Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7ed289-d661-4343-a2e0-0b92679d3625/1/X7dGbY6Sshx7GqE18w7-bnPh-Gw.mft
File:                     X7dGbY6Sshx7GqE18w7-bnPh-Gw.mft (raw, json)
Hash identifier:          T3zTfWvuyF3kEL2YYx+joJ1mtymQg84qImOgOE9+CEI=
Subject key identifier:   D3:44:F4:9B:9C:6B:DF:AC:F3:7A:6A:D4:00:90:8E:98:30:92:B6:C6
Authority key identifier: 5F:B7:46:6D:8E:92:B2:1C:7B:1A:A1:35:F3:0E:FE:6E:73:E1:F8:6C
Certificate issuer:       /CN=5fb7466d8e92b21c7b1aa135f30efe6e73e1f86c
Certificate serial:       019A70DC6F7F58C0496AC8BCE9062D2572AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/X7dGbY6Sshx7GqE18w7-bnPh-Gw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/7ed289-d661-4343-a2e0-0b92679d3625/1/X7dGbY6Sshx7GqE18w7-bnPh-Gw.mft
Manifest number:          0D39
Signing time:             Tue 11 Nov 2025 03:01:25 +0000
Manifest this update:     Tue 11 Nov 2025 03:01:25 +0000
Manifest next update:     Wed 12 Nov 2025 03:01:25 +0000
Files and hashes:         1: X7dGbY6Sshx7GqE18w7-bnPh-Gw.crl (hash: m2YZRBRcTeLPXif2I3pWUggz7YMWQYhmDqTuLIb7vaY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/7ed289-d661-4343-a2e0-0b92679d3625/1/X7dGbY6Sshx7GqE18w7-bnPh-Gw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/7ed289-d661-4343-a2e0-0b92679d3625/1/X7dGbY6Sshx7GqE18w7-bnPh-Gw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/X7dGbY6Sshx7GqE18w7-bnPh-Gw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 03:01:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:dc:6f:7f:58:c0:49:6a:c8:bc:e9:06:2d:25:72:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5fb7466d8e92b21c7b1aa135f30efe6e73e1f86c
        Validity
            Not Before: Nov 11 03:01:25 2025 GMT
            Not After : Nov 12 03:01:25 2025 GMT
        Subject: CN=d344f49b9c6bdfacf37a6ad400908e983092b6c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:3d:cd:af:9c:00:27:69:87:02:10:82:1d:02:
                    89:aa:b4:3c:10:3f:67:3b:b3:8b:6a:ae:dd:47:70:
                    c1:7d:47:53:ec:0c:ab:f3:7d:c6:85:a7:ba:4f:19:
                    6c:e4:72:32:22:2a:f6:dd:74:c0:77:8a:1d:04:29:
                    5e:de:96:34:61:25:45:d0:4e:3c:de:ee:22:66:58:
                    59:c4:4c:05:5f:99:ca:b3:e5:13:22:32:84:63:56:
                    76:63:96:cc:78:fd:0d:f8:22:ba:cc:e6:3e:c0:be:
                    6c:60:44:4e:50:c6:11:c2:89:00:58:a3:cf:9c:c4:
                    00:ca:2f:34:55:06:49:47:ab:b2:5c:c9:b7:d1:1c:
                    b2:fb:d9:b6:d1:4c:a1:2c:b9:fb:bf:20:ea:0d:81:
                    70:6a:d2:b9:4e:de:2e:1f:89:ab:1a:7a:3f:3f:b2:
                    ce:01:f1:9f:fb:6f:e7:73:96:2b:1e:0f:62:99:de:
                    3b:de:f1:99:87:1e:a9:7c:69:db:16:4a:85:78:8c:
                    e4:6f:a7:bd:fd:8c:c0:ad:d7:21:f7:c3:5e:f0:5d:
                    38:7c:d4:d6:b5:a0:f6:e3:36:5a:df:09:d7:39:76:
                    87:be:2d:b7:09:6a:9d:60:b2:a4:01:90:3c:cb:e8:
                    81:c5:cd:6f:72:d9:0c:94:16:cf:ca:57:52:62:f4:
                    a6:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:44:F4:9B:9C:6B:DF:AC:F3:7A:6A:D4:00:90:8E:98:30:92:B6:C6
            X509v3 Authority Key Identifier:
                keyid:5F:B7:46:6D:8E:92:B2:1C:7B:1A:A1:35:F3:0E:FE:6E:73:E1:F8:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X7dGbY6Sshx7GqE18w7-bnPh-Gw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ed289-d661-4343-a2e0-0b92679d3625/1/X7dGbY6Sshx7GqE18w7-bnPh-Gw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ed289-d661-4343-a2e0-0b92679d3625/1/X7dGbY6Sshx7GqE18w7-bnPh-Gw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:6d:e2:cd:51:25:44:e7:c2:9d:18:ad:d2:13:95:48:ed:e6:
         1e:d5:b8:aa:a3:b7:03:70:56:7a:d2:10:24:bc:86:1b:20:87:
         26:03:86:3c:fa:72:bd:70:b9:ff:e7:91:66:f8:68:9d:95:04:
         2f:4a:a8:69:85:16:21:13:a0:1d:3a:f3:c2:98:8c:44:44:41:
         5f:12:bc:ae:17:bb:03:d5:89:17:ee:fc:41:79:7c:7b:14:08:
         64:73:9c:a8:09:0f:10:c4:01:22:0e:e7:b7:03:64:b3:63:dd:
         ff:3d:fd:d3:e1:41:51:cc:09:45:e4:42:97:66:eb:d9:56:5a:
         00:d1:61:4c:2c:ee:46:d5:ed:8f:0b:58:62:64:1f:bf:2f:49:
         f8:e2:55:fc:2e:2c:cd:54:b9:f6:b6:c8:c5:81:c9:ef:4d:4c:
         d5:55:06:d6:f6:f5:26:0a:8b:fe:44:63:6f:9b:c2:4f:d9:83:
         49:13:c7:f2:cf:d8:ba:9c:cd:82:0e:cc:46:55:b3:6a:4e:3d:
         73:0c:36:66:f9:73:40:97:95:ee:5f:21:2d:96:ba:67:6f:34:
         ea:79:4a:17:52:dc:ec:c4:b3:0b:89:c0:77:d3:9c:42:aa:5f:
         85:90:e7:36:04:89:48:4a:08:fe:73:38:ea:72:ba:98:64:5f:
         4f:00:db:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3G9/WMBJasi86QYtJXKvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYjc0NjZkOGU5MmIyMWM3YjFhYTEzNWYzMGVmZTZlNzNl
MWY4NmMwHhcNMjUxMTExMDMwMTI1WhcNMjUxMTEyMDMwMTI1WjAzMTEwLwYDVQQD
EyhkMzQ0ZjQ5YjljNmJkZmFjZjM3YTZhZDQwMDkwOGU5ODMwOTJiNmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5T3Nr5wAJ2mHAhCCHQKJqrQ8ED9n
O7OLaq7dR3DBfUdT7Ayr833Ghae6Txls5HIyIir23XTAd4odBCle3pY0YSVF0E48
3u4iZlhZxEwFX5nKs+UTIjKEY1Z2Y5bMeP0N+CK6zOY+wL5sYEROUMYRwokAWKPP
nMQAyi80VQZJR6uyXMm30Ryy+9m20UyhLLn7vyDqDYFwatK5Tt4uH4mrGno/P7LO
AfGf+2/nc5YrHg9imd473vGZhx6pfGnbFkqFeIzkb6e9/YzArdch98Ne8F04fNTW
taD24zZa3wnXOXaHvi23CWqdYLKkAZA8y+iBxc1vctkMlBbPyldSYvSmYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNNE9Juca9+s83pq1ACQjpgwkrbGMB8GA1UdIwQY
MBaAFF+3Rm2OkrIcexqhNfMO/m5z4fhsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDdkR2JZNlNzaHg3R3FFMTh3Ny1iblBoLUd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83ZWQyODktZDY2MS00MzQzLWEyZTAt
MGI5MjY3OWQzNjI1LzEvWDdkR2JZNlNzaHg3R3FFMTh3Ny1iblBoLUd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83ZWQyODktZDY2MS00MzQzLWEyZTAtMGI5MjY3OWQzNjI1
LzEvWDdkR2JZNlNzaHg3R3FFMTh3Ny1iblBoLUd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnG3izVEl
ROfCnRit0hOVSO3mHtW4qqO3A3BWetIQJLyGGyCHJgOGPPpyvXC5/+eRZvhonZUE
L0qoaYUWIROgHTrzwpiMRERBXxK8rhe7A9WJF+78QXl8exQIZHOcqAkPEMQBIg7n
twNks2Pd/z390+FBUcwJReRCl2br2VZaANFhTCzuRtXtjwtYYmQfvy9J+OJV/C4s
zVS59rbIxYHJ701M1VUG1vb1JgqL/kRjb5vCT9mDSRPH8s/YupzNgg7MRlWzak49
cww2ZvlzQJeV7l8hLZa6Z2806nlKF1Lc7MSzC4nAd9OcQqpfhZDnNgSJSEoI/nM4
6nK6mGRfTwDbIA==
-----END CERTIFICATE-----