Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/e5af16-ddfd-4f3d-96a6-5c5a78bb2b8d/1/dNUnZVf32kEAET2Fc5VmSBVA5hw.mft
File:                     dNUnZVf32kEAET2Fc5VmSBVA5hw.mft (raw, json)
Hash identifier:          1iVwl2Vk6lfWeVVno9HJQl3zrQgj99P8Xsw2OCMutBI=
Subject key identifier:   EB:73:E5:55:23:80:19:10:27:03:69:9B:D1:39:BE:77:C0:83:95:77
Authority key identifier: 74:D5:27:65:57:F7:DA:41:00:11:3D:85:73:95:66:48:15:40:E6:1C
Certificate issuer:       /CN=74d5276557f7da4100113d85739566481540e61c
Certificate serial:       019A4D73E97963822865ABFB3B7FF060C096
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dNUnZVf32kEAET2Fc5VmSBVA5hw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/e5af16-ddfd-4f3d-96a6-5c5a78bb2b8d/1/dNUnZVf32kEAET2Fc5VmSBVA5hw.mft
Manifest number:          09BE
Signing time:             Tue 04 Nov 2025 06:00:33 +0000
Manifest this update:     Tue 04 Nov 2025 06:00:33 +0000
Manifest next update:     Wed 05 Nov 2025 06:00:33 +0000
Files and hashes:         1: dNUnZVf32kEAET2Fc5VmSBVA5hw.crl (hash: MYcJSyRTpKS4ZTdKLddcVYW4GApeLhBQS/AcbF3tFK8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/e5af16-ddfd-4f3d-96a6-5c5a78bb2b8d/1/dNUnZVf32kEAET2Fc5VmSBVA5hw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/e5af16-ddfd-4f3d-96a6-5c5a78bb2b8d/1/dNUnZVf32kEAET2Fc5VmSBVA5hw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dNUnZVf32kEAET2Fc5VmSBVA5hw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 06:00:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:73:e9:79:63:82:28:65:ab:fb:3b:7f:f0:60:c0:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74d5276557f7da4100113d85739566481540e61c
        Validity
            Not Before: Nov  4 06:00:33 2025 GMT
            Not After : Nov  5 06:00:33 2025 GMT
        Subject: CN=eb73e555238019102703699bd139be77c0839577
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:cb:d3:56:ff:97:74:b8:e2:08:a6:a6:fc:5a:
                    8b:58:3f:8d:e2:ab:c5:bc:61:cb:fb:9c:01:ec:db:
                    af:88:1a:17:48:d5:aa:b2:01:6b:7c:21:95:b2:6b:
                    11:60:f3:c1:88:b5:5f:b9:ae:cd:c0:5a:49:03:71:
                    62:c5:98:91:37:0b:99:18:7e:76:2b:ea:cb:2e:3d:
                    e8:d6:ee:3e:d6:5b:fc:de:f1:f4:8c:94:56:5c:28:
                    17:d9:2a:68:bd:cc:8d:bc:9b:63:e3:4e:9a:b5:40:
                    39:17:bc:67:ef:3a:96:61:9b:b5:7d:d4:15:ee:55:
                    4f:55:a6:0b:17:15:bb:ab:55:e8:9f:fc:60:76:4d:
                    d2:84:87:53:ee:06:26:b9:ea:4a:62:60:b1:2a:95:
                    61:bf:d5:cd:25:65:29:77:ff:50:ef:60:00:57:75:
                    5d:63:7b:54:54:e5:93:d3:d9:79:b7:71:23:54:35:
                    ce:0a:0f:b1:07:93:e2:97:50:56:cb:51:c2:2b:6c:
                    32:34:d4:f6:3b:d5:7e:c9:ea:49:7e:05:7f:3f:53:
                    66:ac:51:ac:5a:39:c8:aa:b6:1e:c7:b4:23:93:b2:
                    6f:3c:26:a3:d6:0c:6e:f3:b3:5b:98:cd:c9:a4:05:
                    de:fc:f3:1b:48:48:fe:75:8b:eb:36:8c:ad:1f:48:
                    db:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:73:E5:55:23:80:19:10:27:03:69:9B:D1:39:BE:77:C0:83:95:77
            X509v3 Authority Key Identifier:
                keyid:74:D5:27:65:57:F7:DA:41:00:11:3D:85:73:95:66:48:15:40:E6:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dNUnZVf32kEAET2Fc5VmSBVA5hw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/e5af16-ddfd-4f3d-96a6-5c5a78bb2b8d/1/dNUnZVf32kEAET2Fc5VmSBVA5hw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/e5af16-ddfd-4f3d-96a6-5c5a78bb2b8d/1/dNUnZVf32kEAET2Fc5VmSBVA5hw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:fa:46:43:69:11:73:ca:ce:51:2e:36:5c:e7:53:23:5b:7b:
         6f:d4:f4:b2:a2:74:bb:e5:30:09:4e:bf:71:90:2a:35:fe:63:
         37:76:c5:2c:56:7d:21:d3:63:87:12:88:37:d9:e9:af:5d:b4:
         ae:28:c5:5e:b2:64:d1:be:da:b9:bd:ee:18:24:d5:dc:65:ad:
         aa:ba:55:2f:ed:19:b0:77:c3:d2:9f:4e:f2:98:84:b4:de:95:
         58:02:1e:88:6e:b4:f4:e1:d2:e1:db:26:79:a6:8f:fa:7f:a9:
         40:ca:8b:17:37:80:75:71:b7:d1:d1:e2:b5:56:97:69:21:1f:
         37:e6:b7:0d:87:1d:78:b1:4c:e0:9d:88:0a:29:45:88:0f:90:
         ce:2a:ad:b9:4b:ca:a5:99:07:88:5b:32:bf:ed:7b:58:9b:cb:
         89:94:5f:39:c6:69:b2:e1:0d:cd:c8:a6:f6:51:21:64:cb:fd:
         a1:35:7e:73:c9:05:c7:4e:5b:e6:22:1d:ed:06:c0:11:cb:8c:
         32:c1:82:f9:1d:e1:44:49:ef:8a:f8:35:b1:ea:33:cc:57:3d:
         9b:d8:11:58:28:4b:b6:09:ca:6c:1b:d2:6b:ef:46:e4:bc:9a:
         03:f5:93:f6:3c:ee:2a:68:a5:ee:56:d4:00:a3:69:11:7c:53:
         97:47:48:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNc+l5Y4IoZav7O3/wYMCWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZDUyNzY1NTdmN2RhNDEwMDExM2Q4NTczOTU2NjQ4MTU0
MGU2MWMwHhcNMjUxMTA0MDYwMDMzWhcNMjUxMTA1MDYwMDMzWjAzMTEwLwYDVQQD
EyhlYjczZTU1NTIzODAxOTEwMjcwMzY5OWJkMTM5YmU3N2MwODM5NTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk8vTVv+XdLjiCKam/FqLWD+N4qvF
vGHL+5wB7NuviBoXSNWqsgFrfCGVsmsRYPPBiLVfua7NwFpJA3FixZiRNwuZGH52
K+rLLj3o1u4+1lv83vH0jJRWXCgX2SpovcyNvJtj406atUA5F7xn7zqWYZu1fdQV
7lVPVaYLFxW7q1Xon/xgdk3ShIdT7gYmuepKYmCxKpVhv9XNJWUpd/9Q72AAV3Vd
Y3tUVOWT09l5t3EjVDXOCg+xB5Pil1BWy1HCK2wyNNT2O9V+yepJfgV/P1NmrFGs
WjnIqrYex7Qjk7JvPCaj1gxu87NbmM3JpAXe/PMbSEj+dYvrNoytH0jbDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOtz5VUjgBkQJwNpm9E5vnfAg5V3MB8GA1UdIwQY
MBaAFHTVJ2VX99pBABE9hXOVZkgVQOYcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZE5VblpWZjMya0VBRVQyRmM1Vm1TQlZBNWh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9lNWFmMTYtZGRmZC00ZjNkLTk2YTYt
NWM1YTc4YmIyYjhkLzEvZE5VblpWZjMya0VBRVQyRmM1Vm1TQlZBNWh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9lNWFmMTYtZGRmZC00ZjNkLTk2YTYtNWM1YTc4YmIyYjhk
LzEvZE5VblpWZjMya0VBRVQyRmM1Vm1TQlZBNWh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACvpGQ2kR
c8rOUS42XOdTI1t7b9T0sqJ0u+UwCU6/cZAqNf5jN3bFLFZ9IdNjhxKIN9npr120
rijFXrJk0b7aub3uGCTV3GWtqrpVL+0ZsHfD0p9O8piEtN6VWAIeiG609OHS4dsm
eaaP+n+pQMqLFzeAdXG30dHitVaXaSEfN+a3DYcdeLFM4J2ICilFiA+QziqtuUvK
pZkHiFsyv+17WJvLiZRfOcZpsuENzcim9lEhZMv9oTV+c8kFx05b5iId7QbAEcuM
MsGC+R3hREnvivg1seozzFc9m9gRWChLtgnKbBvSa+9G5LyaA/WT9jzuKmil7lbU
AKNpEXxTl0dIAQ==
-----END CERTIFICATE-----