Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/770494-9f13-4a16-b2e2-d2c8a65aacfe/1/8j79S9kntM6jMSCiG09zFNy-oXk.mft
File:                     8j79S9kntM6jMSCiG09zFNy-oXk.mft (raw, json)
Hash identifier:          Ptw84RpsTBV1WrOMTBF1u9503yVYTQa3f2oXEmOdhYk=
Subject key identifier:   56:41:6C:36:C1:A5:AF:AD:41:20:F6:90:15:C8:49:48:40:36:4E:3B
Authority key identifier: F2:3E:FD:4B:D9:27:B4:CE:A3:31:20:A2:1B:4F:73:14:DC:BE:A1:79
Certificate issuer:       /CN=f23efd4bd927b4cea33120a21b4f7314dcbea179
Certificate serial:       019A4DE1D965B06D241EA46EEEC895FBEEAE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8j79S9kntM6jMSCiG09zFNy-oXk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/770494-9f13-4a16-b2e2-d2c8a65aacfe/1/8j79S9kntM6jMSCiG09zFNy-oXk.mft
Manifest number:          0EB1
Signing time:             Tue 04 Nov 2025 08:00:38 +0000
Manifest this update:     Tue 04 Nov 2025 08:00:38 +0000
Manifest next update:     Wed 05 Nov 2025 08:00:38 +0000
Files and hashes:         1: 8j79S9kntM6jMSCiG09zFNy-oXk.crl (hash: /iwue/zo5yqETqfddU8rsHdFaZjp9N1aK9diIItnhls=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/770494-9f13-4a16-b2e2-d2c8a65aacfe/1/8j79S9kntM6jMSCiG09zFNy-oXk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/770494-9f13-4a16-b2e2-d2c8a65aacfe/1/8j79S9kntM6jMSCiG09zFNy-oXk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8j79S9kntM6jMSCiG09zFNy-oXk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 08:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:e1:d9:65:b0:6d:24:1e:a4:6e:ee:c8:95:fb:ee:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f23efd4bd927b4cea33120a21b4f7314dcbea179
        Validity
            Not Before: Nov  4 08:00:38 2025 GMT
            Not After : Nov  5 08:00:38 2025 GMT
        Subject: CN=56416c36c1a5afad4120f69015c8494840364e3b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:3b:cb:35:1d:41:fb:0a:80:ce:34:39:9b:53:
                    1a:e7:ca:3e:bf:2d:e9:ba:ac:4b:da:c0:59:ee:c4:
                    d9:e6:42:0c:c1:0e:63:d6:fa:2f:85:c0:fd:10:f1:
                    98:ae:d0:75:99:ec:59:c4:11:f0:46:b6:3d:67:c8:
                    8f:a0:dc:50:56:73:c7:53:09:1b:67:de:4f:d5:e9:
                    26:55:7c:ee:4f:2b:6b:04:ab:39:eb:93:7a:0c:2d:
                    15:8a:5d:e9:42:b4:b3:69:9d:16:37:1d:79:04:37:
                    16:6a:62:bf:0a:58:3c:a6:b9:bc:ff:99:00:4d:fc:
                    11:5c:35:f2:e1:1c:a9:d2:30:48:04:07:fb:67:50:
                    b5:1c:6b:7b:14:07:12:97:b4:37:6f:0a:f2:4b:65:
                    6f:ae:1a:4c:40:bc:ea:bb:37:3b:0e:bf:e1:63:86:
                    8a:03:af:cd:82:dc:5a:e1:dd:5e:79:d2:2d:be:bf:
                    91:c3:c8:8f:04:e3:2e:50:57:53:0a:e8:dd:de:52:
                    67:fa:80:f7:d6:68:ec:b4:9c:2f:97:b3:11:53:6e:
                    d0:48:09:b0:68:b6:e9:bb:c6:fb:ff:2e:78:24:af:
                    7a:43:25:24:9b:2b:d4:11:3b:85:67:6a:62:28:bd:
                    86:a6:1a:bd:8b:7c:80:d3:97:b0:cf:93:a0:c2:6c:
                    47:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:41:6C:36:C1:A5:AF:AD:41:20:F6:90:15:C8:49:48:40:36:4E:3B
            X509v3 Authority Key Identifier:
                keyid:F2:3E:FD:4B:D9:27:B4:CE:A3:31:20:A2:1B:4F:73:14:DC:BE:A1:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8j79S9kntM6jMSCiG09zFNy-oXk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/770494-9f13-4a16-b2e2-d2c8a65aacfe/1/8j79S9kntM6jMSCiG09zFNy-oXk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/770494-9f13-4a16-b2e2-d2c8a65aacfe/1/8j79S9kntM6jMSCiG09zFNy-oXk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:4e:f5:b8:91:2c:6e:68:53:9a:7d:c1:e9:b8:32:b5:4d:c8:
         b9:21:11:cd:98:86:5d:00:34:d8:4b:dd:72:7e:5a:a2:70:a1:
         8d:cc:f4:d6:e4:04:59:36:6d:ad:22:78:6b:a1:56:07:1d:09:
         90:1b:25:ae:23:2f:bf:02:10:76:e2:c8:54:86:85:5d:49:dd:
         d1:ad:f8:f2:71:58:db:86:7c:87:26:ef:d9:62:c1:51:77:d6:
         2b:f8:0e:98:3c:49:ab:ed:73:62:a2:59:e9:92:7f:17:b9:bf:
         85:3a:a0:a3:1e:eb:7a:67:09:94:a2:d6:f1:0a:da:0e:22:79:
         48:47:40:44:ea:41:18:69:34:e0:3b:c8:a4:e3:25:21:c5:8c:
         21:6e:77:a0:fc:fc:72:b4:f2:e4:00:91:25:05:72:43:19:23:
         33:f1:f2:40:4b:dd:6c:fc:56:60:cc:33:a9:16:1d:26:88:a3:
         00:da:fc:5b:dc:16:28:91:a4:88:05:29:12:1a:51:74:ce:04:
         e3:a7:e8:ff:97:90:1a:b0:09:7c:32:82:e9:45:2c:be:8a:4d:
         37:f5:8f:2d:24:6b:6c:5b:2e:40:7b:04:f6:ca:47:84:5c:79:
         9b:cf:64:4e:3b:00:53:fa:a0:4c:2f:4e:8d:78:1d:30:c8:c1:
         15:10:d1:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4dllsG0kHqRu7siV++6uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyM2VmZDRiZDkyN2I0Y2VhMzMxMjBhMjFiNGY3MzE0ZGNi
ZWExNzkwHhcNMjUxMTA0MDgwMDM4WhcNMjUxMTA1MDgwMDM4WjAzMTEwLwYDVQQD
Eyg1NjQxNmMzNmMxYTVhZmFkNDEyMGY2OTAxNWM4NDk0ODQwMzY0ZTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDvLNR1B+wqAzjQ5m1Ma58o+vy3p
uqxL2sBZ7sTZ5kIMwQ5j1vovhcD9EPGYrtB1mexZxBHwRrY9Z8iPoNxQVnPHUwkb
Z95P1ekmVXzuTytrBKs565N6DC0Vil3pQrSzaZ0WNx15BDcWamK/Clg8prm8/5kA
TfwRXDXy4Ryp0jBIBAf7Z1C1HGt7FAcSl7Q3bwryS2VvrhpMQLzquzc7Dr/hY4aK
A6/Ngtxa4d1eedItvr+Rw8iPBOMuUFdTCujd3lJn+oD31mjstJwvl7MRU27QSAmw
aLbpu8b7/y54JK96QyUkmyvUETuFZ2piKL2Gphq9i3yA05ewz5OgwmxHzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFZBbDbBpa+tQSD2kBXISUhANk47MB8GA1UdIwQY
MBaAFPI+/UvZJ7TOozEgohtPcxTcvqF5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGo3OVM5a250TTZqTVNDaUcwOXpGTnktb1hrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC83NzA0OTQtOWYxMy00YTE2LWIyZTIt
ZDJjOGE2NWFhY2ZlLzEvOGo3OVM5a250TTZqTVNDaUcwOXpGTnktb1hrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC83NzA0OTQtOWYxMy00YTE2LWIyZTItZDJjOGE2NWFhY2Zl
LzEvOGo3OVM5a250TTZqTVNDaUcwOXpGTnktb1hrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE071uJEs
bmhTmn3B6bgytU3IuSERzZiGXQA02Evdcn5aonChjcz01uQEWTZtrSJ4a6FWBx0J
kBslriMvvwIQduLIVIaFXUnd0a348nFY24Z8hybv2WLBUXfWK/gOmDxJq+1zYqJZ
6ZJ/F7m/hTqgox7remcJlKLW8QraDiJ5SEdAROpBGGk04DvIpOMlIcWMIW53oPz8
crTy5ACRJQVyQxkjM/HyQEvdbPxWYMwzqRYdJoijANr8W9wWKJGkiAUpEhpRdM4E
46fo/5eQGrAJfDKC6UUsvopNN/WPLSRrbFsuQHsE9spHhFx5m89kTjsAU/qgTC9O
jXgdMMjBFRDRCQ==
-----END CERTIFICATE-----