Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/373e4c-d885-44fa-8c4b-a6eedfa9a4fc/1/lZCfz5xup2MAznHQlNMl9X1knL8.mft
File:                     lZCfz5xup2MAznHQlNMl9X1knL8.mft (raw, json)
Hash identifier:          hMh0VRYG480j3mkOWW/6JLiEEhbVViEFXq5nYbBkUhE=
Subject key identifier:   8D:DB:51:D4:65:3E:C8:B1:19:FD:E7:46:0D:57:49:DF:22:AD:42:F2
Authority key identifier: 95:90:9F:CF:9C:6E:A7:63:00:CE:71:D0:94:D3:25:F5:7D:64:9C:BF
Certificate issuer:       /CN=95909fcf9c6ea76300ce71d094d325f57d649cbf
Certificate serial:       019A50E2AC5752E1CB69EB6EAB652A169141
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lZCfz5xup2MAznHQlNMl9X1knL8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/373e4c-d885-44fa-8c4b-a6eedfa9a4fc/1/lZCfz5xup2MAznHQlNMl9X1knL8.mft
Manifest number:          1445
Signing time:             Tue 04 Nov 2025 22:00:23 +0000
Manifest this update:     Tue 04 Nov 2025 22:00:23 +0000
Manifest next update:     Wed 05 Nov 2025 22:00:23 +0000
Files and hashes:         1: lZCfz5xup2MAznHQlNMl9X1knL8.crl (hash: dpfv3pARXmY4bh0DxudVOR6omHSx6WHhzYrgRvNnMPY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/373e4c-d885-44fa-8c4b-a6eedfa9a4fc/1/lZCfz5xup2MAznHQlNMl9X1knL8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/373e4c-d885-44fa-8c4b-a6eedfa9a4fc/1/lZCfz5xup2MAznHQlNMl9X1knL8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lZCfz5xup2MAznHQlNMl9X1knL8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 22:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:50:e2:ac:57:52:e1:cb:69:eb:6e:ab:65:2a:16:91:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95909fcf9c6ea76300ce71d094d325f57d649cbf
        Validity
            Not Before: Nov  4 22:00:23 2025 GMT
            Not After : Nov  5 22:00:23 2025 GMT
        Subject: CN=8ddb51d4653ec8b119fde7460d5749df22ad42f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:f8:4f:ae:5a:32:7f:6b:a0:1a:64:14:0a:b8:
                    9b:c4:c6:74:91:61:69:da:f6:1a:88:c7:42:99:ab:
                    46:d4:ef:9c:ae:1e:50:40:2f:4e:fb:55:fc:22:ae:
                    9b:01:fe:b9:58:3f:16:29:47:6c:c7:36:d2:17:72:
                    eb:78:f4:88:01:2a:0a:27:5b:e9:ff:dc:11:35:bc:
                    18:1a:f0:cc:62:23:51:22:1b:ee:00:e3:ec:7d:9e:
                    ab:57:77:6c:5c:ef:b6:3a:bc:6a:59:f9:71:76:ed:
                    2e:cc:e9:0c:37:a4:f9:35:af:bf:92:97:90:cc:f5:
                    93:e0:b0:7a:fe:f0:aa:de:28:bc:24:d5:c8:0e:1f:
                    d3:02:d5:e7:f0:b1:8d:fd:1b:38:56:35:43:af:70:
                    b0:2b:d8:3b:a5:9a:f4:22:b4:fb:59:1f:61:13:e6:
                    da:1c:73:9f:cf:69:69:a1:35:27:59:81:e9:fb:51:
                    25:61:f2:23:dc:36:8c:f5:4d:06:72:5b:49:ff:c9:
                    a5:19:cc:47:38:32:3f:47:dd:d0:eb:d3:4d:62:d8:
                    0b:ea:f9:07:ea:0f:80:02:79:4e:e7:fc:9f:c9:2b:
                    e3:23:94:43:b5:a5:c3:64:63:1b:e8:a1:f1:f5:ed:
                    5f:c7:be:77:55:7c:51:5b:70:39:76:13:fd:94:93:
                    c8:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:DB:51:D4:65:3E:C8:B1:19:FD:E7:46:0D:57:49:DF:22:AD:42:F2
            X509v3 Authority Key Identifier:
                keyid:95:90:9F:CF:9C:6E:A7:63:00:CE:71:D0:94:D3:25:F5:7D:64:9C:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lZCfz5xup2MAznHQlNMl9X1knL8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/373e4c-d885-44fa-8c4b-a6eedfa9a4fc/1/lZCfz5xup2MAznHQlNMl9X1knL8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/373e4c-d885-44fa-8c4b-a6eedfa9a4fc/1/lZCfz5xup2MAznHQlNMl9X1knL8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:ae:b2:20:33:b0:ac:b4:6b:dd:91:2c:53:de:90:38:7d:93:
         9c:f7:f5:a7:28:9b:39:0a:e4:c1:7d:b9:7d:c8:6e:39:24:66:
         7e:76:86:28:ca:af:49:a4:5f:8f:3c:91:1e:d1:32:46:b2:66:
         27:32:d0:ec:5f:bb:6c:96:9d:02:0f:3c:21:9f:d3:e3:90:9e:
         7c:bd:c9:b9:ed:ee:bd:c1:e0:e8:5e:d6:df:76:e7:ec:96:e9:
         9c:64:62:1a:c0:f2:d5:97:bb:9d:e5:80:fb:70:63:e9:ea:29:
         74:a3:cf:dc:24:ee:ae:31:a7:dc:76:ad:d6:34:d8:0c:4a:16:
         70:66:86:bb:ee:93:b7:e3:27:1b:71:11:14:ac:47:fa:ec:f0:
         3c:7f:72:46:2c:31:bb:58:06:02:e4:d1:f2:04:0f:ab:d4:21:
         18:e8:45:4d:1f:29:79:0c:58:14:fb:48:b9:b0:9f:62:7b:6c:
         a0:86:7d:07:0e:8a:1e:21:61:97:50:25:cc:73:84:c8:2c:9c:
         b8:f1:2b:91:ea:b0:4f:cb:ae:c4:a7:cd:70:94:93:b5:9b:68:
         dd:1b:f7:9d:8b:6b:93:59:8b:11:3d:c9:17:61:da:9b:de:09:
         c2:ff:84:d4:59:6c:1a:6e:f2:78:77:47:b3:6b:5b:90:82:17:
         64:4b:be:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQ4qxXUuHLaetuq2UqFpFBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1OTA5ZmNmOWM2ZWE3NjMwMGNlNzFkMDk0ZDMyNWY1N2Q2
NDljYmYwHhcNMjUxMTA0MjIwMDIzWhcNMjUxMTA1MjIwMDIzWjAzMTEwLwYDVQQD
Eyg4ZGRiNTFkNDY1M2VjOGIxMTlmZGU3NDYwZDU3NDlkZjIyYWQ0MmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfhPrloyf2ugGmQUCribxMZ0kWFp
2vYaiMdCmatG1O+crh5QQC9O+1X8Iq6bAf65WD8WKUdsxzbSF3LrePSIASoKJ1vp
/9wRNbwYGvDMYiNRIhvuAOPsfZ6rV3dsXO+2OrxqWflxdu0uzOkMN6T5Na+/kpeQ
zPWT4LB6/vCq3ii8JNXIDh/TAtXn8LGN/Rs4VjVDr3CwK9g7pZr0IrT7WR9hE+ba
HHOfz2lpoTUnWYHp+1ElYfIj3DaM9U0GcltJ/8mlGcxHODI/R93Q69NNYtgL6vkH
6g+AAnlO5/yfySvjI5RDtaXDZGMb6KHx9e1fx753VXxRW3A5dhP9lJPIvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI3bUdRlPsixGf3nRg1XSd8irULyMB8GA1UdIwQY
MBaAFJWQn8+cbqdjAM5x0JTTJfV9ZJy/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFpDZno1eHVwMk1Bem5IUWxOTWw5WDFrbkw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8zNzNlNGMtZDg4NS00NGZhLThjNGIt
YTZlZWRmYTlhNGZjLzEvbFpDZno1eHVwMk1Bem5IUWxOTWw5WDFrbkw4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8zNzNlNGMtZDg4NS00NGZhLThjNGItYTZlZWRmYTlhNGZj
LzEvbFpDZno1eHVwMk1Bem5IUWxOTWw5WDFrbkw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKK6yIDOw
rLRr3ZEsU96QOH2TnPf1pyibOQrkwX25fchuOSRmfnaGKMqvSaRfjzyRHtEyRrJm
JzLQ7F+7bJadAg88IZ/T45CefL3Jue3uvcHg6F7W33bn7JbpnGRiGsDy1Ze7neWA
+3Bj6eopdKPP3CTurjGn3Hat1jTYDEoWcGaGu+6Tt+MnG3ERFKxH+uzwPH9yRiwx
u1gGAuTR8gQPq9QhGOhFTR8peQxYFPtIubCfYntsoIZ9Bw6KHiFhl1AlzHOEyCyc
uPErkeqwT8uuxKfNcJSTtZto3Rv3nYtrk1mLET3JF2Ham94Jwv+E1FlsGm7yeHdH
s2tbkIIXZEu+SA==
-----END CERTIFICATE-----