Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b1b128-4f10-486e-a1ee-952f6fc02672/1/ltTArxW-ONL8XjD-NFdHXTS3g5o.mft
File:                     ltTArxW-ONL8XjD-NFdHXTS3g5o.mft (raw, json)
Hash identifier:          lEQs5mF0UisK0Zi2viIBmt/97Umf73qjKiva5oqD0x8=
Subject key identifier:   83:F8:20:D5:9D:A6:58:BD:89:8B:80:19:28:99:86:7A:81:0B:E9:A3
Authority key identifier: 96:D4:C0:AF:15:BE:38:D2:FC:5E:30:FE:34:57:47:5D:34:B7:83:9A
Certificate issuer:       /CN=96d4c0af15be38d2fc5e30fe3457475d34b7839a
Certificate serial:       019A71B796492915F7C2164E9B0616BCE6DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ltTArxW-ONL8XjD-NFdHXTS3g5o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/b1b128-4f10-486e-a1ee-952f6fc02672/1/ltTArxW-ONL8XjD-NFdHXTS3g5o.mft
Manifest number:          138F
Signing time:             Tue 11 Nov 2025 07:00:48 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:48 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:48 +0000
Files and hashes:         1: ltTArxW-ONL8XjD-NFdHXTS3g5o.crl (hash: nIGG2c/gJFvDBaUELutAdYOh45h1ccdBS+y+qf1NwoY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/b1b128-4f10-486e-a1ee-952f6fc02672/1/ltTArxW-ONL8XjD-NFdHXTS3g5o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/b1b128-4f10-486e-a1ee-952f6fc02672/1/ltTArxW-ONL8XjD-NFdHXTS3g5o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ltTArxW-ONL8XjD-NFdHXTS3g5o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:96:49:29:15:f7:c2:16:4e:9b:06:16:bc:e6:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=96d4c0af15be38d2fc5e30fe3457475d34b7839a
        Validity
            Not Before: Nov 11 07:00:48 2025 GMT
            Not After : Nov 12 07:00:48 2025 GMT
        Subject: CN=83f820d59da658bd898b80192899867a810be9a3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:e3:3a:bb:8d:42:42:91:e5:ae:d2:db:94:0b:
                    62:45:e6:6c:d0:43:72:ff:9f:76:1c:51:6e:3c:4d:
                    48:e8:24:d2:91:68:e1:63:dd:15:0e:9e:12:d4:7c:
                    70:f7:12:d5:93:be:45:01:fa:f3:71:0c:a4:4e:cf:
                    d6:2e:04:2f:80:a2:f8:56:69:1d:e1:9a:da:2c:a1:
                    92:45:cb:df:74:22:d8:39:4e:3d:87:84:1a:da:a2:
                    ec:4b:51:71:b2:a6:e5:fc:f3:6d:2d:76:7a:34:4a:
                    41:a8:95:45:5a:7d:30:62:f2:d6:d1:8c:97:d4:3d:
                    b1:43:6a:42:16:38:92:a1:71:58:8c:9d:04:84:02:
                    b2:12:a8:ef:51:3f:aa:8e:d3:e1:e3:85:21:0b:12:
                    f0:14:4f:26:6f:4a:53:74:6b:97:1b:91:f2:e3:49:
                    14:64:80:83:e9:83:98:69:b6:5b:a2:a7:5f:22:24:
                    b7:7a:96:33:4b:06:9a:7b:d4:62:e7:d6:2d:40:15:
                    d4:e7:4d:0c:aa:6b:1a:08:f2:82:ba:9d:86:3c:d0:
                    49:3a:aa:71:2c:62:a2:91:64:ec:3b:d2:16:a3:6e:
                    7f:aa:a8:85:aa:fe:b3:e1:d3:f1:12:ca:d3:3f:99:
                    69:ba:2e:55:37:23:5c:c2:5d:23:b5:3c:7f:4e:e9:
                    5b:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:F8:20:D5:9D:A6:58:BD:89:8B:80:19:28:99:86:7A:81:0B:E9:A3
            X509v3 Authority Key Identifier:
                keyid:96:D4:C0:AF:15:BE:38:D2:FC:5E:30:FE:34:57:47:5D:34:B7:83:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ltTArxW-ONL8XjD-NFdHXTS3g5o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b1b128-4f10-486e-a1ee-952f6fc02672/1/ltTArxW-ONL8XjD-NFdHXTS3g5o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b1b128-4f10-486e-a1ee-952f6fc02672/1/ltTArxW-ONL8XjD-NFdHXTS3g5o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:fd:60:8a:0d:0e:2b:20:99:be:0f:cd:89:78:93:bf:3b:2a:
         e0:b0:80:2d:ad:fb:7c:a5:bc:d4:1b:b8:b5:cb:d0:12:77:79:
         d2:d0:6d:45:3a:e7:e4:dd:ce:ba:ae:fa:7e:9b:97:c5:a8:28:
         6b:f3:55:0c:93:d7:dd:a9:50:d3:45:21:fd:92:4e:3c:2c:05:
         b3:b8:fb:ea:b6:6b:39:4e:d2:1d:da:c9:54:27:71:52:4a:e8:
         c4:9b:cb:a6:b1:b9:23:a9:74:59:ef:dd:0e:d6:4c:5d:6d:3c:
         87:75:ab:5a:10:7d:2e:16:78:1b:58:15:d1:08:90:ef:0c:1f:
         96:d0:2d:70:c3:78:89:b0:32:0f:24:f3:5d:a1:e1:f2:a2:e2:
         11:41:8e:5e:52:d0:30:5c:66:d0:8f:3c:87:92:b8:e2:fb:22:
         13:72:de:10:8d:24:a9:b9:6c:f3:af:52:58:e4:0b:e1:da:aa:
         b3:c9:33:e1:a8:3e:e7:30:b1:5e:94:ea:08:d0:bd:7b:c4:6f:
         d5:a2:8e:8b:c9:7c:4e:fa:9d:15:32:3c:77:e8:30:4f:53:fa:
         06:09:8d:23:12:91:59:ae:f9:4b:5e:e8:2b:38:79:2b:44:f5:
         f1:14:0f:e1:8b:e0:3a:5f:5e:ec:f7:87:f1:b5:c2:08:41:f1:
         c5:28:ef:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt5ZJKRX3whZOmwYWvObbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2ZDRjMGFmMTViZTM4ZDJmYzVlMzBmZTM0NTc0NzVkMzRi
NzgzOWEwHhcNMjUxMTExMDcwMDQ4WhcNMjUxMTEyMDcwMDQ4WjAzMTEwLwYDVQQD
Eyg4M2Y4MjBkNTlkYTY1OGJkODk4YjgwMTkyODk5ODY3YTgxMGJlOWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOM6u41CQpHlrtLblAtiReZs0ENy
/592HFFuPE1I6CTSkWjhY90VDp4S1Hxw9xLVk75FAfrzcQykTs/WLgQvgKL4Vmkd
4ZraLKGSRcvfdCLYOU49h4Qa2qLsS1Fxsqbl/PNtLXZ6NEpBqJVFWn0wYvLW0YyX
1D2xQ2pCFjiSoXFYjJ0EhAKyEqjvUT+qjtPh44UhCxLwFE8mb0pTdGuXG5Hy40kU
ZICD6YOYabZboqdfIiS3epYzSwaae9Ri59YtQBXU500MqmsaCPKCup2GPNBJOqpx
LGKikWTsO9IWo25/qqiFqv6z4dPxEsrTP5lpui5VNyNcwl0jtTx/TulbKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIP4INWdpli9iYuAGSiZhnqBC+mjMB8GA1UdIwQY
MBaAFJbUwK8VvjjS/F4w/jRXR100t4OaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHRUQXJ4Vy1PTkw4WGpELU5GZEhYVFMzZzVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iMWIxMjgtNGYxMC00ODZlLWExZWUt
OTUyZjZmYzAyNjcyLzEvbHRUQXJ4Vy1PTkw4WGpELU5GZEhYVFMzZzVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iMWIxMjgtNGYxMC00ODZlLWExZWUtOTUyZjZmYzAyNjcy
LzEvbHRUQXJ4Vy1PTkw4WGpELU5GZEhYVFMzZzVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAv1gig0O
KyCZvg/NiXiTvzsq4LCALa37fKW81Bu4tcvQEnd50tBtRTrn5N3Ouq76fpuXxago
a/NVDJPX3alQ00Uh/ZJOPCwFs7j76rZrOU7SHdrJVCdxUkroxJvLprG5I6l0We/d
DtZMXW08h3WrWhB9LhZ4G1gV0QiQ7wwfltAtcMN4ibAyDyTzXaHh8qLiEUGOXlLQ
MFxm0I88h5K44vsiE3LeEI0kqbls869SWOQL4dqqs8kz4ag+5zCxXpTqCNC9e8Rv
1aKOi8l8TvqdFTI8d+gwT1P6BgmNIxKRWa75S17oKzh5K0T18RQP4YvgOl9e7PeH
8bXCCEHxxSjv4A==
-----END CERTIFICATE-----