Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft
File:                     aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft (raw, json)
Hash identifier:          INIoipxn1o0mYmigdJYoeanZ2G+bMuA0tckIqloQP6M=
Subject key identifier:   5E:2E:3F:9C:4B:C8:89:E8:A0:04:C9:58:DA:95:EB:60:74:2A:13:83
Authority key identifier: 68:09:51:5D:09:36:44:67:87:03:C0:24:D9:20:14:C5:32:F3:16:EA
Certificate issuer:       /CN=6809515d093644678703c024d92014c532f316ea
Certificate serial:       019A4DE19A021F132AA43E88CF823049E15F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft
Manifest number:          130B
Signing time:             Tue 04 Nov 2025 08:00:21 +0000
Manifest this update:     Tue 04 Nov 2025 08:00:21 +0000
Manifest next update:     Wed 05 Nov 2025 08:00:21 +0000
Files and hashes:         1: aAlRXQk2RGeHA8Ak2SAUxTLzFuo.crl (hash: OlWH7lQIzIsaQU4G4x3syddAsT6zAGPOu4ZaFunev3M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 08:00:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:e1:9a:02:1f:13:2a:a4:3e:88:cf:82:30:49:e1:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6809515d093644678703c024d92014c532f316ea
        Validity
            Not Before: Nov  4 08:00:21 2025 GMT
            Not After : Nov  5 08:00:21 2025 GMT
        Subject: CN=5e2e3f9c4bc889e8a004c958da95eb60742a1383
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:65:18:1d:ea:99:3e:ec:82:b3:78:d1:3c:20:
                    83:49:f6:eb:7b:6d:1a:42:f2:a3:bf:eb:24:76:73:
                    f1:54:4e:d5:67:c0:62:5c:ee:a7:81:34:54:5b:35:
                    2b:91:83:3c:fc:d8:36:65:89:ac:da:ab:3c:bb:7a:
                    97:10:2b:3e:79:15:c6:dc:47:6a:c6:95:9b:50:fa:
                    b7:d3:f0:4b:62:06:0c:87:32:63:c5:51:fd:d9:a6:
                    cc:27:61:2b:a4:32:45:90:96:44:eb:77:94:32:6b:
                    80:62:c7:6a:78:0f:21:c3:47:5b:1c:09:5e:71:66:
                    6b:74:69:17:2d:42:35:e3:f2:5d:5b:d1:f5:bd:4f:
                    dc:a9:6a:f2:52:9a:fd:3d:d2:17:1a:28:46:5e:1d:
                    7a:da:53:0e:eb:a6:5a:02:26:ed:4b:45:f3:b3:26:
                    cc:ff:c3:a2:31:f1:b2:c2:1d:96:a9:31:ce:78:f9:
                    94:1a:e4:c6:90:6e:7a:9c:30:de:ef:9a:b9:09:39:
                    92:51:b1:14:4d:ea:c2:9d:e4:51:fd:4f:50:b7:4f:
                    cd:38:c3:d0:0a:c1:7f:7c:04:88:f5:cc:34:af:04:
                    25:37:bc:26:34:dc:00:e9:78:f4:6c:99:a4:48:40:
                    4a:8f:80:f5:b8:37:44:01:b8:c4:4d:d4:70:f2:d4:
                    b2:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:2E:3F:9C:4B:C8:89:E8:A0:04:C9:58:DA:95:EB:60:74:2A:13:83
            X509v3 Authority Key Identifier:
                keyid:68:09:51:5D:09:36:44:67:87:03:C0:24:D9:20:14:C5:32:F3:16:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:04:81:44:c1:ad:70:50:fd:ba:70:5b:42:04:de:65:f8:13:
         b5:26:04:24:0c:9d:83:e6:22:74:c3:f7:05:36:42:8a:1e:48:
         79:2f:20:97:60:19:82:b7:50:17:a6:96:7e:b4:ff:ff:4e:eb:
         3a:38:e2:ed:d9:91:50:5c:fd:f1:e7:35:08:3b:58:8c:86:c8:
         78:ee:c3:b5:d6:4c:de:10:95:3f:3b:85:5f:f0:51:2b:65:73:
         d5:27:39:c0:ae:c2:ca:12:64:39:2c:ba:71:7c:61:56:a5:02:
         93:27:a8:0e:96:d8:26:4c:1d:32:fb:0c:fa:8d:c1:c4:dc:77:
         2e:a2:3c:2f:26:4a:dd:b0:0e:54:72:36:83:ad:a6:31:e5:9c:
         18:9c:9c:b0:92:d7:b8:9b:9b:34:7a:b2:41:d6:d8:b9:42:e7:
         51:af:7c:6a:79:02:d8:0e:ae:4e:ec:92:69:86:10:f4:41:1b:
         54:bc:4d:7b:e2:d4:55:3d:28:03:73:fe:14:0e:0e:47:9b:41:
         41:f2:b7:aa:a3:a5:6c:7b:fb:73:1f:ed:4e:d0:66:a8:09:5a:
         6f:b6:43:97:d5:1b:6f:d5:bc:7e:29:cd:9a:ef:6e:30:14:fc:
         f6:12:59:e8:2b:94:f9:5d:26:55:e2:a5:b6:a2:0d:2f:de:c7:
         42:98:a6:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4ZoCHxMqpD6Iz4IwSeFfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MDk1MTVkMDkzNjQ0Njc4NzAzYzAyNGQ5MjAxNGM1MzJm
MzE2ZWEwHhcNMjUxMTA0MDgwMDIxWhcNMjUxMTA1MDgwMDIxWjAzMTEwLwYDVQQD
Eyg1ZTJlM2Y5YzRiYzg4OWU4YTAwNGM5NThkYTk1ZWI2MDc0MmExMzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4mUYHeqZPuyCs3jRPCCDSfbre20a
QvKjv+skdnPxVE7VZ8BiXO6ngTRUWzUrkYM8/Ng2ZYms2qs8u3qXECs+eRXG3Edq
xpWbUPq30/BLYgYMhzJjxVH92abMJ2ErpDJFkJZE63eUMmuAYsdqeA8hw0dbHAle
cWZrdGkXLUI14/JdW9H1vU/cqWryUpr9PdIXGihGXh162lMO66ZaAibtS0XzsybM
/8OiMfGywh2WqTHOePmUGuTGkG56nDDe75q5CTmSUbEUTerCneRR/U9Qt0/NOMPQ
CsF/fASI9cw0rwQlN7wmNNwA6Xj0bJmkSEBKj4D1uDdEAbjETdRw8tSyQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF4uP5xLyInooATJWNqV62B0KhODMB8GA1UdIwQY
MBaAFGgJUV0JNkRnhwPAJNkgFMUy8xbqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUFsUlhRazJSR2VIQThBazJTQVV4VEx6RnVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9kNzU3YzAtODljMy00NjY5LTg1Yjgt
NDIzMTA0NzcwNTUyLzEvYUFsUlhRazJSR2VIQThBazJTQVV4VEx6RnVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9kNzU3YzAtODljMy00NjY5LTg1YjgtNDIzMTA0NzcwNTUy
LzEvYUFsUlhRazJSR2VIQThBazJTQVV4VEx6RnVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeQSBRMGt
cFD9unBbQgTeZfgTtSYEJAydg+YidMP3BTZCih5IeS8gl2AZgrdQF6aWfrT//07r
Ojji7dmRUFz98ec1CDtYjIbIeO7DtdZM3hCVPzuFX/BRK2Vz1Sc5wK7CyhJkOSy6
cXxhVqUCkyeoDpbYJkwdMvsM+o3BxNx3LqI8LyZK3bAOVHI2g62mMeWcGJycsJLX
uJubNHqyQdbYuULnUa98ankC2A6uTuySaYYQ9EEbVLxNe+LUVT0oA3P+FA4OR5tB
QfK3qqOlbHv7cx/tTtBmqAlab7ZDl9Ubb9W8finNmu9uMBT89hJZ6CuU+V0mVeKl
tqINL97HQpim0A==
-----END CERTIFICATE-----