Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.mft
File:                     t38R7tTnnIXMxWLfPR8oPjOdou0.mft (raw, json)
Hash identifier:          QeQrKFO0lSOGFJFJo98fI65Wkza8943btHs+pQPDaP8=
Subject key identifier:   3B:65:E3:8F:92:C4:04:F3:11:9C:8A:21:DE:47:2D:15:AF:BD:7C:48
Authority key identifier: B7:7F:11:EE:D4:E7:9C:85:CC:C5:62:DF:3D:1F:28:3E:33:9D:A2:ED
Certificate issuer:       /CN=b77f11eed4e79c85ccc562df3d1f283e339da2ed
Certificate serial:       019A4EF512844FD9FCFC6B783019AA4E0319
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/t38R7tTnnIXMxWLfPR8oPjOdou0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.mft
Manifest number:          0DAF
Signing time:             Tue 04 Nov 2025 13:01:15 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:15 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:15 +0000
Files and hashes:         1: t38R7tTnnIXMxWLfPR8oPjOdou0.crl (hash: B1VIcpEXk48Rtab5qr+Xp++tYvG2CvKwXKLfi2+fzSY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/t38R7tTnnIXMxWLfPR8oPjOdou0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:12:84:4f:d9:fc:fc:6b:78:30:19:aa:4e:03:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b77f11eed4e79c85ccc562df3d1f283e339da2ed
        Validity
            Not Before: Nov  4 13:01:15 2025 GMT
            Not After : Nov  5 13:01:15 2025 GMT
        Subject: CN=3b65e38f92c404f3119c8a21de472d15afbd7c48
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:e7:41:6d:d1:28:aa:06:76:a8:60:c7:53:3a:
                    06:ac:70:76:d8:62:c3:56:86:a3:61:6d:62:37:10:
                    96:94:3c:70:7c:8c:60:32:1d:11:85:1e:29:8f:33:
                    97:d8:71:f5:55:29:e7:5c:81:a5:05:85:ca:68:28:
                    9f:d8:1f:63:ab:2a:4a:66:09:09:2c:67:d5:57:af:
                    81:5d:76:6e:9d:ff:2a:94:e2:91:91:be:9d:78:22:
                    6e:9d:ea:19:18:b9:68:39:3b:4b:0f:b1:4a:50:c7:
                    f6:bf:d4:a0:ff:e6:7e:8e:bb:59:39:59:41:b0:4a:
                    89:f4:e3:00:bb:6a:a7:cf:c1:9d:88:73:6e:db:f3:
                    14:65:4d:60:6e:87:44:0c:a5:5d:64:74:dd:cd:b9:
                    85:bb:e9:33:ca:5a:6e:03:45:9a:a2:94:a0:7e:d3:
                    77:0e:73:ea:24:7e:10:63:2e:62:66:3c:20:43:be:
                    37:6a:09:be:bb:5c:02:fa:75:81:ee:c5:95:7a:b9:
                    b7:ea:9c:8d:21:da:63:0e:fc:05:3b:17:77:7a:0c:
                    d3:4e:0d:7a:87:b2:7a:72:98:f0:79:16:63:7e:02:
                    77:8e:12:9d:fd:06:ce:59:8f:ff:e4:cd:8d:bd:e7:
                    e7:15:3f:71:79:8d:cb:7e:5c:28:f5:2b:49:91:38:
                    fb:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:65:E3:8F:92:C4:04:F3:11:9C:8A:21:DE:47:2D:15:AF:BD:7C:48
            X509v3 Authority Key Identifier:
                keyid:B7:7F:11:EE:D4:E7:9C:85:CC:C5:62:DF:3D:1F:28:3E:33:9D:A2:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t38R7tTnnIXMxWLfPR8oPjOdou0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:4a:46:05:6b:d9:b0:2c:47:2e:1a:92:ce:59:5c:dc:de:db:
         7d:11:00:ce:5b:18:4f:29:1c:00:44:9b:d8:c1:71:11:8a:c1:
         14:bc:1c:43:10:68:b7:5a:3e:22:ba:b2:70:46:a8:ac:d3:a2:
         50:6a:6c:cf:2e:01:94:91:01:7c:97:1b:7c:82:b6:27:79:33:
         98:d1:01:50:bb:66:13:da:7e:94:2d:7b:ad:12:aa:a4:df:eb:
         39:d4:e6:e5:97:71:f1:cb:52:d5:0b:8e:4a:a2:12:dd:6f:8a:
         d8:48:12:87:ac:30:dd:93:93:ad:d8:09:b4:cb:1e:72:7c:15:
         91:70:41:cb:5f:57:e9:a7:6e:b7:68:8d:a8:96:18:c1:37:07:
         0d:c6:ba:b4:60:fb:81:f5:ba:db:77:ab:f8:f9:3d:61:90:b0:
         11:06:f4:d9:79:93:45:ae:fd:5c:36:56:62:97:ce:2a:59:03:
         5a:db:5b:c0:dc:73:fe:ea:cc:15:86:e8:20:e3:84:d5:46:9d:
         eb:c3:b0:32:20:2e:76:fa:30:96:02:d9:4e:dc:73:16:63:ea:
         78:2e:e5:2c:bd:9b:b3:23:0f:d2:e6:65:91:a9:74:f2:bc:13:
         d9:15:08:5b:1f:35:d6:87:65:b7:c8:37:e3:c9:1c:57:3b:da:
         1b:55:10:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9RKET9n8/Gt4MBmqTgMZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3N2YxMWVlZDRlNzljODVjY2M1NjJkZjNkMWYyODNlMzM5
ZGEyZWQwHhcNMjUxMTA0MTMwMTE1WhcNMjUxMTA1MTMwMTE1WjAzMTEwLwYDVQQD
EygzYjY1ZTM4ZjkyYzQwNGYzMTE5YzhhMjFkZTQ3MmQxNWFmYmQ3YzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxedBbdEoqgZ2qGDHUzoGrHB22GLD
VoajYW1iNxCWlDxwfIxgMh0RhR4pjzOX2HH1VSnnXIGlBYXKaCif2B9jqypKZgkJ
LGfVV6+BXXZunf8qlOKRkb6deCJuneoZGLloOTtLD7FKUMf2v9Sg/+Z+jrtZOVlB
sEqJ9OMAu2qnz8GdiHNu2/MUZU1gbodEDKVdZHTdzbmFu+kzylpuA0WaopSgftN3
DnPqJH4QYy5iZjwgQ743agm+u1wC+nWB7sWVerm36pyNIdpjDvwFOxd3egzTTg16
h7J6cpjweRZjfgJ3jhKd/QbOWY//5M2NvefnFT9xeY3Lflwo9StJkTj7eQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDtl44+SxATzEZyKId5HLRWvvXxIMB8GA1UdIwQY
MBaAFLd/Ee7U55yFzMVi3z0fKD4znaLtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDM4Ujd0VG5uSVhNeFdMZlBSOG9Qak9kb3UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi85NzUwMzAtNDNiMi00MDBiLThkYzkt
MGM3NzU1OWQ5ZGIwLzEvdDM4Ujd0VG5uSVhNeFdMZlBSOG9Qak9kb3UwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi85NzUwMzAtNDNiMi00MDBiLThkYzktMGM3NzU1OWQ5ZGIw
LzEvdDM4Ujd0VG5uSVhNeFdMZlBSOG9Qak9kb3UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADUpGBWvZ
sCxHLhqSzllc3N7bfREAzlsYTykcAESb2MFxEYrBFLwcQxBot1o+IrqycEaorNOi
UGpszy4BlJEBfJcbfIK2J3kzmNEBULtmE9p+lC17rRKqpN/rOdTm5Zdx8ctS1QuO
SqIS3W+K2EgSh6ww3ZOTrdgJtMsecnwVkXBBy19X6adut2iNqJYYwTcHDca6tGD7
gfW623er+Pk9YZCwEQb02XmTRa79XDZWYpfOKlkDWttbwNxz/urMFYboIOOE1Uad
68OwMiAudvowlgLZTtxzFmPqeC7lLL2bsyMP0uZlkal08rwT2RUIWx811odlt8g3
48kcVzvaG1UQiA==
-----END CERTIFICATE-----