Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b5ee32-c703-494d-89c0-6f830269899b/1/jTgcV7CbXiZ91UcVDbRVg46si6M.mft
File:                     jTgcV7CbXiZ91UcVDbRVg46si6M.mft (raw, json)
Hash identifier:          BoPBekNnVFru2nL5rvzvmJR/HgzUwWP3Gd2qhW2zRkY=
Subject key identifier:   6E:B5:2D:73:91:E3:D3:BB:F6:54:66:70:90:54:34:51:0B:C3:A0:AC
Authority key identifier: 8D:38:1C:57:B0:9B:5E:26:7D:D5:47:15:0D:B4:55:83:8E:AC:8B:A3
Certificate issuer:       /CN=8d381c57b09b5e267dd547150db455838eac8ba3
Certificate serial:       019A54BF35E2018A9F6B01613697581D5DE2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jTgcV7CbXiZ91UcVDbRVg46si6M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/b5ee32-c703-494d-89c0-6f830269899b/1/jTgcV7CbXiZ91UcVDbRVg46si6M.mft
Manifest number:          0496
Signing time:             Wed 05 Nov 2025 16:00:08 +0000
Manifest this update:     Wed 05 Nov 2025 16:00:08 +0000
Manifest next update:     Thu 06 Nov 2025 16:00:08 +0000
Files and hashes:         1: jTgcV7CbXiZ91UcVDbRVg46si6M.crl (hash: ieAIJD4BNx7bfZbWHjCr/MqPk69x6TLokVIcSSxEYTo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/b5ee32-c703-494d-89c0-6f830269899b/1/jTgcV7CbXiZ91UcVDbRVg46si6M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/b5ee32-c703-494d-89c0-6f830269899b/1/jTgcV7CbXiZ91UcVDbRVg46si6M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jTgcV7CbXiZ91UcVDbRVg46si6M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 12:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:54:bf:35:e2:01:8a:9f:6b:01:61:36:97:58:1d:5d:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d381c57b09b5e267dd547150db455838eac8ba3
        Validity
            Not Before: Nov  5 16:00:08 2025 GMT
            Not After : Nov  6 16:00:08 2025 GMT
        Subject: CN=6eb52d7391e3d3bbf6546670905434510bc3a0ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:ce:c3:9c:ac:72:50:4e:46:d9:16:f7:25:84:
                    8f:80:76:2e:fd:32:b7:d4:23:08:b0:81:96:8e:d7:
                    b7:92:03:1f:c0:31:ae:3a:f2:89:04:f7:d0:6f:9f:
                    4a:b9:e0:c7:b2:ce:4b:a3:a9:67:10:3d:c6:c8:69:
                    e4:a8:a4:a9:d9:b6:08:3f:10:d8:df:60:51:dc:ba:
                    38:0b:06:1b:1a:c0:5c:4d:ab:4c:c1:b3:02:0a:46:
                    05:dd:ca:4e:da:05:33:e9:9f:d5:80:4a:6a:67:4b:
                    30:bd:40:98:cd:b9:9b:01:13:f3:18:22:86:bf:ad:
                    5b:13:aa:f1:49:d4:65:ad:dd:5f:e5:a5:26:ea:ad:
                    cd:97:b3:cb:c1:34:16:d0:71:26:7a:81:f8:dd:de:
                    6b:d0:40:9c:01:0f:88:ea:d2:4b:58:63:22:7f:c0:
                    46:76:cc:84:ca:3c:d0:cc:ce:fb:63:2f:7f:aa:a2:
                    0b:59:33:a9:03:28:27:f9:77:3c:8a:ce:cb:28:ec:
                    f9:7b:43:e6:7d:1c:e9:83:cd:0d:ea:4e:4a:0d:20:
                    0a:e0:2d:10:9e:25:16:34:db:90:da:f2:e4:70:f3:
                    71:49:1e:b4:0a:07:4a:cf:09:eb:2c:0b:dd:dd:bc:
                    96:dd:b9:ee:86:b1:90:4c:31:78:14:a9:28:52:19:
                    1c:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:B5:2D:73:91:E3:D3:BB:F6:54:66:70:90:54:34:51:0B:C3:A0:AC
            X509v3 Authority Key Identifier:
                keyid:8D:38:1C:57:B0:9B:5E:26:7D:D5:47:15:0D:B4:55:83:8E:AC:8B:A3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jTgcV7CbXiZ91UcVDbRVg46si6M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b5ee32-c703-494d-89c0-6f830269899b/1/jTgcV7CbXiZ91UcVDbRVg46si6M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b5ee32-c703-494d-89c0-6f830269899b/1/jTgcV7CbXiZ91UcVDbRVg46si6M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:14:d3:b0:da:dd:ae:ce:86:15:a3:ef:eb:73:de:a1:63:7b:
         8f:8e:23:86:5d:1a:a2:c8:bb:39:21:28:bd:9f:b7:c1:d5:e5:
         db:24:25:4a:3e:d5:de:86:11:1a:77:07:5a:cc:c9:84:34:12:
         90:70:2e:11:fe:c7:01:80:66:37:f8:93:26:4c:72:78:45:a4:
         80:6b:cf:a6:44:56:ed:24:d2:0f:b6:88:27:08:44:cb:3c:1e:
         60:2e:5a:58:2c:d2:b3:00:51:fc:12:b4:84:f4:b5:24:08:13:
         ec:4f:8c:84:e0:da:81:26:2c:47:2f:4f:af:fb:d1:3b:8b:0a:
         57:8a:b8:60:bb:b1:0a:c0:4a:83:3e:35:01:26:cb:2d:1e:36:
         9f:b1:ab:c9:c6:32:f0:9e:43:56:42:ca:ea:b8:83:98:84:d6:
         c8:eb:31:2c:5e:45:af:02:b5:9f:9f:c5:e9:ac:c1:69:2b:1a:
         14:ae:f5:d0:66:d1:80:99:4b:e4:21:16:30:55:b4:c2:02:b7:
         8e:12:c3:8c:56:4c:00:da:96:74:0a:aa:f3:e7:10:49:91:ea:
         57:04:84:db:36:68:8e:ad:80:e5:0e:a4:ef:ee:0c:58:b1:cb:
         a8:45:74:bf:6a:9b:9b:67:fb:8a:0b:3b:f6:ca:63:50:8f:17:
         0b:be:6a:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpUvzXiAYqfawFhNpdYHV3iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMzgxYzU3YjA5YjVlMjY3ZGQ1NDcxNTBkYjQ1NTgzOGVh
YzhiYTMwHhcNMjUxMTA1MTYwMDA4WhcNMjUxMTA2MTYwMDA4WjAzMTEwLwYDVQQD
Eyg2ZWI1MmQ3MzkxZTNkM2JiZjY1NDY2NzA5MDU0MzQ1MTBiYzNhMGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu87DnKxyUE5G2Rb3JYSPgHYu/TK3
1CMIsIGWjte3kgMfwDGuOvKJBPfQb59KueDHss5Lo6lnED3GyGnkqKSp2bYIPxDY
32BR3Lo4CwYbGsBcTatMwbMCCkYF3cpO2gUz6Z/VgEpqZ0swvUCYzbmbARPzGCKG
v61bE6rxSdRlrd1f5aUm6q3Nl7PLwTQW0HEmeoH43d5r0ECcAQ+I6tJLWGMif8BG
dsyEyjzQzM77Yy9/qqILWTOpAygn+Xc8is7LKOz5e0PmfRzpg80N6k5KDSAK4C0Q
niUWNNuQ2vLkcPNxSR60CgdKzwnrLAvd3byW3bnuhrGQTDF4FKkoUhkcqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG61LXOR49O79lRmcJBUNFELw6CsMB8GA1UdIwQY
MBaAFI04HFewm14mfdVHFQ20VYOOrIujMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalRnY1Y3Q2JYaVo5MVVjVkRiUlZnNDZzaTZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iNWVlMzItYzcwMy00OTRkLTg5YzAt
NmY4MzAyNjk4OTliLzEvalRnY1Y3Q2JYaVo5MVVjVkRiUlZnNDZzaTZNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9iNWVlMzItYzcwMy00OTRkLTg5YzAtNmY4MzAyNjk4OTli
LzEvalRnY1Y3Q2JYaVo5MVVjVkRiUlZnNDZzaTZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFBTTsNrd
rs6GFaPv63PeoWN7j44jhl0aosi7OSEovZ+3wdXl2yQlSj7V3oYRGncHWszJhDQS
kHAuEf7HAYBmN/iTJkxyeEWkgGvPpkRW7STSD7aIJwhEyzweYC5aWCzSswBR/BK0
hPS1JAgT7E+MhODagSYsRy9Pr/vRO4sKV4q4YLuxCsBKgz41ASbLLR42n7GrycYy
8J5DVkLK6riDmITWyOsxLF5FrwK1n5/F6azBaSsaFK710GbRgJlL5CEWMFW0wgK3
jhLDjFZMANqWdAqq8+cQSZHqVwSE2zZojq2A5Q6k7+4MWLHLqEV0v2qbm2f7igs7
9spjUI8XC75q5g==
-----END CERTIFICATE-----