:15:d7:e2:f1:65:2c:da:a9:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99a5e4c1cde8bcb3b8420770d59a83a7917c8cc8
        Validity
            Not Before: Nov 11 11:01:13 2025 GMT
            Not After : Nov 12 11:01:13 2025 GMT
        Subject: CN=3df382a7545b4db5b0f8527195cb5698487ae8aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:9d:7e:c3:8b:84:2e:64:30:8c:14:3b:1f:68:
                    9e:f4:6e:ed:72:2e:36:22:f3:00:8c:00:40:81:23:
                    0e:0b:85:32:6b:5e:a6:41:1d:aa:41:2f:ae:52:b5:
                    0b:ad:01:18:a8:61:14:69:1a:d3:34:aa:9f:f4:c2:
                    8c:8f:ee:d1:d3:ed:a1:35:ee:fc:19:0d:b3:23:fc:
                    fb:d0:bb:94:e1:2c:9c:ef:64:fb:1f:09:10:7b:f9:
                    cc:45:be:38:28:cd:d1:93:50:01:1f:63:7f:85:fd:
                    84:4c:94:2f:cd:ea:6d:0b:e3:14:73:55:65:ce:66:
                    37:35:13:40:04:c4:e8:7e:77:a1:1a:6d:28:b1:41:
                    a5:0e:6b:74:04:59:a8:d8:f2:7c:e8:1f:0c:fe:15:
                    c8:d8:6a:ae:15:30:6c:4c:82:51:7e:86:89:cc:95:
                    36:36:4a:1e:f0:f2:86:45:d6:66:86:d9:fe:73:2c:
                    45:f6:84:db:d3:61:f2:00:22:40:62:9a:ba:60:b8:
                    f0:0a:24:c1:54:f2:28:b8:01:3b:c8:9a:0a:d1:1e:
                    eb:6c:c0:80:29:28:5e:23:de:e0:e5:4a:b5:02:a1:
                    3b:e8:34:e1:b6:ed:e5:96:5e:53:36:2a:9c:b9:68:
                    11:05:97:85:eb:d2:70:d0:bc:f1:f3:5f:02:3d:ba:
                    dc:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:F3:82:A7:54:5B:4D:B5:B0:F8:52:71:95:CB:56:98:48:7A:E8:AA
            X509v3 Authority Key Identifier:
                keyid:99:A5:E4:C1:CD:E8:BC:B3:B8:42:07:70:D5:9A:83:A7:91:7C:8C:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:9b:28:a1:86:86:53:3b:32:90:bb:95:f6:32:67:d0:bf:d8:
         1c:ff:87:8a:14:57:94:e6:fb:43:23:0e:33:ef:f2:4a:e0:cd:
         e3:22:94:22:f8:75:f6:79:39:5a:b8:ae:13:7f:43:a1:e5:f3:
         79:c7:49:16:44:06:df:0c:87:6e:53:59:22:2c:cf:9e:33:dc:
         85:a7:95:aa:f8:c2:c9:55:c3:fc:c5:e1:31:e9:50:87:4f:7a:
         6a:3b:c1:19:2d:e4:f3:f8:5e:e8:dd:04:6f:00:9f:6f:35:c1:
         a8:3a:9e:f6:81:d8:b8:bc:84:31:0b:7f:ef:6a:98:d9:93:ed:
         95:dc:fb:48:47:c5:09:4f:e9:75:5f:d2:ce:af:2a:12:b7:09:
         78:53:da:df:93:c3:fa:a0:68:49:ba:dd:fb:de:a1:7c:14:01:
         d5:ce:f3:8c:7e:89:ec:7f:e1:11:25:c0:3b:ec:be:9f:e3:d3:
         77:3d:fa:74:f4:e8:e9:c9:cb:11:0d:05:41:5d:77:4d:cd:d4:
         f4:c8:d2:a5:2f:8f:ac:35:0e:37:f7:3c:58:a8:e3:ca:cd:1c:
         0c:a3:1e:0e:5f:2f:0d:5b:40:0a:1a:b4:46:b1:dc:c2:52:a5:
         63:4b:62:81:b7:c8:46:c2:c6:26:da:4e:34:89:d5:d9:82:dc:
         f8:a5:fd:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk7VOcwROFdfi8WUs2qlAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5YTVlNGMxY2RlOGJjYjNiODQyMDc3MGQ1OWE4M2E3OTE3
YzhjYzgwHhcNMjUxMTExMTEwMTEzWhcNMjUxMTEyMTEwMTEzWjAzMTEwLwYDVQQD
EygzZGYzODJhNzU0NWI0ZGI1YjBmODUyNzE5NWNiNTY5ODQ4N2FlOGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZ1+w4uELmQwjBQ7H2ie9G7tci42
IvMAjABAgSMOC4Uya16mQR2qQS+uUrULrQEYqGEUaRrTNKqf9MKMj+7R0+2hNe78
GQ2zI/z70LuU4Syc72T7HwkQe/nMRb44KM3Rk1ABH2N/hf2ETJQvzeptC+MUc1Vl
zmY3NRNABMTofnehGm0osUGlDmt0BFmo2PJ86B8M/hXI2GquFTBsTIJRfoaJzJU2
Nkoe8PKGRdZmhtn+cyxF9oTb02HyACJAYpq6YLjwCiTBVPIouAE7yJoK0R7rbMCA
KSheI97g5Uq1AqE76DThtu3lll5TNiqcuWgRBZeF69Jw0Lzx818CPbrceQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD3zgqdUW021sPhScZXLVphIeuiqMB8GA1UdIwQY
MBaAFJml5MHN6LyzuEIHcNWag6eRfIzIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWFYa3djM292TE80UWdkdzFacURwNUY4ak1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS81NWI4NDgtMGZjMy00M2MzLThhY2Ut
MGRjM2MyMWJkNjI4LzEvbWFYa3djM292TE80UWdkdzFacURwNUY4ak1nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS81NWI4NDgtMGZjMy00M2MzLThhY2UtMGRjM2MyMWJkNjI4
LzEvbWFYa3djM292TE80UWdkdzFacURwNUY4ak1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG5sooYaG
UzsykLuV9jJn0L/YHP+HihRXlOb7QyMOM+/ySuDN4yKUIvh19nk5WriuE39DoeXz
ecdJFkQG3wyHblNZIizPnjPchaeVqvjCyVXD/MXhMelQh096ajvBGS3k8/he6N0E
bwCfbzXBqDqe9oHYuLyEMQt/72qY2ZPtldz7SEfFCU/pdV/Szq8qErcJeFPa35PD
+qBoSbrd+96hfBQB1c7zjH6J7H/hESXAO+y+n+PTdz36dPTo6cnLEQ0FQV13Tc3U
9MjSpS+PrDUON/c8WKjjys0cDKMeDl8vDVtAChq0RrHcwlKlY0tigbfIRsLGJtpO
NInV2YLc+KX9SA==
-----END CERTIFICATE-----