Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft
File:                     a5HhwatXAlaAjt-5y3VZxV3PrWE.mft (raw, json)
Hash identifier:          i9em6dPfbPpQiSnWAjF6GyDRNQy/w0A3uU5UwEpvM7c=
Subject key identifier:   A2:A2:BE:DF:11:36:34:84:17:04:24:45:B8:6E:3A:DD:E3:3A:97:A6
Authority key identifier: 6B:91:E1:C1:AB:57:02:56:80:8E:DF:B9:CB:75:59:C5:5D:CF:AD:61
Certificate issuer:       /CN=6b91e1c1ab570256808edfb9cb7559c55dcfad61
Certificate serial:       019A7113448BA5A2DC614FB56139865A8854
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft
Manifest number:          0ADE
Signing time:             Tue 11 Nov 2025 04:01:19 +0000
Manifest this update:     Tue 11 Nov 2025 04:01:19 +0000
Manifest next update:     Wed 12 Nov 2025 04:01:19 +0000
Files and hashes:         1: a5HhwatXAlaAjt-5y3VZxV3PrWE.crl (hash: rL1c7yji/3pe/xL/KlIWgeO4MGvT/oJzTHN7H4zmPow=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:01:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:13:44:8b:a5:a2:dc:61:4f:b5:61:39:86:5a:88:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b91e1c1ab570256808edfb9cb7559c55dcfad61
        Validity
            Not Before: Nov 11 04:01:19 2025 GMT
            Not After : Nov 12 04:01:19 2025 GMT
        Subject: CN=a2a2bedf1136348417042445b86e3adde33a97a6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:3f:3b:be:b6:2a:3d:b4:83:32:6a:be:6b:a4:
                    29:d7:b7:3b:6a:a0:10:1f:8d:fa:34:e0:81:e9:5f:
                    a1:c9:5b:da:78:8f:79:66:ed:04:af:27:af:c3:6c:
                    91:f0:ac:70:72:34:85:0a:f8:4e:ac:7c:f4:31:cf:
                    97:76:f8:64:77:ac:c8:0f:68:0b:49:30:79:ea:80:
                    a5:0b:f1:59:db:88:34:93:8d:ae:a6:8c:b8:c3:fc:
                    5d:eb:d8:7c:a8:49:cf:5b:22:e6:e2:75:8b:46:d1:
                    0f:95:3f:8c:f8:3a:ca:87:da:76:0e:37:5b:e1:f1:
                    71:1d:24:1f:19:89:89:95:9d:54:c6:18:81:67:f9:
                    15:2d:3c:68:b8:bf:b6:5b:1f:a3:22:4b:9b:58:96:
                    d9:3c:6f:11:b3:2c:b8:c2:35:fd:c0:fb:60:6f:e1:
                    96:1e:10:cd:cb:fd:08:a0:2a:eb:53:01:8f:cf:a8:
                    2a:85:9f:76:c4:54:eb:f9:93:43:42:68:11:de:6c:
                    e5:ed:fe:63:3a:ff:59:52:9c:47:a5:7e:30:cc:1b:
                    cd:01:3a:b9:1e:e0:4d:77:21:e8:be:c8:81:71:ef:
                    8e:f5:fd:8d:0d:c4:08:94:14:43:e6:a6:55:a8:6b:
                    f1:12:3b:f7:37:b0:cf:fb:c7:bc:2d:c5:2f:9d:fa:
                    5b:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:A2:BE:DF:11:36:34:84:17:04:24:45:B8:6E:3A:DD:E3:3A:97:A6
            X509v3 Authority Key Identifier:
                keyid:6B:91:E1:C1:AB:57:02:56:80:8E:DF:B9:CB:75:59:C5:5D:CF:AD:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:6f:f9:a1:75:b8:ac:c0:c5:56:54:60:1d:60:e6:8c:fe:b2:
         03:2a:6b:2f:9a:2d:bf:10:b7:77:72:0b:88:80:f3:46:6c:ff:
         92:4e:71:0c:01:24:74:48:fe:81:f5:14:1f:50:99:69:80:82:
         1b:7f:be:1c:48:c1:a6:bd:9b:f3:8b:e7:bd:60:e5:4c:08:64:
         7c:5a:c1:9f:b5:60:72:fc:58:32:a7:8b:0b:64:b9:e8:3b:2b:
         d3:fe:04:47:b6:cc:92:07:cc:05:24:08:cb:84:25:4c:b7:c6:
         6d:8d:e6:80:c5:07:20:6f:b5:4d:4e:f5:c0:68:49:00:3f:6f:
         ef:b4:12:c8:1a:0e:17:96:14:66:24:1f:a5:b0:b1:65:75:b4:
         3d:46:be:bf:f6:be:71:bc:25:34:a8:ba:e7:65:8d:7d:4c:25:
         f2:44:1c:5b:a1:4a:fd:2a:df:44:b0:ac:0b:cd:5c:1a:72:f6:
         11:8e:0e:40:16:4a:bc:c2:93:6e:ea:da:a8:f8:42:32:7c:7a:
         ef:1f:c6:fd:81:92:24:aa:3d:1d:57:d5:53:2c:8f:8d:5b:2a:
         c4:e1:cc:a0:40:94:b7:e7:8f:46:a8:84:f5:f3:ac:62:c9:ac:
         70:1f:c8:00:b8:a6:85:90:35:c6:48:07:6f:7c:8d:e7:5b:41:
         82:4e:e5:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxE0SLpaLcYU+1YTmGWohUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiOTFlMWMxYWI1NzAyNTY4MDhlZGZiOWNiNzU1OWM1NWRj
ZmFkNjEwHhcNMjUxMTExMDQwMTE5WhcNMjUxMTEyMDQwMTE5WjAzMTEwLwYDVQQD
EyhhMmEyYmVkZjExMzYzNDg0MTcwNDI0NDViODZlM2FkZGUzM2E5N2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7T87vrYqPbSDMmq+a6Qp17c7aqAQ
H436NOCB6V+hyVvaeI95Zu0Eryevw2yR8KxwcjSFCvhOrHz0Mc+Xdvhkd6zID2gL
STB56oClC/FZ24g0k42upoy4w/xd69h8qEnPWyLm4nWLRtEPlT+M+DrKh9p2Djdb
4fFxHSQfGYmJlZ1UxhiBZ/kVLTxouL+2Wx+jIkubWJbZPG8Rsyy4wjX9wPtgb+GW
HhDNy/0IoCrrUwGPz6gqhZ92xFTr+ZNDQmgR3mzl7f5jOv9ZUpxHpX4wzBvNATq5
HuBNdyHovsiBce+O9f2NDcQIlBRD5qZVqGvxEjv3N7DP+8e8LcUvnfpbvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKKivt8RNjSEFwQkRbhuOt3jOpemMB8GA1UdIwQY
MBaAFGuR4cGrVwJWgI7fuct1WcVdz61hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9hNWQzYzEtYmQ1ZS00MzU2LTk3MWMt
MDk4YTAyOTI5MDg5LzEvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9hNWQzYzEtYmQ1ZS00MzU2LTk3MWMtMDk4YTAyOTI5MDg5
LzEvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS2/5oXW4
rMDFVlRgHWDmjP6yAyprL5otvxC3d3ILiIDzRmz/kk5xDAEkdEj+gfUUH1CZaYCC
G3++HEjBpr2b84vnvWDlTAhkfFrBn7VgcvxYMqeLC2S56Dsr0/4ER7bMkgfMBSQI
y4QlTLfGbY3mgMUHIG+1TU71wGhJAD9v77QSyBoOF5YUZiQfpbCxZXW0PUa+v/a+
cbwlNKi652WNfUwl8kQcW6FK/SrfRLCsC81cGnL2EY4OQBZKvMKTburaqPhCMnx6
7x/G/YGSJKo9HVfVUyyPjVsqxOHMoECUt+ePRqiE9fOsYsmscB/IALimhZA1xkgH
b3yN51tBgk7l/A==
-----END CERTIFICATE-----