Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.mft
File:                     h7-ak2z5rSjsWNt5imD9cd9sN_M.mft (raw, json)
Hash identifier:          1FKFOEn+OoD+d7vXZYAf0VCkcreRGT+dtDYVaXk/OJQ=
Subject key identifier:   C0:9B:F5:36:55:ED:1A:65:54:18:86:FB:E4:8F:1F:16:B8:35:FA:F2
Authority key identifier: 87:BF:9A:93:6C:F9:AD:28:EC:58:DB:79:8A:60:FD:71:DF:6C:37:F3
Certificate issuer:       /CN=87bf9a936cf9ad28ec58db798a60fd71df6c37f3
Certificate serial:       019A4EF467FA51E4634F8CF7321D70707D18
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h7-ak2z5rSjsWNt5imD9cd9sN_M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.mft
Manifest number:          0FCE
Signing time:             Tue 04 Nov 2025 13:00:31 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:31 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:31 +0000
Files and hashes:         1: h7-ak2z5rSjsWNt5imD9cd9sN_M.crl (hash: Vew15bLb3ppqxBQaGWUXiPFYEAwZH1DCXg9lv7p8m8s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h7-ak2z5rSjsWNt5imD9cd9sN_M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:67:fa:51:e4:63:4f:8c:f7:32:1d:70:70:7d:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87bf9a936cf9ad28ec58db798a60fd71df6c37f3
        Validity
            Not Before: Nov  4 13:00:31 2025 GMT
            Not After : Nov  5 13:00:31 2025 GMT
        Subject: CN=c09bf53655ed1a65541886fbe48f1f16b835faf2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:6b:13:b1:3e:30:6e:ed:c5:49:06:76:bd:ad:
                    5f:7c:96:0e:44:28:d7:b9:1b:c4:7a:1f:64:48:63:
                    95:54:ab:05:37:8f:1d:15:5c:15:48:76:c3:5e:27:
                    d9:94:1a:bf:08:73:cb:88:cb:29:5c:b2:d7:23:f5:
                    37:8d:9e:54:1d:39:4f:e5:2d:2a:9e:96:81:09:19:
                    5a:3d:ea:f7:6a:fa:28:43:3a:11:d3:61:04:a4:7f:
                    2c:72:fc:69:c9:7e:ce:08:2e:66:b6:f7:f5:bf:8f:
                    0a:fc:0c:c6:22:20:c9:e1:0d:b5:ed:63:8f:4e:c8:
                    4d:73:4a:54:73:47:62:2d:f5:cd:fd:dd:6e:a6:ce:
                    1e:4a:ff:d3:3e:12:86:16:e2:e3:38:2a:03:35:3d:
                    d2:fe:ab:26:df:cb:6a:e4:1e:77:b4:dc:f5:f3:50:
                    e0:ca:e6:dd:43:f7:b2:d9:f8:bb:eb:bc:22:ab:62:
                    b1:5d:c8:1a:23:80:bd:b1:49:67:3c:c2:90:ac:5b:
                    07:dc:39:ae:28:db:41:ba:9c:76:fe:48:05:2f:44:
                    f4:f2:da:5c:b0:0d:32:0b:6d:ab:65:fb:44:5a:39:
                    56:fa:20:35:98:8b:a3:b1:fa:aa:6d:9a:1e:94:b5:
                    45:23:3f:91:d3:e9:48:41:b6:d6:5b:a6:14:e1:51:
                    47:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:9B:F5:36:55:ED:1A:65:54:18:86:FB:E4:8F:1F:16:B8:35:FA:F2
            X509v3 Authority Key Identifier:
                keyid:87:BF:9A:93:6C:F9:AD:28:EC:58:DB:79:8A:60:FD:71:DF:6C:37:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h7-ak2z5rSjsWNt5imD9cd9sN_M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:70:6a:28:67:20:78:7c:9c:ff:94:41:37:dd:0d:6c:04:85:
         8f:ab:f7:34:bd:c8:f6:89:91:52:b8:aa:e0:a2:c9:c1:72:41:
         12:22:4d:9c:b0:c0:3c:06:31:61:10:1b:5f:ef:80:0d:96:95:
         0d:d4:8a:2f:a4:cc:20:4d:58:02:cf:a8:d7:d7:cb:f4:e7:8e:
         ad:20:17:f7:25:4b:27:04:97:29:d0:76:af:26:eb:dd:38:51:
         87:36:a0:74:78:98:7c:88:c7:b4:1b:b3:26:21:e8:20:e4:b0:
         8b:59:64:45:82:4a:16:a9:f0:23:57:23:52:6c:60:ea:08:c4:
         39:04:cb:d3:be:8e:63:d3:36:dc:41:55:eb:0c:76:9e:2c:f7:
         0d:b9:c4:5b:51:2c:1e:8c:ea:f0:03:eb:44:65:66:f9:6f:cf:
         c8:c6:3a:f4:c3:96:eb:99:4e:ea:97:0d:9b:e3:7d:86:09:86:
         c4:20:7d:cb:2a:2c:a1:1c:b2:03:a1:27:7c:fe:96:d8:ea:90:
         fe:ae:45:62:12:29:93:5b:65:e9:57:c5:97:35:46:9f:d0:d3:
         b8:ab:f7:98:27:37:5b:1d:8f:96:70:d4:f4:78:ba:05:ff:96:
         11:96:b8:7b:ba:af:91:f1:57:e2:c9:a5:d3:39:80:bb:13:ac:
         c6:56:7d:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9Gf6UeRjT4z3Mh1wcH0YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YmY5YTkzNmNmOWFkMjhlYzU4ZGI3OThhNjBmZDcxZGY2
YzM3ZjMwHhcNMjUxMTA0MTMwMDMxWhcNMjUxMTA1MTMwMDMxWjAzMTEwLwYDVQQD
EyhjMDliZjUzNjU1ZWQxYTY1NTQxODg2ZmJlNDhmMWYxNmI4MzVmYWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2sTsT4wbu3FSQZ2va1ffJYORCjX
uRvEeh9kSGOVVKsFN48dFVwVSHbDXifZlBq/CHPLiMspXLLXI/U3jZ5UHTlP5S0q
npaBCRlaPer3avooQzoR02EEpH8scvxpyX7OCC5mtvf1v48K/AzGIiDJ4Q217WOP
TshNc0pUc0diLfXN/d1ups4eSv/TPhKGFuLjOCoDNT3S/qsm38tq5B53tNz181Dg
yubdQ/ey2fi767wiq2KxXcgaI4C9sUlnPMKQrFsH3DmuKNtBupx2/kgFL0T08tpc
sA0yC22rZftEWjlW+iA1mIujsfqqbZoelLVFIz+R0+lIQbbWW6YU4VFHmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMCb9TZV7RplVBiG++SPHxa4NfryMB8GA1UdIwQY
MBaAFIe/mpNs+a0o7FjbeYpg/XHfbDfzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDctYWsyejVyU2pzV050NWltRDljZDlzTl9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy81NmM2Y2ItYTM2ZS00ZTFjLWE0MzIt
NGY5Nzc3MmIwMTgwLzEvaDctYWsyejVyU2pzV050NWltRDljZDlzTl9NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy81NmM2Y2ItYTM2ZS00ZTFjLWE0MzItNGY5Nzc3MmIwMTgw
LzEvaDctYWsyejVyU2pzV050NWltRDljZDlzTl9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEXBqKGcg
eHyc/5RBN90NbASFj6v3NL3I9omRUriq4KLJwXJBEiJNnLDAPAYxYRAbX++ADZaV
DdSKL6TMIE1YAs+o19fL9OeOrSAX9yVLJwSXKdB2rybr3ThRhzagdHiYfIjHtBuz
JiHoIOSwi1lkRYJKFqnwI1cjUmxg6gjEOQTL076OY9M23EFV6wx2niz3DbnEW1Es
Hozq8APrRGVm+W/PyMY69MOW65lO6pcNm+N9hgmGxCB9yyosoRyyA6EnfP6W2OqQ
/q5FYhIpk1tl6VfFlzVGn9DTuKv3mCc3Wx2PlnDU9Hi6Bf+WEZa4e7qvkfFX4sml
0zmAuxOsxlZ9rw==
-----END CERTIFICATE-----