Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/e2ec34-b7f3-4055-8388-de3b75473fdd/1/RLQ3sxtQZwOE-l0g2JJNYRuRYz4.mft
File:                     RLQ3sxtQZwOE-l0g2JJNYRuRYz4.mft (raw, json)
Hash identifier:          IVVzsUyBcGWbCPvykFvVwsopjs0jUmDoZBZcYvv9ahI=
Subject key identifier:   B5:BB:DB:34:7D:7C:0B:89:D6:E0:99:84:23:90:16:9E:DA:29:5F:13
Authority key identifier: 44:B4:37:B3:1B:50:67:03:84:FA:5D:20:D8:92:4D:61:1B:91:63:3E
Certificate issuer:       /CN=44b437b31b50670384fa5d20d8924d611b91633e
Certificate serial:       019A4E4F2FFC0FD489AF7370E14B66888C89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RLQ3sxtQZwOE-l0g2JJNYRuRYz4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/e2ec34-b7f3-4055-8388-de3b75473fdd/1/RLQ3sxtQZwOE-l0g2JJNYRuRYz4.mft
Manifest number:          0608
Signing time:             Tue 04 Nov 2025 10:00:03 +0000
Manifest this update:     Tue 04 Nov 2025 10:00:03 +0000
Manifest next update:     Wed 05 Nov 2025 10:00:03 +0000
Files and hashes:         1: RLQ3sxtQZwOE-l0g2JJNYRuRYz4.crl (hash: G43+kkgqaiL/Pgv8F3ZF0HoHAE/iS0PEmK1fdMkpl7A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/e2ec34-b7f3-4055-8388-de3b75473fdd/1/RLQ3sxtQZwOE-l0g2JJNYRuRYz4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/e2ec34-b7f3-4055-8388-de3b75473fdd/1/RLQ3sxtQZwOE-l0g2JJNYRuRYz4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RLQ3sxtQZwOE-l0g2JJNYRuRYz4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:4f:2f:fc:0f:d4:89:af:73:70:e1:4b:66:88:8c:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44b437b31b50670384fa5d20d8924d611b91633e
        Validity
            Not Before: Nov  4 10:00:03 2025 GMT
            Not After : Nov  5 10:00:03 2025 GMT
        Subject: CN=b5bbdb347d7c0b89d6e099842390169eda295f13
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:dd:45:58:90:f7:93:c3:81:39:09:40:04:9a:
                    0e:dc:8d:ae:ad:2e:16:6a:a1:70:b0:25:01:fe:b8:
                    59:4b:41:54:f6:7a:02:d2:d1:c0:5f:f7:bd:9b:48:
                    69:eb:50:0d:be:0f:a7:53:fe:a3:e0:44:b4:51:52:
                    24:fa:46:8a:b0:46:a8:37:9f:82:e2:e0:33:de:8b:
                    c1:e2:e3:e0:08:e4:af:22:ce:c8:42:bf:7a:3d:0d:
                    79:c3:3c:da:18:92:67:c2:b3:77:8d:55:e4:5f:1f:
                    9a:05:21:db:ff:83:32:e3:c8:a9:68:6c:c5:50:b4:
                    e8:4b:bf:d3:4a:4f:44:d9:90:14:65:cc:48:e7:81:
                    97:b9:8c:d5:99:1a:cc:52:63:b1:86:40:30:54:26:
                    82:45:3e:1c:b3:fb:9f:42:99:fd:15:2c:18:ef:b2:
                    e6:50:fd:d3:74:80:18:1c:eb:9c:e0:32:2d:67:aa:
                    f2:6f:5f:b5:c8:7a:89:74:ea:23:5a:5a:a2:5e:84:
                    24:a9:b2:b9:a7:17:9c:2f:fa:b8:3f:42:84:e2:53:
                    42:0f:c7:07:61:e7:13:47:27:6c:9d:94:c7:1b:18:
                    3a:2c:1c:43:77:f2:24:d9:ac:c1:8f:2e:fb:4c:8e:
                    11:a2:bc:a8:12:9b:3e:94:f2:1b:c6:e9:0e:6d:42:
                    3d:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:BB:DB:34:7D:7C:0B:89:D6:E0:99:84:23:90:16:9E:DA:29:5F:13
            X509v3 Authority Key Identifier:
                keyid:44:B4:37:B3:1B:50:67:03:84:FA:5D:20:D8:92:4D:61:1B:91:63:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RLQ3sxtQZwOE-l0g2JJNYRuRYz4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/e2ec34-b7f3-4055-8388-de3b75473fdd/1/RLQ3sxtQZwOE-l0g2JJNYRuRYz4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/e2ec34-b7f3-4055-8388-de3b75473fdd/1/RLQ3sxtQZwOE-l0g2JJNYRuRYz4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:4d:0e:da:81:24:5f:94:41:d0:97:fc:36:c3:aa:42:56:42:
         1f:63:eb:2b:d5:cf:8f:70:42:fd:44:57:53:60:c1:fe:11:98:
         29:4d:dd:a3:c1:b0:e7:f0:a6:8a:a1:6b:79:f2:00:30:06:5f:
         c2:f7:68:3c:47:18:82:00:ae:98:9c:0e:97:b9:f1:79:93:75:
         cf:9e:d1:5b:a9:d8:08:7c:dc:05:11:1a:33:9f:88:d4:85:96:
         fd:36:f8:bc:4e:f7:8a:17:f2:ff:98:9b:1e:66:cd:27:bf:92:
         63:ca:00:32:b7:6d:d8:7c:a9:c2:f6:75:4e:f9:66:a3:e5:75:
         53:f7:bb:53:d3:c5:8d:7f:76:e4:b6:51:4a:ec:b2:00:cb:c3:
         fb:94:e6:0e:ad:d1:20:a7:0d:06:59:c4:0c:0b:e2:a9:43:f1:
         b4:8a:19:9a:33:8c:41:76:28:34:59:ca:53:bd:d5:b0:63:63:
         d6:35:eb:45:fc:84:d4:fd:24:62:61:5d:4e:22:84:7d:22:33:
         8a:84:21:d2:c5:cb:24:c3:4c:48:75:4b:ac:89:46:86:a2:cf:
         06:13:15:40:96:a1:4e:a1:41:b6:a8:b2:ce:93:65:cc:fb:b3:
         3c:20:e4:8f:eb:17:4a:de:42:31:46:5e:6e:c0:5f:6e:0b:87:
         2a:64:c9:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOTy/8D9SJr3Nw4UtmiIyJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0YjQzN2IzMWI1MDY3MDM4NGZhNWQyMGQ4OTI0ZDYxMWI5
MTYzM2UwHhcNMjUxMTA0MTAwMDAzWhcNMjUxMTA1MTAwMDAzWjAzMTEwLwYDVQQD
EyhiNWJiZGIzNDdkN2MwYjg5ZDZlMDk5ODQyMzkwMTY5ZWRhMjk1ZjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoN1FWJD3k8OBOQlABJoO3I2urS4W
aqFwsCUB/rhZS0FU9noC0tHAX/e9m0hp61ANvg+nU/6j4ES0UVIk+kaKsEaoN5+C
4uAz3ovB4uPgCOSvIs7IQr96PQ15wzzaGJJnwrN3jVXkXx+aBSHb/4My48ipaGzF
ULToS7/TSk9E2ZAUZcxI54GXuYzVmRrMUmOxhkAwVCaCRT4cs/ufQpn9FSwY77Lm
UP3TdIAYHOuc4DItZ6ryb1+1yHqJdOojWlqiXoQkqbK5pxecL/q4P0KE4lNCD8cH
YecTRydsnZTHGxg6LBxDd/Ik2azBjy77TI4RoryoEps+lPIbxukObUI9EwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLW72zR9fAuJ1uCZhCOQFp7aKV8TMB8GA1UdIwQY
MBaAFES0N7MbUGcDhPpdINiSTWEbkWM+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkxRM3N4dFFad09FLWwwZzJKSk5ZUnVSWXo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9lMmVjMzQtYjdmMy00MDU1LTgzODgt
ZGUzYjc1NDczZmRkLzEvUkxRM3N4dFFad09FLWwwZzJKSk5ZUnVSWXo0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9lMmVjMzQtYjdmMy00MDU1LTgzODgtZGUzYjc1NDczZmRk
LzEvUkxRM3N4dFFad09FLWwwZzJKSk5ZUnVSWXo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANk0O2oEk
X5RB0Jf8NsOqQlZCH2PrK9XPj3BC/URXU2DB/hGYKU3do8Gw5/CmiqFrefIAMAZf
wvdoPEcYggCumJwOl7nxeZN1z57RW6nYCHzcBREaM5+I1IWW/Tb4vE73ihfy/5ib
HmbNJ7+SY8oAMrdt2HypwvZ1Tvlmo+V1U/e7U9PFjX925LZRSuyyAMvD+5TmDq3R
IKcNBlnEDAviqUPxtIoZmjOMQXYoNFnKU73VsGNj1jXrRfyE1P0kYmFdTiKEfSIz
ioQh0sXLJMNMSHVLrIlGhqLPBhMVQJahTqFBtqiyzpNlzPuzPCDkj+sXSt5CMUZe
bsBfbguHKmTJ+g==
-----END CERTIFICATE-----