Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft
File:                     a3tNxJzDUDQveq4ssyBbn3dfZh0.mft (raw, json)
Hash identifier:          OCSbBu9+B8tXDTpnduLnxevDSrudvLNmaO/+2U00k4I=
Subject key identifier:   A9:B4:D9:8B:73:74:35:7B:29:AB:63:1D:59:ED:EC:16:E9:A5:94:6B
Authority key identifier: 6B:7B:4D:C4:9C:C3:50:34:2F:7A:AE:2C:B3:20:5B:9F:77:5F:66:1D
Certificate issuer:       /CN=6b7b4dc49cc350342f7aae2cb3205b9f775f661d
Certificate serial:       019A4EF44AAB6E69DC45C7051BDB412E8B14
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a3tNxJzDUDQveq4ssyBbn3dfZh0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft
Manifest number:          1708
Signing time:             Tue 04 Nov 2025 13:00:23 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:23 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:23 +0000
Files and hashes:         1: a3tNxJzDUDQveq4ssyBbn3dfZh0.crl (hash: FaLzYuz8aWeF8yZPEWw3G+5aPD8CCH4lB6zFT/XkmLA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a3tNxJzDUDQveq4ssyBbn3dfZh0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:4a:ab:6e:69:dc:45:c7:05:1b:db:41:2e:8b:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b7b4dc49cc350342f7aae2cb3205b9f775f661d
        Validity
            Not Before: Nov  4 13:00:23 2025 GMT
            Not After : Nov  5 13:00:23 2025 GMT
        Subject: CN=a9b4d98b7374357b29ab631d59edec16e9a5946b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:14:c3:bf:b6:e3:ed:2a:24:d4:77:98:73:e3:
                    80:c9:6b:4e:c8:9c:c5:be:fe:9c:01:c7:cd:58:75:
                    1d:24:58:0a:7c:ee:46:80:88:29:c1:a8:af:bb:da:
                    d6:7b:11:76:0e:16:0f:04:e5:99:01:ab:dc:bc:be:
                    24:b8:65:af:95:dc:bb:31:c0:d7:13:e0:a7:c1:95:
                    59:bc:4a:e0:af:ce:66:24:98:ed:1a:bd:a9:13:ae:
                    8b:cb:22:16:e6:dd:d8:21:63:96:4e:6e:c2:5c:58:
                    ba:23:f9:56:bc:bb:29:48:f3:6a:62:d7:0a:cf:b2:
                    bf:0b:76:e9:f7:95:e8:e6:5e:93:8d:a7:56:1b:ce:
                    81:a7:8b:50:95:7d:b8:aa:1c:a3:cb:bb:20:41:6a:
                    5b:1b:06:a9:17:2a:51:95:ce:e6:21:5d:8e:34:17:
                    50:3c:a8:d3:ea:ef:b8:c1:64:16:46:a8:2d:b9:c5:
                    2d:6a:44:8a:bf:6e:55:2d:c5:a5:c5:e7:19:d5:22:
                    f2:a6:21:33:cc:de:f3:a4:19:67:a1:0f:f9:1c:35:
                    df:cd:4c:c4:39:3a:ca:dc:92:59:dd:9c:9e:8e:ae:
                    b8:e0:7e:b3:2d:45:b6:a4:b2:48:1e:2b:35:18:d7:
                    06:8b:dd:56:6c:f4:1d:2f:03:25:63:88:71:86:fa:
                    96:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:B4:D9:8B:73:74:35:7B:29:AB:63:1D:59:ED:EC:16:E9:A5:94:6B
            X509v3 Authority Key Identifier:
                keyid:6B:7B:4D:C4:9C:C3:50:34:2F:7A:AE:2C:B3:20:5B:9F:77:5F:66:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3tNxJzDUDQveq4ssyBbn3dfZh0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:b9:ea:30:c6:81:46:e4:c0:6a:76:c5:b5:b1:2c:b1:91:52:
         99:af:54:fd:7f:13:66:05:78:41:92:ad:06:6b:9c:65:90:84:
         00:99:34:ac:b6:61:fb:a2:9d:41:81:b0:86:ee:b2:dd:20:9c:
         82:7c:3c:0d:35:a8:95:27:a7:05:9c:2c:5f:cc:78:ae:de:23:
         e2:f9:3f:63:e5:9f:a7:9d:82:34:4c:36:8c:d8:69:9f:a3:d5:
         af:4f:8c:6f:3a:80:02:8c:b8:c8:ca:a4:da:98:19:f5:85:14:
         cb:4b:fc:ee:74:c4:2d:1e:7b:2b:f1:3f:c4:f2:6c:3b:98:cf:
         a6:87:e9:46:59:9b:d3:63:92:86:63:0d:10:0a:a5:39:98:66:
         29:a9:86:48:87:e6:a8:19:25:ce:62:8e:03:f3:80:b8:18:90:
         93:d4:5d:df:be:81:2f:85:57:0b:63:ae:9c:90:a7:52:33:62:
         5d:41:43:d5:e7:ef:bc:5d:be:b1:ee:7d:ed:ac:ee:43:08:1e:
         30:b2:65:01:f2:de:2c:8d:c2:e2:37:9c:e1:78:01:d8:3a:d9:
         c9:de:71:e1:a8:53:10:93:55:b7:0a:c8:bf:67:ce:dc:64:57:
         60:04:6e:13:02:24:16:ba:33:9e:68:85:9c:52:de:20:d1:37:
         a2:50:b3:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9EqrbmncRccFG9tBLosUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiN2I0ZGM0OWNjMzUwMzQyZjdhYWUyY2IzMjA1YjlmNzc1
ZjY2MWQwHhcNMjUxMTA0MTMwMDIzWhcNMjUxMTA1MTMwMDIzWjAzMTEwLwYDVQQD
EyhhOWI0ZDk4YjczNzQzNTdiMjlhYjYzMWQ1OWVkZWMxNmU5YTU5NDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRTDv7bj7Sok1HeYc+OAyWtOyJzF
vv6cAcfNWHUdJFgKfO5GgIgpwaivu9rWexF2DhYPBOWZAavcvL4kuGWvldy7McDX
E+CnwZVZvErgr85mJJjtGr2pE66LyyIW5t3YIWOWTm7CXFi6I/lWvLspSPNqYtcK
z7K/C3bp95Xo5l6TjadWG86Bp4tQlX24qhyjy7sgQWpbGwapFypRlc7mIV2ONBdQ
PKjT6u+4wWQWRqgtucUtakSKv25VLcWlxecZ1SLypiEzzN7zpBlnoQ/5HDXfzUzE
OTrK3JJZ3Zyejq644H6zLUW2pLJIHis1GNcGi91WbPQdLwMlY4hxhvqWkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKm02YtzdDV7KatjHVnt7BbppZRrMB8GA1UdIwQY
MBaAFGt7TcScw1A0L3quLLMgW593X2YdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTN0TnhKekRVRFF2ZXE0c3N5QmJuM2RmWmgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iNTI3MDktMzhhZi00NTQ1LWE4ZGIt
YzZkNGMxYTU0YTRiLzEvYTN0TnhKekRVRFF2ZXE0c3N5QmJuM2RmWmgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iNTI3MDktMzhhZi00NTQ1LWE4ZGItYzZkNGMxYTU0YTRi
LzEvYTN0TnhKekRVRFF2ZXE0c3N5QmJuM2RmWmgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFrnqMMaB
RuTAanbFtbEssZFSma9U/X8TZgV4QZKtBmucZZCEAJk0rLZh+6KdQYGwhu6y3SCc
gnw8DTWolSenBZwsX8x4rt4j4vk/Y+Wfp52CNEw2jNhpn6PVr0+MbzqAAoy4yMqk
2pgZ9YUUy0v87nTELR57K/E/xPJsO5jPpofpRlmb02OShmMNEAqlOZhmKamGSIfm
qBklzmKOA/OAuBiQk9Rd376BL4VXC2OunJCnUjNiXUFD1efvvF2+se597azuQwge
MLJlAfLeLI3C4jec4XgB2DrZyd5x4ahTEJNVtwrIv2fO3GRXYARuEwIkFroznmiF
nFLeINE3olCzCA==
-----END CERTIFICATE-----