Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.mft
File:                     sxwNSGRgtxY3A-X_TYre2XiIx00.mft (raw, json)
Hash identifier:          l4i2xo5jUoE4TIA9NQMLMvkzgw0kb/ziEi57EPNNZ84=
Subject key identifier:   85:A1:D3:77:A2:CD:F7:F8:E8:AE:FE:FE:FE:B3:D4:5B:3D:B3:58:0D
Authority key identifier: B3:1C:0D:48:64:60:B7:16:37:03:E5:FF:4D:8A:DE:D9:78:88:C7:4D
Certificate issuer:       /CN=b31c0d486460b7163703e5ff4d8aded97888c74d
Certificate serial:       019A7112F175F267BEC458FB24A363E9FB2B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sxwNSGRgtxY3A-X_TYre2XiIx00.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.mft
Manifest number:          08D3
Signing time:             Tue 11 Nov 2025 04:00:57 +0000
Manifest this update:     Tue 11 Nov 2025 04:00:57 +0000
Manifest next update:     Wed 12 Nov 2025 04:00:57 +0000
Files and hashes:         1: sxwNSGRgtxY3A-X_TYre2XiIx00.crl (hash: Mqg2Df9E2Urztk/kv8Hq6OtnffUm01NvaNoQ8dn+7UQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sxwNSGRgtxY3A-X_TYre2XiIx00.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:12:f1:75:f2:67:be:c4:58:fb:24:a3:63:e9:fb:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b31c0d486460b7163703e5ff4d8aded97888c74d
        Validity
            Not Before: Nov 11 04:00:57 2025 GMT
            Not After : Nov 12 04:00:57 2025 GMT
        Subject: CN=85a1d377a2cdf7f8e8aefefefeb3d45b3db3580d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:22:09:c7:c9:1e:35:f0:49:ba:30:2d:04:14:
                    fb:db:fe:76:97:f9:53:2e:b1:86:47:3b:fc:2e:6c:
                    c2:25:01:3e:28:a3:30:bd:29:1d:2e:b5:3c:b0:0d:
                    dd:3e:ac:74:1f:07:7f:68:cd:39:22:66:66:ef:4e:
                    cb:d6:3b:f5:a6:f2:98:11:cb:09:e3:01:20:83:93:
                    2f:3a:55:bd:dd:ae:ec:03:ab:fa:c7:ff:ea:b2:62:
                    0a:24:f8:a5:d5:49:1e:e2:28:82:bf:c1:f1:0f:0d:
                    35:12:75:7b:4d:3c:40:80:c8:68:d6:68:d6:8c:fe:
                    f1:a0:12:cd:88:d9:53:35:77:b5:80:ea:8b:df:89:
                    64:da:12:8e:2f:11:58:7a:a1:cf:71:d9:24:11:3a:
                    da:c8:55:2b:4a:ab:2c:67:e6:31:ee:b4:30:6c:1b:
                    09:72:c6:29:f6:2c:db:58:36:14:72:a8:c8:0e:0b:
                    a8:d5:8c:10:ba:ef:d8:f9:fd:b9:d3:7f:ae:d5:ca:
                    ac:05:30:4f:09:88:fb:be:1e:8b:aa:f5:a1:dd:2a:
                    62:bf:2a:02:77:1a:ae:ea:9a:5e:61:57:e8:1c:a0:
                    1b:28:be:d5:0a:71:a6:e7:5e:35:d1:0a:6c:e2:d1:
                    5b:8b:8f:c9:68:dc:9c:be:1d:71:12:5d:08:7b:6a:
                    62:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:A1:D3:77:A2:CD:F7:F8:E8:AE:FE:FE:FE:B3:D4:5B:3D:B3:58:0D
            X509v3 Authority Key Identifier:
                keyid:B3:1C:0D:48:64:60:B7:16:37:03:E5:FF:4D:8A:DE:D9:78:88:C7:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sxwNSGRgtxY3A-X_TYre2XiIx00.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:a2:27:93:2a:ef:0a:a3:dd:a5:25:ae:63:e2:8f:f2:0f:f9:
         b3:1a:1a:ed:4a:40:4e:d2:e0:cd:b8:6e:0f:14:49:00:3c:58:
         52:b8:d0:7f:cb:8b:ab:6a:ad:29:76:12:ea:e3:71:d6:6c:d0:
         51:01:4b:81:12:cc:d6:50:ee:5d:22:9b:18:47:8b:93:fc:df:
         95:4c:c1:49:b7:ea:ad:7a:68:13:a6:61:cb:50:25:8a:b0:ce:
         c4:49:fe:61:66:ee:6d:26:96:5d:97:d2:5f:7b:c3:0f:d7:76:
         17:06:bd:d1:4a:32:82:a9:ff:cb:53:4a:b1:48:49:8a:ed:e9:
         d5:71:87:c2:a6:c5:7b:26:98:0e:17:9c:ec:67:cb:0e:1e:ce:
         e8:e4:5b:0a:9e:66:65:1a:2b:8b:5f:88:59:4a:da:21:44:51:
         b7:1f:df:d7:98:07:f0:d3:04:04:78:ef:04:b7:af:4e:b4:f4:
         d5:cb:7f:2e:3e:80:26:1c:9f:92:04:50:e6:95:32:6b:2a:af:
         2a:fe:73:4a:b5:ca:20:ca:03:48:0e:cf:41:03:52:a8:69:97:
         17:c3:d7:8a:2e:46:45:5c:4b:0b:cb:ff:38:07:9c:58:25:01:
         b1:3a:f0:d3:ac:c6:90:fe:1a:ba:b3:a2:6d:ab:97:43:52:bf:
         44:06:77:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEvF18me+xFj7JKNj6fsrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMWMwZDQ4NjQ2MGI3MTYzNzAzZTVmZjRkOGFkZWQ5Nzg4
OGM3NGQwHhcNMjUxMTExMDQwMDU3WhcNMjUxMTEyMDQwMDU3WjAzMTEwLwYDVQQD
Eyg4NWExZDM3N2EyY2RmN2Y4ZThhZWZlZmVmZWIzZDQ1YjNkYjM1ODBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxiIJx8keNfBJujAtBBT72/52l/lT
LrGGRzv8LmzCJQE+KKMwvSkdLrU8sA3dPqx0Hwd/aM05ImZm707L1jv1pvKYEcsJ
4wEgg5MvOlW93a7sA6v6x//qsmIKJPil1Uke4iiCv8HxDw01EnV7TTxAgMho1mjW
jP7xoBLNiNlTNXe1gOqL34lk2hKOLxFYeqHPcdkkETrayFUrSqssZ+Yx7rQwbBsJ
csYp9izbWDYUcqjIDguo1YwQuu/Y+f2503+u1cqsBTBPCYj7vh6LqvWh3SpivyoC
dxqu6ppeYVfoHKAbKL7VCnGm51410Qps4tFbi4/JaNycvh1xEl0Ie2piJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIWh03eizff46K7+/v6z1Fs9s1gNMB8GA1UdIwQY
MBaAFLMcDUhkYLcWNwPl/02K3tl4iMdNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3h3TlNHUmd0eFkzQS1YX1RZcmUyWGlJeDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8yOTQ0MWMtMjgxYy00ZTAyLTlhOTEt
ODI0M2I3ZGIxMDVlLzEvc3h3TlNHUmd0eFkzQS1YX1RZcmUyWGlJeDAwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8yOTQ0MWMtMjgxYy00ZTAyLTlhOTEtODI0M2I3ZGIxMDVl
LzEvc3h3TlNHUmd0eFkzQS1YX1RZcmUyWGlJeDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ6Inkyrv
CqPdpSWuY+KP8g/5sxoa7UpATtLgzbhuDxRJADxYUrjQf8uLq2qtKXYS6uNx1mzQ
UQFLgRLM1lDuXSKbGEeLk/zflUzBSbfqrXpoE6Zhy1AlirDOxEn+YWbubSaWXZfS
X3vDD9d2Fwa90Uoygqn/y1NKsUhJiu3p1XGHwqbFeyaYDhec7GfLDh7O6ORbCp5m
ZRori1+IWUraIURRtx/f15gH8NMEBHjvBLevTrT01ct/Lj6AJhyfkgRQ5pUyayqv
Kv5zSrXKIMoDSA7PQQNSqGmXF8PXii5GRVxLC8v/OAecWCUBsTrw06zGkP4aurOi
bauXQ1K/RAZ3eQ==
-----END CERTIFICATE-----