Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/08cdb7-416e-43a6-a276-a0389602472f/1/xnp-TG1V61E8VFdgqP9lba3wuNc.mft
File:                     xnp-TG1V61E8VFdgqP9lba3wuNc.mft (raw, json)
Hash identifier:          sxyTYd6epks8s2JkKUYcZ9tEajcPJVzN3nTwsoz90Vc=
Subject key identifier:   39:11:2C:7D:E7:25:CA:B4:47:7C:35:EB:D2:2C:9D:30:45:5B:55:1D
Authority key identifier: C6:7A:7E:4C:6D:55:EB:51:3C:54:57:60:A8:FF:65:6D:AD:F0:B8:D7
Certificate issuer:       /CN=c67a7e4c6d55eb513c545760a8ff656dadf0b8d7
Certificate serial:       019A7225CBBAB72F26BAA9BFF6C90D8BA2F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xnp-TG1V61E8VFdgqP9lba3wuNc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/76/08cdb7-416e-43a6-a276-a0389602472f/1/xnp-TG1V61E8VFdgqP9lba3wuNc.mft
Manifest number:          02E9
Signing time:             Tue 11 Nov 2025 09:01:10 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:10 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:10 +0000
Files and hashes:         1: xnp-TG1V61E8VFdgqP9lba3wuNc.crl (hash: WGQuFKqHrXTt89Fi/7GMNxnluG3TjpQWHKll6GPKDNc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/76/08cdb7-416e-43a6-a276-a0389602472f/1/xnp-TG1V61E8VFdgqP9lba3wuNc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/76/08cdb7-416e-43a6-a276-a0389602472f/1/xnp-TG1V61E8VFdgqP9lba3wuNc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xnp-TG1V61E8VFdgqP9lba3wuNc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:cb:ba:b7:2f:26:ba:a9:bf:f6:c9:0d:8b:a2:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c67a7e4c6d55eb513c545760a8ff656dadf0b8d7
        Validity
            Not Before: Nov 11 09:01:10 2025 GMT
            Not After : Nov 12 09:01:10 2025 GMT
        Subject: CN=39112c7de725cab4477c35ebd22c9d30455b551d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:66:51:84:37:bf:f1:0a:c2:73:04:33:38:af:
                    66:a3:ec:f8:45:da:11:d3:0e:db:12:d6:d5:53:ad:
                    12:4e:fc:ce:dc:46:f0:24:d7:df:aa:c6:08:6c:ac:
                    59:13:9a:ff:05:5b:1e:42:17:69:7c:06:a2:ab:d0:
                    7b:4c:de:56:01:c9:30:21:2a:d6:b7:24:aa:fc:b7:
                    cc:5d:20:c6:6f:55:9a:0e:4c:6a:87:56:4f:4e:99:
                    a0:7b:a9:44:0f:ca:1c:6f:a5:8b:23:9a:24:be:da:
                    f6:05:12:ed:5f:02:7a:14:3d:d7:ba:e1:20:b6:cd:
                    05:5c:32:3b:f3:fd:48:7a:f3:7d:68:93:7b:5d:d7:
                    a4:b2:49:27:a6:05:f7:b5:30:57:f8:fe:5f:15:c5:
                    4f:3b:c9:ae:3f:0e:48:a3:91:e7:fa:5f:a7:d0:e8:
                    d1:4e:4b:09:15:c4:97:51:97:bf:b4:c0:12:fb:90:
                    a4:f1:d0:f3:d3:72:ff:9c:f5:4e:fb:fb:76:f4:c7:
                    bb:de:cb:5a:e7:1f:b1:25:30:2d:bf:4a:7f:7a:e0:
                    6c:0d:8e:f5:1f:02:22:79:18:80:f9:11:72:dc:a1:
                    e6:23:0f:56:ca:67:02:d7:68:4f:95:2f:ea:c7:81:
                    6f:c4:2b:0d:76:f5:33:d4:d8:d9:dc:3c:3f:94:b4:
                    25:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:11:2C:7D:E7:25:CA:B4:47:7C:35:EB:D2:2C:9D:30:45:5B:55:1D
            X509v3 Authority Key Identifier:
                keyid:C6:7A:7E:4C:6D:55:EB:51:3C:54:57:60:A8:FF:65:6D:AD:F0:B8:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xnp-TG1V61E8VFdgqP9lba3wuNc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/08cdb7-416e-43a6-a276-a0389602472f/1/xnp-TG1V61E8VFdgqP9lba3wuNc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/76/08cdb7-416e-43a6-a276-a0389602472f/1/xnp-TG1V61E8VFdgqP9lba3wuNc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ac:cc:af:e1:c5:db:5a:4f:ee:70:c4:1f:b7:59:65:b7:c4:a2:
         20:c8:18:3d:22:07:d9:26:8a:95:d0:cc:1e:b2:3b:9b:1f:e5:
         50:6e:fd:61:d0:e3:fe:0c:26:7b:5e:03:c9:d1:6d:de:4f:be:
         a1:13:96:5c:01:40:ab:8f:9c:5c:94:3f:7d:8c:fa:59:5d:1c:
         e3:9c:2b:76:84:18:15:2f:73:fe:75:70:0e:38:eb:bc:bb:a8:
         75:50:d9:6f:f3:30:ce:45:af:7b:bc:28:e5:8a:a6:6f:d9:60:
         23:65:b4:40:ee:14:de:2a:c9:48:39:8b:21:0b:03:71:35:68:
         30:75:58:ce:ae:ef:c5:49:12:fc:29:4b:e2:8e:bb:a3:5c:f5:
         d7:fd:e9:e5:62:fd:60:ce:ab:10:49:f3:94:34:55:e6:02:df:
         94:76:ef:ac:ff:4d:00:d2:86:84:ed:69:11:8c:67:63:d7:8d:
         8e:64:d5:ef:5c:d1:67:b0:fc:f3:39:bc:05:f3:ab:db:6c:2d:
         42:c1:d2:df:58:36:36:96:26:96:8a:fa:6f:bf:5b:4e:79:27:
         b9:59:b4:47:61:44:03:ff:6b:5d:49:71:bb:8c:53:2d:79:b5:
         52:32:9f:6c:e3:8a:4f:92:7e:bd:3e:58:77:31:aa:76:26:c5:
         da:26:6b:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJcu6ty8muqm/9skNi6L3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2N2E3ZTRjNmQ1NWViNTEzYzU0NTc2MGE4ZmY2NTZkYWRm
MGI4ZDcwHhcNMjUxMTExMDkwMTEwWhcNMjUxMTEyMDkwMTEwWjAzMTEwLwYDVQQD
EygzOTExMmM3ZGU3MjVjYWI0NDc3YzM1ZWJkMjJjOWQzMDQ1NWI1NTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlmZRhDe/8QrCcwQzOK9mo+z4RdoR
0w7bEtbVU60STvzO3EbwJNffqsYIbKxZE5r/BVseQhdpfAaiq9B7TN5WAckwISrW
tySq/LfMXSDGb1WaDkxqh1ZPTpmge6lED8ocb6WLI5okvtr2BRLtXwJ6FD3XuuEg
ts0FXDI78/1IevN9aJN7XdekskknpgX3tTBX+P5fFcVPO8muPw5Io5Hn+l+n0OjR
TksJFcSXUZe/tMAS+5Ck8dDz03L/nPVO+/t29Me73sta5x+xJTAtv0p/euBsDY71
HwIieRiA+RFy3KHmIw9WymcC12hPlS/qx4FvxCsNdvUz1NjZ3Dw/lLQlbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDkRLH3nJcq0R3w169IsnTBFW1UdMB8GA1UdIwQY
MBaAFMZ6fkxtVetRPFRXYKj/ZW2t8LjXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG5wLVRHMVY2MUU4VkZkZ3FQOWxiYTN3dU5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8wOGNkYjctNDE2ZS00M2E2LWEyNzYt
YTAzODk2MDI0NzJmLzEveG5wLVRHMVY2MUU4VkZkZ3FQOWxiYTN3dU5jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8wOGNkYjctNDE2ZS00M2E2LWEyNzYtYTAzODk2MDI0NzJm
LzEveG5wLVRHMVY2MUU4VkZkZ3FQOWxiYTN3dU5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArMyv4cXb
Wk/ucMQft1llt8SiIMgYPSIH2SaKldDMHrI7mx/lUG79YdDj/gwme14DydFt3k++
oROWXAFAq4+cXJQ/fYz6WV0c45wrdoQYFS9z/nVwDjjrvLuodVDZb/MwzkWve7wo
5Yqmb9lgI2W0QO4U3irJSDmLIQsDcTVoMHVYzq7vxUkS/ClL4o67o1z11/3p5WL9
YM6rEEnzlDRV5gLflHbvrP9NANKGhO1pEYxnY9eNjmTV71zRZ7D88zm8BfOr22wt
QsHS31g2NpYmlor6b79bTnknuVm0R2FEA/9rXUlxu4xTLXm1UjKfbOOKT5J+vT5Y
dzGqdibF2iZruw==
-----END CERTIFICATE-----