Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/fc7e2d-7b76-468f-8529-3c637651507d/1/CvFmObpIfvljxWzLMm8lCNGoPv0.mft
File:                     CvFmObpIfvljxWzLMm8lCNGoPv0.mft (raw, json)
Hash identifier:          ms2b5l0/INY4TaUpE6l0TDDNuFnDGYU5ewePWCURnOM=
Subject key identifier:   57:D4:34:E0:CC:13:4B:4F:9D:5D:24:CE:A7:28:7E:E7:79:03:BA:0D
Authority key identifier: 0A:F1:66:39:BA:48:7E:F9:63:C5:6C:CB:32:6F:25:08:D1:A8:3E:FD
Certificate issuer:       /CN=0af16639ba487ef963c56ccb326f2508d1a83efd
Certificate serial:       019A4EF47A731D182E5FC3627997D1759311
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CvFmObpIfvljxWzLMm8lCNGoPv0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/fc7e2d-7b76-468f-8529-3c637651507d/1/CvFmObpIfvljxWzLMm8lCNGoPv0.mft
Manifest number:          09FC
Signing time:             Tue 04 Nov 2025 13:00:36 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:36 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:36 +0000
Files and hashes:         1: CvFmObpIfvljxWzLMm8lCNGoPv0.crl (hash: cCaFyw94IYxKz7ycB761mOLThciZ8TLKN+fuJwKRJvM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c1/fc7e2d-7b76-468f-8529-3c637651507d/1/CvFmObpIfvljxWzLMm8lCNGoPv0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c1/fc7e2d-7b76-468f-8529-3c637651507d/1/CvFmObpIfvljxWzLMm8lCNGoPv0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CvFmObpIfvljxWzLMm8lCNGoPv0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:7a:73:1d:18:2e:5f:c3:62:79:97:d1:75:93:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0af16639ba487ef963c56ccb326f2508d1a83efd
        Validity
            Not Before: Nov  4 13:00:36 2025 GMT
            Not After : Nov  5 13:00:36 2025 GMT
        Subject: CN=57d434e0cc134b4f9d5d24cea7287ee77903ba0d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:f2:45:cf:52:b8:20:39:2d:55:0b:ae:5f:23:
                    d5:b0:8b:d4:55:c5:5a:c9:ba:41:51:0a:94:19:07:
                    f6:67:13:83:b6:dd:0a:d8:24:b7:63:50:1d:1c:00:
                    23:d9:29:6b:a4:8f:88:17:12:2d:1a:72:64:18:47:
                    d9:73:52:9f:0a:7e:11:9a:69:2e:9d:6d:a3:86:1b:
                    b4:1d:4d:e6:c0:78:90:d9:22:0f:e2:b2:62:9f:a7:
                    46:b2:d2:16:73:af:aa:4c:54:96:4e:73:6e:7b:68:
                    eb:66:da:d6:a6:39:1c:d9:be:87:a3:05:d7:44:ca:
                    2d:df:c0:ec:a5:a5:61:29:2d:27:7f:22:1a:9b:2e:
                    8b:e1:8e:9f:44:17:7b:a4:1e:b1:87:c8:06:43:ad:
                    4d:88:af:27:0e:17:26:8a:78:2f:fd:16:5a:e5:43:
                    73:87:9a:9a:59:5c:c4:28:c3:f6:e3:66:dc:b2:49:
                    c3:b1:60:20:a0:d6:f3:e0:e7:24:0d:62:c7:e3:3c:
                    e9:4e:39:34:91:5d:16:8c:23:e0:1e:f4:fa:ee:2f:
                    5d:bd:e5:c9:62:b1:6e:2c:45:c5:24:93:03:db:25:
                    f3:73:cc:58:9e:0d:a1:1e:37:76:d8:03:c7:78:b2:
                    52:c2:8a:44:d0:13:b0:f0:c5:9f:6a:c6:cf:f1:b7:
                    29:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:D4:34:E0:CC:13:4B:4F:9D:5D:24:CE:A7:28:7E:E7:79:03:BA:0D
            X509v3 Authority Key Identifier:
                keyid:0A:F1:66:39:BA:48:7E:F9:63:C5:6C:CB:32:6F:25:08:D1:A8:3E:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CvFmObpIfvljxWzLMm8lCNGoPv0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/fc7e2d-7b76-468f-8529-3c637651507d/1/CvFmObpIfvljxWzLMm8lCNGoPv0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/fc7e2d-7b76-468f-8529-3c637651507d/1/CvFmObpIfvljxWzLMm8lCNGoPv0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:66:88:12:53:5e:e3:3d:c4:d9:45:26:f8:3a:1f:b0:7f:3c:
         fb:0d:35:c7:f7:d7:a8:a6:2e:f0:a8:21:ec:b0:fd:b7:f5:8a:
         67:29:e1:f4:6f:55:85:c1:91:e0:f5:0f:3b:a8:ca:ed:b0:65:
         ca:87:ef:2e:9f:4a:bb:a5:56:a3:70:fb:49:ef:24:6f:81:fb:
         72:bb:a0:27:2c:3b:62:8b:8f:46:f3:50:1c:5c:33:0a:d9:76:
         a4:fd:cb:52:50:f9:29:95:07:f1:f0:b6:bf:bb:e5:dc:15:7f:
         0c:a3:06:1a:e1:9a:78:10:ac:36:16:b4:1c:db:a7:3b:ba:0d:
         f0:e5:41:2a:59:7b:5c:0c:10:e9:00:64:cc:2e:cc:6c:05:a5:
         60:01:98:85:60:a0:8c:93:25:a6:a6:86:63:aa:05:dc:eb:f4:
         7f:8b:03:68:0a:21:ac:91:f7:62:60:d6:98:e1:b5:94:f1:d2:
         14:1d:0b:b1:7d:31:da:89:85:17:60:2a:1e:e8:59:cb:8b:75:
         fe:7c:92:30:3f:0e:ab:9b:11:73:6c:f0:21:f6:ef:e8:f9:d9:
         3d:76:97:ad:63:95:95:e7:fe:8d:41:6b:59:d8:4b:c1:c3:a9:
         a3:f9:f9:ed:5e:ef:b6:6d:6f:f0:af:2e:9e:a8:00:f7:7b:75:
         b9:6a:a9:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9HpzHRguX8NieZfRdZMRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhZjE2NjM5YmE0ODdlZjk2M2M1NmNjYjMyNmYyNTA4ZDFh
ODNlZmQwHhcNMjUxMTA0MTMwMDM2WhcNMjUxMTA1MTMwMDM2WjAzMTEwLwYDVQQD
Eyg1N2Q0MzRlMGNjMTM0YjRmOWQ1ZDI0Y2VhNzI4N2VlNzc5MDNiYTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzvJFz1K4IDktVQuuXyPVsIvUVcVa
ybpBUQqUGQf2ZxODtt0K2CS3Y1AdHAAj2SlrpI+IFxItGnJkGEfZc1KfCn4Rmmku
nW2jhhu0HU3mwHiQ2SIP4rJin6dGstIWc6+qTFSWTnNue2jrZtrWpjkc2b6HowXX
RMot38DspaVhKS0nfyIamy6L4Y6fRBd7pB6xh8gGQ61NiK8nDhcmingv/RZa5UNz
h5qaWVzEKMP242bcsknDsWAgoNbz4OckDWLH4zzpTjk0kV0WjCPgHvT67i9dveXJ
YrFuLEXFJJMD2yXzc8xYng2hHjd22APHeLJSwopE0BOw8MWfasbP8bcpAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFfUNODME0tPnV0kzqcofud5A7oNMB8GA1UdIwQY
MBaAFArxZjm6SH75Y8VsyzJvJQjRqD79MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3ZGbU9icElmdmxqeFd6TE1tOGxDTkdvUHYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9mYzdlMmQtN2I3Ni00NjhmLTg1Mjkt
M2M2Mzc2NTE1MDdkLzEvQ3ZGbU9icElmdmxqeFd6TE1tOGxDTkdvUHYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9mYzdlMmQtN2I3Ni00NjhmLTg1MjktM2M2Mzc2NTE1MDdk
LzEvQ3ZGbU9icElmdmxqeFd6TE1tOGxDTkdvUHYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQmaIElNe
4z3E2UUm+DofsH88+w01x/fXqKYu8Kgh7LD9t/WKZynh9G9VhcGR4PUPO6jK7bBl
yofvLp9Ku6VWo3D7Se8kb4H7crugJyw7YouPRvNQHFwzCtl2pP3LUlD5KZUH8fC2
v7vl3BV/DKMGGuGaeBCsNha0HNunO7oN8OVBKll7XAwQ6QBkzC7MbAWlYAGYhWCg
jJMlpqaGY6oF3Ov0f4sDaAohrJH3YmDWmOG1lPHSFB0LsX0x2omFF2AqHuhZy4t1
/nySMD8Oq5sRc2zwIfbv6PnZPXaXrWOVlef+jUFrWdhLwcOpo/n57V7vtm1v8K8u
nqgA93t1uWqp5g==
-----END CERTIFICATE-----