Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/6e6dd8-1bca-4630-9574-a597ee637db4/1/XOackdRTOWv6Fm8FG_jwbAOghcs.mft
File:                     XOackdRTOWv6Fm8FG_jwbAOghcs.mft (raw, json)
Hash identifier:          QWQOzrKvpFt3nSrKasoIw6q7G8YHopEWK01XJ9b0dFM=
Subject key identifier:   55:79:38:A8:37:56:FD:B5:4E:87:CE:E8:6F:7C:C2:6C:CC:53:8C:CF
Authority key identifier: 5C:E6:9C:91:D4:53:39:6B:FA:16:6F:05:1B:F8:F0:6C:03:A0:85:CB
Certificate issuer:       /CN=5ce69c91d453396bfa166f051bf8f06c03a085cb
Certificate serial:       019A71B815859F84F46D1A34FAF8FC29A753
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XOackdRTOWv6Fm8FG_jwbAOghcs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/6e6dd8-1bca-4630-9574-a597ee637db4/1/XOackdRTOWv6Fm8FG_jwbAOghcs.mft
Manifest number:          0C2B
Signing time:             Tue 11 Nov 2025 07:01:20 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:20 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:20 +0000
Files and hashes:         1: XOackdRTOWv6Fm8FG_jwbAOghcs.crl (hash: XJFx5j+cinzd9C22yVHhbracDEfNcYWDjPLrTAucHmM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/04/6e6dd8-1bca-4630-9574-a597ee637db4/1/XOackdRTOWv6Fm8FG_jwbAOghcs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/04/6e6dd8-1bca-4630-9574-a597ee637db4/1/XOackdRTOWv6Fm8FG_jwbAOghcs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XOackdRTOWv6Fm8FG_jwbAOghcs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:15:85:9f:84:f4:6d:1a:34:fa:f8:fc:29:a7:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ce69c91d453396bfa166f051bf8f06c03a085cb
        Validity
            Not Before: Nov 11 07:01:20 2025 GMT
            Not After : Nov 12 07:01:20 2025 GMT
        Subject: CN=557938a83756fdb54e87cee86f7cc26ccc538ccf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:64:c2:cb:b7:35:7e:cf:b7:b1:09:6f:50:9c:
                    3b:50:1b:1f:e8:dd:1b:bd:87:40:45:57:2e:7d:a3:
                    71:58:84:fe:36:d7:17:af:95:61:9c:4d:57:59:3e:
                    92:a5:f3:93:8e:25:dd:ec:da:38:80:29:35:9d:9a:
                    b9:2f:59:ae:b1:fa:ac:5e:23:34:65:7b:da:e3:9c:
                    64:ed:19:82:a1:67:66:29:68:b7:06:7f:78:b7:ec:
                    ce:e0:92:10:ac:96:2e:6c:9e:5b:7b:ef:0c:ad:08:
                    00:1f:45:33:a0:d6:33:3c:1c:52:f7:49:ea:61:f6:
                    5a:ac:4d:67:af:02:a9:32:13:85:31:93:a8:98:02:
                    97:c0:a8:c7:b7:65:a8:e5:4c:76:9a:8f:22:01:a5:
                    ea:cc:54:b7:07:f4:e8:c3:72:70:43:81:fd:d5:a0:
                    40:fb:a4:32:f7:9c:9e:80:84:9e:2d:3f:c6:ab:1d:
                    a6:d0:8c:1d:2d:b4:58:37:f4:9b:43:8a:74:9e:0e:
                    d0:0b:34:02:0f:0e:90:0e:00:a9:6d:4f:97:4a:0f:
                    7f:5a:79:0d:1c:90:87:e1:8b:33:88:8c:60:fb:66:
                    1c:8e:9f:df:1a:0d:ee:f9:0f:cd:ae:da:43:b8:73:
                    c7:c4:6a:72:fd:d3:55:64:d7:7c:4b:04:6e:56:6d:
                    5d:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:79:38:A8:37:56:FD:B5:4E:87:CE:E8:6F:7C:C2:6C:CC:53:8C:CF
            X509v3 Authority Key Identifier:
                keyid:5C:E6:9C:91:D4:53:39:6B:FA:16:6F:05:1B:F8:F0:6C:03:A0:85:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XOackdRTOWv6Fm8FG_jwbAOghcs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/6e6dd8-1bca-4630-9574-a597ee637db4/1/XOackdRTOWv6Fm8FG_jwbAOghcs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/6e6dd8-1bca-4630-9574-a597ee637db4/1/XOackdRTOWv6Fm8FG_jwbAOghcs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:d4:9e:b3:90:16:bc:79:0c:93:4e:1f:1e:d6:2b:eb:49:fc:
         d7:4f:60:f8:a3:b3:4d:01:33:08:b7:2b:e5:28:c3:59:84:a7:
         d3:87:17:b8:a0:ea:c7:6b:31:23:53:95:d3:9c:96:08:44:ee:
         be:21:a7:78:c2:b8:0b:11:31:08:d3:14:ae:b7:3b:e8:30:0b:
         69:26:1c:49:a9:53:46:54:21:cb:d0:5d:b2:9c:5b:78:8a:3d:
         e1:3b:c5:5c:7a:4d:8f:54:f8:5b:6f:11:6a:db:9c:da:24:c4:
         5a:fe:bd:31:77:e2:06:9f:bd:98:58:94:b1:f9:75:3b:d5:36:
         63:7a:0b:f6:9f:37:10:ab:e8:7c:ba:bf:a8:0d:28:bf:3f:fe:
         e2:fd:bf:3b:b5:90:6e:64:98:c5:e7:d6:9a:dc:2d:d5:6a:b6:
         1f:4a:bc:0f:d6:26:50:af:82:93:0c:34:e1:af:de:0d:55:11:
         6c:9b:2a:ba:eb:c2:86:da:d9:b6:25:dc:5f:dc:87:bc:7d:53:
         e3:5b:37:54:d4:a0:06:27:43:d0:d5:8c:79:5e:6c:d9:57:fe:
         2b:5d:b0:03:2a:86:fc:4a:cf:52:d9:70:e6:01:fc:c6:78:25:
         bc:af:da:ae:05:eb:c1:51:c3:e2:1d:03:6f:06:5d:1b:72:6b:
         74:6e:70:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuBWFn4T0bRo0+vj8KadTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZTY5YzkxZDQ1MzM5NmJmYTE2NmYwNTFiZjhmMDZjMDNh
MDg1Y2IwHhcNMjUxMTExMDcwMTIwWhcNMjUxMTEyMDcwMTIwWjAzMTEwLwYDVQQD
Eyg1NTc5MzhhODM3NTZmZGI1NGU4N2NlZTg2ZjdjYzI2Y2NjNTM4Y2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA22TCy7c1fs+3sQlvUJw7UBsf6N0b
vYdARVcufaNxWIT+NtcXr5VhnE1XWT6SpfOTjiXd7No4gCk1nZq5L1musfqsXiM0
ZXva45xk7RmCoWdmKWi3Bn94t+zO4JIQrJYubJ5be+8MrQgAH0UzoNYzPBxS90nq
YfZarE1nrwKpMhOFMZOomAKXwKjHt2Wo5Ux2mo8iAaXqzFS3B/Tow3JwQ4H91aBA
+6Qy95yegISeLT/Gqx2m0IwdLbRYN/SbQ4p0ng7QCzQCDw6QDgCpbU+XSg9/WnkN
HJCH4YsziIxg+2Ycjp/fGg3u+Q/NrtpDuHPHxGpy/dNVZNd8SwRuVm1dgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFV5OKg3Vv21TofO6G98wmzMU4zPMB8GA1UdIwQY
MBaAFFzmnJHUUzlr+hZvBRv48GwDoIXLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE9hY2tkUlRPV3Y2Rm04RkdfandiQU9naGNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC82ZTZkZDgtMWJjYS00NjMwLTk1NzQt
YTU5N2VlNjM3ZGI0LzEvWE9hY2tkUlRPV3Y2Rm04RkdfandiQU9naGNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC82ZTZkZDgtMWJjYS00NjMwLTk1NzQtYTU5N2VlNjM3ZGI0
LzEvWE9hY2tkUlRPV3Y2Rm04RkdfandiQU9naGNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh9Ses5AW
vHkMk04fHtYr60n8109g+KOzTQEzCLcr5SjDWYSn04cXuKDqx2sxI1OV05yWCETu
viGneMK4CxExCNMUrrc76DALaSYcSalTRlQhy9BdspxbeIo94TvFXHpNj1T4W28R
atuc2iTEWv69MXfiBp+9mFiUsfl1O9U2Y3oL9p83EKvofLq/qA0ovz/+4v2/O7WQ
bmSYxefWmtwt1Wq2H0q8D9YmUK+Ckww04a/eDVURbJsquuvChtrZtiXcX9yHvH1T
41s3VNSgBidD0NWMeV5s2Vf+K12wAyqG/ErPUtlw5gH8xnglvK/argXrwVHD4h0D
bwZdG3JrdG5w7w==
-----END CERTIFICATE-----