Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft
File:                     H38fQMjrspNo9ug7-d3QZ14H1O0.mft (raw, json)
Hash identifier:          KXdNxAPn+sC/Aj6jSLVmrdsU+ivawZoDmgVe9XbkJsM=
Subject key identifier:   A0:1A:91:83:9B:66:3E:6C:10:6A:1B:E0:68:C5:E6:2C:72:F3:23:7A
Authority key identifier: 1F:7F:1F:40:C8:EB:B2:93:68:F6:E8:3B:F9:DD:D0:67:5E:07:D4:ED
Certificate issuer:       /CN=1f7f1f40c8ebb29368f6e83bf9ddd0675e07d4ed
Certificate serial:       019A4EF4AEAA5081E39119C73461B7885B68
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H38fQMjrspNo9ug7-d3QZ14H1O0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft
Manifest number:          0FCD
Signing time:             Tue 04 Nov 2025 13:00:49 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:49 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:49 +0000
Files and hashes:         1: H38fQMjrspNo9ug7-d3QZ14H1O0.crl (hash: Ot2e+Cpf3/ZoR4EpV+Poh66XZW2OG/YbGOFYAaTJGEE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H38fQMjrspNo9ug7-d3QZ14H1O0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 13:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:ae:aa:50:81:e3:91:19:c7:34:61:b7:88:5b:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f7f1f40c8ebb29368f6e83bf9ddd0675e07d4ed
        Validity
            Not Before: Nov  4 13:00:49 2025 GMT
            Not After : Nov  5 13:00:49 2025 GMT
        Subject: CN=a01a91839b663e6c106a1be068c5e62c72f3237a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:bc:0e:1d:be:e0:95:25:41:63:0d:82:dc:eb:
                    12:e1:46:48:de:bd:fa:84:12:30:ad:0f:4d:5f:8b:
                    4d:79:66:26:b1:92:16:b1:57:22:21:0b:34:77:19:
                    cc:ca:ee:9e:b6:32:c9:ac:7e:24:e4:e9:95:9c:bd:
                    ea:04:b1:cf:ed:3d:ef:17:b8:f7:0a:41:54:cb:b2:
                    dd:ce:58:22:5b:e1:d5:e2:99:67:5f:d4:77:cd:a7:
                    a9:4d:97:b6:91:5c:1b:e8:3b:cb:3a:72:1d:a6:73:
                    da:a7:aa:ce:ac:10:3d:71:e1:65:72:6b:ff:60:bf:
                    bd:17:57:79:55:55:1b:ad:2e:51:b3:cd:6c:bd:ab:
                    97:85:0b:52:19:51:be:96:aa:0e:f8:17:2a:fb:d4:
                    7b:64:ff:e0:26:f5:77:20:2a:11:72:80:9f:ac:b3:
                    10:f3:c2:aa:08:b9:03:a1:37:49:0c:bb:ca:f7:60:
                    5e:07:25:5e:bc:03:76:26:29:0c:a7:af:b8:dc:46:
                    f0:36:98:fb:9a:d6:ff:8d:e9:65:25:da:b3:8e:fc:
                    95:92:e1:be:51:99:b7:a3:9b:e9:42:b8:f5:4f:3f:
                    93:62:b5:31:29:19:7f:20:f2:94:1e:fe:12:d1:c6:
                    c7:70:c7:f3:f1:60:2b:3b:ba:0f:84:7e:15:5e:26:
                    82:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:1A:91:83:9B:66:3E:6C:10:6A:1B:E0:68:C5:E6:2C:72:F3:23:7A
            X509v3 Authority Key Identifier:
                keyid:1F:7F:1F:40:C8:EB:B2:93:68:F6:E8:3B:F9:DD:D0:67:5E:07:D4:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H38fQMjrspNo9ug7-d3QZ14H1O0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c2:88:6a:b6:54:70:51:fd:02:53:5f:f2:93:7f:f6:3a:4d:91:
         84:6f:a8:13:20:a0:f2:fe:60:f6:58:a1:96:fe:49:8a:59:a6:
         ad:04:be:04:c2:02:95:86:2e:4e:c8:36:29:c6:1b:9d:13:da:
         7b:32:27:95:15:8b:fa:5a:5d:44:1a:58:cf:bc:fc:0d:01:29:
         91:d6:54:68:6a:1a:ba:04:7c:6a:81:7b:7e:94:3c:45:39:24:
         b5:05:19:2b:bf:04:0c:bf:09:72:df:55:91:93:58:0a:2d:a8:
         5d:9f:40:13:b0:54:ac:d9:6f:5d:ef:fa:b0:29:51:e8:82:6c:
         4b:b2:a0:e7:b7:82:2b:bf:33:0d:8f:26:3d:dd:dc:87:cb:24:
         1a:12:42:49:6a:18:2b:6c:41:ca:46:54:35:53:a1:89:91:bf:
         33:85:10:69:9d:29:d6:78:5b:8f:5c:c2:44:ef:7b:b5:a6:72:
         ce:e9:f0:b6:4b:91:0e:d7:79:b7:1e:79:8c:38:17:06:48:da:
         2e:e5:4b:5e:eb:e1:16:15:e7:4c:ac:8c:cb:46:55:59:d8:54:
         e1:e2:d9:cb:72:76:a4:c7:2e:3d:69:b8:0f:de:25:07:4d:e9:
         e5:9b:5d:e3:06:af:fc:0f:d2:32:eb:c7:bf:bc:5c:34:98:f4:
         65:18:e2:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9K6qUIHjkRnHNGG3iFtoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmN2YxZjQwYzhlYmIyOTM2OGY2ZTgzYmY5ZGRkMDY3NWUw
N2Q0ZWQwHhcNMjUxMTA0MTMwMDQ5WhcNMjUxMTA1MTMwMDQ5WjAzMTEwLwYDVQQD
EyhhMDFhOTE4MzliNjYzZTZjMTA2YTFiZTA2OGM1ZTYyYzcyZjMyMzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7wOHb7glSVBYw2C3OsS4UZI3r36
hBIwrQ9NX4tNeWYmsZIWsVciIQs0dxnMyu6etjLJrH4k5OmVnL3qBLHP7T3vF7j3
CkFUy7LdzlgiW+HV4plnX9R3zaepTZe2kVwb6DvLOnIdpnPap6rOrBA9ceFlcmv/
YL+9F1d5VVUbrS5Rs81svauXhQtSGVG+lqoO+Bcq+9R7ZP/gJvV3ICoRcoCfrLMQ
88KqCLkDoTdJDLvK92BeByVevAN2JikMp6+43EbwNpj7mtb/jellJdqzjvyVkuG+
UZm3o5vpQrj1Tz+TYrUxKRl/IPKUHv4S0cbHcMfz8WArO7oPhH4VXiaC7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKAakYObZj5sEGob4GjF5ixy8yN6MB8GA1UdIwQY
MBaAFB9/H0DI67KTaPboO/nd0GdeB9TtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDM4ZlFNanJzcE5vOXVnNy1kM1FaMTRIMU8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy83ZWQ2NjItMjVmMi00YTA0LWE3YjYt
Nzc3YTRmODAwMjQ1LzEvSDM4ZlFNanJzcE5vOXVnNy1kM1FaMTRIMU8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy83ZWQ2NjItMjVmMi00YTA0LWE3YjYtNzc3YTRmODAwMjQ1
LzEvSDM4ZlFNanJzcE5vOXVnNy1kM1FaMTRIMU8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwohqtlRw
Uf0CU1/yk3/2Ok2RhG+oEyCg8v5g9lihlv5JilmmrQS+BMIClYYuTsg2KcYbnRPa
ezInlRWL+lpdRBpYz7z8DQEpkdZUaGoaugR8aoF7fpQ8RTkktQUZK78EDL8Jct9V
kZNYCi2oXZ9AE7BUrNlvXe/6sClR6IJsS7Kg57eCK78zDY8mPd3ch8skGhJCSWoY
K2xBykZUNVOhiZG/M4UQaZ0p1nhbj1zCRO97taZyzunwtkuRDtd5tx55jDgXBkja
LuVLXuvhFhXnTKyMy0ZVWdhU4eLZy3J2pMcuPWm4D94lB03p5Ztd4wav/A/SMuvH
v7xcNJj0ZRjiWg==
-----END CERTIFICATE-----