Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/53d18e-cace-4ea4-9a08-38bfbd34799e/1/EQ8FOm21SxvzlvhQY6b8ygo0bsM.mft
File:                     EQ8FOm21SxvzlvhQY6b8ygo0bsM.mft (raw, json)
Hash identifier:          IEX6U9Y6nWBSqlDxTwNwRbj2Pv87ik1vzaflHOH5LK4=
Subject key identifier:   A0:5B:32:69:56:F6:41:2B:A2:A7:01:90:56:2B:82:A6:5C:4C:1B:01
Authority key identifier: 11:0F:05:3A:6D:B5:4B:1B:F3:96:F8:50:63:A6:FC:CA:0A:34:6E:C3
Certificate issuer:       /CN=110f053a6db54b1bf396f85063a6fcca0a346ec3
Certificate serial:       019A4EBD3CF4F707EC6236BDA9E062AB0270
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EQ8FOm21SxvzlvhQY6b8ygo0bsM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/53d18e-cace-4ea4-9a08-38bfbd34799e/1/EQ8FOm21SxvzlvhQY6b8ygo0bsM.mft
Manifest number:          170C
Signing time:             Tue 04 Nov 2025 12:00:15 +0000
Manifest this update:     Tue 04 Nov 2025 12:00:15 +0000
Manifest next update:     Wed 05 Nov 2025 12:00:15 +0000
Files and hashes:         1: EQ8FOm21SxvzlvhQY6b8ygo0bsM.crl (hash: fy+/DejT9/RzgKZBN9WUsAs9umMPqL9rnCg7dv6tHKU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/66/53d18e-cace-4ea4-9a08-38bfbd34799e/1/EQ8FOm21SxvzlvhQY6b8ygo0bsM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/66/53d18e-cace-4ea4-9a08-38bfbd34799e/1/EQ8FOm21SxvzlvhQY6b8ygo0bsM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EQ8FOm21SxvzlvhQY6b8ygo0bsM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:bd:3c:f4:f7:07:ec:62:36:bd:a9:e0:62:ab:02:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=110f053a6db54b1bf396f85063a6fcca0a346ec3
        Validity
            Not Before: Nov  4 12:00:15 2025 GMT
            Not After : Nov  5 12:00:15 2025 GMT
        Subject: CN=a05b326956f6412ba2a70190562b82a65c4c1b01
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:68:f0:ec:22:22:02:a5:a0:fe:b2:34:a4:d2:
                    35:b4:bb:3a:cc:24:a4:0c:63:96:93:d2:66:13:d3:
                    eb:89:77:8d:a6:bb:cf:a0:85:6e:3c:9c:d9:23:3a:
                    11:ab:c7:bc:bf:da:55:0b:b3:a8:b3:92:80:38:f7:
                    05:5f:3b:06:ca:6c:5e:66:9c:6a:d6:6f:e3:1c:1c:
                    ae:67:29:55:00:be:81:87:3d:b9:38:5e:a1:06:a5:
                    16:bc:21:3e:56:5c:ec:be:d0:95:89:ef:22:d5:51:
                    9c:3d:04:60:55:6f:22:55:ce:95:d0:85:25:92:14:
                    73:4f:79:10:71:8d:d1:3f:3d:0b:f6:a8:b4:b8:48:
                    0c:8c:96:9d:4b:f5:db:6b:72:29:18:71:a6:90:63:
                    14:29:de:a1:e2:05:8b:03:f4:73:45:22:dd:e0:ec:
                    a4:10:6f:2d:74:32:e8:47:fb:71:a2:ac:91:ed:fc:
                    24:84:9e:54:28:5a:c1:64:c8:30:65:0c:a9:41:64:
                    2a:6e:e8:e5:a8:da:da:27:c1:59:9b:3c:ec:98:c9:
                    ce:7f:cc:eb:21:cf:cc:2a:b7:10:f7:fc:55:70:7b:
                    0c:25:ea:83:46:c6:ad:2a:6a:01:5f:b6:c4:5a:28:
                    a1:63:d9:d9:7e:66:be:a5:96:af:fb:69:4f:a2:4f:
                    fe:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:5B:32:69:56:F6:41:2B:A2:A7:01:90:56:2B:82:A6:5C:4C:1B:01
            X509v3 Authority Key Identifier:
                keyid:11:0F:05:3A:6D:B5:4B:1B:F3:96:F8:50:63:A6:FC:CA:0A:34:6E:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EQ8FOm21SxvzlvhQY6b8ygo0bsM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/53d18e-cace-4ea4-9a08-38bfbd34799e/1/EQ8FOm21SxvzlvhQY6b8ygo0bsM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/53d18e-cace-4ea4-9a08-38bfbd34799e/1/EQ8FOm21SxvzlvhQY6b8ygo0bsM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ae:25:0b:c2:e8:74:96:5c:c2:01:21:76:12:0b:5f:90:c9:0d:
         af:53:bd:5e:3f:6c:71:0f:4e:47:c4:5e:7f:9f:d7:55:8c:f0:
         58:69:75:e4:18:b0:3c:79:b4:f3:05:20:8f:fe:e3:98:2a:78:
         0a:28:69:32:a9:89:13:67:61:4c:86:6d:3b:17:d1:8e:92:1a:
         13:d9:e9:47:5c:b8:78:cf:a3:8e:e4:62:5d:16:17:1e:6b:55:
         48:bd:fc:41:3e:a9:a0:4b:d0:1f:c5:b0:46:b3:f7:da:44:ef:
         f5:a9:56:ac:66:f0:3e:41:5e:e9:63:45:d0:0d:ff:7e:76:93:
         32:66:e3:24:07:75:3d:99:29:92:7e:ef:22:f1:b5:b5:8a:9f:
         8d:46:ee:b9:6e:85:b3:ec:5a:29:47:f4:5a:48:55:75:81:c7:
         b2:cd:8e:50:0f:4e:89:1c:f3:3b:43:51:a9:a0:05:55:7e:25:
         61:2e:e1:1a:8f:3d:55:35:03:e8:75:4d:cd:d8:d4:07:43:15:
         7a:2c:b4:c4:b4:72:ba:17:4b:b6:17:d4:86:2d:2c:f9:1b:a3:
         69:3f:41:da:a3:7e:6f:5c:7a:59:c2:6a:23:6a:20:8b:90:f8:
         94:06:c9:81:62:1c:5c:4a:3b:9b:e6:d8:5b:b2:52:11:13:b1:
         f2:8c:44:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOvTz09wfsYja9qeBiqwJwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMGYwNTNhNmRiNTRiMWJmMzk2Zjg1MDYzYTZmY2NhMGEz
NDZlYzMwHhcNMjUxMTA0MTIwMDE1WhcNMjUxMTA1MTIwMDE1WjAzMTEwLwYDVQQD
EyhhMDViMzI2OTU2ZjY0MTJiYTJhNzAxOTA1NjJiODJhNjVjNGMxYjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2jw7CIiAqWg/rI0pNI1tLs6zCSk
DGOWk9JmE9PriXeNprvPoIVuPJzZIzoRq8e8v9pVC7Oos5KAOPcFXzsGymxeZpxq
1m/jHByuZylVAL6Bhz25OF6hBqUWvCE+VlzsvtCVie8i1VGcPQRgVW8iVc6V0IUl
khRzT3kQcY3RPz0L9qi0uEgMjJadS/Xba3IpGHGmkGMUKd6h4gWLA/RzRSLd4Oyk
EG8tdDLoR/txoqyR7fwkhJ5UKFrBZMgwZQypQWQqbujlqNraJ8FZmzzsmMnOf8zr
Ic/MKrcQ9/xVcHsMJeqDRsatKmoBX7bEWiihY9nZfma+pZav+2lPok/+awIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKBbMmlW9kEroqcBkFYrgqZcTBsBMB8GA1UdIwQY
MBaAFBEPBTpttUsb85b4UGOm/MoKNG7DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVE4Rk9tMjFTeHZ6bHZoUVk2Yjh5Z28wYnNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81M2QxOGUtY2FjZS00ZWE0LTlhMDgt
MzhiZmJkMzQ3OTllLzEvRVE4Rk9tMjFTeHZ6bHZoUVk2Yjh5Z28wYnNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni81M2QxOGUtY2FjZS00ZWE0LTlhMDgtMzhiZmJkMzQ3OTll
LzEvRVE4Rk9tMjFTeHZ6bHZoUVk2Yjh5Z28wYnNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAriULwuh0
llzCASF2EgtfkMkNr1O9Xj9scQ9OR8Ref5/XVYzwWGl15BiwPHm08wUgj/7jmCp4
CihpMqmJE2dhTIZtOxfRjpIaE9npR1y4eM+jjuRiXRYXHmtVSL38QT6poEvQH8Ww
RrP32kTv9alWrGbwPkFe6WNF0A3/fnaTMmbjJAd1PZkpkn7vIvG1tYqfjUbuuW6F
s+xaKUf0WkhVdYHHss2OUA9OiRzzO0NRqaAFVX4lYS7hGo89VTUD6HVNzdjUB0MV
eiy0xLRyuhdLthfUhi0s+RujaT9B2qN+b1x6WcJqI2ogi5D4lAbJgWIcXEo7m+bY
W7JSEROx8oxEpg==
-----END CERTIFICATE-----