Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/fc0d21-7f14-44ab-995c-e0bae8bae674/1/dCnR70knCBDhAgzqhhmGQjORMaA.mft
File:                     dCnR70knCBDhAgzqhhmGQjORMaA.mft (raw, json)
Hash identifier:          6DR2c1/AamKKLkiOQeUPfynw40rccuBM0o7xtYbXrOo=
Subject key identifier:   5C:E1:2F:F3:F1:91:C5:6E:0D:1F:CF:8E:B7:29:A0:12:76:86:71:6D
Authority key identifier: 74:29:D1:EF:49:27:08:10:E1:02:0C:EA:86:19:86:42:33:91:31:A0
Certificate issuer:       /CN=7429d1ef49270810e1020cea86198642339131a0
Certificate serial:       019A4EF5026995927CD46C4FE9131E9BECD5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dCnR70knCBDhAgzqhhmGQjORMaA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/fc0d21-7f14-44ab-995c-e0bae8bae674/1/dCnR70knCBDhAgzqhhmGQjORMaA.mft
Manifest number:          0BD9
Signing time:             Tue 04 Nov 2025 13:01:10 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:10 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:10 +0000
Files and hashes:         1: dCnR70knCBDhAgzqhhmGQjORMaA.crl (hash: bSC2SU0lwxkDx/I0sp2higl30rAZP3IeQV1iSt2fcb4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/fc0d21-7f14-44ab-995c-e0bae8bae674/1/dCnR70knCBDhAgzqhhmGQjORMaA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/fc0d21-7f14-44ab-995c-e0bae8bae674/1/dCnR70knCBDhAgzqhhmGQjORMaA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dCnR70knCBDhAgzqhhmGQjORMaA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:02:69:95:92:7c:d4:6c:4f:e9:13:1e:9b:ec:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7429d1ef49270810e1020cea86198642339131a0
        Validity
            Not Before: Nov  4 13:01:10 2025 GMT
            Not After : Nov  5 13:01:10 2025 GMT
        Subject: CN=5ce12ff3f191c56e0d1fcf8eb729a0127686716d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:46:d9:62:ed:2c:eb:ad:14:bd:23:51:cd:aa:
                    8c:72:30:47:b6:9f:a3:1e:8a:5c:a9:f2:e6:3c:5f:
                    2e:27:c6:84:02:18:7f:c4:b9:3f:6f:84:0c:f0:3e:
                    e0:62:7e:47:be:78:1e:e9:55:23:5d:3f:63:43:0e:
                    f6:d1:7e:64:82:bb:3a:2e:72:84:80:1c:61:95:79:
                    14:8d:2d:7c:2e:0c:a7:32:77:eb:b3:df:38:97:e0:
                    28:d5:47:90:ea:63:48:4d:c5:0a:43:c1:02:60:e0:
                    f9:19:43:0e:49:58:34:e5:c0:e0:d2:85:77:5f:ca:
                    32:60:36:67:ff:7c:3b:04:9f:1b:9f:e4:12:54:25:
                    ab:1a:ec:ef:28:58:b6:7a:6c:16:70:cd:42:4b:35:
                    df:77:5f:42:2a:63:b7:1f:2f:15:b8:8d:4b:7a:55:
                    2e:f5:5b:f9:bc:83:ec:88:d4:b3:68:e4:1e:b4:1b:
                    f3:e9:13:6b:68:1d:85:af:d6:63:08:b5:d8:76:8a:
                    c1:48:50:60:84:e4:68:10:b6:b6:42:3b:e0:db:27:
                    79:2a:48:63:41:5d:c9:29:c1:5c:b6:05:e6:d9:6b:
                    42:e3:17:05:70:96:2f:19:8a:36:bc:ff:27:95:fb:
                    c8:bb:49:72:dd:2f:10:48:d1:6d:5f:6a:40:cd:20:
                    22:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:E1:2F:F3:F1:91:C5:6E:0D:1F:CF:8E:B7:29:A0:12:76:86:71:6D
            X509v3 Authority Key Identifier:
                keyid:74:29:D1:EF:49:27:08:10:E1:02:0C:EA:86:19:86:42:33:91:31:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dCnR70knCBDhAgzqhhmGQjORMaA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/fc0d21-7f14-44ab-995c-e0bae8bae674/1/dCnR70knCBDhAgzqhhmGQjORMaA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/fc0d21-7f14-44ab-995c-e0bae8bae674/1/dCnR70knCBDhAgzqhhmGQjORMaA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:10:c9:98:4d:dd:69:05:ec:e6:39:2f:13:71:46:18:06:82:
         a8:d8:15:4a:93:60:32:db:1f:42:8f:de:ef:f2:5c:42:8f:6b:
         09:c2:f3:b2:6e:a9:0d:e5:96:c4:3b:0a:71:9d:c6:81:49:b1:
         35:40:e4:41:2f:74:79:fc:36:7a:26:66:ec:b8:a0:8d:f6:19:
         0e:d6:51:66:d6:06:8a:e9:db:16:c2:ac:81:d2:be:25:9a:15:
         be:f0:ba:7e:d9:b5:19:2d:ba:89:96:51:34:ce:30:29:24:09:
         f4:1a:c3:1c:c0:06:e3:e7:3a:82:4f:55:89:21:d5:71:5e:07:
         87:22:ba:b9:bf:39:ab:c8:e3:81:cf:86:20:82:2f:ad:7d:47:
         57:83:bd:9a:60:7a:cd:ba:ad:a6:2f:20:41:29:99:6f:cd:44:
         46:ff:82:6e:79:77:02:80:51:a9:cc:26:9d:9e:39:8b:86:60:
         bb:ca:47:65:18:b0:d1:91:25:c3:e2:25:b7:b1:f6:d6:3b:80:
         a7:da:8b:4b:4a:12:fb:4f:4e:b0:cc:48:53:12:98:16:7d:38:
         92:16:3d:66:ed:2e:c7:0e:4e:a2:82:7a:f6:1d:4b:78:c4:9e:
         58:89:28:f1:ab:c3:b1:f9:1d:55:b6:ca:c3:d8:79:a4:25:1b:
         29:cf:2f:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9QJplZJ81GxP6RMem+zVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MjlkMWVmNDkyNzA4MTBlMTAyMGNlYTg2MTk4NjQyMzM5
MTMxYTAwHhcNMjUxMTA0MTMwMTEwWhcNMjUxMTA1MTMwMTEwWjAzMTEwLwYDVQQD
Eyg1Y2UxMmZmM2YxOTFjNTZlMGQxZmNmOGViNzI5YTAxMjc2ODY3MTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkbZYu0s660UvSNRzaqMcjBHtp+j
HopcqfLmPF8uJ8aEAhh/xLk/b4QM8D7gYn5Hvnge6VUjXT9jQw720X5kgrs6LnKE
gBxhlXkUjS18LgynMnfrs984l+Ao1UeQ6mNITcUKQ8ECYOD5GUMOSVg05cDg0oV3
X8oyYDZn/3w7BJ8bn+QSVCWrGuzvKFi2emwWcM1CSzXfd19CKmO3Hy8VuI1LelUu
9Vv5vIPsiNSzaOQetBvz6RNraB2Fr9ZjCLXYdorBSFBghORoELa2Qjvg2yd5Kkhj
QV3JKcFctgXm2WtC4xcFcJYvGYo2vP8nlfvIu0ly3S8QSNFtX2pAzSAiUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFzhL/PxkcVuDR/PjrcpoBJ2hnFtMB8GA1UdIwQY
MBaAFHQp0e9JJwgQ4QIM6oYZhkIzkTGgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZENuUjcwa25DQkRoQWd6cWhobUdRak9STWFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9mYzBkMjEtN2YxNC00NGFiLTk5NWMt
ZTBiYWU4YmFlNjc0LzEvZENuUjcwa25DQkRoQWd6cWhobUdRak9STWFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9mYzBkMjEtN2YxNC00NGFiLTk5NWMtZTBiYWU4YmFlNjc0
LzEvZENuUjcwa25DQkRoQWd6cWhobUdRak9STWFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgRDJmE3d
aQXs5jkvE3FGGAaCqNgVSpNgMtsfQo/e7/JcQo9rCcLzsm6pDeWWxDsKcZ3GgUmx
NUDkQS90efw2eiZm7LigjfYZDtZRZtYGiunbFsKsgdK+JZoVvvC6ftm1GS26iZZR
NM4wKSQJ9BrDHMAG4+c6gk9ViSHVcV4HhyK6ub85q8jjgc+GIIIvrX1HV4O9mmB6
zbqtpi8gQSmZb81ERv+Cbnl3AoBRqcwmnZ45i4Zgu8pHZRiw0ZElw+Ilt7H21juA
p9qLS0oS+09OsMxIUxKYFn04khY9Zu0uxw5OooJ69h1LeMSeWIko8avDsfkdVbbK
w9h5pCUbKc8vjw==
-----END CERTIFICATE-----