Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.mft
File:                     PtWjaKny40iTSpFIiEVZQ2I_lus.mft (raw, json)
Hash identifier:          greMDWiQCMuqCzgDCpQ7EJTm0DPUcrJTXrhTe2T4iRE=
Subject key identifier:   44:E4:2E:C4:57:6E:93:69:58:3D:DA:7D:80:D6:8E:2B:93:B3:09:6D
Authority key identifier: 3E:D5:A3:68:A9:F2:E3:48:93:4A:91:48:88:45:59:43:62:3F:96:EB
Certificate issuer:       /CN=3ed5a368a9f2e348934a914888455943623f96eb
Certificate serial:       019A4EF49F490CFD4A90F3C4D48C006C3DBA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PtWjaKny40iTSpFIiEVZQ2I_lus.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.mft
Manifest number:          12F0
Signing time:             Tue 04 Nov 2025 13:00:45 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:45 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:45 +0000
Files and hashes:         1: PtWjaKny40iTSpFIiEVZQ2I_lus.crl (hash: TeSKftIlRFnHYC+6xCoCadea0xpiZRc2EYJARBTRqFE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PtWjaKny40iTSpFIiEVZQ2I_lus.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 13:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:9f:49:0c:fd:4a:90:f3:c4:d4:8c:00:6c:3d:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ed5a368a9f2e348934a914888455943623f96eb
        Validity
            Not Before: Nov  4 13:00:45 2025 GMT
            Not After : Nov  5 13:00:45 2025 GMT
        Subject: CN=44e42ec4576e9369583dda7d80d68e2b93b3096d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:79:93:0c:ec:0e:2b:66:fa:4f:ed:49:19:70:
                    40:74:01:41:80:1a:81:80:ab:c0:8f:3f:06:7b:20:
                    cf:33:ee:dc:d8:84:6a:20:50:f8:0e:22:94:19:9b:
                    14:05:28:1b:b6:9f:dd:26:bc:d3:e2:c5:45:9f:55:
                    3b:d7:cc:5f:53:49:5e:18:3d:38:3a:98:8c:e5:1c:
                    75:c4:2b:bd:39:0c:25:e0:0d:9e:ed:89:e8:a3:71:
                    8c:93:e8:8e:b4:8a:5b:90:8f:d2:25:1c:6c:c6:2a:
                    33:1c:30:15:5c:99:32:f9:b9:c6:ba:23:a2:48:4a:
                    de:f9:5b:70:76:dd:7c:c8:3a:01:7e:6c:46:0c:24:
                    6e:c9:e4:11:82:40:2b:41:fb:30:cb:60:b3:25:0f:
                    86:b9:bd:36:f8:57:88:a0:11:7d:c2:8b:d5:0f:53:
                    b5:a7:13:07:82:09:ac:5d:d9:ff:90:41:4b:77:7b:
                    6f:f0:a8:eb:7b:d1:35:5e:6a:b7:25:42:c0:30:95:
                    e0:4a:9e:3f:55:4f:70:6c:a8:ef:59:51:5f:b8:3e:
                    73:a5:46:09:ae:3c:51:fb:27:6c:ab:a0:13:75:f3:
                    01:47:cb:18:fe:d0:50:9c:0f:d5:5c:f9:cc:06:94:
                    cb:84:f2:58:60:f6:64:2d:4b:dc:68:f0:29:28:39:
                    32:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:E4:2E:C4:57:6E:93:69:58:3D:DA:7D:80:D6:8E:2B:93:B3:09:6D
            X509v3 Authority Key Identifier:
                keyid:3E:D5:A3:68:A9:F2:E3:48:93:4A:91:48:88:45:59:43:62:3F:96:EB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PtWjaKny40iTSpFIiEVZQ2I_lus.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:ce:7c:d6:d5:61:f9:33:39:f5:0f:9a:72:4a:52:0f:0f:e6:
         48:61:aa:a2:63:88:5f:16:f5:68:5e:37:52:d6:1a:39:de:ec:
         e3:28:d3:79:8c:8b:4e:63:cf:f8:6c:9b:06:3b:91:95:fd:64:
         4a:c3:2e:97:d1:b6:4c:ee:e9:ae:31:cc:7e:2f:f3:92:f4:62:
         ca:27:66:18:72:5f:be:28:05:34:5a:eb:82:ea:f8:0f:f6:81:
         21:f8:27:61:e0:6d:a6:31:af:08:6c:57:3a:b5:d9:e3:be:38:
         fd:71:40:d4:51:62:e4:9d:c8:da:d5:d0:ab:86:05:87:4a:42:
         60:3f:4d:f0:fc:67:83:3f:34:ec:43:5e:b9:76:43:ee:de:f0:
         14:91:67:63:03:ab:ea:e9:08:b5:73:5c:1e:37:6a:98:ac:1e:
         d9:f4:9e:9b:4f:82:5f:bd:bd:20:28:9f:7b:b3:ca:41:6b:55:
         e7:6a:98:31:c6:17:6e:aa:d1:8a:c0:05:db:7e:e0:41:50:e7:
         9c:9b:f3:e8:03:b5:34:8b:c0:01:c2:6c:12:ad:e8:94:d0:8a:
         df:0e:c4:03:22:e2:c5:16:e2:4b:a8:8d:5f:4f:76:c7:f6:98:
         59:2b:83:4f:d2:32:d5:04:90:e8:41:f6:96:23:76:1a:12:e7:
         85:b5:7e:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9J9JDP1KkPPE1IwAbD26MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZDVhMzY4YTlmMmUzNDg5MzRhOTE0ODg4NDU1OTQzNjIz
Zjk2ZWIwHhcNMjUxMTA0MTMwMDQ1WhcNMjUxMTA1MTMwMDQ1WjAzMTEwLwYDVQQD
Eyg0NGU0MmVjNDU3NmU5MzY5NTgzZGRhN2Q4MGQ2OGUyYjkzYjMwOTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXmTDOwOK2b6T+1JGXBAdAFBgBqB
gKvAjz8GeyDPM+7c2IRqIFD4DiKUGZsUBSgbtp/dJrzT4sVFn1U718xfU0leGD04
OpiM5Rx1xCu9OQwl4A2e7Ynoo3GMk+iOtIpbkI/SJRxsxiozHDAVXJky+bnGuiOi
SEre+Vtwdt18yDoBfmxGDCRuyeQRgkArQfswy2CzJQ+Gub02+FeIoBF9wovVD1O1
pxMHggmsXdn/kEFLd3tv8Kjre9E1Xmq3JULAMJXgSp4/VU9wbKjvWVFfuD5zpUYJ
rjxR+ydsq6ATdfMBR8sY/tBQnA/VXPnMBpTLhPJYYPZkLUvcaPApKDkydwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFETkLsRXbpNpWD3afYDWjiuTswltMB8GA1UdIwQY
MBaAFD7Vo2ip8uNIk0qRSIhFWUNiP5brMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHRXamFLbnk0MGlUU3BGSWlFVlpRMklfbHVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi84YzcwYzQtOTA2MC00ZmZjLThhZDMt
NmYwMTdlMWYxZWVkLzEvUHRXamFLbnk0MGlUU3BGSWlFVlpRMklfbHVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi84YzcwYzQtOTA2MC00ZmZjLThhZDMtNmYwMTdlMWYxZWVk
LzEvUHRXamFLbnk0MGlUU3BGSWlFVlpRMklfbHVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYs581tVh
+TM59Q+ackpSDw/mSGGqomOIXxb1aF43UtYaOd7s4yjTeYyLTmPP+GybBjuRlf1k
SsMul9G2TO7prjHMfi/zkvRiyidmGHJfvigFNFrrgur4D/aBIfgnYeBtpjGvCGxX
OrXZ4744/XFA1FFi5J3I2tXQq4YFh0pCYD9N8Pxngz807ENeuXZD7t7wFJFnYwOr
6ukItXNcHjdqmKwe2fSem0+CX729ICife7PKQWtV52qYMcYXbqrRisAF237gQVDn
nJvz6AO1NIvAAcJsEq3olNCK3w7EAyLixRbiS6iNX092x/aYWSuDT9Iy1QSQ6EH2
liN2GhLnhbV+qg==
-----END CERTIFICATE-----