Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.mft
File:                     gXNntPK_jrMfbhYk7Vbtq6nwITs.mft (raw, json)
Hash identifier:          HNT2mjVsCsCbu3RHZwcC5BXOYLI6kifMD8MmoUmug3E=
Subject key identifier:   6A:36:2C:F6:BF:D2:5B:8B:2A:7A:4B:D8:0C:98:59:FD:AF:E8:90:5B
Authority key identifier: 81:73:67:B4:F2:BF:8E:B3:1F:6E:16:24:ED:56:ED:AB:A9:F0:21:3B
Certificate issuer:       /CN=817367b4f2bf8eb31f6e1624ed56edaba9f0213b
Certificate serial:       019A7225A95FDA2FCBCB2189DE74CF5E190D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gXNntPK_jrMfbhYk7Vbtq6nwITs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.mft
Manifest number:          0E3A
Signing time:             Tue 11 Nov 2025 09:01:02 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:02 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:02 +0000
Files and hashes:         1: gXNntPK_jrMfbhYk7Vbtq6nwITs.crl (hash: x78JDSjRvqHECPDtMRmtro8unvw6i+b7d+kQ4ko0BXw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gXNntPK_jrMfbhYk7Vbtq6nwITs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:a9:5f:da:2f:cb:cb:21:89:de:74:cf:5e:19:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=817367b4f2bf8eb31f6e1624ed56edaba9f0213b
        Validity
            Not Before: Nov 11 09:01:02 2025 GMT
            Not After : Nov 12 09:01:02 2025 GMT
        Subject: CN=6a362cf6bfd25b8b2a7a4bd80c9859fdafe8905b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:e3:35:ff:d9:ad:70:d2:5f:1c:69:ae:9c:a6:
                    49:6e:15:5b:a3:10:12:a4:4f:13:f8:81:2f:00:60:
                    a8:96:d1:f5:d7:7b:0b:2b:c5:2b:6b:b6:5e:65:a2:
                    50:d7:e7:b1:05:57:2c:8a:67:d5:94:c1:b8:38:47:
                    cc:a7:ea:3d:c0:30:11:0e:fa:37:06:b1:42:ae:ff:
                    d1:f9:32:5e:bf:ca:15:61:22:e3:61:69:48:ad:0f:
                    47:37:61:af:9a:12:14:d8:8d:38:d8:cc:6f:b8:a1:
                    c0:d4:00:15:65:5f:e5:1f:54:e0:2a:82:74:39:51:
                    7c:ed:09:81:c4:01:b7:60:ad:4c:d6:d4:4e:ee:74:
                    40:2a:a7:48:55:0c:a6:b1:d8:41:a1:43:44:25:8d:
                    27:6d:10:eb:f3:75:35:de:0b:81:8a:d8:71:ec:75:
                    a4:c7:8e:b7:c0:1d:85:bc:d9:99:10:0d:b1:8f:3e:
                    48:74:85:c3:35:d0:22:78:6a:cb:03:b9:2a:e7:a5:
                    d2:f8:d1:8e:32:26:b5:a4:bc:a5:37:51:20:45:5f:
                    21:e8:e9:30:a3:7b:9d:a4:17:a5:bd:8c:86:1e:87:
                    e1:6c:ca:77:b0:d6:8d:1b:f0:75:c8:84:f3:32:aa:
                    5b:a7:2c:d1:de:d7:58:95:b1:32:72:7f:d7:73:89:
                    ee:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:36:2C:F6:BF:D2:5B:8B:2A:7A:4B:D8:0C:98:59:FD:AF:E8:90:5B
            X509v3 Authority Key Identifier:
                keyid:81:73:67:B4:F2:BF:8E:B3:1F:6E:16:24:ED:56:ED:AB:A9:F0:21:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gXNntPK_jrMfbhYk7Vbtq6nwITs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:96:d3:9f:48:8b:62:b7:0a:72:ca:24:2c:64:37:e5:73:0c:
         5a:a7:54:b7:16:9e:60:67:74:cf:ca:10:4a:ca:18:4e:1b:12:
         0d:b6:22:61:d3:1c:42:09:16:cc:4a:10:aa:56:78:96:96:07:
         0a:81:86:b7:ea:38:d3:08:6e:54:8f:d1:77:4f:37:b2:7e:8d:
         6b:bd:b3:bc:20:47:73:e8:c1:da:f4:6b:c2:13:0b:5f:a6:c0:
         6e:db:24:b9:44:4a:f0:ad:7f:58:71:0f:6b:3c:be:f9:6a:61:
         1e:a7:17:86:47:33:9e:d7:f6:ee:06:8e:77:68:d2:1e:5e:47:
         2a:d5:30:25:2f:46:11:ad:97:fc:8e:da:cd:f4:83:04:31:19:
         ed:c5:8b:e7:1f:e0:04:63:39:90:6b:ae:5c:43:98:56:9f:e2:
         a1:d9:7d:26:a5:fa:63:26:d1:d3:69:4a:29:2c:83:1c:59:f4:
         15:a6:de:38:ef:16:88:66:eb:0a:f9:ef:43:91:da:14:d6:82:
         9c:00:6d:d4:24:27:17:c7:1e:73:56:79:c0:73:cd:c8:8d:36:
         4e:47:85:b8:7d:d1:b7:fc:03:02:86:4a:ea:97:60:7f:43:17:
         bc:de:a9:46:e2:7b:1b:5a:c6:d2:33:9c:fa:30:dd:d8:f2:8d:
         8a:7b:b5:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJalf2i/LyyGJ3nTPXhkNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxNzM2N2I0ZjJiZjhlYjMxZjZlMTYyNGVkNTZlZGFiYTlm
MDIxM2IwHhcNMjUxMTExMDkwMTAyWhcNMjUxMTEyMDkwMTAyWjAzMTEwLwYDVQQD
Eyg2YTM2MmNmNmJmZDI1YjhiMmE3YTRiZDgwYzk4NTlmZGFmZTg5MDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmuM1/9mtcNJfHGmunKZJbhVboxAS
pE8T+IEvAGColtH113sLK8Ura7ZeZaJQ1+exBVcsimfVlMG4OEfMp+o9wDARDvo3
BrFCrv/R+TJev8oVYSLjYWlIrQ9HN2GvmhIU2I042MxvuKHA1AAVZV/lH1TgKoJ0
OVF87QmBxAG3YK1M1tRO7nRAKqdIVQymsdhBoUNEJY0nbRDr83U13guBithx7HWk
x463wB2FvNmZEA2xjz5IdIXDNdAieGrLA7kq56XS+NGOMia1pLylN1EgRV8h6Okw
o3udpBelvYyGHofhbMp3sNaNG/B1yITzMqpbpyzR3tdYlbEycn/Xc4nuxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGo2LPa/0luLKnpL2AyYWf2v6JBbMB8GA1UdIwQY
MBaAFIFzZ7Tyv46zH24WJO1W7aup8CE7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1hObnRQS19qck1mYmhZazdWYnRxNm53SVRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy85NTc1ZDAtOWM3Yy00NTcxLTg2M2Et
NTU1MTMwYTU3MDQxLzEvZ1hObnRQS19qck1mYmhZazdWYnRxNm53SVRzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy85NTc1ZDAtOWM3Yy00NTcxLTg2M2EtNTU1MTMwYTU3MDQx
LzEvZ1hObnRQS19qck1mYmhZazdWYnRxNm53SVRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVJbTn0iL
YrcKcsokLGQ35XMMWqdUtxaeYGd0z8oQSsoYThsSDbYiYdMcQgkWzEoQqlZ4lpYH
CoGGt+o40whuVI/Rd083sn6Na72zvCBHc+jB2vRrwhMLX6bAbtskuURK8K1/WHEP
azy++WphHqcXhkczntf27gaOd2jSHl5HKtUwJS9GEa2X/I7azfSDBDEZ7cWL5x/g
BGM5kGuuXEOYVp/iodl9JqX6YybR02lKKSyDHFn0FabeOO8WiGbrCvnvQ5HaFNaC
nABt1CQnF8cec1Z5wHPNyI02TkeFuH3Rt/wDAoZK6pdgf0MXvN6pRuJ7G1rG0jOc
+jDd2PKNinu1GQ==
-----END CERTIFICATE-----