Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/28860d-3c90-449f-a43e-8d3d50480d9d/1/PuzIGOGpxqhRe81paldEKNbRekQ.mft
File:                     PuzIGOGpxqhRe81paldEKNbRekQ.mft (raw, json)
Hash identifier:          RNUJZVqx4aQmJjP5/gxMPFo2e19pJoYdWO5MLJSB7Ho=
Subject key identifier:   B6:5C:6C:9A:12:DB:E1:38:E1:16:6A:D3:79:7D:3D:E5:4A:9F:2F:E2
Authority key identifier: 3E:EC:C8:18:E1:A9:C6:A8:51:7B:CD:69:6A:57:44:28:D6:D1:7A:44
Certificate issuer:       /CN=3eecc818e1a9c6a8517bcd696a574428d6d17a44
Certificate serial:       019A4F2B8DDB45C90A545C3FFE7F5B364264
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PuzIGOGpxqhRe81paldEKNbRekQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/28860d-3c90-449f-a43e-8d3d50480d9d/1/PuzIGOGpxqhRe81paldEKNbRekQ.mft
Manifest number:          05BC
Signing time:             Tue 04 Nov 2025 14:00:45 +0000
Manifest this update:     Tue 04 Nov 2025 14:00:45 +0000
Manifest next update:     Wed 05 Nov 2025 14:00:45 +0000
Files and hashes:         1: PuzIGOGpxqhRe81paldEKNbRekQ.crl (hash: GbDlymVkXYpjSRYxQBx/G+kmx4qsPiyTNqwmU0B3b1w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/28860d-3c90-449f-a43e-8d3d50480d9d/1/PuzIGOGpxqhRe81paldEKNbRekQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/28860d-3c90-449f-a43e-8d3d50480d9d/1/PuzIGOGpxqhRe81paldEKNbRekQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PuzIGOGpxqhRe81paldEKNbRekQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:2b:8d:db:45:c9:0a:54:5c:3f:fe:7f:5b:36:42:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3eecc818e1a9c6a8517bcd696a574428d6d17a44
        Validity
            Not Before: Nov  4 14:00:45 2025 GMT
            Not After : Nov  5 14:00:45 2025 GMT
        Subject: CN=b65c6c9a12dbe138e1166ad3797d3de54a9f2fe2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:0b:72:17:45:21:a7:59:dc:4f:b5:4d:5f:eb:
                    88:6d:23:ae:ac:74:8a:45:aa:1d:e7:55:c8:aa:0d:
                    cc:5b:e8:1a:68:68:59:a8:28:0d:8a:df:b2:8b:95:
                    bc:3a:b7:37:2b:27:8c:97:c5:2d:65:66:20:3e:92:
                    dc:8e:f4:f1:f3:ed:f8:35:71:0e:be:db:b6:cc:72:
                    02:67:d6:63:a1:7f:8e:29:02:e7:5a:b1:82:59:37:
                    f9:6d:81:93:de:f9:54:1e:d1:26:9c:8e:a6:a2:d6:
                    cc:2b:fc:60:4d:75:91:73:56:1f:c9:6c:f5:0d:fc:
                    90:90:ca:bd:24:12:5c:e6:7c:76:2a:67:4d:71:13:
                    61:51:01:1d:8b:47:13:df:15:66:0c:d7:bd:33:bf:
                    a4:eb:5f:7a:36:53:21:b1:a5:3d:0a:ac:73:61:57:
                    66:3b:b3:de:4d:5a:02:58:fd:75:f4:94:5d:02:69:
                    1c:c1:00:7a:ff:4f:50:90:3f:55:02:80:3f:12:f7:
                    02:99:02:82:08:3b:ca:2e:f6:f1:8e:43:81:31:b2:
                    a8:6f:6e:45:51:e7:10:e1:7c:24:59:37:83:79:99:
                    20:1c:f6:ba:35:d9:1e:42:39:20:93:d4:4f:99:da:
                    b1:38:95:06:90:8b:25:18:a3:51:2a:71:9c:a6:97:
                    50:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:5C:6C:9A:12:DB:E1:38:E1:16:6A:D3:79:7D:3D:E5:4A:9F:2F:E2
            X509v3 Authority Key Identifier:
                keyid:3E:EC:C8:18:E1:A9:C6:A8:51:7B:CD:69:6A:57:44:28:D6:D1:7A:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PuzIGOGpxqhRe81paldEKNbRekQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/28860d-3c90-449f-a43e-8d3d50480d9d/1/PuzIGOGpxqhRe81paldEKNbRekQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/28860d-3c90-449f-a43e-8d3d50480d9d/1/PuzIGOGpxqhRe81paldEKNbRekQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:a5:e2:d5:d7:e5:3b:ec:75:d6:60:94:f3:db:d6:79:32:63:
         33:85:f6:ef:25:37:5c:a5:af:fa:70:b7:3c:4e:a2:b2:62:e0:
         f6:13:68:87:87:8d:c6:f4:d5:a3:34:f5:88:b4:15:c6:fb:8e:
         66:ae:a6:ea:0d:c1:3f:e4:78:13:0c:8b:57:5a:90:e0:55:e8:
         56:7c:ef:ed:3d:a2:b1:0b:d2:c2:84:76:bc:7b:39:85:40:60:
         63:11:1d:37:16:f8:d1:49:8f:6e:53:e9:c8:54:99:6c:15:a1:
         71:93:39:3c:11:34:57:7c:f6:b8:04:cd:58:6b:55:9a:78:9c:
         19:72:d5:d4:2e:4f:e9:4d:a2:84:8a:69:ab:c7:4e:0a:11:17:
         88:24:31:62:d2:9a:aa:72:e5:b6:3e:d0:2d:a9:80:04:12:88:
         75:53:c2:e5:b6:bc:22:91:1d:54:ab:3b:f6:87:f5:0c:bd:79:
         15:bb:a3:c3:68:72:1f:21:dc:e9:b5:f4:13:dd:2d:63:27:6e:
         1a:c1:34:24:26:18:b1:f7:11:c1:00:3c:2f:c7:bc:5c:43:80:
         3c:7c:81:25:59:2b:2e:c3:50:be:97:79:85:5f:59:b5:a2:f7:
         68:59:da:9d:dd:db:88:04:88:b0:19:45:1b:19:c6:e3:61:32:
         c3:d1:fd:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPK43bRckKVFw//n9bNkJkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZWNjODE4ZTFhOWM2YTg1MTdiY2Q2OTZhNTc0NDI4ZDZk
MTdhNDQwHhcNMjUxMTA0MTQwMDQ1WhcNMjUxMTA1MTQwMDQ1WjAzMTEwLwYDVQQD
EyhiNjVjNmM5YTEyZGJlMTM4ZTExNjZhZDM3OTdkM2RlNTRhOWYyZmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgtyF0Uhp1ncT7VNX+uIbSOurHSK
Raod51XIqg3MW+gaaGhZqCgNit+yi5W8Orc3KyeMl8UtZWYgPpLcjvTx8+34NXEO
vtu2zHICZ9ZjoX+OKQLnWrGCWTf5bYGT3vlUHtEmnI6motbMK/xgTXWRc1YfyWz1
DfyQkMq9JBJc5nx2KmdNcRNhUQEdi0cT3xVmDNe9M7+k6196NlMhsaU9CqxzYVdm
O7PeTVoCWP119JRdAmkcwQB6/09QkD9VAoA/EvcCmQKCCDvKLvbxjkOBMbKob25F
UecQ4XwkWTeDeZkgHPa6NdkeQjkgk9RPmdqxOJUGkIslGKNRKnGcppdQpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLZcbJoS2+E44RZq03l9PeVKny/iMB8GA1UdIwQY
MBaAFD7syBjhqcaoUXvNaWpXRCjW0XpEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHV6SUdPR3B4cWhSZTgxcGFsZEVLTmJSZWtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8yODg2MGQtM2M5MC00NDlmLWE0M2Ut
OGQzZDUwNDgwZDlkLzEvUHV6SUdPR3B4cWhSZTgxcGFsZEVLTmJSZWtRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8yODg2MGQtM2M5MC00NDlmLWE0M2UtOGQzZDUwNDgwZDlk
LzEvUHV6SUdPR3B4cWhSZTgxcGFsZEVLTmJSZWtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgaXi1dfl
O+x11mCU89vWeTJjM4X27yU3XKWv+nC3PE6ismLg9hNoh4eNxvTVozT1iLQVxvuO
Zq6m6g3BP+R4EwyLV1qQ4FXoVnzv7T2isQvSwoR2vHs5hUBgYxEdNxb40UmPblPp
yFSZbBWhcZM5PBE0V3z2uATNWGtVmnicGXLV1C5P6U2ihIppq8dOChEXiCQxYtKa
qnLltj7QLamABBKIdVPC5ba8IpEdVKs79of1DL15Fbujw2hyHyHc6bX0E90tYydu
GsE0JCYYsfcRwQA8L8e8XEOAPHyBJVkrLsNQvpd5hV9ZtaL3aFnand3biASIsBlF
GxnG42Eyw9H9ZA==
-----END CERTIFICATE-----