Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft
File:                     XYxMrtvxY99oiGrDtz8OTLQX4V4.mft (raw, json)
Hash identifier:          bnXTeJDReUex+MpBAJBR0cEji1PJVZ8p5/U2e/ZQaSQ=
Subject key identifier:   62:57:0F:9C:52:53:B2:8F:23:97:7E:C7:F8:FA:48:37:CF:04:27:2A
Authority key identifier: 5D:8C:4C:AE:DB:F1:63:DF:68:88:6A:C3:B7:3F:0E:4C:B4:17:E1:5E
Certificate issuer:       /CN=5d8c4caedbf163df68886ac3b73f0e4cb417e15e
Certificate serial:       019A4EF4906C876E2BAD2C7EFEBD5990DC73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft
Manifest number:          0D4A
Signing time:             Tue 04 Nov 2025 13:00:41 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:41 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:41 +0000
Files and hashes:         1: XYxMrtvxY99oiGrDtz8OTLQX4V4.crl (hash: irNceqh1lzFKGKQW4mI83b2M6dpxfkUyFUh6w+UjMw8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:90:6c:87:6e:2b:ad:2c:7e:fe:bd:59:90:dc:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d8c4caedbf163df68886ac3b73f0e4cb417e15e
        Validity
            Not Before: Nov  4 13:00:41 2025 GMT
            Not After : Nov  5 13:00:41 2025 GMT
        Subject: CN=62570f9c5253b28f23977ec7f8fa4837cf04272a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:1b:d1:dd:97:cb:16:44:12:92:91:d9:75:f6:
                    0a:0d:f0:09:ab:de:3f:c2:e1:ff:bc:9f:c9:19:78:
                    b4:5f:58:d2:33:bc:7b:aa:2b:9c:c8:81:2e:58:a1:
                    7b:c6:28:2b:df:2e:02:ec:3b:f5:c5:a1:60:90:d0:
                    25:b5:5a:bb:92:1e:c8:ad:35:e0:d8:98:ae:8d:1e:
                    7a:3a:48:21:c3:6f:9e:4a:e9:7f:b1:4e:ff:52:2f:
                    2b:cd:36:d2:fb:e7:b3:a6:79:fc:4b:70:c2:8f:23:
                    34:e1:f0:bd:d6:da:8d:54:94:68:24:d3:ed:59:4f:
                    fd:06:c6:4f:d8:4b:89:ab:f3:15:a0:54:50:3b:e4:
                    0f:55:eb:1e:7d:39:ef:77:f0:d7:6e:18:68:db:d4:
                    b6:66:76:3e:6f:27:df:9f:6f:03:bd:f7:0f:82:d3:
                    16:8e:2b:59:63:6e:3d:40:a1:91:aa:3f:37:a0:53:
                    2d:37:cb:d4:49:fb:c2:ef:62:3f:1f:c4:49:98:c7:
                    64:81:15:8b:ba:93:c7:4d:60:8a:82:5b:3e:ac:4e:
                    fd:98:b5:79:3e:17:88:17:f8:42:88:fd:1c:ca:d7:
                    59:a8:ef:64:9f:28:16:3f:d5:f3:ea:ce:40:b1:85:
                    b1:03:0f:11:41:e0:21:01:22:c3:43:ea:b9:17:55:
                    48:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:57:0F:9C:52:53:B2:8F:23:97:7E:C7:F8:FA:48:37:CF:04:27:2A
            X509v3 Authority Key Identifier:
                keyid:5D:8C:4C:AE:DB:F1:63:DF:68:88:6A:C3:B7:3F:0E:4C:B4:17:E1:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:05:5b:77:fd:bb:21:49:2b:25:70:9f:dc:f5:06:8b:2e:0d:
         27:71:5b:ed:b8:68:49:4e:0d:11:8d:76:16:49:38:d4:05:c5:
         c6:f2:5e:90:72:4c:e2:9e:5e:d6:b5:cd:99:2f:c7:2f:25:fa:
         9a:58:b8:af:81:11:b4:b3:e8:d1:4c:93:8d:82:d2:2c:6c:ca:
         75:4b:27:fe:c2:be:2e:61:c1:33:80:3c:d5:6b:c7:5a:32:74:
         f4:bc:f1:a9:73:c1:bb:e9:0c:3b:1c:29:76:18:f4:47:de:a3:
         9f:d1:da:9e:ff:80:15:8e:fe:6c:ab:ab:fe:e5:ad:51:bd:0e:
         f7:0c:86:ea:7c:d1:f2:51:9b:50:3b:29:04:20:9d:ac:3b:95:
         11:45:2e:59:e5:63:9d:31:5b:39:bb:be:0f:8a:8f:50:0a:29:
         33:6f:e6:a3:3f:38:64:65:f6:f9:42:82:4e:e7:17:9d:4c:69:
         f4:4f:e0:6f:8a:99:02:97:5a:46:13:4e:e6:ca:cc:75:ea:1b:
         e8:bc:f0:81:d4:34:8c:a9:b9:36:9b:51:76:ac:d3:cd:30:03:
         67:d2:22:61:b2:e7:a5:97:89:7d:9f:a3:14:3d:91:fe:37:96:
         e0:a5:44:bd:8b:11:2a:7a:c2:a6:fe:4b:8d:75:39:49:75:02:
         2c:92:f8:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9JBsh24rrSx+/r1ZkNxzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkOGM0Y2FlZGJmMTYzZGY2ODg4NmFjM2I3M2YwZTRjYjQx
N2UxNWUwHhcNMjUxMTA0MTMwMDQxWhcNMjUxMTA1MTMwMDQxWjAzMTEwLwYDVQQD
Eyg2MjU3MGY5YzUyNTNiMjhmMjM5NzdlYzdmOGZhNDgzN2NmMDQyNzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhvR3ZfLFkQSkpHZdfYKDfAJq94/
wuH/vJ/JGXi0X1jSM7x7qiucyIEuWKF7xigr3y4C7Dv1xaFgkNAltVq7kh7IrTXg
2JiujR56Okghw2+eSul/sU7/Ui8rzTbS++ezpnn8S3DCjyM04fC91tqNVJRoJNPt
WU/9BsZP2EuJq/MVoFRQO+QPVesefTnvd/DXbhho29S2ZnY+byffn28DvfcPgtMW
jitZY249QKGRqj83oFMtN8vUSfvC72I/H8RJmMdkgRWLupPHTWCKgls+rE79mLV5
PheIF/hCiP0cytdZqO9knygWP9Xz6s5AsYWxAw8RQeAhASLDQ+q5F1VIwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGJXD5xSU7KPI5d+x/j6SDfPBCcqMB8GA1UdIwQY
MBaAFF2MTK7b8WPfaIhqw7c/Dky0F+FeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi84ZDU0MzMtNmMyZC00NGY1LWI2ZTAt
ZmQ2YzQ3MDI5NWQ0LzEvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi84ZDU0MzMtNmMyZC00NGY1LWI2ZTAtZmQ2YzQ3MDI5NWQ0
LzEvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADwVbd/27
IUkrJXCf3PUGiy4NJ3Fb7bhoSU4NEY12Fkk41AXFxvJekHJM4p5e1rXNmS/HLyX6
mli4r4ERtLPo0UyTjYLSLGzKdUsn/sK+LmHBM4A81WvHWjJ09LzxqXPBu+kMOxwp
dhj0R96jn9Hanv+AFY7+bKur/uWtUb0O9wyG6nzR8lGbUDspBCCdrDuVEUUuWeVj
nTFbObu+D4qPUAopM2/moz84ZGX2+UKCTucXnUxp9E/gb4qZApdaRhNO5srMdeob
6LzwgdQ0jKm5NptRdqzTzTADZ9IiYbLnpZeJfZ+jFD2R/jeW4KVEvYsRKnrCpv5L
jXU5SXUCLJL4DQ==
-----END CERTIFICATE-----