Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft
File:                     ZFOB6enwr6NsKmagd8odV50ikr8.mft (raw, json)
Hash identifier:          cBzQ0NVp96XPStROdGAydgjWKYjdOntDtjnl+GLBX6k=
Subject key identifier:   4A:F4:8E:D3:71:01:97:FF:B5:A1:CF:D7:84:F9:FC:B3:D8:77:DA:17
Authority key identifier: 64:53:81:E9:E9:F0:AF:A3:6C:2A:66:A0:77:CA:1D:57:9D:22:92:BF
Certificate issuer:       /CN=645381e9e9f0afa36c2a66a077ca1d579d2292bf
Certificate serial:       019A4EF53DFAD03586FF070701BD3F898133
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZFOB6enwr6NsKmagd8odV50ikr8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft
Manifest number:          1528
Signing time:             Tue 04 Nov 2025 13:01:26 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:26 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:26 +0000
Files and hashes:         1: ZFOB6enwr6NsKmagd8odV50ikr8.crl (hash: 6hzGf49LxgdBJA5iOW0wXJTDYpsZFFV5nxMHMzZ5NVM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZFOB6enwr6NsKmagd8odV50ikr8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 13:01:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:3d:fa:d0:35:86:ff:07:07:01:bd:3f:89:81:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=645381e9e9f0afa36c2a66a077ca1d579d2292bf
        Validity
            Not Before: Nov  4 13:01:26 2025 GMT
            Not After : Nov  5 13:01:26 2025 GMT
        Subject: CN=4af48ed3710197ffb5a1cfd784f9fcb3d877da17
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:b7:35:1d:39:19:6d:bb:e3:5b:09:29:3b:03:
                    57:71:25:cb:b6:b9:8e:09:3b:f5:61:16:78:80:5b:
                    d5:be:29:71:6e:b2:e0:c6:09:c5:a1:9b:51:e8:1d:
                    be:31:a7:db:8c:ab:fc:55:a4:bd:d2:ec:dc:87:78:
                    de:ff:d5:ce:d6:66:00:48:76:a1:05:0f:9b:65:0a:
                    63:99:b4:6e:2d:eb:96:5f:9d:23:14:c7:39:96:59:
                    20:8d:f0:6e:c8:cb:59:2c:d9:f6:93:fb:02:32:cb:
                    17:e0:57:1c:e4:fa:60:01:b3:aa:a6:70:6b:3b:49:
                    db:68:35:61:a2:97:c0:53:dc:bc:13:24:90:ed:87:
                    ad:d4:30:9e:55:da:7f:05:aa:f7:35:d0:ec:23:0c:
                    2e:73:30:74:f9:04:c8:a2:58:1a:aa:d9:c2:c5:e2:
                    af:73:c7:7c:76:a4:54:ca:ab:4d:c1:86:0a:21:77:
                    7f:1f:7f:85:3e:dc:aa:ac:95:da:5c:74:42:22:12:
                    87:96:a5:4d:4d:b5:64:88:ab:13:d1:d4:74:b7:d1:
                    e2:23:2a:70:da:eb:0b:41:9a:0f:f5:de:f7:36:2d:
                    d3:69:7e:b1:3d:bc:87:e2:cf:4c:f8:60:59:df:19:
                    d7:b3:17:1d:66:83:b9:e9:d4:ab:b8:62:e5:e7:f0:
                    a2:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:F4:8E:D3:71:01:97:FF:B5:A1:CF:D7:84:F9:FC:B3:D8:77:DA:17
            X509v3 Authority Key Identifier:
                keyid:64:53:81:E9:E9:F0:AF:A3:6C:2A:66:A0:77:CA:1D:57:9D:22:92:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZFOB6enwr6NsKmagd8odV50ikr8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:22:6b:ce:73:84:b1:a2:f3:ff:f2:2f:eb:70:7b:61:b8:ae:
         05:46:2f:49:52:cb:f4:16:9f:94:ef:7a:64:18:e2:fb:63:7b:
         2e:20:6a:3e:22:f4:f6:6a:58:d6:19:c7:30:3e:b2:01:e1:98:
         f6:33:c9:57:86:0a:93:9f:82:ba:cb:78:b1:5a:d4:13:39:5a:
         4f:80:9b:1b:7a:c9:0b:66:6f:92:21:4f:d7:8c:c1:4b:c9:6f:
         d9:c6:70:10:ca:38:c8:53:ce:9a:2a:a4:fa:67:a5:a2:31:3a:
         26:fa:32:23:45:da:2b:71:39:eb:98:83:47:e1:1c:87:35:69:
         3d:f2:12:f7:e8:d7:6f:ad:e0:3e:37:c3:c1:d2:b5:af:7e:cd:
         d7:9d:6f:29:8f:22:4d:c7:6a:75:4f:36:15:a0:54:57:87:c6:
         61:82:23:30:8f:c5:f9:f2:0c:64:ee:bd:7a:4a:4c:e9:96:c2:
         53:b2:8f:a9:e0:bc:f5:59:e3:dd:5b:f7:0f:26:3a:d3:fd:57:
         af:15:57:e1:80:a5:45:5e:23:64:f1:29:43:41:90:5a:9f:e5:
         df:04:87:a2:b2:bd:0e:12:a4:82:4c:f9:c9:c5:d0:13:ba:13:
         8d:00:c4:82:91:ec:f3:a5:c4:0b:e6:2a:47:36:0e:e7:83:bc:
         02:fd:e0:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9T360DWG/wcHAb0/iYEzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0NTM4MWU5ZTlmMGFmYTM2YzJhNjZhMDc3Y2ExZDU3OWQy
MjkyYmYwHhcNMjUxMTA0MTMwMTI2WhcNMjUxMTA1MTMwMTI2WjAzMTEwLwYDVQQD
Eyg0YWY0OGVkMzcxMDE5N2ZmYjVhMWNmZDc4NGY5ZmNiM2Q4NzdkYTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbc1HTkZbbvjWwkpOwNXcSXLtrmO
CTv1YRZ4gFvVvilxbrLgxgnFoZtR6B2+MafbjKv8VaS90uzch3je/9XO1mYASHah
BQ+bZQpjmbRuLeuWX50jFMc5llkgjfBuyMtZLNn2k/sCMssX4Fcc5PpgAbOqpnBr
O0nbaDVhopfAU9y8EySQ7Yet1DCeVdp/Bar3NdDsIwwuczB0+QTIolgaqtnCxeKv
c8d8dqRUyqtNwYYKIXd/H3+FPtyqrJXaXHRCIhKHlqVNTbVkiKsT0dR0t9HiIypw
2usLQZoP9d73Ni3TaX6xPbyH4s9M+GBZ3xnXsxcdZoO56dSruGLl5/CiXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEr0jtNxAZf/taHP14T5/LPYd9oXMB8GA1UdIwQY
MBaAFGRTgenp8K+jbCpmoHfKHVedIpK/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkZPQjZlbndyNk5zS21hZ2Q4b2RWNTBpa3I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC81ODEzZTQtNDg2MS00NjMwLWJmZGIt
MzdmOTk5Y2VjZTIzLzEvWkZPQjZlbndyNk5zS21hZ2Q4b2RWNTBpa3I4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC81ODEzZTQtNDg2MS00NjMwLWJmZGItMzdmOTk5Y2VjZTIz
LzEvWkZPQjZlbndyNk5zS21hZ2Q4b2RWNTBpa3I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFiJrznOE
saLz//Iv63B7YbiuBUYvSVLL9BaflO96ZBji+2N7LiBqPiL09mpY1hnHMD6yAeGY
9jPJV4YKk5+Cust4sVrUEzlaT4CbG3rJC2ZvkiFP14zBS8lv2cZwEMo4yFPOmiqk
+melojE6JvoyI0XaK3E565iDR+EchzVpPfIS9+jXb63gPjfDwdK1r37N151vKY8i
TcdqdU82FaBUV4fGYYIjMI/F+fIMZO69ekpM6ZbCU7KPqeC89Vnj3Vv3DyY60/1X
rxVX4YClRV4jZPEpQ0GQWp/l3wSHorK9DhKkgkz5ycXQE7oTjQDEgpHs86XEC+Yq
RzYO54O8Av3gZg==
-----END CERTIFICATE-----