Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.mft
File:                     xq11SrfApAHA_x08Ensn1T_cyYE.mft (raw, json)
Hash identifier:          RRwiwB8twORx1xzSb/YTirFlFKWPxD3ZLibaBL7MnLI=
Subject key identifier:   BE:B7:83:11:0B:10:70:BB:E8:E5:03:F0:A2:93:58:42:75:75:52:7B
Authority key identifier: C6:AD:75:4A:B7:C0:A4:01:C0:FF:1D:3C:12:7B:27:D5:3F:DC:C9:81
Certificate issuer:       /CN=c6ad754ab7c0a401c0ff1d3c127b27d53fdcc981
Certificate serial:       019A4C60D2E839E777D616F9ED7F431E8D1A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xq11SrfApAHA_x08Ensn1T_cyYE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.mft
Manifest number:          1709
Signing time:             Tue 04 Nov 2025 01:00:04 +0000
Manifest this update:     Tue 04 Nov 2025 01:00:04 +0000
Manifest next update:     Wed 05 Nov 2025 01:00:04 +0000
Files and hashes:         1: xq11SrfApAHA_x08Ensn1T_cyYE.crl (hash: zQwFB1Fx8Xl8kV21irM6SPanrHIvc6rH0CqD8/8pEzY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xq11SrfApAHA_x08Ensn1T_cyYE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 01:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4c:60:d2:e8:39:e7:77:d6:16:f9:ed:7f:43:1e:8d:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c6ad754ab7c0a401c0ff1d3c127b27d53fdcc981
        Validity
            Not Before: Nov  4 01:00:04 2025 GMT
            Not After : Nov  5 01:00:04 2025 GMT
        Subject: CN=beb783110b1070bbe8e503f0a29358427575527b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:58:c7:cf:c0:ee:52:1e:50:fb:5b:aa:45:24:
                    1f:cb:76:53:02:ad:36:c5:23:1e:30:70:49:6a:15:
                    b9:2c:c9:42:70:06:54:63:d4:60:41:33:4f:ee:02:
                    b0:61:5b:6c:3e:b6:87:c1:a1:ec:bf:82:72:b9:a5:
                    16:09:cc:b1:f4:ca:32:77:54:c6:e5:84:f5:e7:79:
                    21:a1:be:99:b5:f8:7f:8e:0b:02:27:b2:cf:2c:7d:
                    39:39:d9:eb:ed:03:f3:8a:dc:e3:54:ea:c8:65:7d:
                    88:ee:a5:d6:b2:4a:be:06:ca:cd:28:ea:9b:2a:b0:
                    2c:23:a5:72:75:25:b5:7e:15:c6:0d:aa:d1:87:f1:
                    51:8f:37:e2:3a:75:9d:e1:e8:92:c8:e7:38:09:41:
                    e7:8d:65:29:c5:a8:1d:48:71:bc:38:bf:79:08:08:
                    56:46:92:79:0d:b6:b9:35:33:f8:6e:5c:05:e6:2d:
                    f8:19:0c:cc:9c:92:3d:18:8e:2a:15:c0:cc:81:44:
                    1c:b7:62:2d:04:f5:f4:50:da:70:1e:5f:e3:5c:89:
                    ed:ec:b0:9b:d9:b2:2f:37:29:f4:a0:1b:fc:31:6b:
                    84:92:f3:06:97:56:7f:ca:eb:45:fa:60:2e:41:b8:
                    56:91:79:40:1b:f9:b3:9f:23:c8:be:be:f4:13:36:
                    ca:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:B7:83:11:0B:10:70:BB:E8:E5:03:F0:A2:93:58:42:75:75:52:7B
            X509v3 Authority Key Identifier:
                keyid:C6:AD:75:4A:B7:C0:A4:01:C0:FF:1D:3C:12:7B:27:D5:3F:DC:C9:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xq11SrfApAHA_x08Ensn1T_cyYE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:a1:50:2c:0f:6f:bb:e6:e4:d3:c3:8f:a4:a9:fe:f2:8d:aa:
         bc:f9:f8:27:32:66:df:45:5b:c4:06:95:17:1c:42:11:97:ea:
         38:e5:30:64:ca:62:e1:d6:81:b1:c9:ae:e5:b1:e7:0e:24:c6:
         1a:ee:41:06:0b:24:f1:5b:eb:59:40:ef:3a:a6:19:7f:41:95:
         fb:d0:7c:95:1b:ad:f7:cb:6b:87:a9:29:e7:e2:65:ca:fb:bc:
         40:fa:ee:d0:8e:aa:04:be:7a:7d:0b:02:b9:dc:4d:58:31:ea:
         f1:b5:0e:5b:4a:33:2a:31:d6:d9:59:ba:10:db:1f:d6:dd:5f:
         91:5b:a1:28:1e:7e:32:12:3a:a4:6b:ed:df:2e:55:5f:cc:c3:
         ef:24:19:eb:4f:94:6f:26:08:a8:09:92:a6:d7:4a:f4:3d:d3:
         0e:fa:8b:1f:e4:51:18:a9:cc:68:92:e6:66:47:c9:14:41:b1:
         2a:d9:b3:17:b3:99:25:2f:b6:03:97:98:78:df:ca:fd:2a:85:
         44:b5:c9:d2:0e:fd:8b:92:27:2b:eb:94:bf:97:24:36:0b:4c:
         ed:b7:25:9f:88:73:b7:9d:f3:fd:eb:7e:88:5c:23:ed:d5:2c:
         e5:63:40:be:45:cd:a6:a6:76:44:06:50:28:32:18:97:04:04:
         20:42:cf:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpMYNLoOed31hb57X9DHo0aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YWQ3NTRhYjdjMGE0MDFjMGZmMWQzYzEyN2IyN2Q1M2Zk
Y2M5ODEwHhcNMjUxMTA0MDEwMDA0WhcNMjUxMTA1MDEwMDA0WjAzMTEwLwYDVQQD
EyhiZWI3ODMxMTBiMTA3MGJiZThlNTAzZjBhMjkzNTg0Mjc1NzU1MjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwljHz8DuUh5Q+1uqRSQfy3ZTAq02
xSMeMHBJahW5LMlCcAZUY9RgQTNP7gKwYVtsPraHwaHsv4JyuaUWCcyx9Moyd1TG
5YT153khob6Ztfh/jgsCJ7LPLH05Odnr7QPzitzjVOrIZX2I7qXWskq+BsrNKOqb
KrAsI6VydSW1fhXGDarRh/FRjzfiOnWd4eiSyOc4CUHnjWUpxagdSHG8OL95CAhW
RpJ5Dba5NTP4blwF5i34GQzMnJI9GI4qFcDMgUQct2ItBPX0UNpwHl/jXInt7LCb
2bIvNyn0oBv8MWuEkvMGl1Z/yutF+mAuQbhWkXlAG/mznyPIvr70EzbKmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL63gxELEHC76OUD8KKTWEJ1dVJ7MB8GA1UdIwQY
MBaAFMatdUq3wKQBwP8dPBJ7J9U/3MmBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHExMVNyZkFwQUhBX3gwOEVuc24xVF9jeVlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YzMxMzMtY2I5OC00ZWFlLWFiY2Ut
YmEzM2QzNjc1NWRmLzEveHExMVNyZkFwQUhBX3gwOEVuc24xVF9jeVlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YzMxMzMtY2I5OC00ZWFlLWFiY2UtYmEzM2QzNjc1NWRm
LzEveHExMVNyZkFwQUhBX3gwOEVuc24xVF9jeVlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA6FQLA9v
u+bk08OPpKn+8o2qvPn4JzJm30VbxAaVFxxCEZfqOOUwZMpi4daBscmu5bHnDiTG
Gu5BBgsk8VvrWUDvOqYZf0GV+9B8lRut98trh6kp5+Jlyvu8QPru0I6qBL56fQsC
udxNWDHq8bUOW0ozKjHW2Vm6ENsf1t1fkVuhKB5+MhI6pGvt3y5VX8zD7yQZ60+U
byYIqAmSptdK9D3TDvqLH+RRGKnMaJLmZkfJFEGxKtmzF7OZJS+2A5eYeN/K/SqF
RLXJ0g79i5InK+uUv5ckNgtM7bcln4hzt53z/et+iFwj7dUs5WNAvkXNpqZ2RAZQ
KDIYlwQEIELPEw==
-----END CERTIFICATE-----