Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/577a7b-5dcc-43a7-a89c-e3bc6b499e7b/1/tsaaSiFb3h0yk03chd6vj9nJRHk.mft
File:                     tsaaSiFb3h0yk03chd6vj9nJRHk.mft (raw, json)
Hash identifier:          e56B4YbcZbmJEv4eqZK54wt3sLo9FMfcEImgyguv6NI=
Subject key identifier:   3B:47:59:B1:11:3C:72:1F:67:D5:C2:29:55:18:C3:54:30:B9:4E:E6
Authority key identifier: B6:C6:9A:4A:21:5B:DE:1D:32:93:4D:DC:85:DE:AF:8F:D9:C9:44:79
Certificate issuer:       /CN=b6c69a4a215bde1d32934ddc85deaf8fd9c94479
Certificate serial:       019A51512306308C21D49B1A6BFBCDC3BC05
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tsaaSiFb3h0yk03chd6vj9nJRHk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/577a7b-5dcc-43a7-a89c-e3bc6b499e7b/1/tsaaSiFb3h0yk03chd6vj9nJRHk.mft
Manifest number:          0EBA
Signing time:             Wed 05 Nov 2025 00:01:03 +0000
Manifest this update:     Wed 05 Nov 2025 00:01:03 +0000
Manifest next update:     Thu 06 Nov 2025 00:01:03 +0000
Files and hashes:         1: tsaaSiFb3h0yk03chd6vj9nJRHk.crl (hash: ZE+nCsfz6I21KqRACVatxEjJtMmH7Yzy2ptwgobltaA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/577a7b-5dcc-43a7-a89c-e3bc6b499e7b/1/tsaaSiFb3h0yk03chd6vj9nJRHk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/577a7b-5dcc-43a7-a89c-e3bc6b499e7b/1/tsaaSiFb3h0yk03chd6vj9nJRHk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tsaaSiFb3h0yk03chd6vj9nJRHk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 18:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:51:51:23:06:30:8c:21:d4:9b:1a:6b:fb:cd:c3:bc:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b6c69a4a215bde1d32934ddc85deaf8fd9c94479
        Validity
            Not Before: Nov  5 00:01:03 2025 GMT
            Not After : Nov  6 00:01:03 2025 GMT
        Subject: CN=3b4759b1113c721f67d5c2295518c35430b94ee6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f8:81:2f:a4:6e:40:3c:98:8c:69:cc:c4:75:89:
                    b7:50:74:17:1c:35:c0:c8:ce:0d:63:4a:d6:6c:4f:
                    a0:43:e1:d7:65:0a:46:35:4b:b2:9b:cb:b3:49:94:
                    b7:b7:b5:24:89:83:bc:21:cd:ef:66:b2:3e:58:a3:
                    1d:55:6c:0e:79:c8:0d:da:c2:88:96:bd:21:bf:2e:
                    7b:9e:19:9e:d3:1c:7f:fe:4b:b2:49:10:99:e7:54:
                    38:24:ab:e1:93:05:e4:58:ce:22:84:7c:db:5c:3a:
                    a3:f0:70:36:b9:9d:5a:58:b9:7e:c0:a7:ec:ec:04:
                    c8:39:af:fa:6c:2b:cf:58:d5:86:ad:f2:7b:a1:91:
                    f5:bc:35:9f:67:19:0e:80:f9:00:dc:e9:79:1c:68:
                    07:45:ef:19:7b:a7:7f:f1:0c:31:c1:1c:25:38:f2:
                    99:e1:28:2d:e1:08:54:d6:cb:e4:58:43:f4:0b:f7:
                    4b:e6:dc:8f:eb:b1:13:29:63:e9:28:d1:53:15:dc:
                    34:b5:44:03:a0:a7:c3:58:8a:63:a0:09:85:7f:38:
                    24:5f:7d:f0:77:62:8c:69:a8:47:63:41:58:4c:e6:
                    7b:94:81:61:68:cb:fb:a3:d5:05:69:f9:54:36:a0:
                    57:95:36:01:2b:ab:d2:31:91:a9:ff:0e:e8:80:bc:
                    8f:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:47:59:B1:11:3C:72:1F:67:D5:C2:29:55:18:C3:54:30:B9:4E:E6
            X509v3 Authority Key Identifier:
                keyid:B6:C6:9A:4A:21:5B:DE:1D:32:93:4D:DC:85:DE:AF:8F:D9:C9:44:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tsaaSiFb3h0yk03chd6vj9nJRHk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/577a7b-5dcc-43a7-a89c-e3bc6b499e7b/1/tsaaSiFb3h0yk03chd6vj9nJRHk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/577a7b-5dcc-43a7-a89c-e3bc6b499e7b/1/tsaaSiFb3h0yk03chd6vj9nJRHk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:b8:80:63:80:aa:fa:7b:2a:76:ce:a2:87:32:d1:e9:59:12:
         04:db:a4:82:89:52:39:9d:56:43:ed:c9:f2:d7:02:81:f5:67:
         2b:e7:3f:af:c1:ee:4d:d4:3a:86:59:c5:ec:2a:a2:37:45:77:
         da:f8:31:06:5e:48:0d:52:12:4c:19:1d:0d:6d:b8:0c:79:d8:
         a2:0b:0b:d5:49:8d:58:9f:9f:dd:fa:e4:c4:27:6f:54:62:fa:
         01:92:88:b0:fa:2a:59:a8:f0:4e:b4:1d:2a:a8:41:8e:59:d0:
         a6:34:f6:44:a8:c2:03:61:63:f6:8d:50:9f:5f:eb:47:fa:78:
         7a:f1:ce:d6:a0:b2:90:60:18:f5:69:e8:ec:db:de:91:62:db:
         27:08:67:73:8b:ae:0f:2d:37:50:30:62:d6:d7:09:c6:ce:38:
         6e:52:33:68:7c:f1:e0:09:6e:e1:c2:bf:28:2e:da:84:fd:e2:
         9c:0b:e7:d5:5c:12:1c:d8:88:3e:25:1f:eb:ea:fd:42:4f:ca:
         21:47:6a:9d:3c:45:1e:e0:c8:f6:fc:e1:8d:e0:e8:f7:43:cc:
         6c:cf:de:e1:04:b9:8b:2e:c6:c7:55:77:dc:7a:8c:25:b6:28:
         eb:65:13:58:15:33:c8:fd:53:d4:c4:0a:2d:4c:d2:08:6c:66:
         6c:f4:b9:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRUSMGMIwh1Jsaa/vNw7wFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2YzY5YTRhMjE1YmRlMWQzMjkzNGRkYzg1ZGVhZjhmZDlj
OTQ0NzkwHhcNMjUxMTA1MDAwMTAzWhcNMjUxMTA2MDAwMTAzWjAzMTEwLwYDVQQD
EygzYjQ3NTliMTExM2M3MjFmNjdkNWMyMjk1NTE4YzM1NDMwYjk0ZWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+IEvpG5APJiMaczEdYm3UHQXHDXA
yM4NY0rWbE+gQ+HXZQpGNUuym8uzSZS3t7UkiYO8Ic3vZrI+WKMdVWwOecgN2sKI
lr0hvy57nhme0xx//kuySRCZ51Q4JKvhkwXkWM4ihHzbXDqj8HA2uZ1aWLl+wKfs
7ATIOa/6bCvPWNWGrfJ7oZH1vDWfZxkOgPkA3Ol5HGgHRe8Ze6d/8QwxwRwlOPKZ
4Sgt4QhU1svkWEP0C/dL5tyP67ETKWPpKNFTFdw0tUQDoKfDWIpjoAmFfzgkX33w
d2KMaahHY0FYTOZ7lIFhaMv7o9UFaflUNqBXlTYBK6vSMZGp/w7ogLyP9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDtHWbERPHIfZ9XCKVUYw1QwuU7mMB8GA1UdIwQY
MBaAFLbGmkohW94dMpNN3IXer4/ZyUR5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHNhYVNpRmIzaDB5azAzY2hkNnZqOW5KUkhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny81NzdhN2ItNWRjYy00M2E3LWE4OWMt
ZTNiYzZiNDk5ZTdiLzEvdHNhYVNpRmIzaDB5azAzY2hkNnZqOW5KUkhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny81NzdhN2ItNWRjYy00M2E3LWE4OWMtZTNiYzZiNDk5ZTdi
LzEvdHNhYVNpRmIzaDB5azAzY2hkNnZqOW5KUkhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKLiAY4Cq
+nsqds6ihzLR6VkSBNukgolSOZ1WQ+3J8tcCgfVnK+c/r8HuTdQ6hlnF7CqiN0V3
2vgxBl5IDVISTBkdDW24DHnYogsL1UmNWJ+f3frkxCdvVGL6AZKIsPoqWajwTrQd
KqhBjlnQpjT2RKjCA2Fj9o1Qn1/rR/p4evHO1qCykGAY9Wno7NvekWLbJwhnc4uu
Dy03UDBi1tcJxs44blIzaHzx4Alu4cK/KC7ahP3inAvn1VwSHNiIPiUf6+r9Qk/K
IUdqnTxFHuDI9vzhjeDo90PMbM/e4QS5iy7Gx1V33HqMJbYo62UTWBUzyP1T1MQK
LUzSCGxmbPS5Jw==
-----END CERTIFICATE-----