Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/4ae99d-f552-476c-8177-ebf5f0433772/1/xZZ4VHbvuud_lh0jBXBX-gNvsn8.mft
File:                     xZZ4VHbvuud_lh0jBXBX-gNvsn8.mft (raw, json)
Hash identifier:          WVXPdE6prrzKbSiLkUx2O/oq5bPGATpJSUV8+l4HxAE=
Subject key identifier:   A0:50:FB:9C:4F:6E:91:9A:69:C5:36:0D:83:94:A5:D6:9B:D2:C4:19
Authority key identifier: C5:96:78:54:76:EF:BA:E7:7F:96:1D:23:05:70:57:FA:03:6F:B2:7F
Certificate issuer:       /CN=c596785476efbae77f961d23057057fa036fb27f
Certificate serial:       019A72932CEFE7EFDCC1E0B34B478DDF7DE3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xZZ4VHbvuud_lh0jBXBX-gNvsn8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/4ae99d-f552-476c-8177-ebf5f0433772/1/xZZ4VHbvuud_lh0jBXBX-gNvsn8.mft
Manifest number:          15CB
Signing time:             Tue 11 Nov 2025 11:00:39 +0000
Manifest this update:     Tue 11 Nov 2025 11:00:39 +0000
Manifest next update:     Wed 12 Nov 2025 11:00:39 +0000
Files and hashes:         1: xZZ4VHbvuud_lh0jBXBX-gNvsn8.crl (hash: BcTdnAbCt44+FotWMbl1xeai+fhDKwJe8XdxdetFx5U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4a/4ae99d-f552-476c-8177-ebf5f0433772/1/xZZ4VHbvuud_lh0jBXBX-gNvsn8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4a/4ae99d-f552-476c-8177-ebf5f0433772/1/xZZ4VHbvuud_lh0jBXBX-gNvsn8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xZZ4VHbvuud_lh0jBXBX-gNvsn8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:93:2c:ef:e7:ef:dc:c1:e0:b3:4b:47:8d:df:7d:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c596785476efbae77f961d23057057fa036fb27f
        Validity
            Not Before: Nov 11 11:00:39 2025 GMT
            Not After : Nov 12 11:00:39 2025 GMT
        Subject: CN=a050fb9c4f6e919a69c5360d8394a5d69bd2c419
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:12:88:99:a6:fd:6c:7e:45:d6:3b:4e:fa:97:
                    72:e0:55:8c:64:80:63:0b:c1:ab:c8:08:73:be:9b:
                    e9:6d:e0:d2:16:0c:e0:62:d5:5c:13:ab:82:cc:36:
                    ac:c6:c8:d7:98:76:ae:a2:e8:04:a3:7d:6d:c0:a8:
                    18:54:75:15:3b:73:86:d0:8b:0b:e4:4f:a1:33:c6:
                    cc:76:5a:f3:b8:f3:52:3f:e9:26:da:b3:a3:9d:08:
                    ca:b8:77:c0:2f:ca:6e:c0:93:f6:5b:c0:a8:4a:23:
                    d7:45:f6:2a:60:21:ef:a4:9a:b0:c6:15:f9:ec:9f:
                    7f:cd:b4:4b:0a:74:f7:ff:53:8d:c7:0e:39:74:28:
                    fa:9b:c0:4c:7b:b1:a2:c7:4c:87:aa:ee:38:d0:a0:
                    01:c9:5f:1f:f4:a0:30:0e:98:a5:61:82:e6:2a:5b:
                    2d:44:a9:c4:ec:7d:b0:d2:6f:a3:8b:39:c4:a0:75:
                    cc:bb:a1:bf:63:6c:b2:41:47:13:00:d3:60:60:6c:
                    3d:bf:dc:31:f7:b7:10:6c:88:82:c6:3b:bc:41:33:
                    7e:86:12:2b:fc:4a:02:17:48:1e:31:88:4a:f7:ad:
                    15:d5:ed:1e:76:ae:a9:6b:07:23:8f:6e:03:92:fe:
                    50:1d:52:ec:07:13:d4:f4:5e:06:bd:e0:77:07:bb:
                    f7:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:50:FB:9C:4F:6E:91:9A:69:C5:36:0D:83:94:A5:D6:9B:D2:C4:19
            X509v3 Authority Key Identifier:
                keyid:C5:96:78:54:76:EF:BA:E7:7F:96:1D:23:05:70:57:FA:03:6F:B2:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xZZ4VHbvuud_lh0jBXBX-gNvsn8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/4ae99d-f552-476c-8177-ebf5f0433772/1/xZZ4VHbvuud_lh0jBXBX-gNvsn8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/4ae99d-f552-476c-8177-ebf5f0433772/1/xZZ4VHbvuud_lh0jBXBX-gNvsn8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cd:2a:b8:c6:89:de:f4:c1:4d:05:25:25:ac:02:bf:1e:d6:4c:
         b3:b8:4f:2f:06:d1:c6:52:c5:be:04:ad:e6:95:f0:b1:a8:09:
         42:c4:d9:c9:18:c6:67:db:96:42:7d:50:f2:a1:5e:45:ca:7a:
         27:37:c0:94:4f:bf:8e:0f:e7:ca:45:63:fb:59:75:c5:e6:4a:
         f0:9d:0d:18:4b:b3:b9:15:bd:14:78:5f:35:ca:ad:ae:b1:d6:
         78:c2:74:a6:d1:02:74:bc:b3:50:4f:5e:98:12:b3:48:88:e4:
         33:30:fc:5f:54:1e:aa:4f:9f:dd:0b:40:a9:45:f6:68:04:de:
         e0:df:53:f4:0f:65:84:ff:00:11:c9:26:a7:84:3e:f9:85:8f:
         1a:10:aa:20:fc:8d:0b:79:a5:e9:02:43:0b:ae:3f:85:ff:cc:
         3d:41:b0:a6:9f:ad:ef:07:f4:16:8a:d8:23:ab:ea:5c:7e:9d:
         d3:2b:a3:48:4f:b9:78:0c:df:bb:d3:91:08:a6:9e:e8:2a:f7:
         aa:08:78:35:3b:da:2d:06:a6:e3:94:75:35:2f:8e:0e:39:80:
         fe:15:47:eb:c1:17:85:45:a9:41:a1:5f:bc:c5:46:7e:b0:b3:
         ee:e5:56:85:bf:8e:6e:08:9b:4b:a3:c2:fe:72:4c:fa:9f:3a:
         dc:c7:ae:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpykyzv5+/cweCzS0eN333jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1OTY3ODU0NzZlZmJhZTc3Zjk2MWQyMzA1NzA1N2ZhMDM2
ZmIyN2YwHhcNMjUxMTExMTEwMDM5WhcNMjUxMTEyMTEwMDM5WjAzMTEwLwYDVQQD
EyhhMDUwZmI5YzRmNmU5MTlhNjljNTM2MGQ4Mzk0YTVkNjliZDJjNDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1hKImab9bH5F1jtO+pdy4FWMZIBj
C8GryAhzvpvpbeDSFgzgYtVcE6uCzDasxsjXmHauougEo31twKgYVHUVO3OG0IsL
5E+hM8bMdlrzuPNSP+km2rOjnQjKuHfAL8puwJP2W8CoSiPXRfYqYCHvpJqwxhX5
7J9/zbRLCnT3/1ONxw45dCj6m8BMe7Gix0yHqu440KAByV8f9KAwDpilYYLmKlst
RKnE7H2w0m+jiznEoHXMu6G/Y2yyQUcTANNgYGw9v9wx97cQbIiCxju8QTN+hhIr
/EoCF0geMYhK960V1e0edq6pawcjj24Dkv5QHVLsBxPU9F4GveB3B7v3FwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKBQ+5xPbpGaacU2DYOUpdab0sQZMB8GA1UdIwQY
MBaAFMWWeFR277rnf5YdIwVwV/oDb7J/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFpaNFZIYnZ1dWRfbGgwakJYQlgtZ052c244LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS80YWU5OWQtZjU1Mi00NzZjLTgxNzct
ZWJmNWYwNDMzNzcyLzEveFpaNFZIYnZ1dWRfbGgwakJYQlgtZ052c244Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS80YWU5OWQtZjU1Mi00NzZjLTgxNzctZWJmNWYwNDMzNzcy
LzEveFpaNFZIYnZ1dWRfbGgwakJYQlgtZ052c244LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzSq4xone
9MFNBSUlrAK/HtZMs7hPLwbRxlLFvgSt5pXwsagJQsTZyRjGZ9uWQn1Q8qFeRcp6
JzfAlE+/jg/nykVj+1l1xeZK8J0NGEuzuRW9FHhfNcqtrrHWeMJ0ptECdLyzUE9e
mBKzSIjkMzD8X1Qeqk+f3QtAqUX2aATe4N9T9A9lhP8AEckmp4Q++YWPGhCqIPyN
C3ml6QJDC64/hf/MPUGwpp+t7wf0ForYI6vqXH6d0yujSE+5eAzfu9ORCKae6Cr3
qgh4NTvaLQam45R1NS+ODjmA/hVH68EXhUWpQaFfvMVGfrCz7uVWhb+ObgibS6PC
/nJM+p863Meuaw==
-----END CERTIFICATE-----