Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft
File:                     gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft (raw, json)
Hash identifier:          VApPRuxvs6cZfn7H756zReJG6nRyPcc06K8iP+++VeE=
Subject key identifier:   61:70:2A:38:9E:8F:94:6D:5F:46:E4:EC:8A:DB:B2:C4:D0:66:3A:8D
Authority key identifier: 80:EB:71:D0:19:A4:83:22:5C:32:4C:88:C6:C4:80:20:EF:9F:11:68
Certificate issuer:       /CN=80eb71d019a483225c324c88c6c48020ef9f1168
Certificate serial:       019A725C9B94AC1180762473DF8A27C91A51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gOtx0BmkgyJcMkyIxsSAIO-fEWg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft
Manifest number:          171C
Signing time:             Tue 11 Nov 2025 10:01:02 +0000
Manifest this update:     Tue 11 Nov 2025 10:01:02 +0000
Manifest next update:     Wed 12 Nov 2025 10:01:02 +0000
Files and hashes:         1: gOtx0BmkgyJcMkyIxsSAIO-fEWg.crl (hash: wjrag5YaCL6G7zOIyQd2scoZe8FjBj5KuZtBUwpBIBg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gOtx0BmkgyJcMkyIxsSAIO-fEWg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:5c:9b:94:ac:11:80:76:24:73:df:8a:27:c9:1a:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=80eb71d019a483225c324c88c6c48020ef9f1168
        Validity
            Not Before: Nov 11 10:01:02 2025 GMT
            Not After : Nov 12 10:01:02 2025 GMT
        Subject: CN=61702a389e8f946d5f46e4ec8adbb2c4d0663a8d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:c7:21:76:60:91:b0:bc:f7:08:e2:4b:ef:38:
                    4c:3c:0f:f7:2c:f8:f9:98:8b:33:44:9d:22:db:c8:
                    cd:f8:06:f1:5d:5e:69:4c:3c:48:aa:a3:81:fd:e0:
                    84:f3:25:0b:86:f4:04:73:fa:f8:7e:91:9e:76:90:
                    ff:e7:2e:dc:73:1c:02:4e:ee:43:90:00:ac:04:c7:
                    6a:59:f1:b7:3e:d5:55:7c:11:14:66:7a:d5:29:d7:
                    77:19:6e:6f:fa:19:f2:ad:3b:df:63:97:1d:f9:fc:
                    f1:26:57:91:2a:e8:5f:cf:f3:60:c4:14:a7:4e:ba:
                    05:5f:0e:43:fc:cd:43:3a:81:84:ef:68:72:77:5e:
                    f6:f7:f6:71:fc:98:99:28:ea:f7:84:55:2f:63:7f:
                    c0:d9:f7:01:34:c3:67:e2:0c:c4:89:98:af:f8:d7:
                    14:ef:e3:68:53:9c:81:49:31:13:0a:d3:e3:ce:19:
                    5d:6d:6b:69:44:35:55:05:bd:3c:fb:c6:ab:c2:15:
                    70:8f:f4:b9:44:13:83:bf:65:3c:8a:98:92:22:69:
                    fb:d2:65:8b:1a:4c:67:31:b2:21:ab:ca:ac:4c:bc:
                    02:ca:32:5c:b9:ca:1e:ba:3b:f2:54:d0:e6:0b:8a:
                    5c:79:af:da:63:f3:0b:5a:0b:1a:39:74:4f:75:eb:
                    45:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:70:2A:38:9E:8F:94:6D:5F:46:E4:EC:8A:DB:B2:C4:D0:66:3A:8D
            X509v3 Authority Key Identifier:
                keyid:80:EB:71:D0:19:A4:83:22:5C:32:4C:88:C6:C4:80:20:EF:9F:11:68

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gOtx0BmkgyJcMkyIxsSAIO-fEWg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:a8:42:30:f5:22:6c:2d:5f:7f:48:db:01:a3:9a:23:99:b1:
         71:74:56:46:90:ec:02:b4:cb:0e:04:99:00:c3:b7:b1:9f:1e:
         51:c9:e4:4f:58:e5:28:7c:d6:ed:15:d7:aa:61:c3:eb:d6:a0:
         2e:78:f0:c3:0f:16:d9:50:e5:cb:61:8c:78:be:f7:17:26:16:
         7a:73:74:bb:68:6c:47:59:4a:7c:90:b9:88:4e:bb:ab:42:f7:
         05:5a:fd:82:cc:5f:65:5b:8b:2d:ce:34:9b:05:3d:fb:3e:93:
         79:d1:d1:ca:66:9e:d1:8c:7b:62:8b:c1:9f:0c:f5:f0:7c:0b:
         ce:d8:0d:7b:c2:9f:f3:47:5b:eb:6a:9f:a4:61:4a:b6:30:45:
         33:98:83:51:e7:ec:ec:8a:2b:31:a7:a0:2a:20:25:00:ea:99:
         20:db:06:9c:63:cc:36:25:1d:78:3d:5a:fd:90:ca:99:70:1d:
         d6:52:cc:c3:66:e4:4b:70:89:97:68:01:96:91:53:8e:42:c8:
         64:77:9a:49:89:4d:5d:6d:86:08:74:d7:22:70:f2:e6:b7:93:
         0a:8a:16:ee:ac:fa:d8:4e:11:12:93:ee:ea:0e:91:b2:75:b7:
         1f:18:f4:66:0e:05:0c:e7:d9:80:98:93:77:a3:9f:c0:b0:3a:
         1a:69:2d:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXJuUrBGAdiRz34onyRpRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwZWI3MWQwMTlhNDgzMjI1YzMyNGM4OGM2YzQ4MDIwZWY5
ZjExNjgwHhcNMjUxMTExMTAwMTAyWhcNMjUxMTEyMTAwMTAyWjAzMTEwLwYDVQQD
Eyg2MTcwMmEzODllOGY5NDZkNWY0NmU0ZWM4YWRiYjJjNGQwNjYzYThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5schdmCRsLz3COJL7zhMPA/3LPj5
mIszRJ0i28jN+AbxXV5pTDxIqqOB/eCE8yULhvQEc/r4fpGedpD/5y7ccxwCTu5D
kACsBMdqWfG3PtVVfBEUZnrVKdd3GW5v+hnyrTvfY5cd+fzxJleRKuhfz/NgxBSn
TroFXw5D/M1DOoGE72hyd1729/Zx/JiZKOr3hFUvY3/A2fcBNMNn4gzEiZiv+NcU
7+NoU5yBSTETCtPjzhldbWtpRDVVBb08+8arwhVwj/S5RBODv2U8ipiSImn70mWL
GkxnMbIhq8qsTLwCyjJcucoeujvyVNDmC4pcea/aY/MLWgsaOXRPdetF4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGFwKjiej5RtX0bk7IrbssTQZjqNMB8GA1UdIwQY
MBaAFIDrcdAZpIMiXDJMiMbEgCDvnxFoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ090eDBCbWtneUpjTWt5SXhzU0FJTy1mRVdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8yOTA3ODktMTkyMi00ZWIwLThhZDQt
ZmVkODlkMTcwZGE0LzEvZ090eDBCbWtneUpjTWt5SXhzU0FJTy1mRVdnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8yOTA3ODktMTkyMi00ZWIwLThhZDQtZmVkODlkMTcwZGE0
LzEvZ090eDBCbWtneUpjTWt5SXhzU0FJTy1mRVdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPKhCMPUi
bC1ff0jbAaOaI5mxcXRWRpDsArTLDgSZAMO3sZ8eUcnkT1jlKHzW7RXXqmHD69ag
Lnjwww8W2VDly2GMeL73FyYWenN0u2hsR1lKfJC5iE67q0L3BVr9gsxfZVuLLc40
mwU9+z6TedHRymae0Yx7YovBnwz18HwLztgNe8Kf80db62qfpGFKtjBFM5iDUefs
7IorMaegKiAlAOqZINsGnGPMNiUdeD1a/ZDKmXAd1lLMw2bkS3CJl2gBlpFTjkLI
ZHeaSYlNXW2GCHTXInDy5reTCooW7qz62E4REpPu6g6RsnW3Hxj0Zg4FDOfZgJiT
d6OfwLA6GmktGA==
-----END CERTIFICATE-----