Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/690f87-28c9-4482-85f2-989671001e91/1/grQaKruE3kSzFPizq8zqGKSIFyc.mft
File:                     grQaKruE3kSzFPizq8zqGKSIFyc.mft (raw, json)
Hash identifier:          5g06mLrRlUQ44oBG74LC/wPwPpGEGi6LRK8IFdSqT4I=
Subject key identifier:   1B:68:1B:1A:B2:53:57:A9:FA:D6:15:BE:11:94:CE:9F:AB:B4:C5:30
Authority key identifier: 82:B4:1A:2A:BB:84:DE:44:B3:14:F8:B3:AB:CC:EA:18:A4:88:17:27
Certificate issuer:       /CN=82b41a2abb84de44b314f8b3abccea18a4881727
Certificate serial:       019A718092B52F70177CD4275EA405781222
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/grQaKruE3kSzFPizq8zqGKSIFyc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/38/690f87-28c9-4482-85f2-989671001e91/1/grQaKruE3kSzFPizq8zqGKSIFyc.mft
Manifest number:          B5
Signing time:             Tue 11 Nov 2025 06:00:42 +0000
Manifest this update:     Tue 11 Nov 2025 06:00:42 +0000
Manifest next update:     Wed 12 Nov 2025 06:00:42 +0000
Files and hashes:         1: grQaKruE3kSzFPizq8zqGKSIFyc.crl (hash: DhiI8dNoSexeik2pWjpwRisJZulKrYvP3Ce/LwNy6nw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/38/690f87-28c9-4482-85f2-989671001e91/1/grQaKruE3kSzFPizq8zqGKSIFyc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/38/690f87-28c9-4482-85f2-989671001e91/1/grQaKruE3kSzFPizq8zqGKSIFyc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/grQaKruE3kSzFPizq8zqGKSIFyc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 06:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:80:92:b5:2f:70:17:7c:d4:27:5e:a4:05:78:12:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=82b41a2abb84de44b314f8b3abccea18a4881727
        Validity
            Not Before: Nov 11 06:00:42 2025 GMT
            Not After : Nov 12 06:00:42 2025 GMT
        Subject: CN=1b681b1ab25357a9fad615be1194ce9fabb4c530
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:f3:37:39:fd:54:f0:83:74:45:85:13:96:87:
                    47:c7:71:2d:c6:f8:65:25:98:ad:d4:1c:6c:a0:6a:
                    f5:84:80:f6:ab:44:c5:72:98:0b:b6:76:a1:f8:fc:
                    6e:b5:60:48:09:5e:c7:c4:34:ca:8d:ef:fa:5c:28:
                    f9:04:12:32:9e:ec:88:19:c8:93:6f:41:b1:50:a6:
                    4a:fd:71:a8:96:f9:8a:d5:45:43:3d:3f:9e:8b:db:
                    7f:7f:44:ce:59:bf:07:e8:a7:78:ee:41:d1:fc:57:
                    3f:55:8b:b6:5f:20:7b:18:b1:7d:75:35:90:10:0f:
                    f5:d4:fa:98:1d:30:13:8b:86:d1:f0:3b:8e:19:aa:
                    4b:cd:fd:b6:d0:59:56:d2:28:25:05:b4:18:f6:e2:
                    57:e3:de:54:50:d8:50:65:cd:cf:22:1b:19:8a:a2:
                    21:29:f3:f9:bf:21:1a:04:79:aa:ae:f9:84:a9:d3:
                    c1:8b:9d:2e:9b:82:15:6f:27:ca:e5:dd:cf:0e:26:
                    7b:24:8c:ea:90:5b:f1:87:37:7e:09:39:92:42:1d:
                    a1:18:43:bf:0e:f4:3a:7a:73:d6:9e:a6:7f:6c:c3:
                    3c:b9:a0:7e:26:7b:4d:9b:8f:c6:37:d5:9f:48:b8:
                    df:31:75:a6:af:91:e3:f9:8d:6d:94:ae:a0:29:06:
                    f0:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:68:1B:1A:B2:53:57:A9:FA:D6:15:BE:11:94:CE:9F:AB:B4:C5:30
            X509v3 Authority Key Identifier:
                keyid:82:B4:1A:2A:BB:84:DE:44:B3:14:F8:B3:AB:CC:EA:18:A4:88:17:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/grQaKruE3kSzFPizq8zqGKSIFyc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/690f87-28c9-4482-85f2-989671001e91/1/grQaKruE3kSzFPizq8zqGKSIFyc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/38/690f87-28c9-4482-85f2-989671001e91/1/grQaKruE3kSzFPizq8zqGKSIFyc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:45:82:b9:7a:b0:aa:4b:82:b4:d2:fa:e7:88:43:a4:9f:5b:
         da:69:c0:ce:cb:e9:dc:5b:06:c8:f0:e4:7d:90:b5:60:f4:5b:
         d3:c9:70:d0:80:b2:86:c8:2a:90:ef:5e:c5:6b:6f:fc:c6:23:
         00:2a:2d:8b:62:30:c5:86:b5:9b:15:8f:38:c0:24:1a:44:5e:
         bf:66:2a:d0:88:ac:3e:e4:39:18:00:08:fa:8e:2a:79:1f:9f:
         15:88:8f:b9:0e:1e:a7:0c:1d:30:2c:ae:4b:48:f0:76:0d:d2:
         90:d0:58:ad:f1:a6:52:70:e2:a9:b0:81:8b:e3:da:55:c8:54:
         de:cd:ae:69:c8:d7:bc:ec:db:69:bb:74:d6:38:d9:0e:69:9d:
         74:dd:7a:8c:5c:7f:23:c7:ad:31:6b:67:87:b6:5e:9d:8e:00:
         23:8c:7b:3c:16:0b:b6:3e:12:eb:42:0e:45:21:f7:b0:d6:8e:
         1f:13:99:ed:7c:a5:2d:01:29:fa:30:7f:a3:40:c9:8e:e1:c2:
         02:4c:00:e3:53:4b:9a:5c:00:9a:f2:a1:64:c8:02:e2:44:0c:
         24:c0:fa:8c:6d:4e:83:b1:c5:92:83:58:b6:d6:07:bb:c7:12:
         ff:b7:73:77:3d:52:64:51:26:ac:23:0a:27:5b:5e:0a:3f:28:
         c9:da:42:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxgJK1L3AXfNQnXqQFeBIiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyYjQxYTJhYmI4NGRlNDRiMzE0ZjhiM2FiY2NlYTE4YTQ4
ODE3MjcwHhcNMjUxMTExMDYwMDQyWhcNMjUxMTEyMDYwMDQyWjAzMTEwLwYDVQQD
EygxYjY4MWIxYWIyNTM1N2E5ZmFkNjE1YmUxMTk0Y2U5ZmFiYjRjNTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1PM3Of1U8IN0RYUTlodHx3Etxvhl
JZit1BxsoGr1hID2q0TFcpgLtnah+PxutWBICV7HxDTKje/6XCj5BBIynuyIGciT
b0GxUKZK/XGolvmK1UVDPT+ei9t/f0TOWb8H6Kd47kHR/Fc/VYu2XyB7GLF9dTWQ
EA/11PqYHTATi4bR8DuOGapLzf220FlW0iglBbQY9uJX495UUNhQZc3PIhsZiqIh
KfP5vyEaBHmqrvmEqdPBi50um4IVbyfK5d3PDiZ7JIzqkFvxhzd+CTmSQh2hGEO/
DvQ6enPWnqZ/bMM8uaB+JntNm4/GN9WfSLjfMXWmr5Hj+Y1tlK6gKQbwTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBtoGxqyU1ep+tYVvhGUzp+rtMUwMB8GA1UdIwQY
MBaAFIK0Giq7hN5EsxT4s6vM6hikiBcnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3JRYUtydUUza1N6RlBpenE4enFHS1NJRnljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC82OTBmODctMjhjOS00NDgyLTg1ZjIt
OTg5NjcxMDAxZTkxLzEvZ3JRYUtydUUza1N6RlBpenE4enFHS1NJRnljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC82OTBmODctMjhjOS00NDgyLTg1ZjItOTg5NjcxMDAxZTkx
LzEvZ3JRYUtydUUza1N6RlBpenE4enFHS1NJRnljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVEWCuXqw
qkuCtNL654hDpJ9b2mnAzsvp3FsGyPDkfZC1YPRb08lw0ICyhsgqkO9exWtv/MYj
ACoti2IwxYa1mxWPOMAkGkRev2Yq0IisPuQ5GAAI+o4qeR+fFYiPuQ4epwwdMCyu
S0jwdg3SkNBYrfGmUnDiqbCBi+PaVchU3s2uacjXvOzbabt01jjZDmmddN16jFx/
I8etMWtnh7ZenY4AI4x7PBYLtj4S60IORSH3sNaOHxOZ7XylLQEp+jB/o0DJjuHC
AkwA41NLmlwAmvKhZMgC4kQMJMD6jG1Og7HFkoNYttYHu8cS/7dzdz1SZFEmrCMK
J1teCj8oydpCkA==
-----END CERTIFICATE-----