Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft
File:                     0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft (raw, json)
Hash identifier:          4M4iOcCc6QsKtkMonW/Y3HlqiD5O3W7t0Pr3NPGpM2o=
Subject key identifier:   DB:C7:EE:93:B5:78:4E:D3:2B:06:17:15:01:70:75:DA:5B:95:A3:92
Authority key identifier: D1:70:D4:DD:E2:3A:92:16:6A:67:BB:13:F6:0B:C7:0B:66:7D:86:95
Certificate issuer:       /CN=d170d4dde23a92166a67bb13f60bc70b667d8695
Certificate serial:       019A7225967BC67C036354F6C0479D0E8AF0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft
Manifest number:          1456
Signing time:             Tue 11 Nov 2025 09:00:57 +0000
Manifest this update:     Tue 11 Nov 2025 09:00:57 +0000
Manifest next update:     Wed 12 Nov 2025 09:00:57 +0000
Files and hashes:         1: 0XDU3eI6khZqZ7sT9gvHC2Z9hpU.crl (hash: F9fA9KK/PbO9H9CUBBwUGsjZHZdSVjwzOeV8rFmU6rE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:96:7b:c6:7c:03:63:54:f6:c0:47:9d:0e:8a:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d170d4dde23a92166a67bb13f60bc70b667d8695
        Validity
            Not Before: Nov 11 09:00:57 2025 GMT
            Not After : Nov 12 09:00:57 2025 GMT
        Subject: CN=dbc7ee93b5784ed32b061715017075da5b95a392
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:46:af:e1:5e:71:9b:c4:29:32:0e:89:5d:14:
                    30:57:2d:37:53:2e:b2:b5:a6:cf:15:af:1f:a7:09:
                    f5:e8:f9:ff:64:16:88:f4:71:19:f8:b9:8c:c7:3e:
                    71:51:fa:2d:24:42:ac:86:39:8a:cc:88:1d:4e:c9:
                    57:f3:55:ac:06:7d:24:7e:4b:ed:7f:5b:f2:7a:b2:
                    60:86:5a:9b:4e:53:41:76:39:49:d8:97:55:83:d1:
                    bf:38:09:0e:72:24:9e:ec:0b:86:d5:4c:80:ce:8c:
                    a3:80:19:e2:7d:4e:8e:c0:ba:d7:1c:ee:7d:35:7a:
                    5f:58:ab:8a:8b:a5:08:17:02:72:a3:68:86:1f:19:
                    b8:36:a0:b7:18:49:a9:ef:9a:a7:20:70:ee:f8:ef:
                    82:0e:e4:62:f7:5c:98:52:2e:bf:22:dd:25:ee:1b:
                    fb:fb:66:d1:41:9b:69:3a:f6:04:37:99:4d:27:82:
                    1e:a2:7b:02:d2:d3:10:df:ee:58:e2:57:b4:2d:ee:
                    86:1b:cf:1a:48:d9:fc:09:56:83:f4:02:c4:93:71:
                    38:06:cd:40:e8:b4:d8:ee:4b:45:02:98:41:c0:18:
                    2d:54:1a:be:55:0a:28:02:f6:5b:04:b4:b0:c8:6d:
                    d7:18:1a:ab:e2:5a:41:aa:b8:01:c5:2b:20:42:f8:
                    7d:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:C7:EE:93:B5:78:4E:D3:2B:06:17:15:01:70:75:DA:5B:95:A3:92
            X509v3 Authority Key Identifier:
                keyid:D1:70:D4:DD:E2:3A:92:16:6A:67:BB:13:F6:0B:C7:0B:66:7D:86:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b5:ed:54:fd:1a:a4:e9:78:ce:24:6f:57:c7:9d:a2:2c:80:a4:
         8e:5e:65:45:08:63:86:6d:1d:e4:f6:b2:fc:da:a7:6e:74:61:
         50:ad:67:aa:a3:af:d6:19:d1:cf:72:45:1a:8c:79:93:2c:04:
         e5:42:d3:d5:dd:ea:0a:4b:14:71:ca:08:0e:e3:07:3a:ef:00:
         40:5b:92:a7:f4:16:0f:c9:ea:d6:c7:59:d4:83:c5:c0:dc:18:
         07:52:83:c0:eb:17:4a:ec:bd:15:2a:92:e1:12:23:18:a7:60:
         98:bf:9b:08:23:46:44:06:98:21:b1:73:2c:fd:c3:03:37:61:
         2e:e7:a0:c5:20:5b:a1:3f:02:d6:b7:4c:66:1e:dd:9e:2c:11:
         30:a7:78:90:0e:f1:06:d1:73:84:9f:9c:de:5a:09:9c:5a:a8:
         c4:e8:11:87:2e:b8:de:64:c6:b4:97:ac:c1:5b:67:80:11:15:
         13:b3:a8:7a:26:a1:94:00:bd:e0:75:59:2b:6c:94:19:f4:09:
         31:1d:ed:68:5f:d4:06:be:ed:3e:a8:c2:0f:2c:26:25:a4:4b:
         6a:f7:07:85:ac:34:04:b4:f4:43:cb:37:89:bc:d6:c2:b6:54:
         95:b1:97:49:30:a7:6e:0c:f3:08:fc:9f:cf:87:c9:73:0a:98:
         91:6a:7b:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJZZ7xnwDY1T2wEedDorwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxNzBkNGRkZTIzYTkyMTY2YTY3YmIxM2Y2MGJjNzBiNjY3
ZDg2OTUwHhcNMjUxMTExMDkwMDU3WhcNMjUxMTEyMDkwMDU3WjAzMTEwLwYDVQQD
EyhkYmM3ZWU5M2I1Nzg0ZWQzMmIwNjE3MTUwMTcwNzVkYTViOTVhMzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0av4V5xm8QpMg6JXRQwVy03Uy6y
tabPFa8fpwn16Pn/ZBaI9HEZ+LmMxz5xUfotJEKshjmKzIgdTslX81WsBn0kfkvt
f1vyerJghlqbTlNBdjlJ2JdVg9G/OAkOciSe7AuG1UyAzoyjgBnifU6OwLrXHO59
NXpfWKuKi6UIFwJyo2iGHxm4NqC3GEmp75qnIHDu+O+CDuRi91yYUi6/It0l7hv7
+2bRQZtpOvYEN5lNJ4IeonsC0tMQ3+5Y4le0Le6GG88aSNn8CVaD9ALEk3E4Bs1A
6LTY7ktFAphBwBgtVBq+VQooAvZbBLSwyG3XGBqr4lpBqrgBxSsgQvh9aQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNvH7pO1eE7TKwYXFQFwddpblaOSMB8GA1UdIwQY
MBaAFNFw1N3iOpIWame7E/YLxwtmfYaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFhEVTNlSTZraFpxWjdzVDlndkhDMlo5aHBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC81NmE2ZWMtMzdiZS00MzY4LTk0MzQt
N2E1NzE0ZjhlNmRhLzEvMFhEVTNlSTZraFpxWjdzVDlndkhDMlo5aHBVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC81NmE2ZWMtMzdiZS00MzY4LTk0MzQtN2E1NzE0ZjhlNmRh
LzEvMFhEVTNlSTZraFpxWjdzVDlndkhDMlo5aHBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAte1U/Rqk
6XjOJG9Xx52iLICkjl5lRQhjhm0d5Pay/NqnbnRhUK1nqqOv1hnRz3JFGox5kywE
5ULT1d3qCksUccoIDuMHOu8AQFuSp/QWD8nq1sdZ1IPFwNwYB1KDwOsXSuy9FSqS
4RIjGKdgmL+bCCNGRAaYIbFzLP3DAzdhLuegxSBboT8C1rdMZh7dniwRMKd4kA7x
BtFzhJ+c3loJnFqoxOgRhy643mTGtJeswVtngBEVE7OoeiahlAC94HVZK2yUGfQJ
MR3taF/UBr7tPqjCDywmJaRLavcHhaw0BLT0Q8s3ibzWwrZUlbGXSTCnbgzzCPyf
z4fJcwqYkWp7Sg==
-----END CERTIFICATE-----