Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft
File:                     Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft (raw, json)
Hash identifier:          xPQgJmr51lzpUfcATwcpdZLv5hvQN5FwS8rFb/ftWCI=
Subject key identifier:   3C:AA:46:F5:99:8D:0D:7E:F8:1E:F1:6B:4E:A0:89:F7:A5:77:D8:B9
Authority key identifier: 5E:A8:79:0A:08:C8:E0:D8:45:88:D9:4D:1A:51:BC:A9:AB:E7:58:1D
Certificate issuer:       /CN=5ea8790a08c8e0d84588d94d1a51bca9abe7581d
Certificate serial:       019A537631EEF67457A6703FD9DD300503B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xqh5CgjI4NhFiNlNGlG8qavnWB0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft
Manifest number:          151E
Signing time:             Wed 05 Nov 2025 10:00:46 +0000
Manifest this update:     Wed 05 Nov 2025 10:00:46 +0000
Manifest next update:     Thu 06 Nov 2025 10:00:46 +0000
Files and hashes:         1: Xqh5CgjI4NhFiNlNGlG8qavnWB0.crl (hash: lIcqibzMED2v4F0ctO+LRF+Z4R+D5L1Oovennsrer1U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Xqh5CgjI4NhFiNlNGlG8qavnWB0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 03:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:53:76:31:ee:f6:74:57:a6:70:3f:d9:dd:30:05:03:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ea8790a08c8e0d84588d94d1a51bca9abe7581d
        Validity
            Not Before: Nov  5 10:00:46 2025 GMT
            Not After : Nov  6 10:00:46 2025 GMT
        Subject: CN=3caa46f5998d0d7ef81ef16b4ea089f7a577d8b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:31:f4:75:4b:08:f7:52:40:9d:0e:f4:ef:28:
                    30:68:31:38:46:ff:83:38:a4:81:95:38:b1:34:c4:
                    ff:8c:44:38:a7:c3:5c:19:c8:f7:64:f5:f7:d9:a7:
                    9a:db:b6:40:0a:96:04:73:ae:68:1b:f1:84:10:82:
                    d9:f6:3a:ad:6a:04:8b:51:a7:59:e9:44:fc:39:d1:
                    f5:f5:c1:80:ba:9c:f4:8d:d9:88:b1:2e:8c:8e:40:
                    17:4e:83:3d:a6:a9:0c:b6:ec:be:05:fe:48:46:b3:
                    38:c7:bb:5c:6f:ad:5f:08:be:62:5c:ae:71:d8:ff:
                    3e:5b:b6:af:95:c7:de:d4:27:a2:08:0b:ac:e2:4e:
                    98:04:ed:e8:ba:f8:f1:77:1e:11:6b:93:b4:a0:74:
                    cd:3c:45:aa:c1:27:45:1f:73:06:5f:df:27:37:10:
                    dd:a4:ce:1c:cc:c8:81:16:61:9c:f0:e3:8d:cf:42:
                    7f:57:49:4a:20:fa:b6:e6:5f:b9:41:3d:83:16:28:
                    e9:f6:07:70:6e:be:d1:5e:ad:48:eb:55:15:f4:c0:
                    af:d2:a9:85:fa:29:70:5a:16:55:09:13:7e:b0:d3:
                    74:a4:25:62:57:77:13:0f:41:3b:cc:10:61:55:b1:
                    22:0f:d9:b7:ab:69:eb:31:2b:45:64:ce:fa:bd:a7:
                    51:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:AA:46:F5:99:8D:0D:7E:F8:1E:F1:6B:4E:A0:89:F7:A5:77:D8:B9
            X509v3 Authority Key Identifier:
                keyid:5E:A8:79:0A:08:C8:E0:D8:45:88:D9:4D:1A:51:BC:A9:AB:E7:58:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xqh5CgjI4NhFiNlNGlG8qavnWB0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:8d:61:48:d8:65:f5:f5:03:12:0c:0b:2b:3f:5a:95:6d:af:
         84:2e:65:23:e6:2b:44:e6:ac:bf:f0:18:80:ff:a3:4f:85:f0:
         77:e0:90:a4:7f:8f:53:66:1b:a6:4e:ed:ac:81:73:94:1d:aa:
         e2:24:31:ed:4b:11:94:b3:12:8a:57:1e:8c:b5:fe:f4:95:5d:
         14:de:98:a3:5b:89:fc:e8:a6:d7:af:0d:ed:a1:1d:3c:c8:c7:
         6d:d0:ee:fa:8b:67:31:b3:48:2f:74:34:6c:db:ad:ea:a5:84:
         58:5a:e2:10:a4:d7:aa:29:85:00:a3:ff:da:88:75:e5:a1:94:
         78:89:23:79:dc:df:f6:33:21:72:8d:7f:30:3b:bb:73:d3:1c:
         87:8f:0d:ad:6e:77:c9:ae:9d:74:05:cd:27:1b:85:0a:26:0d:
         de:60:1c:54:b2:d7:1c:55:76:11:9d:52:f1:fc:ee:f6:b7:dd:
         05:79:bf:69:29:40:ef:bc:83:9d:c2:d4:3d:43:35:e8:92:9e:
         1f:2f:77:e5:59:3d:ce:93:09:a8:42:d5:01:9b:f8:5b:04:e5:
         3d:63:4a:59:4b:f4:3b:59:b3:6d:12:0d:26:29:bc:c6:ba:a7:
         38:dc:4f:6b:f3:7b:38:4e:12:f4:eb:05:e7:2a:48:1e:a9:60:
         c1:94:53:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpTdjHu9nRXpnA/2d0wBQOxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYTg3OTBhMDhjOGUwZDg0NTg4ZDk0ZDFhNTFiY2E5YWJl
NzU4MWQwHhcNMjUxMTA1MTAwMDQ2WhcNMjUxMTA2MTAwMDQ2WjAzMTEwLwYDVQQD
EygzY2FhNDZmNTk5OGQwZDdlZjgxZWYxNmI0ZWEwODlmN2E1NzdkOGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwzH0dUsI91JAnQ707ygwaDE4Rv+D
OKSBlTixNMT/jEQ4p8NcGcj3ZPX32aea27ZACpYEc65oG/GEEILZ9jqtagSLUadZ
6UT8OdH19cGAupz0jdmIsS6MjkAXToM9pqkMtuy+Bf5IRrM4x7tcb61fCL5iXK5x
2P8+W7avlcfe1CeiCAus4k6YBO3ouvjxdx4Ra5O0oHTNPEWqwSdFH3MGX98nNxDd
pM4czMiBFmGc8OONz0J/V0lKIPq25l+5QT2DFijp9gdwbr7RXq1I61UV9MCv0qmF
+ilwWhZVCRN+sNN0pCViV3cTD0E7zBBhVbEiD9m3q2nrMStFZM76vadRpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDyqRvWZjQ1++B7xa06gifeld9i5MB8GA1UdIwQY
MBaAFF6oeQoIyODYRYjZTRpRvKmr51gdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHFoNUNnakk0TmhGaU5sTkdsRzhxYXZuV0IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9jMDZhMjMtMDE2My00N2E1LTg2MDgt
MzBjMGExMTFjZDU1LzEvWHFoNUNnakk0TmhGaU5sTkdsRzhxYXZuV0IwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9jMDZhMjMtMDE2My00N2E1LTg2MDgtMzBjMGExMTFjZDU1
LzEvWHFoNUNnakk0TmhGaU5sTkdsRzhxYXZuV0IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWI1hSNhl
9fUDEgwLKz9alW2vhC5lI+YrROasv/AYgP+jT4Xwd+CQpH+PU2Ybpk7trIFzlB2q
4iQx7UsRlLMSilcejLX+9JVdFN6Yo1uJ/Oim168N7aEdPMjHbdDu+otnMbNIL3Q0
bNut6qWEWFriEKTXqimFAKP/2oh15aGUeIkjedzf9jMhco1/MDu7c9Mch48NrW53
ya6ddAXNJxuFCiYN3mAcVLLXHFV2EZ1S8fzu9rfdBXm/aSlA77yDncLUPUM16JKe
Hy935Vk9zpMJqELVAZv4WwTlPWNKWUv0O1mzbRINJim8xrqnONxPa/N7OE4S9OsF
5ypIHqlgwZRT3w==
-----END CERTIFICATE-----