Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.mft
File:                     8p5p65n-wSVjcxHUMFL3kx2P3TI.mft (raw, json)
Hash identifier:          71CQsHmR9rN7dCH/e5EqEgsC2uGCLC3siKpQNrRVbZk=
Subject key identifier:   90:2A:7B:74:8C:57:71:AE:80:56:F4:E7:F5:22:47:A3:7F:4C:07:8B
Authority key identifier: F2:9E:69:EB:99:FE:C1:25:63:73:11:D4:30:52:F7:93:1D:8F:DD:32
Certificate issuer:       /CN=f29e69eb99fec125637311d43052f7931d8fdd32
Certificate serial:       019A72259C329DD8381F8234E26B3E8A3725
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8p5p65n-wSVjcxHUMFL3kx2P3TI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.mft
Manifest number:          06B9
Signing time:             Tue 11 Nov 2025 09:00:58 +0000
Manifest this update:     Tue 11 Nov 2025 09:00:58 +0000
Manifest next update:     Wed 12 Nov 2025 09:00:58 +0000
Files and hashes:         1: 8p5p65n-wSVjcxHUMFL3kx2P3TI.crl (hash: wMURuTf8/qGxq1XR7I52/CF8aTXnJ+DrBruz+uRr6o4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8p5p65n-wSVjcxHUMFL3kx2P3TI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:9c:32:9d:d8:38:1f:82:34:e2:6b:3e:8a:37:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f29e69eb99fec125637311d43052f7931d8fdd32
        Validity
            Not Before: Nov 11 09:00:58 2025 GMT
            Not After : Nov 12 09:00:58 2025 GMT
        Subject: CN=902a7b748c5771ae8056f4e7f52247a37f4c078b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:61:79:f2:45:57:ae:2c:73:12:e0:07:94:51:
                    4b:7f:31:cc:85:24:97:f4:e7:14:26:05:71:17:76:
                    b7:9d:32:2d:b5:49:30:17:5a:d1:59:5d:ca:2d:ff:
                    02:15:36:bf:7e:4e:d8:a3:15:ea:df:5c:1e:2c:18:
                    19:ea:8e:70:d5:a1:1b:9d:38:00:10:65:3a:42:76:
                    21:0b:0f:77:0c:da:00:c1:03:77:5c:27:d3:2a:af:
                    54:a5:9e:7e:29:09:8a:71:ac:3a:b9:58:48:63:19:
                    9b:aa:88:e4:8b:b9:c0:37:11:ef:16:f1:a5:ca:81:
                    a0:5f:2b:1f:c2:8e:5e:38:bb:24:b8:ff:04:25:c2:
                    f3:11:10:b3:45:f4:6c:7d:7b:41:f2:c2:66:30:68:
                    da:81:18:08:cc:cc:fe:83:4d:db:e9:57:3a:4d:b4:
                    c5:2b:87:26:60:91:2c:3e:14:ab:38:2f:a1:69:1b:
                    a4:27:ae:ac:c0:f8:4f:fa:a7:cb:9a:c2:71:e1:cf:
                    bc:7e:de:c1:a9:9e:4c:2c:0e:4a:44:5e:44:e3:d9:
                    1f:10:64:68:0c:e7:80:ec:1b:e0:70:ab:61:40:d1:
                    f7:5c:7b:b0:43:f4:0d:b2:6f:2d:fd:d3:5d:ed:1c:
                    50:ee:b2:6a:f3:37:88:67:0f:d0:de:36:7c:3a:d6:
                    30:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:2A:7B:74:8C:57:71:AE:80:56:F4:E7:F5:22:47:A3:7F:4C:07:8B
            X509v3 Authority Key Identifier:
                keyid:F2:9E:69:EB:99:FE:C1:25:63:73:11:D4:30:52:F7:93:1D:8F:DD:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8p5p65n-wSVjcxHUMFL3kx2P3TI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cb:ec:50:d3:cf:bc:a2:09:ab:4e:e1:35:2d:d2:83:c6:f5:10:
         8f:e3:38:aa:ca:b6:92:37:7c:1b:c6:4d:9d:9b:36:03:5c:13:
         61:42:01:4a:f3:47:a1:bf:58:f0:9a:12:93:13:7d:3f:78:08:
         39:4a:da:ab:ff:44:7a:ab:98:26:39:8b:e8:ab:a7:99:48:19:
         d4:23:ae:62:98:c6:ce:d3:98:30:18:4c:9b:b5:14:22:03:2c:
         ac:44:3a:18:73:07:f5:99:44:6d:f1:e8:76:07:32:ef:fc:a1:
         68:6b:2a:34:27:49:99:99:e9:0b:65:d0:67:ac:8f:53:80:02:
         94:d8:e0:a6:54:a9:b3:67:d1:18:d8:86:27:e5:94:03:bc:b3:
         d0:9c:cd:5b:c7:fe:53:91:79:4b:a4:16:45:7b:dc:e2:d4:d1:
         ad:61:82:79:d6:95:21:0d:9f:fe:c9:83:8b:ed:4c:0d:7f:b4:
         06:80:c2:9e:be:0a:8b:19:43:df:5c:58:a9:8f:3b:26:5d:68:
         51:49:85:80:52:88:fd:67:76:a5:34:8e:5b:a4:b0:9a:7d:da:
         a9:2b:19:39:75:82:38:bb:e7:2f:7c:1a:77:a5:ab:54:65:54:
         a8:9b:8d:18:ac:5e:70:6c:df:b3:52:b5:26:d4:df:eb:c5:c5:
         2e:3b:71:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJZwyndg4H4I04ms+ijclMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyOWU2OWViOTlmZWMxMjU2MzczMTFkNDMwNTJmNzkzMWQ4
ZmRkMzIwHhcNMjUxMTExMDkwMDU4WhcNMjUxMTEyMDkwMDU4WjAzMTEwLwYDVQQD
Eyg5MDJhN2I3NDhjNTc3MWFlODA1NmY0ZTdmNTIyNDdhMzdmNGMwNzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA12F58kVXrixzEuAHlFFLfzHMhSSX
9OcUJgVxF3a3nTIttUkwF1rRWV3KLf8CFTa/fk7YoxXq31weLBgZ6o5w1aEbnTgA
EGU6QnYhCw93DNoAwQN3XCfTKq9UpZ5+KQmKcaw6uVhIYxmbqojki7nANxHvFvGl
yoGgXysfwo5eOLskuP8EJcLzERCzRfRsfXtB8sJmMGjagRgIzMz+g03b6Vc6TbTF
K4cmYJEsPhSrOC+haRukJ66swPhP+qfLmsJx4c+8ft7BqZ5MLA5KRF5E49kfEGRo
DOeA7BvgcKthQNH3XHuwQ/QNsm8t/dNd7RxQ7rJq8zeIZw/Q3jZ8OtYwNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJAqe3SMV3GugFb05/UiR6N/TAeLMB8GA1UdIwQY
MBaAFPKeaeuZ/sElY3MR1DBS95Mdj90yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHA1cDY1bi13U1ZqY3hIVU1GTDNreDJQM1RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC85YzgyNmQtOTNiOC00YzNhLWEyMWYt
NTEzNDAzZTNkODIwLzEvOHA1cDY1bi13U1ZqY3hIVU1GTDNreDJQM1RJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC85YzgyNmQtOTNiOC00YzNhLWEyMWYtNTEzNDAzZTNkODIw
LzEvOHA1cDY1bi13U1ZqY3hIVU1GTDNreDJQM1RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAy+xQ08+8
ogmrTuE1LdKDxvUQj+M4qsq2kjd8G8ZNnZs2A1wTYUIBSvNHob9Y8JoSkxN9P3gI
OUraq/9EequYJjmL6KunmUgZ1COuYpjGztOYMBhMm7UUIgMsrEQ6GHMH9ZlEbfHo
dgcy7/yhaGsqNCdJmZnpC2XQZ6yPU4AClNjgplSps2fRGNiGJ+WUA7yz0JzNW8f+
U5F5S6QWRXvc4tTRrWGCedaVIQ2f/smDi+1MDX+0BoDCnr4KixlD31xYqY87Jl1o
UUmFgFKI/Wd2pTSOW6Swmn3aqSsZOXWCOLvnL3wad6WrVGVUqJuNGKxecGzfs1K1
JtTf68XFLjtxBA==
-----END CERTIFICATE-----