Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
File:                     xDGln2B5ajI2rhAIwtXGxHC8sEU.mft (raw, json)
Hash identifier:          3zken/cufUx+oPgl5aSnik83B7NY4GTv+lQh3i7uCDE=
Subject key identifier:   5D:8C:6E:81:AB:6C:89:42:C9:10:31:FA:46:E0:89:08:8C:8B:2A:FB
Authority key identifier: C4:31:A5:9F:60:79:6A:32:36:AE:10:08:C2:D5:C6:C4:70:BC:B0:45
Certificate issuer:       /CN=c431a59f60796a3236ae1008c2d5c6c470bcb045
Certificate serial:       019A51BECCEA1CC3BE84BD65FF9850A0235D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
Manifest number:          07A9
Signing time:             Wed 05 Nov 2025 02:00:49 +0000
Manifest this update:     Wed 05 Nov 2025 02:00:49 +0000
Manifest next update:     Thu 06 Nov 2025 02:00:49 +0000
Files and hashes:         1: xDGln2B5ajI2rhAIwtXGxHC8sEU.crl (hash: AZiGRL1pfdx31W3hD3bP8MA5Qsa4meHZrnulpCIT/Yc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 02:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:51:be:cc:ea:1c:c3:be:84:bd:65:ff:98:50:a0:23:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c431a59f60796a3236ae1008c2d5c6c470bcb045
        Validity
            Not Before: Nov  5 02:00:49 2025 GMT
            Not After : Nov  6 02:00:49 2025 GMT
        Subject: CN=5d8c6e81ab6c8942c91031fa46e089088c8b2afb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:54:92:77:ce:ab:63:8a:74:c1:61:1f:89:ae:
                    f2:d1:0c:f6:8a:a7:a9:09:59:1c:30:2f:2f:fe:a6:
                    1e:6e:c0:f4:3d:92:7e:43:44:d3:a0:6e:5c:8d:76:
                    cc:00:0f:d1:16:b1:5f:f0:93:90:7c:a9:9d:08:a7:
                    a9:56:db:82:81:50:51:27:51:54:d0:79:91:6b:32:
                    c4:9f:23:bd:f5:75:6d:7a:21:b9:55:8f:cc:36:3f:
                    e1:33:af:bb:a3:54:24:f0:67:a9:86:1d:f1:cc:99:
                    06:e8:90:e8:37:6c:73:82:dd:49:63:81:41:81:66:
                    3f:a9:db:fe:5a:aa:75:a2:d7:07:c3:ac:9f:01:2c:
                    60:ac:d1:7c:d8:c9:f1:3a:b6:ea:af:22:f6:64:c2:
                    1b:87:db:f0:87:5f:35:9a:1a:05:bd:fb:70:44:ab:
                    11:bd:c4:25:02:9e:28:13:e5:28:2c:18:b8:a5:be:
                    b8:8f:26:0b:47:a3:c9:e1:f3:9d:75:80:c9:97:05:
                    63:9b:12:54:b2:0a:47:84:bf:d4:52:8c:ca:47:b8:
                    0b:a0:b1:33:4f:55:4e:46:08:86:55:77:e5:18:30:
                    f4:39:28:23:d2:dd:5b:e7:f8:a5:73:9f:51:cd:66:
                    d5:24:b9:a9:5d:64:de:75:c8:3c:82:65:34:07:dd:
                    82:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:8C:6E:81:AB:6C:89:42:C9:10:31:FA:46:E0:89:08:8C:8B:2A:FB
            X509v3 Authority Key Identifier:
                keyid:C4:31:A5:9F:60:79:6A:32:36:AE:10:08:C2:D5:C6:C4:70:BC:B0:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         dd:26:f4:5c:36:63:31:c9:ac:5b:cd:64:4c:eb:36:15:08:77:
         49:1c:c5:0a:2d:03:15:5b:c1:ec:89:0b:ce:fa:5c:f7:f0:67:
         64:0a:45:31:9b:d5:44:fc:4a:e7:91:25:64:da:95:fe:e1:05:
         49:c6:84:34:a5:1d:2e:86:04:51:f0:89:33:c6:36:2d:52:a1:
         1d:b2:28:3e:8a:b4:e6:c6:b8:d6:46:00:98:ca:14:f4:aa:d6:
         6c:21:fe:0e:d8:61:3e:a7:43:c9:78:f4:3b:55:ed:47:f1:c4:
         a7:fa:2f:84:ef:6d:0a:88:6f:dd:5f:f6:cd:95:61:69:80:2c:
         87:7c:09:b3:56:95:d3:8a:20:fa:eb:3c:35:be:d8:60:d9:2f:
         63:7f:bd:0d:8a:5a:4d:fb:ef:f8:bd:dd:f5:0e:a2:11:84:31:
         26:cf:bf:ce:7f:2b:d0:46:d6:08:35:56:e9:70:9b:11:7c:ec:
         23:05:e5:8b:5f:cc:5c:a7:ed:8e:34:df:48:82:36:d1:59:8c:
         dd:f7:ac:dd:a8:1c:36:bc:b0:03:fe:32:3c:bc:73:33:dd:fe:
         98:55:73:50:0a:0b:b9:2c:ba:5c:c4:ef:d0:35:82:ea:47:0f:
         c3:92:62:36:b2:5c:a2:fe:00:51:43:78:e4:49:a8:28:54:88:
         10:e3:b1:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRvszqHMO+hL1l/5hQoCNdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MzFhNTlmNjA3OTZhMzIzNmFlMTAwOGMyZDVjNmM0NzBi
Y2IwNDUwHhcNMjUxMTA1MDIwMDQ5WhcNMjUxMTA2MDIwMDQ5WjAzMTEwLwYDVQQD
Eyg1ZDhjNmU4MWFiNmM4OTQyYzkxMDMxZmE0NmUwODkwODhjOGIyYWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFSSd86rY4p0wWEfia7y0Qz2iqep
CVkcMC8v/qYebsD0PZJ+Q0TToG5cjXbMAA/RFrFf8JOQfKmdCKepVtuCgVBRJ1FU
0HmRazLEnyO99XVteiG5VY/MNj/hM6+7o1Qk8Gephh3xzJkG6JDoN2xzgt1JY4FB
gWY/qdv+Wqp1otcHw6yfASxgrNF82MnxOrbqryL2ZMIbh9vwh181mhoFvftwRKsR
vcQlAp4oE+UoLBi4pb64jyYLR6PJ4fOddYDJlwVjmxJUsgpHhL/UUozKR7gLoLEz
T1VORgiGVXflGDD0OSgj0t1b5/ilc59RzWbVJLmpXWTedcg8gmU0B92C6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF2MboGrbIlCyRAx+kbgiQiMiyr7MB8GA1UdIwQY
MBaAFMQxpZ9geWoyNq4QCMLVxsRwvLBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS85Njc1Y2UtOGI1YS00MDFkLWE0OTct
OTY0ZTVmMWJhZmVmLzEveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS85Njc1Y2UtOGI1YS00MDFkLWE0OTctOTY0ZTVmMWJhZmVm
LzEveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA3Sb0XDZj
McmsW81kTOs2FQh3SRzFCi0DFVvB7IkLzvpc9/BnZApFMZvVRPxK55ElZNqV/uEF
ScaENKUdLoYEUfCJM8Y2LVKhHbIoPoq05sa41kYAmMoU9KrWbCH+DthhPqdDyXj0
O1XtR/HEp/ovhO9tCohv3V/2zZVhaYAsh3wJs1aV04og+us8Nb7YYNkvY3+9DYpa
Tfvv+L3d9Q6iEYQxJs+/zn8r0EbWCDVW6XCbEXzsIwXli1/MXKftjjTfSII20VmM
3fes3agcNrywA/4yPLxzM93+mFVzUAoLuSy6XMTv0DWC6kcPw5JiNrJcov4AUUN4
5EmoKFSIEOOxEA==
-----END CERTIFICATE-----