Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.mft
File:                     ZYzRSR-oTUghjThg8zI9ybhoV4w.mft (raw, json)
Hash identifier:          FoBJuskg4pCRRm51y78jGJOTFyDbkwiGB3ey7mxNjDw=
Subject key identifier:   16:5E:F3:40:4B:BD:1C:06:AD:B4:4C:C7:66:06:02:E7:DB:98:7E:72
Authority key identifier: 65:8C:D1:49:1F:A8:4D:48:21:8D:38:60:F3:32:3D:C9:B8:68:57:8C
Certificate issuer:       /CN=658cd1491fa84d48218d3860f3323dc9b868578c
Certificate serial:       019A4EF4648B5C4DEA126B8871C6F89DD2FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZYzRSR-oTUghjThg8zI9ybhoV4w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.mft
Manifest number:          0F75
Signing time:             Tue 04 Nov 2025 13:00:30 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:30 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:30 +0000
Files and hashes:         1: ZYzRSR-oTUghjThg8zI9ybhoV4w.crl (hash: 5OlFwZ8PiREADagegeaKx5cYXwEOIo2ehj3dudj/3rg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZYzRSR-oTUghjThg8zI9ybhoV4w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 13:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:64:8b:5c:4d:ea:12:6b:88:71:c6:f8:9d:d2:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=658cd1491fa84d48218d3860f3323dc9b868578c
        Validity
            Not Before: Nov  4 13:00:30 2025 GMT
            Not After : Nov  5 13:00:30 2025 GMT
        Subject: CN=165ef3404bbd1c06adb44cc7660602e7db987e72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:98:55:2a:e3:d2:b1:bf:66:73:3a:33:45:8e:
                    04:38:f3:b7:5f:b4:ec:f4:37:e4:68:47:96:88:0c:
                    64:68:df:74:c5:6f:df:66:61:cd:e4:61:6f:aa:b8:
                    e8:15:92:ae:b1:75:8b:0d:cd:49:f0:8d:ee:11:04:
                    35:b1:70:16:30:33:63:d4:f1:be:b9:e5:12:80:09:
                    42:ef:81:b3:c7:cb:d3:a7:36:67:1b:e4:d7:c6:43:
                    e6:57:46:33:c0:dc:8f:46:c6:f4:83:da:f9:e1:1b:
                    57:15:80:72:dd:15:e4:9d:9a:83:55:fe:d3:b1:e3:
                    c8:65:64:76:6f:c4:c6:9c:6f:93:d8:17:b6:a0:6a:
                    4c:72:37:93:58:3f:cf:27:08:c4:d0:d6:18:64:f4:
                    45:bd:3d:c4:a1:8b:82:93:eb:be:05:e9:7a:08:5a:
                    02:e4:af:34:0a:8e:1e:c7:fa:af:f1:2c:95:fa:61:
                    e0:81:11:01:f9:1e:a2:0f:b9:e0:9a:4d:d0:77:df:
                    80:56:d1:ab:b6:23:37:47:8a:4b:96:d7:4d:e6:66:
                    e5:07:01:63:99:65:2a:f9:7b:5f:31:37:75:64:01:
                    5c:b2:6b:69:78:09:95:d9:8b:ff:c4:ac:98:35:5e:
                    0e:04:05:d0:07:a6:1e:c8:ad:62:3d:cc:bc:bb:34:
                    44:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:5E:F3:40:4B:BD:1C:06:AD:B4:4C:C7:66:06:02:E7:DB:98:7E:72
            X509v3 Authority Key Identifier:
                keyid:65:8C:D1:49:1F:A8:4D:48:21:8D:38:60:F3:32:3D:C9:B8:68:57:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZYzRSR-oTUghjThg8zI9ybhoV4w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:c5:94:77:87:b3:85:2e:d8:6f:21:06:6e:d5:cc:97:3e:d2:
         7a:8e:65:95:19:36:13:38:26:6d:77:20:8d:22:04:8b:fd:da:
         65:b8:4f:70:45:15:3b:bb:18:a9:a6:a1:49:29:fd:17:e2:a9:
         ab:7f:a9:3c:f4:36:d6:c3:eb:62:73:ca:6c:ab:16:b5:97:30:
         d7:e9:5a:d9:21:77:28:69:33:06:d9:29:0d:18:26:f2:74:85:
         49:1e:1b:0c:f6:c7:ff:39:cb:ce:39:ed:7c:b7:70:dd:2d:19:
         d6:dd:72:23:a2:0f:80:55:b9:3c:01:78:37:f4:db:aa:77:bf:
         ef:9b:8b:d2:b5:af:03:bb:c3:26:9b:e8:3c:69:e4:83:e3:e3:
         95:e1:69:3a:19:9a:72:94:6d:49:6c:35:4b:e0:37:19:36:28:
         e1:14:4b:70:50:07:03:1e:39:05:0d:75:6e:58:d2:55:b1:ab:
         90:d9:93:77:c6:18:82:63:52:7e:8d:25:b6:07:c5:ef:de:07:
         8c:20:1c:ad:81:9f:6a:20:82:8d:7b:58:30:e1:4b:b8:a3:09:
         d7:e3:b6:dc:e2:66:fc:aa:14:ca:d2:a3:63:81:e6:00:66:ee:
         34:92:1f:c8:c8:ab:d2:0b:70:4b:be:4e:d5:11:ac:3c:78:b4:
         59:b7:ad:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9GSLXE3qEmuIccb4ndL6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1OGNkMTQ5MWZhODRkNDgyMThkMzg2MGYzMzIzZGM5Yjg2
ODU3OGMwHhcNMjUxMTA0MTMwMDMwWhcNMjUxMTA1MTMwMDMwWjAzMTEwLwYDVQQD
EygxNjVlZjM0MDRiYmQxYzA2YWRiNDRjYzc2NjA2MDJlN2RiOTg3ZTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA05hVKuPSsb9mczozRY4EOPO3X7Ts
9DfkaEeWiAxkaN90xW/fZmHN5GFvqrjoFZKusXWLDc1J8I3uEQQ1sXAWMDNj1PG+
ueUSgAlC74Gzx8vTpzZnG+TXxkPmV0YzwNyPRsb0g9r54RtXFYBy3RXknZqDVf7T
sePIZWR2b8TGnG+T2Be2oGpMcjeTWD/PJwjE0NYYZPRFvT3EoYuCk+u+Bel6CFoC
5K80Co4ex/qv8SyV+mHggREB+R6iD7ngmk3Qd9+AVtGrtiM3R4pLltdN5mblBwFj
mWUq+XtfMTd1ZAFcsmtpeAmV2Yv/xKyYNV4OBAXQB6YeyK1iPcy8uzRE8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBZe80BLvRwGrbRMx2YGAufbmH5yMB8GA1UdIwQY
MBaAFGWM0UkfqE1IIY04YPMyPcm4aFeMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWll6UlNSLW9UVWdoalRoZzh6STl5YmhvVjR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8zYWQ5MzUtNjNhNy00MzRmLWI2OWQt
NDBhYTgzNDg2ZjhmLzEvWll6UlNSLW9UVWdoalRoZzh6STl5YmhvVjR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8zYWQ5MzUtNjNhNy00MzRmLWI2OWQtNDBhYTgzNDg2Zjhm
LzEvWll6UlNSLW9UVWdoalRoZzh6STl5YmhvVjR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOMWUd4ez
hS7YbyEGbtXMlz7Seo5llRk2EzgmbXcgjSIEi/3aZbhPcEUVO7sYqaahSSn9F+Kp
q3+pPPQ21sPrYnPKbKsWtZcw1+la2SF3KGkzBtkpDRgm8nSFSR4bDPbH/znLzjnt
fLdw3S0Z1t1yI6IPgFW5PAF4N/Tbqne/75uL0rWvA7vDJpvoPGnkg+PjleFpOhma
cpRtSWw1S+A3GTYo4RRLcFAHAx45BQ11bljSVbGrkNmTd8YYgmNSfo0ltgfF794H
jCAcrYGfaiCCjXtYMOFLuKMJ1+O23OJm/KoUytKjY4HmAGbuNJIfyMir0gtwS75O
1RGsPHi0Wbetwg==
-----END CERTIFICATE-----