Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.mft
File:                     DdxQm02zUgOrYW9Hgfhd1YYEQ9g.mft (raw, json)
Hash identifier:          sVT8P6dQJDPX8qdl6p9S0vnJNt8STtVi4jY3XtugqIM=
Subject key identifier:   C6:10:43:E2:96:24:69:C0:0A:9F:A2:6C:C8:68:4F:8E:4A:67:5C:19
Authority key identifier: 0D:DC:50:9B:4D:B3:52:03:AB:61:6F:47:81:F8:5D:D5:86:04:43:D8
Certificate issuer:       /CN=0ddc509b4db35203ab616f4781f85dd5860443d8
Certificate serial:       019A4EF47DDC397B1C0C39149BF1A7F40848
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.mft
Manifest number:          1445
Signing time:             Tue 04 Nov 2025 13:00:37 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:37 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:37 +0000
Files and hashes:         1: DdxQm02zUgOrYW9Hgfhd1YYEQ9g.crl (hash: f2n+fABWgpHV0ymxnpEI4/HMQQidUDLZASFw7HmxMzU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:7d:dc:39:7b:1c:0c:39:14:9b:f1:a7:f4:08:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ddc509b4db35203ab616f4781f85dd5860443d8
        Validity
            Not Before: Nov  4 13:00:37 2025 GMT
            Not After : Nov  5 13:00:37 2025 GMT
        Subject: CN=c61043e2962469c00a9fa26cc8684f8e4a675c19
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:95:37:2e:6b:98:08:8c:cd:4d:b5:7e:da:a9:
                    f9:d7:a2:94:8b:08:14:12:a9:04:e2:74:e3:db:44:
                    67:d3:e1:7f:e8:29:35:77:8e:5a:87:93:55:a3:b9:
                    63:cf:03:df:e0:c1:8d:e6:ce:02:b5:82:26:21:0d:
                    e0:a7:a7:f9:27:71:57:92:40:4a:d6:d9:98:ca:03:
                    87:5f:13:64:e8:b4:41:b1:bc:2f:53:32:5a:86:ff:
                    86:eb:e9:04:34:99:99:51:e5:2e:a4:26:03:26:3f:
                    ee:e4:6b:32:74:e8:50:14:46:b7:29:9e:f6:dd:23:
                    db:6b:dc:38:b0:8b:72:fd:f1:a4:cd:9a:13:4c:e8:
                    b6:68:88:8d:07:b5:91:77:73:77:e3:78:b9:80:20:
                    cb:39:ee:b7:88:1b:ec:10:20:28:f8:ba:a2:df:b9:
                    64:79:07:50:55:8e:dc:2b:8d:dc:c4:15:ff:3e:08:
                    1f:63:8e:b2:0a:bd:e8:e6:da:a9:c3:85:96:21:93:
                    45:6c:1f:71:7e:b1:93:4c:6c:f5:6f:fb:d0:01:ba:
                    85:7f:e1:64:d9:cd:6d:1d:ab:1c:70:e6:59:7c:23:
                    a0:a2:b1:8c:85:01:7d:c0:14:f0:f5:a4:01:60:4c:
                    0d:28:c9:7d:ab:54:64:e3:91:b9:31:ca:29:95:2e:
                    29:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:10:43:E2:96:24:69:C0:0A:9F:A2:6C:C8:68:4F:8E:4A:67:5C:19
            X509v3 Authority Key Identifier:
                keyid:0D:DC:50:9B:4D:B3:52:03:AB:61:6F:47:81:F8:5D:D5:86:04:43:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ca:0d:2b:de:06:f5:8f:b8:75:41:e7:01:a2:2b:24:6a:79:c3:
         1d:5b:65:62:b9:6e:f9:01:52:75:27:1b:e4:2f:27:a3:2b:a7:
         98:b4:e6:40:35:52:c3:7b:cc:4f:4d:19:21:98:34:7b:ca:01:
         4e:e7:e1:6d:6c:2c:1a:39:77:22:54:be:49:7d:23:77:16:e9:
         c0:12:d7:03:23:b5:9d:30:a2:e6:3c:df:99:a2:cd:d2:c3:fe:
         5a:9a:5d:a8:ca:2b:4b:73:36:64:ce:a6:b3:94:dd:e4:65:81:
         8d:a4:a8:11:ff:27:44:3f:9c:0e:cb:f8:c0:e4:28:82:0a:b5:
         da:88:79:89:eb:c2:a4:f6:f8:13:b4:88:3f:42:ac:db:5f:7e:
         72:bc:fe:44:ec:e7:64:91:05:08:85:bb:a2:8e:41:e6:81:b7:
         70:0a:7f:d6:30:2e:f6:2e:b4:2f:a0:b5:72:16:59:22:df:c6:
         42:b5:45:44:37:96:38:d9:8d:ff:1c:87:64:28:b7:42:33:ef:
         d5:9f:1b:d3:2f:d5:df:d0:16:a4:3a:0a:53:bd:d1:c6:6a:64:
         77:2b:8d:6b:82:e8:b9:87:0b:1b:f1:fb:60:37:2e:b7:7b:c5:
         1e:e9:e3:0d:25:49:ee:c9:1c:33:45:09:92:ca:1a:8f:96:19:
         cd:1a:67:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9H3cOXscDDkUm/Gn9AhIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkZGM1MDliNGRiMzUyMDNhYjYxNmY0NzgxZjg1ZGQ1ODYw
NDQzZDgwHhcNMjUxMTA0MTMwMDM3WhcNMjUxMTA1MTMwMDM3WjAzMTEwLwYDVQQD
EyhjNjEwNDNlMjk2MjQ2OWMwMGE5ZmEyNmNjODY4NGY4ZTRhNjc1YzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7pU3LmuYCIzNTbV+2qn516KUiwgU
EqkE4nTj20Rn0+F/6Ck1d45ah5NVo7ljzwPf4MGN5s4CtYImIQ3gp6f5J3FXkkBK
1tmYygOHXxNk6LRBsbwvUzJahv+G6+kENJmZUeUupCYDJj/u5GsydOhQFEa3KZ72
3SPba9w4sIty/fGkzZoTTOi2aIiNB7WRd3N343i5gCDLOe63iBvsECAo+Lqi37lk
eQdQVY7cK43cxBX/PggfY46yCr3o5tqpw4WWIZNFbB9xfrGTTGz1b/vQAbqFf+Fk
2c1tHasccOZZfCOgorGMhQF9wBTw9aQBYEwNKMl9q1Rk45G5McoplS4pIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMYQQ+KWJGnACp+ibMhoT45KZ1wZMB8GA1UdIwQY
MBaAFA3cUJtNs1IDq2FvR4H4XdWGBEPYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGR4UW0wMnpVZ09yWVc5SGdmaGQxWVlFUTlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8xOTE0ODEtZGJiNy00MDMyLTljNGYt
ODdlNTc1N2I5N2UzLzEvRGR4UW0wMnpVZ09yWVc5SGdmaGQxWVlFUTlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi8xOTE0ODEtZGJiNy00MDMyLTljNGYtODdlNTc1N2I5N2Uz
LzEvRGR4UW0wMnpVZ09yWVc5SGdmaGQxWVlFUTlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyg0r3gb1
j7h1QecBoiskannDHVtlYrlu+QFSdScb5C8noyunmLTmQDVSw3vMT00ZIZg0e8oB
TufhbWwsGjl3IlS+SX0jdxbpwBLXAyO1nTCi5jzfmaLN0sP+WppdqMorS3M2ZM6m
s5Td5GWBjaSoEf8nRD+cDsv4wOQoggq12oh5ievCpPb4E7SIP0Ks219+crz+ROzn
ZJEFCIW7oo5B5oG3cAp/1jAu9i60L6C1chZZIt/GQrVFRDeWONmN/xyHZCi3QjPv
1Z8b0y/V39AWpDoKU73RxmpkdyuNa4LouYcLG/H7YDcut3vFHunjDSVJ7skcM0UJ
ksoaj5YZzRpnDA==
-----END CERTIFICATE-----