Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft
File:                     ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft (raw, json)
Hash identifier:          GWRAeav3tDIN2emfIcJCFFa+bRrOWj9LsVxjCb6LbQQ=
Subject key identifier:   79:AA:D0:B8:25:24:88:E5:71:32:F8:D3:C8:10:3B:68:ED:25:16:05
Authority key identifier: 64:B9:0F:34:52:5F:80:02:5E:A7:7C:B6:18:E7:51:99:82:AB:85:92
Certificate issuer:       /CN=64b90f34525f80025ea77cb618e7519982ab8592
Certificate serial:       019A50E3A5E1CD3C18368DA04D28814C2E62
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZLkPNFJfgAJep3y2GOdRmYKrhZI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft
Manifest number:          170C
Signing time:             Tue 04 Nov 2025 22:01:27 +0000
Manifest this update:     Tue 04 Nov 2025 22:01:27 +0000
Manifest next update:     Wed 05 Nov 2025 22:01:27 +0000
Files and hashes:         1: ZLkPNFJfgAJep3y2GOdRmYKrhZI.crl (hash: dSK+5FmsgtXqBLuIVhqJV5+ysZqyTcuk91YzzYWJBSI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZLkPNFJfgAJep3y2GOdRmYKrhZI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 18:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:50:e3:a5:e1:cd:3c:18:36:8d:a0:4d:28:81:4c:2e:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=64b90f34525f80025ea77cb618e7519982ab8592
        Validity
            Not Before: Nov  4 22:01:27 2025 GMT
            Not After : Nov  5 22:01:27 2025 GMT
        Subject: CN=79aad0b8252488e57132f8d3c8103b68ed251605
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:fc:6b:84:4e:23:59:9a:a3:43:c9:39:25:7c:
                    e3:13:96:c7:a3:a4:4b:0d:8b:b5:98:5d:ec:97:c7:
                    df:32:b9:8b:c1:43:e1:01:6f:f8:b7:72:a4:47:33:
                    03:c9:07:a7:2b:a4:be:e9:3e:4a:94:d2:21:19:84:
                    89:ee:45:af:19:a9:ec:03:87:7f:e9:b4:1a:f2:42:
                    99:36:c9:f3:f2:65:0b:b4:b1:85:cf:ff:71:b3:2e:
                    0c:c1:36:2b:e7:07:ae:57:29:c3:45:9f:0a:38:84:
                    30:3d:9f:7d:39:aa:03:7f:fb:f1:d2:70:a2:2e:ba:
                    b3:8e:65:b2:9c:a0:01:ef:3b:e5:bd:da:d1:8c:6a:
                    cd:05:e6:1e:39:66:f2:5a:a1:03:1c:46:45:36:26:
                    e5:38:2d:9e:73:b5:0c:23:d3:00:5d:15:10:c5:04:
                    29:06:7e:ed:46:70:d3:5a:13:68:d4:8f:4f:9e:90:
                    e9:39:88:c4:94:85:78:d2:05:86:c0:c8:b2:31:6f:
                    f1:ad:91:ed:68:5f:6b:94:48:a6:cb:28:38:e9:70:
                    e4:a0:ae:17:85:e6:5f:98:d7:71:85:75:00:eb:76:
                    30:c2:25:0a:dd:80:01:e4:4e:ad:af:50:52:59:ec:
                    93:59:1e:8f:23:83:8e:5e:6f:47:ad:ed:84:43:ca:
                    6f:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:AA:D0:B8:25:24:88:E5:71:32:F8:D3:C8:10:3B:68:ED:25:16:05
            X509v3 Authority Key Identifier:
                keyid:64:B9:0F:34:52:5F:80:02:5E:A7:7C:B6:18:E7:51:99:82:AB:85:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZLkPNFJfgAJep3y2GOdRmYKrhZI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c3:53:cb:c2:89:02:d1:c0:36:12:d6:a3:95:a7:5c:0f:0a:8a:
         d4:51:68:80:b0:a3:84:5d:54:ff:a1:87:48:b2:88:6f:6f:e3:
         54:4d:8a:ca:53:c0:78:34:74:25:bf:a5:2e:5f:a6:e7:07:d4:
         bc:96:78:67:ed:41:4e:fa:0d:2e:03:cd:44:85:7a:2a:43:88:
         2c:60:29:1b:ad:16:21:0a:51:1e:0c:be:34:32:37:a2:15:54:
         df:4c:29:7d:5c:ed:b2:9c:c2:23:cc:30:ef:7a:5b:74:81:8f:
         24:94:87:bc:b0:03:a1:58:f2:c4:ff:55:70:73:88:0f:8f:ce:
         a5:57:96:b3:b7:65:f6:9d:29:4b:74:03:77:63:89:94:c4:e2:
         25:0c:1e:d6:3c:31:ec:2b:26:9e:4e:8d:02:05:6f:f8:ef:49:
         fd:cd:84:3a:ca:1f:8f:20:38:bb:9b:7d:26:b5:85:34:ec:a2:
         31:ab:fa:09:43:39:ae:7c:35:0c:5b:3e:05:ab:69:b1:9f:1a:
         39:b1:27:39:8a:19:d5:77:0e:41:36:61:49:75:23:34:3b:c1:
         c7:17:08:c3:07:a0:1f:7b:d8:2c:57:61:d8:5c:55:b8:f2:5b:
         a7:81:7e:de:31:f8:01:20:8f:bb:67:0c:cc:a0:eb:c6:5c:59:
         e6:ec:e1:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQ46XhzTwYNo2gTSiBTC5iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0YjkwZjM0NTI1ZjgwMDI1ZWE3N2NiNjE4ZTc1MTk5ODJh
Yjg1OTIwHhcNMjUxMTA0MjIwMTI3WhcNMjUxMTA1MjIwMTI3WjAzMTEwLwYDVQQD
Eyg3OWFhZDBiODI1MjQ4OGU1NzEzMmY4ZDNjODEwM2I2OGVkMjUxNjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5/xrhE4jWZqjQ8k5JXzjE5bHo6RL
DYu1mF3sl8ffMrmLwUPhAW/4t3KkRzMDyQenK6S+6T5KlNIhGYSJ7kWvGansA4d/
6bQa8kKZNsnz8mULtLGFz/9xsy4MwTYr5weuVynDRZ8KOIQwPZ99OaoDf/vx0nCi
LrqzjmWynKAB7zvlvdrRjGrNBeYeOWbyWqEDHEZFNiblOC2ec7UMI9MAXRUQxQQp
Bn7tRnDTWhNo1I9PnpDpOYjElIV40gWGwMiyMW/xrZHtaF9rlEimyyg46XDkoK4X
heZfmNdxhXUA63YwwiUK3YAB5E6tr1BSWeyTWR6PI4OOXm9Hre2EQ8pvbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHmq0LglJIjlcTL408gQO2jtJRYFMB8GA1UdIwQY
MBaAFGS5DzRSX4ACXqd8thjnUZmCq4WSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkxrUE5GSmZnQUplcDN5MkdPZFJtWUtyaFpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9jN2E3ZjUtZTNhMi00OTNiLWE4YmQt
N2JkYjY3MmUwYzU0LzEvWkxrUE5GSmZnQUplcDN5MkdPZFJtWUtyaFpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9jN2E3ZjUtZTNhMi00OTNiLWE4YmQtN2JkYjY3MmUwYzU0
LzEvWkxrUE5GSmZnQUplcDN5MkdPZFJtWUtyaFpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAw1PLwokC
0cA2EtajladcDwqK1FFogLCjhF1U/6GHSLKIb2/jVE2KylPAeDR0Jb+lLl+m5wfU
vJZ4Z+1BTvoNLgPNRIV6KkOILGApG60WIQpRHgy+NDI3ohVU30wpfVztspzCI8ww
73pbdIGPJJSHvLADoVjyxP9VcHOID4/OpVeWs7dl9p0pS3QDd2OJlMTiJQwe1jwx
7Csmnk6NAgVv+O9J/c2EOsofjyA4u5t9JrWFNOyiMav6CUM5rnw1DFs+BatpsZ8a
ObEnOYoZ1XcOQTZhSXUjNDvBxxcIwwegH3vYLFdh2FxVuPJbp4F+3jH4ASCPu2cM
zKDrxlxZ5uzhvw==
-----END CERTIFICATE-----