Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/a3828d-0f51-4da0-8433-df56a241098f/1/soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.mft
File:                     soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.mft (raw, json)
Hash identifier:          YEgclQ7KXfBi6MvszVzTSymlwxHbJOshKhmESGYgYDA=
Subject key identifier:   38:B5:E1:66:4B:C8:6D:F6:6A:5F:0D:D8:04:F9:09:09:A3:AF:A8:A7
Authority key identifier: B2:84:CD:F0:50:74:43:E1:6E:50:9D:57:A2:29:E9:14:F7:35:66:A4
Certificate issuer:       /CN=b284cdf0507443e16e509d57a229e914f73566a4
Certificate serial:       019A7112E29A72FDAFCA9E3F0E940E280D31
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/a3828d-0f51-4da0-8433-df56a241098f/1/soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.mft
Manifest number:          15C5
Signing time:             Tue 11 Nov 2025 04:00:54 +0000
Manifest this update:     Tue 11 Nov 2025 04:00:54 +0000
Manifest next update:     Wed 12 Nov 2025 04:00:54 +0000
Files and hashes:         1: soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.crl (hash: WgN8ne0oyXbC9aGwMDMjcc8P0eDq0wWFlufFAHnwOUc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/a3828d-0f51-4da0-8433-df56a241098f/1/soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/a3828d-0f51-4da0-8433-df56a241098f/1/soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:12:e2:9a:72:fd:af:ca:9e:3f:0e:94:0e:28:0d:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b284cdf0507443e16e509d57a229e914f73566a4
        Validity
            Not Before: Nov 11 04:00:54 2025 GMT
            Not After : Nov 12 04:00:54 2025 GMT
        Subject: CN=38b5e1664bc86df66a5f0dd804f90909a3afa8a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:0d:e8:7d:80:40:ee:5e:86:a6:3b:8c:38:6c:
                    aa:79:ea:13:d6:28:77:df:33:59:db:f2:92:0e:0d:
                    88:f8:cc:88:8f:77:82:66:3c:6a:16:69:80:24:ae:
                    a8:2e:06:ba:98:c2:37:36:34:ab:78:68:79:8d:8a:
                    7f:49:ed:0e:62:f9:39:af:82:83:6c:91:cd:12:14:
                    cd:ee:ed:cf:bb:6c:47:d5:dc:11:7c:aa:e0:7e:d6:
                    b0:40:60:17:d1:b0:eb:d2:0e:9d:f5:05:c1:61:6b:
                    cb:14:35:64:aa:64:98:58:17:2d:56:47:42:4b:d9:
                    d0:a9:49:3a:0b:22:ab:16:16:19:83:d8:9d:47:db:
                    7d:f8:58:c3:fd:96:3d:ed:24:47:d9:63:e9:e1:ee:
                    1f:f5:1f:7e:b1:7f:27:46:a8:ea:77:d1:32:21:8d:
                    46:65:9b:8f:19:42:c8:92:2d:88:9c:f2:fb:1e:29:
                    dc:47:96:7d:6f:6b:e1:e4:85:47:2d:b0:91:bb:ee:
                    01:8a:cb:a0:a6:de:67:ce:43:52:7b:63:ec:87:03:
                    91:bb:e2:15:98:41:0d:24:f3:88:87:35:8b:97:6b:
                    be:e0:82:e5:36:16:63:2b:3b:ab:85:fb:08:9a:a6:
                    19:6c:87:55:cf:1e:a9:4a:c1:d9:88:b9:83:b4:68:
                    8a:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:B5:E1:66:4B:C8:6D:F6:6A:5F:0D:D8:04:F9:09:09:A3:AF:A8:A7
            X509v3 Authority Key Identifier:
                keyid:B2:84:CD:F0:50:74:43:E1:6E:50:9D:57:A2:29:E9:14:F7:35:66:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/a3828d-0f51-4da0-8433-df56a241098f/1/soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/a3828d-0f51-4da0-8433-df56a241098f/1/soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:d0:31:62:0b:3e:89:12:8b:86:f9:1e:ac:7d:a0:1c:7a:ab:
         4e:dd:93:40:57:a2:0f:ce:79:7b:9c:59:20:fb:c1:c9:30:78:
         03:68:45:66:3d:96:2e:3b:8b:61:7d:39:e6:31:bb:da:ac:6b:
         28:98:84:ff:90:a6:c7:92:75:1d:9c:6d:9d:1c:f7:40:31:5b:
         86:02:3e:27:9d:c1:36:1b:8e:9d:e0:75:6c:bd:dc:a4:35:05:
         2b:14:56:b7:69:c8:a2:b8:f0:48:7b:d1:64:49:12:50:23:33:
         8a:b3:74:90:4a:62:be:d8:18:1b:ca:8d:18:8d:00:2d:36:7f:
         f4:dd:83:ed:03:78:16:b9:71:e9:3c:0d:44:83:2d:58:3b:a2:
         a0:67:38:28:81:c4:69:67:a6:c3:c3:3c:8e:19:75:df:75:39:
         95:b0:30:fe:be:ff:d1:07:89:fb:fa:4b:b8:e8:79:38:94:65:
         28:aa:65:58:97:2d:b0:b5:df:f8:89:d3:51:64:b0:cc:41:a5:
         16:86:b8:69:92:61:0f:3e:df:db:39:c7:3e:6c:0a:27:23:f2:
         cc:84:68:ae:12:e5:9f:4c:71:e3:48:a1:08:bd:83:7e:ac:db:
         6a:aa:ca:75:ec:c2:4e:61:94:db:0c:04:7e:35:b1:2f:cd:4e:
         47:72:3b:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEuKacv2vyp4/DpQOKA0xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyODRjZGYwNTA3NDQzZTE2ZTUwOWQ1N2EyMjllOTE0Zjcz
NTY2YTQwHhcNMjUxMTExMDQwMDU0WhcNMjUxMTEyMDQwMDU0WjAzMTEwLwYDVQQD
EygzOGI1ZTE2NjRiYzg2ZGY2NmE1ZjBkZDgwNGY5MDkwOWEzYWZhOGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9Q3ofYBA7l6GpjuMOGyqeeoT1ih3
3zNZ2/KSDg2I+MyIj3eCZjxqFmmAJK6oLga6mMI3NjSreGh5jYp/Se0OYvk5r4KD
bJHNEhTN7u3Pu2xH1dwRfKrgftawQGAX0bDr0g6d9QXBYWvLFDVkqmSYWBctVkdC
S9nQqUk6CyKrFhYZg9idR9t9+FjD/ZY97SRH2WPp4e4f9R9+sX8nRqjqd9EyIY1G
ZZuPGULIki2InPL7HincR5Z9b2vh5IVHLbCRu+4Bisugpt5nzkNSe2PshwORu+IV
mEENJPOIhzWLl2u+4ILlNhZjKzurhfsImqYZbIdVzx6pSsHZiLmDtGiKMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDi14WZLyG32al8N2AT5CQmjr6inMB8GA1UdIwQY
MBaAFLKEzfBQdEPhblCdV6Ip6RT3NWakMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc29UTjhGQjBRLUZ1VUoxWG9pbnBGUGMxWnFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9hMzgyOGQtMGY1MS00ZGEwLTg0MzMt
ZGY1NmEyNDEwOThmLzEvc29UTjhGQjBRLUZ1VUoxWG9pbnBGUGMxWnFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9hMzgyOGQtMGY1MS00ZGEwLTg0MzMtZGY1NmEyNDEwOThm
LzEvc29UTjhGQjBRLUZ1VUoxWG9pbnBGUGMxWnFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZNAxYgs+
iRKLhvkerH2gHHqrTt2TQFeiD855e5xZIPvByTB4A2hFZj2WLjuLYX055jG72qxr
KJiE/5Cmx5J1HZxtnRz3QDFbhgI+J53BNhuOneB1bL3cpDUFKxRWt2nIorjwSHvR
ZEkSUCMzirN0kEpivtgYG8qNGI0ALTZ/9N2D7QN4Frlx6TwNRIMtWDuioGc4KIHE
aWemw8M8jhl133U5lbAw/r7/0QeJ+/pLuOh5OJRlKKplWJctsLXf+InTUWSwzEGl
Foa4aZJhDz7f2znHPmwKJyPyzIRorhLln0xx40ihCL2DfqzbaqrKdezCTmGU2wwE
fjWxL81OR3I76g==
-----END CERTIFICATE-----