Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.mft
File:                     K328XveedAIoXs2gg3ukvyGHYdw.mft (raw, json)
Hash identifier:          zKCw48Xc2/0nPuVPbySctNMOjaKCVBNp8nAwmo+phXo=
Subject key identifier:   F3:5E:7C:D4:71:3A:A8:10:1D:CA:D4:3B:D1:CC:BA:75:58:B2:48:13
Authority key identifier: 2B:7D:BC:5E:F7:9E:74:02:28:5E:CD:A0:83:7B:A4:BF:21:87:61:DC
Certificate issuer:       /CN=2b7dbc5ef79e7402285ecda0837ba4bf218761dc
Certificate serial:       019A4E4F532E871A3D353D56F9B3CDD67A01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K328XveedAIoXs2gg3ukvyGHYdw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.mft
Manifest number:          0F22
Signing time:             Tue 04 Nov 2025 10:00:12 +0000
Manifest this update:     Tue 04 Nov 2025 10:00:12 +0000
Manifest next update:     Wed 05 Nov 2025 10:00:12 +0000
Files and hashes:         1: K328XveedAIoXs2gg3ukvyGHYdw.crl (hash: HPMSfzNY8xwrv5NMqa4nOWj5ZQ21gQyXGLguHaVdolQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/K328XveedAIoXs2gg3ukvyGHYdw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:4f:53:2e:87:1a:3d:35:3d:56:f9:b3:cd:d6:7a:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b7dbc5ef79e7402285ecda0837ba4bf218761dc
        Validity
            Not Before: Nov  4 10:00:12 2025 GMT
            Not After : Nov  5 10:00:12 2025 GMT
        Subject: CN=f35e7cd4713aa8101dcad43bd1ccba7558b24813
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:63:f3:ba:86:e4:c0:4c:bd:7a:ef:9d:99:84:
                    16:06:8f:4e:61:35:d0:bf:2f:31:0b:52:c5:5e:19:
                    b3:c0:b4:d5:a2:41:8f:02:c4:9c:01:27:b9:3a:36:
                    c2:b4:b5:3d:7b:42:2c:f1:84:ba:b6:a6:8f:72:8e:
                    35:70:3c:61:98:87:3a:16:6c:8d:1f:73:7b:7e:3b:
                    1b:ba:de:03:f9:90:48:a7:6c:ec:43:0e:e1:e2:0e:
                    36:29:b8:84:85:1e:32:56:df:35:f0:b0:38:f6:d3:
                    ac:aa:af:12:91:5a:ed:64:79:1f:d4:9c:78:45:f7:
                    75:0c:ec:a3:48:8a:84:eb:c8:51:cf:1b:6d:3b:19:
                    d9:f1:58:01:e0:62:02:78:68:07:25:b6:a8:8b:a4:
                    3b:cd:2a:68:aa:32:ca:51:bb:40:72:34:3d:c1:3c:
                    b6:68:e6:87:23:31:2b:7e:9e:ed:1b:7f:0e:07:4c:
                    3d:a3:48:61:89:d8:df:65:6c:bb:3b:ea:c2:3e:d4:
                    7f:f2:67:f4:2c:13:f8:6f:55:61:39:50:a8:c9:f9:
                    7f:6e:79:17:d2:95:60:2a:d4:08:b6:68:b8:99:b8:
                    52:47:61:2a:32:75:13:bb:62:25:3b:37:24:11:50:
                    2e:3c:01:de:18:be:7c:2e:59:48:da:27:e2:34:b0:
                    bf:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:5E:7C:D4:71:3A:A8:10:1D:CA:D4:3B:D1:CC:BA:75:58:B2:48:13
            X509v3 Authority Key Identifier:
                keyid:2B:7D:BC:5E:F7:9E:74:02:28:5E:CD:A0:83:7B:A4:BF:21:87:61:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K328XveedAIoXs2gg3ukvyGHYdw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:d9:67:67:7c:ac:86:22:57:3d:8e:61:32:24:03:1c:e7:a0:
         de:a2:26:41:db:a8:f5:59:1d:be:4f:62:67:c9:78:99:aa:4b:
         ef:1a:f1:04:ea:67:c0:37:20:72:23:23:91:25:94:a0:a9:90:
         fc:e8:e9:51:fa:63:cc:39:c5:ff:ac:80:7f:85:05:ee:e0:02:
         16:b9:73:d7:32:ff:6f:97:9e:00:ba:d5:00:20:52:d6:e0:08:
         bc:30:22:ce:0e:ed:70:23:20:d5:ab:f0:33:31:aa:b8:e7:76:
         87:85:11:2b:6d:23:79:35:a4:85:14:43:86:f0:06:15:4e:71:
         3b:6c:d2:70:a5:67:49:21:8a:90:98:82:68:e4:b9:44:ee:4e:
         16:78:0e:bf:4a:5e:d1:cb:76:6a:4b:d2:07:69:15:e7:dd:74:
         f9:07:f9:b2:e8:cf:f8:05:24:cb:3a:e3:c7:25:0b:e4:6a:6e:
         f1:3f:5c:2e:fe:d6:c4:28:2a:1f:a1:23:2c:62:2f:b9:6d:f5:
         b0:a0:ed:ea:61:83:9a:9f:f3:62:b9:62:4d:94:24:28:bf:d6:
         f8:9b:b8:fe:b3:f5:fa:55:60:89:d7:21:e1:4d:2c:93:e4:6e:
         1e:57:4f:ed:0b:db:fd:fa:11:12:72:6c:89:0f:9e:56:cd:6b:
         4d:5d:6a:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOT1Muhxo9NT1W+bPN1noBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiN2RiYzVlZjc5ZTc0MDIyODVlY2RhMDgzN2JhNGJmMjE4
NzYxZGMwHhcNMjUxMTA0MTAwMDEyWhcNMjUxMTA1MTAwMDEyWjAzMTEwLwYDVQQD
EyhmMzVlN2NkNDcxM2FhODEwMWRjYWQ0M2JkMWNjYmE3NTU4YjI0ODEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2PzuobkwEy9eu+dmYQWBo9OYTXQ
vy8xC1LFXhmzwLTVokGPAsScASe5OjbCtLU9e0Is8YS6tqaPco41cDxhmIc6FmyN
H3N7fjsbut4D+ZBIp2zsQw7h4g42KbiEhR4yVt818LA49tOsqq8SkVrtZHkf1Jx4
Rfd1DOyjSIqE68hRzxttOxnZ8VgB4GICeGgHJbaoi6Q7zSpoqjLKUbtAcjQ9wTy2
aOaHIzErfp7tG38OB0w9o0hhidjfZWy7O+rCPtR/8mf0LBP4b1VhOVCoyfl/bnkX
0pVgKtQItmi4mbhSR2EqMnUTu2IlOzckEVAuPAHeGL58LllI2ifiNLC/3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPNefNRxOqgQHcrUO9HMunVYskgTMB8GA1UdIwQY
MBaAFCt9vF73nnQCKF7NoIN7pL8hh2HcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzMyOFh2ZWVkQUlvWHMyZ2czdWt2eUdIWWR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kMTBkNGQtYTJjMC00ZDIwLThhMjEt
MjRkMGU2MmY3OWMwLzEvSzMyOFh2ZWVkQUlvWHMyZ2czdWt2eUdIWWR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kMTBkNGQtYTJjMC00ZDIwLThhMjEtMjRkMGU2MmY3OWMw
LzEvSzMyOFh2ZWVkQUlvWHMyZ2czdWt2eUdIWWR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD9lnZ3ys
hiJXPY5hMiQDHOeg3qImQduo9Vkdvk9iZ8l4mapL7xrxBOpnwDcgciMjkSWUoKmQ
/OjpUfpjzDnF/6yAf4UF7uACFrlz1zL/b5eeALrVACBS1uAIvDAizg7tcCMg1avw
MzGquOd2h4URK20jeTWkhRRDhvAGFU5xO2zScKVnSSGKkJiCaOS5RO5OFngOv0pe
0ct2akvSB2kV5910+Qf5sujP+AUkyzrjxyUL5Gpu8T9cLv7WxCgqH6EjLGIvuW31
sKDt6mGDmp/zYrliTZQkKL/W+Ju4/rP1+lVgidch4U0sk+RuHldP7Qvb/foREnJs
iQ+eVs1rTV1qrg==
-----END CERTIFICATE-----