Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/2d1747-301d-4f72-84c8-65b99afb50d4/1/Rn8NZ2L-lvBJ5uwzLQQui51c3uQ.mft
File:                     Rn8NZ2L-lvBJ5uwzLQQui51c3uQ.mft (raw, json)
Hash identifier:          hULpD4CXugf0Dz0lKQiMppiMS3vI2hOH1zDzPQ999lM=
Subject key identifier:   5B:CB:89:58:45:5C:D5:9E:19:6C:79:3E:76:83:BD:3F:13:AF:7E:7C
Authority key identifier: 46:7F:0D:67:62:FE:96:F0:49:E6:EC:33:2D:04:2E:8B:9D:5C:DE:E4
Certificate issuer:       /CN=467f0d6762fe96f049e6ec332d042e8b9d5cdee4
Certificate serial:       019A50E32CAF09CA15398A63890EBFE0D8E6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Rn8NZ2L-lvBJ5uwzLQQui51c3uQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/2d1747-301d-4f72-84c8-65b99afb50d4/1/Rn8NZ2L-lvBJ5uwzLQQui51c3uQ.mft
Manifest number:          0668
Signing time:             Tue 04 Nov 2025 22:00:56 +0000
Manifest this update:     Tue 04 Nov 2025 22:00:56 +0000
Manifest next update:     Wed 05 Nov 2025 22:00:56 +0000
Files and hashes:         1: Rn8NZ2L-lvBJ5uwzLQQui51c3uQ.crl (hash: VbTyVQZbPXBoLi6uYOvmga+mIg4+qRuv69cjUMNvr8c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/2d1747-301d-4f72-84c8-65b99afb50d4/1/Rn8NZ2L-lvBJ5uwzLQQui51c3uQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/2d1747-301d-4f72-84c8-65b99afb50d4/1/Rn8NZ2L-lvBJ5uwzLQQui51c3uQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Rn8NZ2L-lvBJ5uwzLQQui51c3uQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 22:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:50:e3:2c:af:09:ca:15:39:8a:63:89:0e:bf:e0:d8:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=467f0d6762fe96f049e6ec332d042e8b9d5cdee4
        Validity
            Not Before: Nov  4 22:00:56 2025 GMT
            Not After : Nov  5 22:00:56 2025 GMT
        Subject: CN=5bcb8958455cd59e196c793e7683bd3f13af7e7c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:2d:bd:94:09:8d:24:eb:11:3d:71:b9:4e:09:
                    58:dd:6e:5f:74:cc:ef:11:8c:7d:8d:f0:99:62:7f:
                    37:4d:6d:7b:4c:56:2c:82:49:47:15:32:4c:63:ce:
                    9f:7f:11:8c:e0:07:7b:c0:66:2f:4a:a3:59:16:60:
                    dc:d6:e8:f0:9d:ad:2c:4f:6e:5a:44:31:6f:e2:23:
                    d4:1f:89:a0:e6:e9:bd:ed:0a:11:49:b2:86:1d:da:
                    23:c7:ba:b6:cd:e7:18:52:7b:2b:b6:70:db:7c:7e:
                    1a:db:4e:94:f5:6b:c5:34:72:42:9b:2c:a4:2b:44:
                    ea:fd:3a:55:96:8b:f5:66:11:88:b0:cc:54:0e:d9:
                    00:88:6a:be:b6:74:4c:bb:83:67:19:f2:8a:f5:12:
                    a2:9b:37:f9:de:4a:c1:f0:b5:88:73:58:7b:b0:28:
                    f4:b7:60:85:4f:6f:94:9d:2c:fb:4d:13:5a:78:76:
                    65:f8:e8:1c:b2:23:5d:ad:af:02:66:b4:1c:09:51:
                    2b:e8:ae:44:5d:29:3b:51:c2:23:1a:05:2c:d6:81:
                    78:ad:4f:e2:4f:c4:cc:f8:25:17:4c:ff:e7:38:9c:
                    a9:ba:17:9d:3d:41:63:e1:fe:4b:af:61:a4:ee:f9:
                    4e:ef:5c:93:aa:82:96:2e:82:19:e6:47:b4:ea:4a:
                    ce:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:CB:89:58:45:5C:D5:9E:19:6C:79:3E:76:83:BD:3F:13:AF:7E:7C
            X509v3 Authority Key Identifier:
                keyid:46:7F:0D:67:62:FE:96:F0:49:E6:EC:33:2D:04:2E:8B:9D:5C:DE:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rn8NZ2L-lvBJ5uwzLQQui51c3uQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/2d1747-301d-4f72-84c8-65b99afb50d4/1/Rn8NZ2L-lvBJ5uwzLQQui51c3uQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/2d1747-301d-4f72-84c8-65b99afb50d4/1/Rn8NZ2L-lvBJ5uwzLQQui51c3uQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:3b:64:50:a5:fc:48:b6:65:7a:f9:e7:7b:44:c1:0f:37:f1:
         37:1c:64:8e:2e:ea:25:2f:68:bc:9b:9d:4d:e5:4e:46:bc:02:
         c4:c1:08:8d:4a:16:99:7a:18:b8:7b:1b:aa:c9:df:f8:d2:7d:
         78:50:80:7e:a8:ef:2a:5b:d1:36:77:5c:81:a2:7b:a3:bf:fc:
         87:d3:52:96:ae:f9:7d:64:60:b4:76:57:5d:a5:05:41:0e:25:
         09:0d:6c:03:ce:34:b3:cf:ee:c3:86:6d:ae:8e:a5:66:45:45:
         f3:41:b8:99:67:4a:c9:18:a5:1c:c0:e1:0b:04:f4:88:c7:fd:
         d8:b5:7d:06:46:8f:59:9e:4f:2f:f3:2a:b2:46:b7:f3:74:9e:
         c0:86:a6:3a:ff:dd:5e:d7:d9:6d:87:d6:97:e8:cc:61:d6:c7:
         fd:7c:36:4b:1d:d1:78:ed:12:c8:fd:7c:c3:4a:bc:e9:11:ab:
         2a:c6:49:a5:85:d7:68:4b:f5:6d:84:4d:ce:a8:de:10:91:be:
         23:8d:7c:fa:9a:52:25:41:8d:af:8d:19:00:f8:99:6e:55:9a:
         1a:fe:5f:ca:1c:66:b4:b1:36:c3:b1:0c:ce:5b:d4:d8:f3:29:
         c4:28:46:0e:8d:c3:73:60:eb:25:c9:fd:8a:be:ca:7c:fb:5d:
         c2:43:68:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQ4yyvCcoVOYpjiQ6/4NjmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2N2YwZDY3NjJmZTk2ZjA0OWU2ZWMzMzJkMDQyZThiOWQ1
Y2RlZTQwHhcNMjUxMTA0MjIwMDU2WhcNMjUxMTA1MjIwMDU2WjAzMTEwLwYDVQQD
Eyg1YmNiODk1ODQ1NWNkNTllMTk2Yzc5M2U3NjgzYmQzZjEzYWY3ZTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzS29lAmNJOsRPXG5TglY3W5fdMzv
EYx9jfCZYn83TW17TFYsgklHFTJMY86ffxGM4Ad7wGYvSqNZFmDc1ujwna0sT25a
RDFv4iPUH4mg5um97QoRSbKGHdojx7q2zecYUnsrtnDbfH4a206U9WvFNHJCmyyk
K0Tq/TpVlov1ZhGIsMxUDtkAiGq+tnRMu4NnGfKK9RKimzf53krB8LWIc1h7sCj0
t2CFT2+UnSz7TRNaeHZl+OgcsiNdra8CZrQcCVEr6K5EXSk7UcIjGgUs1oF4rU/i
T8TM+CUXTP/nOJypuhedPUFj4f5Lr2Gk7vlO71yTqoKWLoIZ5ke06krO8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFvLiVhFXNWeGWx5PnaDvT8Tr358MB8GA1UdIwQY
MBaAFEZ/DWdi/pbwSebsMy0ELoudXN7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm44TloyTC1sdkJKNXV3ekxRUXVpNTFjM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yZDE3NDctMzAxZC00ZjcyLTg0Yzgt
NjViOTlhZmI1MGQ0LzEvUm44TloyTC1sdkJKNXV3ekxRUXVpNTFjM3VRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yZDE3NDctMzAxZC00ZjcyLTg0YzgtNjViOTlhZmI1MGQ0
LzEvUm44TloyTC1sdkJKNXV3ekxRUXVpNTFjM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZTtkUKX8
SLZlevnne0TBDzfxNxxkji7qJS9ovJudTeVORrwCxMEIjUoWmXoYuHsbqsnf+NJ9
eFCAfqjvKlvRNndcgaJ7o7/8h9NSlq75fWRgtHZXXaUFQQ4lCQ1sA840s8/uw4Zt
ro6lZkVF80G4mWdKyRilHMDhCwT0iMf92LV9BkaPWZ5PL/Mqska383SewIamOv/d
XtfZbYfWl+jMYdbH/Xw2Sx3ReO0SyP18w0q86RGrKsZJpYXXaEv1bYRNzqjeEJG+
I418+ppSJUGNr40ZAPiZblWaGv5fyhxmtLE2w7EMzlvU2PMpxChGDo3Dc2DrJcn9
ir7KfPtdwkNoGg==
-----END CERTIFICATE-----