Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft
File:                     oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft (raw, json)
Hash identifier:          k5gKF9ElkWckI6E0gERAR6sSPj49GT5riH+DSH0Jq3M=
Subject key identifier:   FF:9D:51:9F:1B:44:2D:D3:F0:C6:D8:05:45:71:72:5F:3E:59:68:62
Authority key identifier: A1:35:7A:7D:0F:03:2E:9C:DD:4A:03:1D:52:D3:B4:04:7C:03:94:1A
Certificate issuer:       /CN=a1357a7d0f032e9cdd4a031d52d3b4047c03941a
Certificate serial:       019A4E4F92092AB9D6E3C81A975ED91FBE3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft
Manifest number:          170A
Signing time:             Tue 04 Nov 2025 10:00:28 +0000
Manifest this update:     Tue 04 Nov 2025 10:00:28 +0000
Manifest next update:     Wed 05 Nov 2025 10:00:28 +0000
Files and hashes:         1: oTV6fQ8DLpzdSgMdUtO0BHwDlBo.crl (hash: Tth+n8pRtJQ4sA8qB3CLcqqKBQodXfi+dHeLd+sUTek=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:4f:92:09:2a:b9:d6:e3:c8:1a:97:5e:d9:1f:be:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1357a7d0f032e9cdd4a031d52d3b4047c03941a
        Validity
            Not Before: Nov  4 10:00:28 2025 GMT
            Not After : Nov  5 10:00:28 2025 GMT
        Subject: CN=ff9d519f1b442dd3f0c6d8054571725f3e596862
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:0f:72:f3:38:96:8c:fd:3e:b3:fc:12:ef:bb:
                    cb:b5:f6:37:53:68:c2:57:ad:59:89:5a:a8:bd:e6:
                    54:f5:c6:2f:72:bf:33:44:69:b2:7a:57:a7:d1:16:
                    36:b5:7c:31:60:70:10:1d:dd:e2:eb:73:c2:c8:61:
                    1f:8f:93:07:f8:98:10:d6:0f:c1:3b:5a:ef:01:47:
                    10:33:06:d6:11:01:9b:4f:b1:6c:e6:a9:a9:d9:53:
                    59:09:3b:8d:75:45:c9:d0:45:f6:a4:61:b1:a4:a4:
                    46:a7:f4:1a:d7:f4:19:c2:ff:88:9a:0d:02:94:9a:
                    d2:38:47:1a:cd:ca:39:b6:2c:a7:77:72:2d:26:4a:
                    10:e4:c2:ae:66:66:e4:aa:d5:e8:e0:ea:1d:79:b5:
                    14:dd:08:4c:d1:29:7d:36:e4:cd:cd:18:12:f8:fe:
                    07:30:73:0b:cf:f8:07:7f:a6:81:ed:60:d9:5b:9f:
                    bd:1a:48:24:d5:5b:d3:e9:f4:35:c2:a2:fc:c4:31:
                    8e:76:80:73:e1:e9:7e:99:1a:6b:17:7e:23:1c:9f:
                    e0:f7:7e:5c:2a:55:71:ca:2a:be:82:1b:de:0a:0f:
                    ae:7e:8d:0e:35:b2:80:09:d7:9c:56:9a:ca:dd:6f:
                    53:72:a2:83:85:0b:3d:be:be:8f:a5:62:63:b6:a1:
                    69:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:9D:51:9F:1B:44:2D:D3:F0:C6:D8:05:45:71:72:5F:3E:59:68:62
            X509v3 Authority Key Identifier:
                keyid:A1:35:7A:7D:0F:03:2E:9C:DD:4A:03:1D:52:D3:B4:04:7C:03:94:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:8c:4b:b1:f8:a8:90:e8:83:bd:70:35:11:0d:e8:a3:ce:39:
         68:4a:51:65:b2:29:25:4a:e5:95:65:d8:fd:19:53:03:e5:33:
         aa:f9:f6:d8:38:98:18:76:70:87:57:1b:d9:97:da:45:21:f7:
         fb:78:1a:ff:71:e3:d4:c7:c6:5e:4d:19:34:20:a3:31:08:3b:
         f2:89:c4:51:7e:d0:a1:10:c3:b0:f1:5f:30:03:4c:7d:a3:31:
         42:fe:3b:15:cc:cd:50:bb:83:4a:f9:ea:10:ac:c4:bd:f8:38:
         14:10:34:fa:c6:c0:af:9d:c8:5f:64:ff:dc:13:01:5d:9e:ba:
         d7:21:a4:a0:7e:99:e7:eb:11:f3:13:dc:56:32:9f:64:d7:aa:
         1a:4b:e5:d9:da:37:72:e3:07:0c:d2:8e:77:6e:d4:26:20:75:
         63:90:d0:80:43:98:29:a3:1b:48:bf:0b:80:8c:8b:09:f6:53:
         a6:15:c3:66:0c:1e:1c:3b:36:b3:22:88:dc:12:91:74:03:d5:
         35:02:e1:80:ae:f7:72:f2:f6:29:aa:89:d4:2e:e4:51:b5:de:
         d2:cf:6b:c1:3f:7b:ad:32:f8:64:51:58:1a:8a:49:d4:56:a6:
         e7:95:38:e5:38:3f:df:db:ce:58:22:f3:e2:97:ad:6b:38:cb:
         76:d0:e7:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOT5IJKrnW48gal17ZH749MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExMzU3YTdkMGYwMzJlOWNkZDRhMDMxZDUyZDNiNDA0N2Mw
Mzk0MWEwHhcNMjUxMTA0MTAwMDI4WhcNMjUxMTA1MTAwMDI4WjAzMTEwLwYDVQQD
EyhmZjlkNTE5ZjFiNDQyZGQzZjBjNmQ4MDU0NTcxNzI1ZjNlNTk2ODYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzg9y8ziWjP0+s/wS77vLtfY3U2jC
V61ZiVqoveZU9cYvcr8zRGmyelen0RY2tXwxYHAQHd3i63PCyGEfj5MH+JgQ1g/B
O1rvAUcQMwbWEQGbT7Fs5qmp2VNZCTuNdUXJ0EX2pGGxpKRGp/Qa1/QZwv+Img0C
lJrSOEcazco5tiynd3ItJkoQ5MKuZmbkqtXo4OodebUU3QhM0Sl9NuTNzRgS+P4H
MHMLz/gHf6aB7WDZW5+9Gkgk1VvT6fQ1wqL8xDGOdoBz4el+mRprF34jHJ/g935c
KlVxyiq+ghveCg+ufo0ONbKACdecVprK3W9TcqKDhQs9vr6PpWJjtqFpOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP+dUZ8bRC3T8MbYBUVxcl8+WWhiMB8GA1UdIwQY
MBaAFKE1en0PAy6c3UoDHVLTtAR8A5QaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1RWNmZROERMcHpkU2dNZFV0TzBCSHdEbEJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9lODQwNjAtYTJkNC00OGEzLWEwOTYt
YTBiNmFkNjcxZWUzLzEvb1RWNmZROERMcHpkU2dNZFV0TzBCSHdEbEJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9lODQwNjAtYTJkNC00OGEzLWEwOTYtYTBiNmFkNjcxZWUz
LzEvb1RWNmZROERMcHpkU2dNZFV0TzBCSHdEbEJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcYxLsfio
kOiDvXA1EQ3oo845aEpRZbIpJUrllWXY/RlTA+Uzqvn22DiYGHZwh1cb2ZfaRSH3
+3ga/3Hj1MfGXk0ZNCCjMQg78onEUX7QoRDDsPFfMANMfaMxQv47FczNULuDSvnq
EKzEvfg4FBA0+sbAr53IX2T/3BMBXZ661yGkoH6Z5+sR8xPcVjKfZNeqGkvl2do3
cuMHDNKOd27UJiB1Y5DQgEOYKaMbSL8LgIyLCfZTphXDZgweHDs2syKI3BKRdAPV
NQLhgK73cvL2KaqJ1C7kUbXe0s9rwT97rTL4ZFFYGopJ1Fam55U45Tg/39vOWCLz
4petazjLdtDn4g==
-----END CERTIFICATE-----