Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/646296-e4bd-4feb-9f9d-527cb24dbd40/1/xVRM5A0R1h07gKfRAyMBI_t9aKU.mft
File:                     xVRM5A0R1h07gKfRAyMBI_t9aKU.mft (raw, json)
Hash identifier:          Cz+Np/Wqky9utxnOIK06a+6krzn7+Id888ozlpfeu1E=
Subject key identifier:   E3:6F:34:1B:4E:89:B1:35:06:DF:6D:EC:88:03:7A:31:2A:5C:D9:22
Authority key identifier: C5:54:4C:E4:0D:11:D6:1D:3B:80:A7:D1:03:23:01:23:FB:7D:68:A5
Certificate issuer:       /CN=c5544ce40d11d61d3b80a7d103230123fb7d68a5
Certificate serial:       019A4C618CFFD867366D4AADD480C144009A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xVRM5A0R1h07gKfRAyMBI_t9aKU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/646296-e4bd-4feb-9f9d-527cb24dbd40/1/xVRM5A0R1h07gKfRAyMBI_t9aKU.mft
Manifest number:          102B
Signing time:             Tue 04 Nov 2025 01:00:52 +0000
Manifest this update:     Tue 04 Nov 2025 01:00:52 +0000
Manifest next update:     Wed 05 Nov 2025 01:00:52 +0000
Files and hashes:         1: xVRM5A0R1h07gKfRAyMBI_t9aKU.crl (hash: nH9HGkMjpNPKn1IPq8zwmd3bde920fvycI61ezh5pNU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dc/646296-e4bd-4feb-9f9d-527cb24dbd40/1/xVRM5A0R1h07gKfRAyMBI_t9aKU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dc/646296-e4bd-4feb-9f9d-527cb24dbd40/1/xVRM5A0R1h07gKfRAyMBI_t9aKU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xVRM5A0R1h07gKfRAyMBI_t9aKU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 01:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4c:61:8c:ff:d8:67:36:6d:4a:ad:d4:80:c1:44:00:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c5544ce40d11d61d3b80a7d103230123fb7d68a5
        Validity
            Not Before: Nov  4 01:00:52 2025 GMT
            Not After : Nov  5 01:00:52 2025 GMT
        Subject: CN=e36f341b4e89b13506df6dec88037a312a5cd922
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:45:e5:7b:dd:a6:f2:96:79:0b:6c:85:ae:94:
                    98:0f:ed:1c:22:30:aa:28:74:b8:e7:ae:75:cb:e4:
                    f0:3d:8c:21:69:8a:3d:02:6f:85:01:f2:40:dc:a3:
                    c3:6b:74:2e:c9:90:38:79:85:ce:1c:0c:de:86:20:
                    2d:cc:5f:73:f4:66:2c:d8:a4:cc:59:29:ed:68:5d:
                    33:00:03:0b:31:3f:35:fe:1b:8d:a7:09:9e:3c:0c:
                    cf:18:81:ef:7a:58:46:5e:f6:4a:75:d9:27:12:38:
                    9a:e8:36:97:01:2f:19:cf:9b:1d:a9:a3:39:c5:00:
                    fe:57:2b:fd:76:ab:bb:88:e3:f9:2a:ca:71:b9:42:
                    4d:0b:87:a9:59:38:27:20:10:e4:73:c2:0b:55:ec:
                    52:79:68:43:b6:51:7f:32:79:6b:aa:7a:5a:86:0a:
                    01:7d:dd:ba:9b:df:cc:91:eb:44:fc:84:82:a7:27:
                    dc:7f:92:fe:35:f6:c4:c4:05:38:55:53:01:3a:7c:
                    84:d0:37:6e:d1:57:a7:23:3a:fd:37:be:4b:51:9c:
                    b3:33:c4:5d:ad:35:45:df:80:f9:41:ee:fd:57:71:
                    9c:7e:50:cd:a0:5d:59:66:7e:40:e0:ac:89:3c:25:
                    f4:1f:8a:6e:3b:8e:a7:f0:ff:32:85:bb:af:df:97:
                    e1:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:6F:34:1B:4E:89:B1:35:06:DF:6D:EC:88:03:7A:31:2A:5C:D9:22
            X509v3 Authority Key Identifier:
                keyid:C5:54:4C:E4:0D:11:D6:1D:3B:80:A7:D1:03:23:01:23:FB:7D:68:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xVRM5A0R1h07gKfRAyMBI_t9aKU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/646296-e4bd-4feb-9f9d-527cb24dbd40/1/xVRM5A0R1h07gKfRAyMBI_t9aKU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/646296-e4bd-4feb-9f9d-527cb24dbd40/1/xVRM5A0R1h07gKfRAyMBI_t9aKU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:09:07:16:e1:88:6b:8f:e5:ec:3f:34:b6:29:f5:8b:f8:ad:
         0e:6f:21:17:7e:7e:99:3f:e6:3a:88:20:ac:66:2f:fe:84:d5:
         07:d5:61:f3:02:99:7e:6d:29:b1:20:a6:57:72:10:32:cf:67:
         34:91:ae:46:f3:5e:7a:29:c4:a6:66:d5:7c:20:b5:6f:1d:c4:
         84:87:06:c4:df:ba:b3:26:de:c9:bb:71:5a:08:60:2c:ac:fa:
         26:e5:99:41:83:d8:b0:1b:07:3a:86:c5:44:ea:2b:be:bc:f9:
         de:04:c4:a9:df:06:7d:b1:f2:f3:ad:a5:4b:36:cd:36:fd:8c:
         16:4c:49:33:85:c7:41:2b:9d:03:fb:49:ac:a8:a0:93:7f:c9:
         09:09:dd:d5:84:72:2a:7d:78:9c:63:69:2e:54:ed:d7:82:b0:
         91:5f:51:2b:10:49:0f:cf:83:68:30:63:7b:9e:ec:75:a3:66:
         1f:97:e0:bd:07:a7:79:99:fa:7c:1e:93:42:18:78:b2:d4:02:
         b8:2a:0e:23:b5:85:ee:ba:81:57:2a:ae:ca:a4:66:fc:72:9c:
         46:9e:86:57:14:5a:b5:6b:cb:ad:da:e0:f9:59:1c:1b:ed:99:
         f2:c5:c3:4a:de:d0:10:e0:a6:b1:05:b5:33:a6:f4:d2:83:c6:
         07:8e:f8:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpMYYz/2Gc2bUqt1IDBRACaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1NTQ0Y2U0MGQxMWQ2MWQzYjgwYTdkMTAzMjMwMTIzZmI3
ZDY4YTUwHhcNMjUxMTA0MDEwMDUyWhcNMjUxMTA1MDEwMDUyWjAzMTEwLwYDVQQD
EyhlMzZmMzQxYjRlODliMTM1MDZkZjZkZWM4ODAzN2EzMTJhNWNkOTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUXle92m8pZ5C2yFrpSYD+0cIjCq
KHS45651y+TwPYwhaYo9Am+FAfJA3KPDa3QuyZA4eYXOHAzehiAtzF9z9GYs2KTM
WSntaF0zAAMLMT81/huNpwmePAzPGIHvelhGXvZKddknEjia6DaXAS8Zz5sdqaM5
xQD+Vyv9dqu7iOP5KspxuUJNC4epWTgnIBDkc8ILVexSeWhDtlF/MnlrqnpahgoB
fd26m9/MketE/ISCpyfcf5L+NfbExAU4VVMBOnyE0Ddu0VenIzr9N75LUZyzM8Rd
rTVF34D5Qe79V3GcflDNoF1ZZn5A4KyJPCX0H4puO46n8P8yhbuv35fhrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFONvNBtOibE1Bt9t7IgDejEqXNkiMB8GA1UdIwQY
MBaAFMVUTOQNEdYdO4Cn0QMjASP7fWilMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFZSTTVBMFIxaDA3Z0tmUkF5TUJJX3Q5YUtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy82NDYyOTYtZTRiZC00ZmViLTlmOWQt
NTI3Y2IyNGRiZDQwLzEveFZSTTVBMFIxaDA3Z0tmUkF5TUJJX3Q5YUtVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy82NDYyOTYtZTRiZC00ZmViLTlmOWQtNTI3Y2IyNGRiZDQw
LzEveFZSTTVBMFIxaDA3Z0tmUkF5TUJJX3Q5YUtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXAkHFuGI
a4/l7D80tin1i/itDm8hF35+mT/mOoggrGYv/oTVB9Vh8wKZfm0psSCmV3IQMs9n
NJGuRvNeeinEpmbVfCC1bx3EhIcGxN+6sybeybtxWghgLKz6JuWZQYPYsBsHOobF
ROorvrz53gTEqd8GfbHy862lSzbNNv2MFkxJM4XHQSudA/tJrKigk3/JCQnd1YRy
Kn14nGNpLlTt14KwkV9RKxBJD8+DaDBje57sdaNmH5fgvQeneZn6fB6TQhh4stQC
uCoOI7WF7rqBVyquyqRm/HKcRp6GVxRatWvLrdrg+VkcG+2Z8sXDSt7QEOCmsQW1
M6b00oPGB474yQ==
-----END CERTIFICATE-----