Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/ee63f3-7d48-49e7-aea7-e249e73eccf1/1/jR4EozwylZxnL0X0a-EIZLgemEo.mft
File:                     jR4EozwylZxnL0X0a-EIZLgemEo.mft (raw, json)
Hash identifier:          U8Wvh4Bc0rSIMCkdjTwKNjzlDlWoLSxI/EZiPFCOFoM=
Subject key identifier:   3F:9B:14:3E:39:18:C8:D1:C6:77:CA:9B:E0:65:9D:B3:61:B5:72:78
Authority key identifier: 8D:1E:04:A3:3C:32:95:9C:67:2F:45:F4:6B:E1:08:64:B8:1E:98:4A
Certificate issuer:       /CN=8d1e04a33c32959c672f45f46be10864b81e984a
Certificate serial:       019A4DAA7EBB8A103D84B663D40BBF7AFE04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jR4EozwylZxnL0X0a-EIZLgemEo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/ee63f3-7d48-49e7-aea7-e249e73eccf1/1/jR4EozwylZxnL0X0a-EIZLgemEo.mft
Manifest number:          1707
Signing time:             Tue 04 Nov 2025 07:00:10 +0000
Manifest this update:     Tue 04 Nov 2025 07:00:10 +0000
Manifest next update:     Wed 05 Nov 2025 07:00:10 +0000
Files and hashes:         1: jR4EozwylZxnL0X0a-EIZLgemEo.crl (hash: T5NxHu7llNpFPmscjczSU52CGK+ozMlcSmyO+rBFNW8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/ee63f3-7d48-49e7-aea7-e249e73eccf1/1/jR4EozwylZxnL0X0a-EIZLgemEo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/ee63f3-7d48-49e7-aea7-e249e73eccf1/1/jR4EozwylZxnL0X0a-EIZLgemEo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jR4EozwylZxnL0X0a-EIZLgemEo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:aa:7e:bb:8a:10:3d:84:b6:63:d4:0b:bf:7a:fe:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d1e04a33c32959c672f45f46be10864b81e984a
        Validity
            Not Before: Nov  4 07:00:10 2025 GMT
            Not After : Nov  5 07:00:10 2025 GMT
        Subject: CN=3f9b143e3918c8d1c677ca9be0659db361b57278
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:10:e7:10:7b:aa:9a:13:19:1d:a0:21:4d:ea:
                    85:7c:01:4a:34:28:a5:80:ca:f5:2f:a5:f2:dd:b8:
                    9c:cd:dd:44:2e:2b:8d:13:7d:13:74:81:98:db:af:
                    6e:cd:5a:f6:ef:73:f9:e1:16:e8:a9:8f:05:0b:b2:
                    56:9e:1a:a3:20:f0:1e:5b:94:01:bc:46:72:31:d5:
                    d2:09:84:99:55:a5:95:f2:5c:9d:07:8a:31:d1:65:
                    e8:40:e8:4f:92:a3:41:3b:29:e3:5f:aa:c5:34:47:
                    8d:08:73:37:f3:da:d7:ea:73:7f:c9:a1:05:d8:65:
                    42:13:a3:b5:02:40:8a:82:00:9d:ec:8f:f7:28:d1:
                    36:dd:56:b2:18:94:41:84:b4:db:d8:32:08:f2:06:
                    be:57:b3:c4:3f:81:6b:6e:30:21:79:9b:cd:8f:06:
                    4f:2b:72:f2:60:ec:b9:36:52:d3:99:ad:92:72:f7:
                    c6:29:6a:bb:32:6a:90:36:10:b3:64:47:bd:39:68:
                    b6:2b:b0:e0:ca:f3:e2:07:69:28:a0:b5:14:8c:b7:
                    7d:6c:a8:ce:8f:ba:7c:19:4b:84:02:61:58:f1:62:
                    d9:48:3d:e1:f1:3a:fe:ce:f2:45:ed:9a:71:62:a6:
                    da:a1:3b:d5:e5:bd:ff:ff:0b:a5:c4:f7:d0:1c:dd:
                    70:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:9B:14:3E:39:18:C8:D1:C6:77:CA:9B:E0:65:9D:B3:61:B5:72:78
            X509v3 Authority Key Identifier:
                keyid:8D:1E:04:A3:3C:32:95:9C:67:2F:45:F4:6B:E1:08:64:B8:1E:98:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jR4EozwylZxnL0X0a-EIZLgemEo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/ee63f3-7d48-49e7-aea7-e249e73eccf1/1/jR4EozwylZxnL0X0a-EIZLgemEo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/ee63f3-7d48-49e7-aea7-e249e73eccf1/1/jR4EozwylZxnL0X0a-EIZLgemEo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:f7:09:0f:8d:53:03:25:21:02:f5:24:4a:e5:41:c9:71:c4:
         0d:2a:9b:01:b6:fa:4e:3a:1e:cd:a8:27:98:99:aa:b3:51:71:
         a3:f6:25:6a:f0:cf:4c:33:c3:78:78:60:7d:29:ae:ed:14:6d:
         56:e5:ab:10:6b:c6:47:eb:cf:fc:29:6c:ac:14:a4:63:ee:43:
         eb:a2:3a:63:3c:e3:a0:ff:79:36:b5:a3:d5:0e:d8:fc:5d:70:
         7f:7d:32:67:04:1a:0c:61:52:89:7b:a4:c1:f5:11:cd:ac:d1:
         0a:4b:49:3a:57:b2:68:98:cc:06:7a:7c:d0:1a:33:9e:74:9f:
         a0:17:8e:a2:e6:f8:8a:93:ac:83:83:9f:ea:b9:e4:76:4a:ca:
         96:bf:26:a8:c7:be:43:2f:2b:88:b0:0b:c2:fb:a3:44:68:fd:
         bc:6c:0f:1e:08:75:c2:76:e9:15:a5:a8:7b:7c:11:92:e9:9b:
         94:c8:f4:2f:f5:f9:de:96:9d:2d:2d:87:d4:40:78:34:f1:30:
         15:9a:b6:56:5c:17:c6:8d:e8:f0:6c:df:44:b5:eb:0b:62:22:
         92:fc:d4:ac:65:0d:9c:45:c3:42:5e:67:ce:ce:b6:63:71:3d:
         b5:75:7f:f3:ce:d2:74:1e:23:2d:26:ba:3d:c3:61:ff:40:9d:
         7b:fe:fe:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNqn67ihA9hLZj1Au/ev4EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWUwNGEzM2MzMjk1OWM2NzJmNDVmNDZiZTEwODY0Yjgx
ZTk4NGEwHhcNMjUxMTA0MDcwMDEwWhcNMjUxMTA1MDcwMDEwWjAzMTEwLwYDVQQD
EygzZjliMTQzZTM5MThjOGQxYzY3N2NhOWJlMDY1OWRiMzYxYjU3Mjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhDnEHuqmhMZHaAhTeqFfAFKNCil
gMr1L6Xy3biczd1ELiuNE30TdIGY269uzVr273P54RboqY8FC7JWnhqjIPAeW5QB
vEZyMdXSCYSZVaWV8lydB4ox0WXoQOhPkqNBOynjX6rFNEeNCHM389rX6nN/yaEF
2GVCE6O1AkCKggCd7I/3KNE23VayGJRBhLTb2DII8ga+V7PEP4FrbjAheZvNjwZP
K3LyYOy5NlLTma2ScvfGKWq7MmqQNhCzZEe9OWi2K7DgyvPiB2kooLUUjLd9bKjO
j7p8GUuEAmFY8WLZSD3h8Tr+zvJF7ZpxYqbaoTvV5b3//wulxPfQHN1wdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD+bFD45GMjRxnfKm+BlnbNhtXJ4MB8GA1UdIwQY
MBaAFI0eBKM8MpWcZy9F9GvhCGS4HphKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalI0RW96d3lsWnhuTDBYMGEtRUlaTGdlbUVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9lZTYzZjMtN2Q0OC00OWU3LWFlYTct
ZTI0OWU3M2VjY2YxLzEvalI0RW96d3lsWnhuTDBYMGEtRUlaTGdlbUVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9lZTYzZjMtN2Q0OC00OWU3LWFlYTctZTI0OWU3M2VjY2Yx
LzEvalI0RW96d3lsWnhuTDBYMGEtRUlaTGdlbUVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJPcJD41T
AyUhAvUkSuVByXHEDSqbAbb6TjoezagnmJmqs1Fxo/YlavDPTDPDeHhgfSmu7RRt
VuWrEGvGR+vP/ClsrBSkY+5D66I6YzzjoP95NrWj1Q7Y/F1wf30yZwQaDGFSiXuk
wfURzazRCktJOleyaJjMBnp80BoznnSfoBeOoub4ipOsg4Of6rnkdkrKlr8mqMe+
Qy8riLALwvujRGj9vGwPHgh1wnbpFaWoe3wRkumblMj0L/X53padLS2H1EB4NPEw
FZq2VlwXxo3o8GzfRLXrC2IikvzUrGUNnEXDQl5nzs62Y3E9tXV/887SdB4jLSa6
PcNh/0Cde/7+jg==
-----END CERTIFICATE-----