Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft
File:                     AVgEEYI7SHN2g27WavP4qrsgEZw.mft (raw, json)
Hash identifier:          SxhJOJokbv46iNMXmUJOiMakGjmNA9WuaB55A/au+OY=
Subject key identifier:   E9:CC:27:76:78:10:C4:81:31:4F:22:7D:D8:2D:59:26:C2:24:E9:7A
Authority key identifier: 01:58:04:11:82:3B:48:73:76:83:6E:D6:6A:F3:F8:AA:BB:20:11:9C
Certificate issuer:       /CN=01580411823b487376836ed66af3f8aabb20119c
Certificate serial:       019A4EF4A7536C275A191A52741686403938
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AVgEEYI7SHN2g27WavP4qrsgEZw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft
Manifest number:          170A
Signing time:             Tue 04 Nov 2025 13:00:47 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:47 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:47 +0000
Files and hashes:         1: AVgEEYI7SHN2g27WavP4qrsgEZw.crl (hash: U2S/FJerwjAHzuv7Hmivp5QyIlw2AczmrzLdwFNVsg8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AVgEEYI7SHN2g27WavP4qrsgEZw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:a7:53:6c:27:5a:19:1a:52:74:16:86:40:39:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01580411823b487376836ed66af3f8aabb20119c
        Validity
            Not Before: Nov  4 13:00:47 2025 GMT
            Not After : Nov  5 13:00:47 2025 GMT
        Subject: CN=e9cc27767810c481314f227dd82d5926c224e97a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:dd:32:85:d8:69:f1:df:7b:75:6a:0c:29:fb:
                    45:f8:d5:31:66:08:0d:71:a5:8a:b9:e2:f6:45:1a:
                    0c:5c:dd:81:d3:d5:ba:cc:dc:2f:33:c0:ce:ac:f0:
                    6d:e7:f3:d1:4b:a1:f3:4c:fe:6c:9a:6d:e2:19:a7:
                    5e:ee:7e:e9:85:0b:4a:82:87:00:0a:08:b6:2b:60:
                    97:07:12:3a:d8:f5:4d:1d:19:4a:e1:e5:8e:e9:7c:
                    0b:ae:ec:b2:f5:b7:3c:2d:b0:d5:6e:a9:c3:ad:2c:
                    35:7f:f3:c8:32:a6:0d:2b:80:26:3d:23:7f:e8:26:
                    f7:71:cb:03:2c:bf:0a:51:f3:c5:b7:01:84:24:8d:
                    25:00:cc:99:97:cb:9c:11:ea:ac:6b:9c:5d:f5:26:
                    20:43:f3:cd:95:a6:01:05:7c:59:16:ac:0d:4b:b2:
                    4c:d5:7e:a4:09:72:2f:62:f2:71:f0:1e:53:04:10:
                    ea:74:57:73:f5:92:c0:a4:96:58:c8:5d:23:1e:9f:
                    22:1f:ad:5b:b2:2e:49:e7:01:ae:6c:05:4c:7a:7a:
                    09:b1:95:b2:04:ec:aa:91:b9:02:87:b5:ab:36:b1:
                    78:34:f4:38:ef:b1:70:8a:81:65:fd:de:60:00:43:
                    16:65:2f:f0:79:ae:66:e2:71:85:97:8f:c4:77:db:
                    0b:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:CC:27:76:78:10:C4:81:31:4F:22:7D:D8:2D:59:26:C2:24:E9:7A
            X509v3 Authority Key Identifier:
                keyid:01:58:04:11:82:3B:48:73:76:83:6E:D6:6A:F3:F8:AA:BB:20:11:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AVgEEYI7SHN2g27WavP4qrsgEZw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:27:22:b9:8f:f6:34:f8:d3:fa:69:ab:37:f2:87:34:4f:17:
         30:13:48:c2:92:38:90:6e:5d:d8:19:0b:80:1c:39:91:b9:c4:
         a6:58:58:97:6d:7c:5e:18:98:7f:37:73:48:b6:db:9c:26:b8:
         be:46:35:0f:36:70:48:58:00:41:6b:db:f5:72:7c:93:47:10:
         e1:4f:c7:43:59:73:05:36:4c:0e:8a:66:30:d7:b4:6d:16:15:
         2b:a7:7d:f4:83:fb:66:71:44:7a:f6:f9:28:56:b5:2d:03:b5:
         dc:57:f5:27:bb:9d:08:b7:03:25:24:c1:0f:26:61:a2:4f:b5:
         56:45:5a:98:a1:2f:da:4b:e1:cc:cb:ca:73:c7:e7:1a:a3:34:
         be:6a:de:d3:3c:0b:ae:1d:d6:f0:63:a0:4d:55:0c:cc:5a:33:
         79:a8:f2:eb:d4:43:2a:3c:17:71:d8:7f:4c:9d:10:59:16:07:
         5c:85:e3:a6:aa:58:2c:da:58:5e:17:e3:11:66:50:e5:c5:09:
         f5:d9:53:1d:77:96:24:9c:07:c2:ab:23:aa:88:77:8d:1d:49:
         89:c4:5c:2d:d3:bb:a4:a0:39:17:34:e5:aa:52:ae:d7:83:06:
         11:8f:85:64:2f:85:77:fc:b2:18:93:01:d1:c7:3b:3f:5e:87:
         35:23:74:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9KdTbCdaGRpSdBaGQDk4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNTgwNDExODIzYjQ4NzM3NjgzNmVkNjZhZjNmOGFhYmIy
MDExOWMwHhcNMjUxMTA0MTMwMDQ3WhcNMjUxMTA1MTMwMDQ3WjAzMTEwLwYDVQQD
EyhlOWNjMjc3Njc4MTBjNDgxMzE0ZjIyN2RkODJkNTkyNmMyMjRlOTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4d0yhdhp8d97dWoMKftF+NUxZggN
caWKueL2RRoMXN2B09W6zNwvM8DOrPBt5/PRS6HzTP5smm3iGade7n7phQtKgocA
Cgi2K2CXBxI62PVNHRlK4eWO6XwLruyy9bc8LbDVbqnDrSw1f/PIMqYNK4AmPSN/
6Cb3ccsDLL8KUfPFtwGEJI0lAMyZl8ucEeqsa5xd9SYgQ/PNlaYBBXxZFqwNS7JM
1X6kCXIvYvJx8B5TBBDqdFdz9ZLApJZYyF0jHp8iH61bsi5J5wGubAVMenoJsZWy
BOyqkbkCh7WrNrF4NPQ477FwioFl/d5gAEMWZS/wea5m4nGFl4/Ed9sL1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOnMJ3Z4EMSBMU8ifdgtWSbCJOl6MB8GA1UdIwQY
MBaAFAFYBBGCO0hzdoNu1mrz+Kq7IBGcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVZnRUVZSTdTSE4yZzI3V2F2UDRxcnNnRVp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8wOWQ2NjctYjFjNS00NTIxLThiNWYt
YzE4YWJlY2RkNTI0LzEvQVZnRUVZSTdTSE4yZzI3V2F2UDRxcnNnRVp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8wOWQ2NjctYjFjNS00NTIxLThiNWYtYzE4YWJlY2RkNTI0
LzEvQVZnRUVZSTdTSE4yZzI3V2F2UDRxcnNnRVp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFCciuY/2
NPjT+mmrN/KHNE8XMBNIwpI4kG5d2BkLgBw5kbnEplhYl218XhiYfzdzSLbbnCa4
vkY1DzZwSFgAQWvb9XJ8k0cQ4U/HQ1lzBTZMDopmMNe0bRYVK6d99IP7ZnFEevb5
KFa1LQO13Ff1J7udCLcDJSTBDyZhok+1VkVamKEv2kvhzMvKc8fnGqM0vmre0zwL
rh3W8GOgTVUMzFozeajy69RDKjwXcdh/TJ0QWRYHXIXjpqpYLNpYXhfjEWZQ5cUJ
9dlTHXeWJJwHwqsjqoh3jR1JicRcLdO7pKA5FzTlqlKu14MGEY+FZC+Fd/yyGJMB
0cc7P16HNSN0EA==
-----END CERTIFICATE-----