Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/7bb576-35da-4ac1-b7ee-0a9c4bddc8ac/1/AIce9D_KCSFC2TVYXyGSZG9HTBw.mft
File:                     AIce9D_KCSFC2TVYXyGSZG9HTBw.mft (raw, json)
Hash identifier:          0tiRpv5gkuYlY7AFl2ZZdX9nf23glhVSeaTXVOUpPq0=
Subject key identifier:   E2:58:80:B2:46:84:9F:28:57:EA:E9:19:82:33:E1:47:B3:78:2D:2D
Authority key identifier: 00:87:1E:F4:3F:CA:09:21:42:D9:35:58:5F:21:92:64:6F:47:4C:1C
Certificate issuer:       /CN=00871ef43fca092142d935585f2192646f474c1c
Certificate serial:       019A718088DBE7BB6F04FCB8029950152401
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AIce9D_KCSFC2TVYXyGSZG9HTBw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/7bb576-35da-4ac1-b7ee-0a9c4bddc8ac/1/AIce9D_KCSFC2TVYXyGSZG9HTBw.mft
Manifest number:          13
Signing time:             Tue 11 Nov 2025 06:00:40 +0000
Manifest this update:     Tue 11 Nov 2025 06:00:40 +0000
Manifest next update:     Wed 12 Nov 2025 06:00:40 +0000
Files and hashes:         1: AIce9D_KCSFC2TVYXyGSZG9HTBw.crl (hash: DDzRpa/dvtEaWTJinhqRe6OKve44GXHv1PGgurTdohE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ff/7bb576-35da-4ac1-b7ee-0a9c4bddc8ac/1/AIce9D_KCSFC2TVYXyGSZG9HTBw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ff/7bb576-35da-4ac1-b7ee-0a9c4bddc8ac/1/AIce9D_KCSFC2TVYXyGSZG9HTBw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AIce9D_KCSFC2TVYXyGSZG9HTBw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 06:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:80:88:db:e7:bb:6f:04:fc:b8:02:99:50:15:24:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00871ef43fca092142d935585f2192646f474c1c
        Validity
            Not Before: Nov 11 06:00:40 2025 GMT
            Not After : Nov 12 06:00:40 2025 GMT
        Subject: CN=e25880b246849f2857eae9198233e147b3782d2d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:4f:81:ac:8e:fa:d4:ca:7f:5c:e0:ff:22:fb:
                    03:bc:63:8a:47:78:a8:33:28:9c:8d:2e:e4:88:f6:
                    12:e3:0c:d7:e8:b1:35:2e:09:81:2f:af:c9:ad:bf:
                    31:15:d1:36:ad:82:cd:74:de:25:80:da:ae:b9:76:
                    6e:67:a8:6d:c9:6f:7c:08:89:3b:ae:09:dc:88:5d:
                    83:29:4f:74:6d:f4:d3:b4:af:8a:92:5b:1b:77:79:
                    56:63:fa:8e:08:98:d1:65:72:e3:5b:ed:4e:65:6d:
                    e4:df:d8:d4:33:32:9d:cf:91:be:43:72:98:9f:13:
                    83:4d:cc:6b:f0:56:f5:11:38:a1:18:0d:4e:d6:46:
                    d4:f3:7a:eb:2c:fa:25:ac:77:8e:c3:03:cc:04:77:
                    65:08:8b:07:7e:2f:7d:ad:5a:c5:cf:df:b6:72:af:
                    89:ce:cc:30:d8:b8:a7:f9:e7:73:e8:36:17:a5:59:
                    e3:83:d0:de:d5:51:c0:2b:ba:2d:df:5e:4b:12:7c:
                    7e:26:46:e4:0c:d5:2b:bb:73:d1:28:ec:23:ae:5a:
                    53:e9:1b:0f:f9:2c:75:8f:6b:5e:03:aa:d1:d8:c2:
                    fc:20:3a:ec:64:0d:02:7c:f6:c7:70:9b:71:76:a0:
                    51:a0:93:9d:c4:cb:97:9e:2c:5c:05:ea:af:30:97:
                    8e:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:58:80:B2:46:84:9F:28:57:EA:E9:19:82:33:E1:47:B3:78:2D:2D
            X509v3 Authority Key Identifier:
                keyid:00:87:1E:F4:3F:CA:09:21:42:D9:35:58:5F:21:92:64:6F:47:4C:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AIce9D_KCSFC2TVYXyGSZG9HTBw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/7bb576-35da-4ac1-b7ee-0a9c4bddc8ac/1/AIce9D_KCSFC2TVYXyGSZG9HTBw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/7bb576-35da-4ac1-b7ee-0a9c4bddc8ac/1/AIce9D_KCSFC2TVYXyGSZG9HTBw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:b1:9e:87:ea:19:80:a9:66:83:89:89:a7:0c:62:37:cc:c1:
         fe:5c:14:cf:8d:b2:b6:3a:de:43:48:e0:b1:a9:b2:ff:c5:26:
         00:f8:d3:fe:d6:04:f2:4a:71:fe:65:0b:2c:1f:57:1f:7b:e6:
         2a:88:07:d5:2e:45:7c:75:ad:5c:e6:8b:34:e4:ae:c0:60:d6:
         30:3a:a5:89:a3:4d:18:f2:08:f4:b0:9e:ed:fd:d9:ba:d0:35:
         7f:50:64:11:c7:6a:25:24:1a:ae:c6:5e:cd:8a:ff:a5:69:ad:
         e6:e0:56:03:8c:d9:76:34:39:ac:46:74:58:80:c0:e6:de:ef:
         fd:b2:ad:4b:6d:c3:a8:85:09:fb:cb:0f:9a:99:f9:84:56:0f:
         be:88:3d:7c:13:bc:92:b5:d6:f0:a3:52:3f:5b:91:25:d0:7d:
         61:8f:0f:ba:d5:e6:6c:23:72:95:24:31:e7:39:5c:a4:5b:37:
         93:9a:eb:ce:7f:1c:ae:fb:fb:5d:2b:65:4d:2d:8e:25:00:36:
         9d:fb:66:cf:24:a4:98:07:c8:1c:55:4a:bf:e9:55:ee:54:95:
         e8:ce:c3:b7:36:4c:a0:49:7f:94:25:a3:5f:17:e0:f4:66:3a:
         fb:15:a7:66:37:96:99:ff:6f:2d:6b:7d:ae:ff:39:b3:20:2b:
         4c:6e:e9:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxgIjb57tvBPy4AplQFSQBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwODcxZWY0M2ZjYTA5MjE0MmQ5MzU1ODVmMjE5MjY0NmY0
NzRjMWMwHhcNMjUxMTExMDYwMDQwWhcNMjUxMTEyMDYwMDQwWjAzMTEwLwYDVQQD
EyhlMjU4ODBiMjQ2ODQ5ZjI4NTdlYWU5MTk4MjMzZTE0N2IzNzgyZDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApk+BrI761Mp/XOD/IvsDvGOKR3io
MyicjS7kiPYS4wzX6LE1LgmBL6/Jrb8xFdE2rYLNdN4lgNquuXZuZ6htyW98CIk7
rgnciF2DKU90bfTTtK+Kklsbd3lWY/qOCJjRZXLjW+1OZW3k39jUMzKdz5G+Q3KY
nxODTcxr8Fb1ETihGA1O1kbU83rrLPolrHeOwwPMBHdlCIsHfi99rVrFz9+2cq+J
zsww2Lin+edz6DYXpVnjg9De1VHAK7ot315LEnx+JkbkDNUru3PRKOwjrlpT6RsP
+Sx1j2teA6rR2ML8IDrsZA0CfPbHcJtxdqBRoJOdxMuXnixcBeqvMJeOoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOJYgLJGhJ8oV+rpGYIz4UezeC0tMB8GA1UdIwQY
MBaAFACHHvQ/ygkhQtk1WF8hkmRvR0wcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUljZTlEX0tDU0ZDMlRWWVh5R1NaRzlIVEJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi83YmI1NzYtMzVkYS00YWMxLWI3ZWUt
MGE5YzRiZGRjOGFjLzEvQUljZTlEX0tDU0ZDMlRWWVh5R1NaRzlIVEJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi83YmI1NzYtMzVkYS00YWMxLWI3ZWUtMGE5YzRiZGRjOGFj
LzEvQUljZTlEX0tDU0ZDMlRWWVh5R1NaRzlIVEJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKbGeh+oZ
gKlmg4mJpwxiN8zB/lwUz42ytjreQ0jgsamy/8UmAPjT/tYE8kpx/mULLB9XH3vm
KogH1S5FfHWtXOaLNOSuwGDWMDqliaNNGPII9LCe7f3ZutA1f1BkEcdqJSQarsZe
zYr/pWmt5uBWA4zZdjQ5rEZ0WIDA5t7v/bKtS23DqIUJ+8sPmpn5hFYPvog9fBO8
krXW8KNSP1uRJdB9YY8PutXmbCNylSQx5zlcpFs3k5rrzn8crvv7XStlTS2OJQA2
nftmzySkmAfIHFVKv+lV7lSV6M7DtzZMoEl/lCWjXxfg9GY6+xWnZjeWmf9vLWt9
rv85syArTG7pUg==
-----END CERTIFICATE-----