Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
File:                     RNvjYmp2sEoSCIlwSViGPUJjLw8.mft (raw, json)
Hash identifier:          S5WXz/7t/IZwIO6UKFOitRcFOfSfg1rR1fh9g4oTLJY=
Subject key identifier:   58:06:54:C7:9D:29:96:4F:66:EB:08:C1:5C:60:90:59:85:D4:4B:DC
Authority key identifier: 44:DB:E3:62:6A:76:B0:4A:12:08:89:70:49:58:86:3D:42:63:2F:0F
Certificate issuer:       /CN=44dbe3626a76b04a120889704958863d42632f0f
Certificate serial:       019A4D3D2BAEE9E6CCE9665719B6733412B2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
Manifest number:          051B
Signing time:             Tue 04 Nov 2025 05:00:45 +0000
Manifest this update:     Tue 04 Nov 2025 05:00:45 +0000
Manifest next update:     Wed 05 Nov 2025 05:00:45 +0000
Files and hashes:         1: RNvjYmp2sEoSCIlwSViGPUJjLw8.crl (hash: /d0UQEDWpBh0H4FSegXPPEj1d1hBE17ZIE9Z+CCJHcU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 05:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:3d:2b:ae:e9:e6:cc:e9:66:57:19:b6:73:34:12:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44dbe3626a76b04a120889704958863d42632f0f
        Validity
            Not Before: Nov  4 05:00:45 2025 GMT
            Not After : Nov  5 05:00:45 2025 GMT
        Subject: CN=580654c79d29964f66eb08c15c60905985d44bdc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:c7:86:54:8b:f1:09:6d:05:d2:cd:a9:ea:c1:
                    42:18:31:70:25:c1:42:29:a8:b7:17:27:40:e1:e2:
                    ef:b4:f9:c8:fe:5b:08:d8:01:d7:bd:2b:47:34:4f:
                    32:26:bf:ff:ff:fb:9f:d8:e0:aa:f2:bf:c4:89:60:
                    0a:a9:ba:c8:30:6f:0f:3d:47:97:d9:76:b0:a0:6a:
                    7a:9b:fc:c4:75:d9:28:57:4e:c4:5f:5d:9c:2a:0e:
                    5e:3c:5b:0d:ff:9d:05:c2:dc:19:5b:8c:47:43:d9:
                    df:eb:23:b9:44:ea:04:e4:25:26:01:46:cd:12:a8:
                    50:bc:2d:aa:26:85:d3:38:bf:b1:0e:f8:f6:3e:29:
                    ca:b9:16:87:95:89:4f:c9:ff:c8:18:9f:49:0d:90:
                    64:79:f8:c9:55:bc:a0:24:d6:64:91:bc:eb:95:32:
                    8d:70:ab:d2:a1:7d:d1:d1:2e:9e:73:e0:93:0f:05:
                    e5:76:c2:0c:4e:7c:b9:16:48:05:ab:e4:3e:9c:f7:
                    8e:be:f1:28:e1:b6:90:0e:60:d3:c1:49:40:5b:df:
                    8b:2e:16:ce:e8:0a:57:a4:e1:54:b8:88:c9:0b:3c:
                    82:03:f4:eb:cd:56:23:8a:2c:f9:d3:f4:45:8d:60:
                    9b:21:d0:08:1d:09:2a:69:93:5c:4c:a7:75:38:50:
                    9d:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:06:54:C7:9D:29:96:4F:66:EB:08:C1:5C:60:90:59:85:D4:4B:DC
            X509v3 Authority Key Identifier:
                keyid:44:DB:E3:62:6A:76:B0:4A:12:08:89:70:49:58:86:3D:42:63:2F:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b4:29:72:1e:3d:c9:98:8e:de:ac:bc:a7:f1:e0:3a:b0:c3:37:
         85:d0:81:a1:a4:4e:b1:d7:06:58:06:26:e6:cc:cb:e6:4f:26:
         67:e9:e8:8f:7e:48:82:23:03:81:96:65:14:72:ce:1f:d0:cd:
         04:45:6d:b0:bc:2a:80:70:99:7a:3b:aa:a3:a4:23:eb:93:69:
         9b:33:76:a4:52:9a:01:20:97:0d:25:ec:30:8e:4d:c7:b9:78:
         24:23:2f:e7:cc:c5:99:28:63:ad:57:5b:aa:4d:f2:45:11:44:
         e0:e1:24:4a:77:92:60:92:a7:3d:b3:f8:57:54:49:2a:41:36:
         80:15:bc:99:8c:c7:be:6c:fe:4b:d9:ef:39:c1:01:37:08:15:
         3d:bb:13:78:c5:97:dd:58:1d:9e:fb:91:9a:6b:38:58:ac:75:
         c4:5c:47:2c:6a:d1:04:16:92:b1:d6:13:d0:90:23:e3:a0:f7:
         0d:a1:75:b9:49:99:aa:4d:d4:8d:0f:7f:91:47:4e:3b:14:05:
         d1:83:32:d5:c8:65:81:c1:d5:d0:17:ea:2b:e8:87:a3:3b:5c:
         d8:3f:b8:35:af:d8:97:7a:2d:52:31:95:af:92:66:c3:87:dd:
         86:b4:33:f1:f7:8e:55:cd:7d:98:c0:40:97:e3:5a:4f:65:70:
         ba:ee:45:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNPSuu6ebM6WZXGbZzNBKyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZGJlMzYyNmE3NmIwNGExMjA4ODk3MDQ5NTg4NjNkNDI2
MzJmMGYwHhcNMjUxMTA0MDUwMDQ1WhcNMjUxMTA1MDUwMDQ1WjAzMTEwLwYDVQQD
Eyg1ODA2NTRjNzlkMjk5NjRmNjZlYjA4YzE1YzYwOTA1OTg1ZDQ0YmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6seGVIvxCW0F0s2p6sFCGDFwJcFC
Kai3FydA4eLvtPnI/lsI2AHXvStHNE8yJr////uf2OCq8r/EiWAKqbrIMG8PPUeX
2XawoGp6m/zEddkoV07EX12cKg5ePFsN/50FwtwZW4xHQ9nf6yO5ROoE5CUmAUbN
EqhQvC2qJoXTOL+xDvj2PinKuRaHlYlPyf/IGJ9JDZBkefjJVbygJNZkkbzrlTKN
cKvSoX3R0S6ec+CTDwXldsIMTny5FkgFq+Q+nPeOvvEo4baQDmDTwUlAW9+LLhbO
6ApXpOFUuIjJCzyCA/TrzVYjiiz50/RFjWCbIdAIHQkqaZNcTKd1OFCdMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFgGVMedKZZPZusIwVxgkFmF1EvcMB8GA1UdIwQY
MBaAFETb42JqdrBKEgiJcElYhj1CYy8PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9jOGU0MTktMDM0Ni00MzNmLTkzMDkt
ZGU4MWY5YWQ3NzljLzEvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9jOGU0MTktMDM0Ni00MzNmLTkzMDktZGU4MWY5YWQ3Nzlj
LzEvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtClyHj3J
mI7erLyn8eA6sMM3hdCBoaROsdcGWAYm5szL5k8mZ+noj35IgiMDgZZlFHLOH9DN
BEVtsLwqgHCZejuqo6Qj65NpmzN2pFKaASCXDSXsMI5Nx7l4JCMv58zFmShjrVdb
qk3yRRFE4OEkSneSYJKnPbP4V1RJKkE2gBW8mYzHvmz+S9nvOcEBNwgVPbsTeMWX
3VgdnvuRmms4WKx1xFxHLGrRBBaSsdYT0JAj46D3DaF1uUmZqk3UjQ9/kUdOOxQF
0YMy1chlgcHV0BfqK+iHoztc2D+4Na/Yl3otUjGVr5Jmw4fdhrQz8feOVc19mMBA
l+NaT2Vwuu5FaA==
-----END CERTIFICATE-----