Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/a55935-52bf-4d6f-8b90-e90eefdb3ac5/1/Ajw5cQk0C3Z7yzJFFfbR-CyMx88.mft
File:                     Ajw5cQk0C3Z7yzJFFfbR-CyMx88.mft (raw, json)
Hash identifier:          uvTgxtGwzLALoq3pmdCsi3tTSB1ezMCtW7/RATA37Tg=
Subject key identifier:   73:D4:2A:E1:06:BF:50:66:0E:02:38:84:A4:1D:83:2D:3B:50:3B:0D
Authority key identifier: 02:3C:39:71:09:34:0B:76:7B:CB:32:45:15:F6:D1:F8:2C:8C:C7:CF
Certificate issuer:       /CN=023c397109340b767bcb324515f6d1f82c8cc7cf
Certificate serial:       019A4D73C9F4D1594AC06937D2D2443E74B7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ajw5cQk0C3Z7yzJFFfbR-CyMx88.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/a55935-52bf-4d6f-8b90-e90eefdb3ac5/1/Ajw5cQk0C3Z7yzJFFfbR-CyMx88.mft
Manifest number:          1378
Signing time:             Tue 04 Nov 2025 06:00:25 +0000
Manifest this update:     Tue 04 Nov 2025 06:00:25 +0000
Manifest next update:     Wed 05 Nov 2025 06:00:25 +0000
Files and hashes:         1: Ajw5cQk0C3Z7yzJFFfbR-CyMx88.crl (hash: kAkDW6c8R8el2aSz0kNQZnzsVpMF4SU+P3i1C/+n1BY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/a55935-52bf-4d6f-8b90-e90eefdb3ac5/1/Ajw5cQk0C3Z7yzJFFfbR-CyMx88.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/a55935-52bf-4d6f-8b90-e90eefdb3ac5/1/Ajw5cQk0C3Z7yzJFFfbR-CyMx88.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ajw5cQk0C3Z7yzJFFfbR-CyMx88.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 06:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:73:c9:f4:d1:59:4a:c0:69:37:d2:d2:44:3e:74:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=023c397109340b767bcb324515f6d1f82c8cc7cf
        Validity
            Not Before: Nov  4 06:00:25 2025 GMT
            Not After : Nov  5 06:00:25 2025 GMT
        Subject: CN=73d42ae106bf50660e023884a41d832d3b503b0d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:10:27:3a:63:25:c3:ac:05:80:38:53:29:1c:
                    9a:ba:7b:68:10:d0:34:58:c2:83:06:d0:09:f3:e7:
                    1d:71:3d:ce:10:b3:a6:88:d2:bd:92:a9:bd:63:de:
                    d5:d1:75:91:ee:a9:43:a2:f6:5b:f8:77:4a:3c:40:
                    0a:86:a4:28:10:29:60:a4:a6:7a:05:89:5c:63:c0:
                    15:08:a1:4b:e0:12:55:98:0f:49:6c:d7:87:c2:4f:
                    13:2a:03:b9:af:33:a3:db:a4:a9:60:76:08:7c:1e:
                    78:70:22:6d:1d:8e:19:55:e3:ac:4c:ae:45:5d:91:
                    a4:11:06:63:44:a1:8e:5e:91:97:19:78:05:63:38:
                    07:74:08:08:8d:44:82:64:d4:14:5c:8a:7a:1c:90:
                    f1:5d:f6:1e:3a:b9:20:09:1d:54:41:a4:14:45:1c:
                    b7:eb:95:2d:78:c5:68:a8:59:1e:26:90:3c:8d:26:
                    34:66:70:b6:5e:49:dc:0a:95:21:87:b1:ac:cf:12:
                    83:7e:dc:b0:3d:ea:3a:50:22:37:16:9f:ce:12:04:
                    a9:1b:a0:17:5a:e7:82:48:98:b3:51:ca:73:33:36:
                    d3:aa:82:7f:06:58:c8:4d:6a:68:05:d8:fc:16:d9:
                    b0:3a:da:bf:5a:48:be:0d:4f:6a:c8:e6:d5:00:50:
                    45:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:D4:2A:E1:06:BF:50:66:0E:02:38:84:A4:1D:83:2D:3B:50:3B:0D
            X509v3 Authority Key Identifier:
                keyid:02:3C:39:71:09:34:0B:76:7B:CB:32:45:15:F6:D1:F8:2C:8C:C7:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ajw5cQk0C3Z7yzJFFfbR-CyMx88.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/a55935-52bf-4d6f-8b90-e90eefdb3ac5/1/Ajw5cQk0C3Z7yzJFFfbR-CyMx88.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/a55935-52bf-4d6f-8b90-e90eefdb3ac5/1/Ajw5cQk0C3Z7yzJFFfbR-CyMx88.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:a9:51:13:8f:47:76:88:a8:6e:05:3a:22:00:95:4e:bc:af:
         ed:1a:6b:c7:12:12:65:97:e6:c6:1a:75:32:cb:41:3c:68:a9:
         22:ba:a7:29:5e:b2:49:18:88:3d:2b:ff:a2:fe:1f:57:4c:01:
         1b:eb:d7:93:89:80:9a:bd:5c:42:34:50:fc:b1:b9:25:8c:7e:
         28:c8:b5:2a:3c:2d:63:a1:4a:0d:92:bd:7b:81:46:6b:7d:55:
         33:10:a4:e1:cd:b2:5c:9f:e1:5d:26:9f:b3:05:ba:a6:ae:b7:
         91:1d:8b:a3:46:fc:96:a5:29:08:ba:61:30:9c:a4:06:42:a3:
         6c:d9:30:51:d1:fd:f7:c7:a4:df:d6:f1:58:3c:c5:9d:aa:e4:
         27:e3:9d:e5:52:ea:0d:43:14:a9:87:ed:27:66:59:3b:e1:5d:
         b2:e6:a2:b7:d0:8b:c4:84:62:91:70:9c:ff:78:45:4c:1f:c1:
         32:de:6b:05:30:02:fd:29:53:59:0c:41:be:2f:8f:35:41:a7:
         46:45:30:86:92:79:5c:d9:3b:51:3b:15:78:67:ba:c6:12:8e:
         88:35:a4:f6:26:da:12:31:ec:f8:97:41:0e:6b:42:c6:ec:52:
         10:21:6c:04:74:c0:43:c5:6b:1f:e7:31:23:c1:8c:b5:8b:f3:
         7e:b0:ad:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNc8n00VlKwGk30tJEPnS3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyM2MzOTcxMDkzNDBiNzY3YmNiMzI0NTE1ZjZkMWY4MmM4
Y2M3Y2YwHhcNMjUxMTA0MDYwMDI1WhcNMjUxMTA1MDYwMDI1WjAzMTEwLwYDVQQD
Eyg3M2Q0MmFlMTA2YmY1MDY2MGUwMjM4ODRhNDFkODMyZDNiNTAzYjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRAnOmMlw6wFgDhTKRyauntoENA0
WMKDBtAJ8+cdcT3OELOmiNK9kqm9Y97V0XWR7qlDovZb+HdKPEAKhqQoEClgpKZ6
BYlcY8AVCKFL4BJVmA9JbNeHwk8TKgO5rzOj26SpYHYIfB54cCJtHY4ZVeOsTK5F
XZGkEQZjRKGOXpGXGXgFYzgHdAgIjUSCZNQUXIp6HJDxXfYeOrkgCR1UQaQURRy3
65UteMVoqFkeJpA8jSY0ZnC2XkncCpUhh7GszxKDftywPeo6UCI3Fp/OEgSpG6AX
WueCSJizUcpzMzbTqoJ/BljITWpoBdj8FtmwOtq/Wki+DU9qyObVAFBFPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHPUKuEGv1BmDgI4hKQdgy07UDsNMB8GA1UdIwQY
MBaAFAI8OXEJNAt2e8syRRX20fgsjMfPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWp3NWNRazBDM1o3eXpKRkZmYlItQ3lNeDg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9hNTU5MzUtNTJiZi00ZDZmLThiOTAt
ZTkwZWVmZGIzYWM1LzEvQWp3NWNRazBDM1o3eXpKRkZmYlItQ3lNeDg4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9hNTU5MzUtNTJiZi00ZDZmLThiOTAtZTkwZWVmZGIzYWM1
LzEvQWp3NWNRazBDM1o3eXpKRkZmYlItQ3lNeDg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd6lRE49H
doiobgU6IgCVTryv7RprxxISZZfmxhp1MstBPGipIrqnKV6ySRiIPSv/ov4fV0wB
G+vXk4mAmr1cQjRQ/LG5JYx+KMi1KjwtY6FKDZK9e4FGa31VMxCk4c2yXJ/hXSaf
swW6pq63kR2Lo0b8lqUpCLphMJykBkKjbNkwUdH998ek39bxWDzFnarkJ+Od5VLq
DUMUqYftJ2ZZO+Fdsuait9CLxIRikXCc/3hFTB/BMt5rBTAC/SlTWQxBvi+PNUGn
RkUwhpJ5XNk7UTsVeGe6xhKOiDWk9ibaEjHs+JdBDmtCxuxSECFsBHTAQ8VrH+cx
I8GMtYvzfrCtqQ==
-----END CERTIFICATE-----