Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/2f5d91-92ba-402e-be1c-d240d3611058/1/xrjeVShQrOhfyMDhaFLMc98QFp0.mft
File:                     xrjeVShQrOhfyMDhaFLMc98QFp0.mft (raw, json)
Hash identifier:          HakmoVsMWxvbjNC9Iby4HbWCFmWHQRT6bSDZMgBpfPM=
Subject key identifier:   D7:FF:3E:85:EE:1E:AE:51:85:B4:72:5F:B8:C0:D8:45:C3:F4:F5:80
Authority key identifier: C6:B8:DE:55:28:50:AC:E8:5F:C8:C0:E1:68:52:CC:73:DF:10:16:9D
Certificate issuer:       /CN=c6b8de552850ace85fc8c0e16852cc73df10169d
Certificate serial:       019A4F9934B768A9B4D931D8CD7A2637634B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xrjeVShQrOhfyMDhaFLMc98QFp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/2f5d91-92ba-402e-be1c-d240d3611058/1/xrjeVShQrOhfyMDhaFLMc98QFp0.mft
Manifest number:          08E3
Signing time:             Tue 04 Nov 2025 16:00:31 +0000
Manifest this update:     Tue 04 Nov 2025 16:00:31 +0000
Manifest next update:     Wed 05 Nov 2025 16:00:31 +0000
Files and hashes:         1: xrjeVShQrOhfyMDhaFLMc98QFp0.crl (hash: 94tp/3vSpmMcdgMDFRooleK8DhGoSWUKB5CSFaPlVQQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/2f5d91-92ba-402e-be1c-d240d3611058/1/xrjeVShQrOhfyMDhaFLMc98QFp0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/2f5d91-92ba-402e-be1c-d240d3611058/1/xrjeVShQrOhfyMDhaFLMc98QFp0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xrjeVShQrOhfyMDhaFLMc98QFp0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 16:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:99:34:b7:68:a9:b4:d9:31:d8:cd:7a:26:37:63:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c6b8de552850ace85fc8c0e16852cc73df10169d
        Validity
            Not Before: Nov  4 16:00:31 2025 GMT
            Not After : Nov  5 16:00:31 2025 GMT
        Subject: CN=d7ff3e85ee1eae5185b4725fb8c0d845c3f4f580
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:0c:46:84:3c:f5:0e:97:72:3f:2e:d1:ff:6c:
                    49:c0:92:b5:b0:9e:eb:e6:ae:79:89:13:d8:5e:17:
                    fa:43:32:a1:f2:ff:25:70:5b:7c:a4:a9:06:22:82:
                    21:4c:1d:c5:a8:c8:81:cc:f8:53:01:9b:6e:21:ce:
                    5a:7c:f9:dd:76:ee:d0:e4:85:53:ec:8f:19:6f:08:
                    91:4d:86:9d:a4:2a:31:24:0d:ba:b6:47:a3:04:4d:
                    3e:75:eb:8a:eb:df:ed:37:4b:ac:05:20:b0:30:02:
                    c3:db:86:74:ac:07:2f:ad:7e:2f:51:ae:64:36:1c:
                    13:a3:80:bc:bb:a3:3a:ed:54:37:81:af:6c:a0:d1:
                    8f:b1:e2:7f:46:dc:45:f5:0a:c3:f1:93:3c:2f:66:
                    cc:85:5e:c4:93:30:fa:b5:da:fd:3c:12:88:37:5f:
                    04:c3:d3:91:08:6e:ba:03:9c:06:fc:1f:5c:af:8b:
                    ae:f8:c9:ac:73:41:80:7a:1d:bb:77:7e:14:f4:d4:
                    f2:ad:e9:10:0d:bd:d9:0a:d7:bf:93:01:13:0d:6c:
                    96:1c:3d:38:40:8f:dd:be:16:66:33:7c:26:95:13:
                    37:e8:9c:41:d0:0b:63:55:23:ab:dc:96:59:6b:68:
                    1e:54:76:2c:9d:a5:e7:6e:0d:80:b1:63:9f:54:78:
                    32:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:FF:3E:85:EE:1E:AE:51:85:B4:72:5F:B8:C0:D8:45:C3:F4:F5:80
            X509v3 Authority Key Identifier:
                keyid:C6:B8:DE:55:28:50:AC:E8:5F:C8:C0:E1:68:52:CC:73:DF:10:16:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xrjeVShQrOhfyMDhaFLMc98QFp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/2f5d91-92ba-402e-be1c-d240d3611058/1/xrjeVShQrOhfyMDhaFLMc98QFp0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/2f5d91-92ba-402e-be1c-d240d3611058/1/xrjeVShQrOhfyMDhaFLMc98QFp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:67:19:79:91:ac:97:94:81:e3:4f:78:6c:b3:ee:f7:fd:be:
         9f:98:ac:57:ce:c8:7d:a6:be:eb:0d:a1:07:2f:6e:33:b1:74:
         f8:15:bd:af:b2:0d:d8:0e:c8:9b:d3:86:81:fc:5a:2c:4a:eb:
         05:dd:7e:33:7d:26:4d:81:b1:da:a9:0d:85:ad:d9:f1:4b:c1:
         4b:22:dc:1a:19:e4:09:e7:c1:06:cd:9d:ad:f5:ae:5e:bc:84:
         18:12:5d:04:90:96:ff:3f:31:50:42:39:47:a8:08:28:0f:81:
         f8:74:18:53:66:6c:0d:d2:86:97:92:d4:3b:fc:c3:14:75:9c:
         a1:ff:4d:e0:e9:a1:3f:a2:48:0e:1c:d2:a2:c7:df:ab:94:23:
         d8:f9:0f:86:d5:21:d2:72:79:37:8b:5c:ba:1f:d9:19:e2:f8:
         c4:7e:d5:39:45:e2:de:27:7f:64:82:01:dd:81:fc:36:22:18:
         c1:0f:95:72:fe:1b:a5:bf:15:3c:14:03:25:95:5f:86:19:e8:
         b1:0b:90:24:c6:05:f1:08:18:d3:af:7d:7e:1d:50:b6:37:96:
         9f:76:cc:8e:44:32:75:93:8e:79:4a:44:0a:0e:ea:86:d5:e9:
         f1:98:47:8c:3c:86:bc:b5:09:c7:ce:44:01:87:c6:be:53:7e:
         21:3c:63:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPmTS3aKm02THYzXomN2NLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YjhkZTU1Mjg1MGFjZTg1ZmM4YzBlMTY4NTJjYzczZGYx
MDE2OWQwHhcNMjUxMTA0MTYwMDMxWhcNMjUxMTA1MTYwMDMxWjAzMTEwLwYDVQQD
EyhkN2ZmM2U4NWVlMWVhZTUxODViNDcyNWZiOGMwZDg0NWMzZjRmNTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQxGhDz1DpdyPy7R/2xJwJK1sJ7r
5q55iRPYXhf6QzKh8v8lcFt8pKkGIoIhTB3FqMiBzPhTAZtuIc5afPnddu7Q5IVT
7I8ZbwiRTYadpCoxJA26tkejBE0+deuK69/tN0usBSCwMALD24Z0rAcvrX4vUa5k
NhwTo4C8u6M67VQ3ga9soNGPseJ/RtxF9QrD8ZM8L2bMhV7EkzD6tdr9PBKIN18E
w9ORCG66A5wG/B9cr4uu+Mmsc0GAeh27d34U9NTyrekQDb3ZCte/kwETDWyWHD04
QI/dvhZmM3wmlRM36JxB0AtjVSOr3JZZa2geVHYsnaXnbg2AsWOfVHgyKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNf/PoXuHq5RhbRyX7jA2EXD9PWAMB8GA1UdIwQY
MBaAFMa43lUoUKzoX8jA4WhSzHPfEBadMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHJqZVZTaFFyT2hmeU1EaGFGTE1jOThRRnAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8yZjVkOTEtOTJiYS00MDJlLWJlMWMt
ZDI0MGQzNjExMDU4LzEveHJqZVZTaFFyT2hmeU1EaGFGTE1jOThRRnAwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8yZjVkOTEtOTJiYS00MDJlLWJlMWMtZDI0MGQzNjExMDU4
LzEveHJqZVZTaFFyT2hmeU1EaGFGTE1jOThRRnAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASmcZeZGs
l5SB4094bLPu9/2+n5isV87Ifaa+6w2hBy9uM7F0+BW9r7IN2A7Im9OGgfxaLErr
Bd1+M30mTYGx2qkNha3Z8UvBSyLcGhnkCefBBs2drfWuXryEGBJdBJCW/z8xUEI5
R6gIKA+B+HQYU2ZsDdKGl5LUO/zDFHWcof9N4OmhP6JIDhzSosffq5Qj2PkPhtUh
0nJ5N4tcuh/ZGeL4xH7VOUXi3id/ZIIB3YH8NiIYwQ+Vcv4bpb8VPBQDJZVfhhno
sQuQJMYF8QgY0699fh1QtjeWn3bMjkQydZOOeUpECg7qhtXp8ZhHjDyGvLUJx85E
AYfGvlN+ITxjXw==
-----END CERTIFICATE-----