Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/23337c-3758-40b6-a9c8-d725fa6732b6/1/9XGHM6rUPvapm9jZUEog3YkCLo8.mft
File:                     9XGHM6rUPvapm9jZUEog3YkCLo8.mft (raw, json)
Hash identifier:          MMeaMIHFB5j7keSuhqnxRe6Xso4FSHbvQqYFEbnyK1M=
Subject key identifier:   D8:24:F4:E1:EA:04:A5:45:E2:E9:56:2F:68:EE:32:2F:A1:FE:55:7D
Authority key identifier: F5:71:87:33:AA:D4:3E:F6:A9:9B:D8:D9:50:4A:20:DD:89:02:2E:8F
Certificate issuer:       /CN=f5718733aad43ef6a99bd8d9504a20dd89022e8f
Certificate serial:       019A711362D494206CC336E25B34B78A14DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9XGHM6rUPvapm9jZUEog3YkCLo8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ae/23337c-3758-40b6-a9c8-d725fa6732b6/1/9XGHM6rUPvapm9jZUEog3YkCLo8.mft
Manifest number:          141E
Signing time:             Tue 11 Nov 2025 04:01:27 +0000
Manifest this update:     Tue 11 Nov 2025 04:01:27 +0000
Manifest next update:     Wed 12 Nov 2025 04:01:27 +0000
Files and hashes:         1: 9XGHM6rUPvapm9jZUEog3YkCLo8.crl (hash: UCFI8QQj7T62u7664sDUYLMlvRTl3bXlJgFAHblRQsQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ae/23337c-3758-40b6-a9c8-d725fa6732b6/1/9XGHM6rUPvapm9jZUEog3YkCLo8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ae/23337c-3758-40b6-a9c8-d725fa6732b6/1/9XGHM6rUPvapm9jZUEog3YkCLo8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9XGHM6rUPvapm9jZUEog3YkCLo8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:01:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:13:62:d4:94:20:6c:c3:36:e2:5b:34:b7:8a:14:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5718733aad43ef6a99bd8d9504a20dd89022e8f
        Validity
            Not Before: Nov 11 04:01:27 2025 GMT
            Not After : Nov 12 04:01:27 2025 GMT
        Subject: CN=d824f4e1ea04a545e2e9562f68ee322fa1fe557d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:59:e4:12:70:7f:6f:58:50:77:c3:47:39:38:
                    a0:4d:62:3b:e4:7e:82:bc:ec:8e:02:64:c1:de:c4:
                    e7:58:9c:42:bf:8e:33:f0:a1:e3:7b:c3:ac:f0:92:
                    54:38:30:cd:a5:fc:98:9e:5c:d5:19:46:0e:5b:5a:
                    93:01:96:83:9a:c3:0f:2b:67:f8:32:dd:29:fd:4c:
                    50:1e:84:a5:da:28:77:85:4d:7f:52:5d:a7:34:30:
                    87:70:23:f2:38:c6:06:cd:64:08:84:79:8d:92:17:
                    8e:d3:06:2c:2d:cc:b8:0a:a6:0b:59:7d:12:81:63:
                    35:e8:de:4b:53:9a:38:dc:29:e2:83:68:67:88:35:
                    9a:83:9b:b6:db:e2:ad:1b:e3:61:ae:74:34:25:bd:
                    a6:82:75:6c:21:db:ba:20:bb:8e:66:70:fc:d2:39:
                    89:0c:b2:31:d0:c0:7d:cf:ae:4c:3c:c8:3a:e5:80:
                    5f:e3:7e:ee:64:e4:d1:a5:54:5c:ee:fe:5d:42:3c:
                    43:b5:5a:d3:80:93:3a:ad:43:87:61:89:e4:5a:3a:
                    f1:9e:89:57:00:ea:e0:94:0c:f6:7a:15:06:2c:7c:
                    a1:04:5e:f6:fa:f5:ac:35:cd:ba:a4:62:1b:5b:21:
                    02:fa:49:db:cf:5b:fd:9d:0f:09:3d:24:d0:3b:bf:
                    e6:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:24:F4:E1:EA:04:A5:45:E2:E9:56:2F:68:EE:32:2F:A1:FE:55:7D
            X509v3 Authority Key Identifier:
                keyid:F5:71:87:33:AA:D4:3E:F6:A9:9B:D8:D9:50:4A:20:DD:89:02:2E:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9XGHM6rUPvapm9jZUEog3YkCLo8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/23337c-3758-40b6-a9c8-d725fa6732b6/1/9XGHM6rUPvapm9jZUEog3YkCLo8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/23337c-3758-40b6-a9c8-d725fa6732b6/1/9XGHM6rUPvapm9jZUEog3YkCLo8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         e0:29:86:be:32:82:48:a2:71:59:f4:56:bd:89:07:d4:1d:69:
         85:f6:5e:d9:f9:62:21:b3:79:96:01:49:49:0f:f9:21:89:c9:
         c0:28:9a:8b:b3:fb:0e:d5:89:1f:a0:e8:bf:48:80:f0:24:3b:
         76:fe:07:54:50:b0:93:bf:53:7b:86:92:26:2f:18:d3:4e:f1:
         37:0f:67:66:51:ec:b0:e8:18:ba:d3:2f:52:e1:95:d7:b9:d4:
         2a:1d:13:f8:3b:e4:3b:2b:ac:ce:46:61:82:c2:81:2d:14:3c:
         b6:21:bd:aa:bc:e3:c6:ae:fd:ef:56:4d:b8:06:1b:73:4d:b6:
         bc:cc:15:d3:c7:af:b0:df:49:30:82:08:f0:42:f6:fc:7e:8d:
         d7:1d:62:86:46:76:29:89:67:7f:57:af:fd:42:92:0e:1f:55:
         20:8f:81:89:8d:2a:00:58:91:ac:cd:56:59:4e:55:5d:93:12:
         70:be:6f:59:94:13:90:4a:e5:c2:96:fc:4a:71:2f:cc:e2:53:
         53:b8:dd:fc:7f:9a:b3:4c:28:9a:76:16:01:4f:89:22:93:29:
         a6:81:5a:03:be:89:d7:f0:5f:60:d9:c6:79:b9:14:04:22:8c:
         97:7b:b6:1f:d2:07:eb:4a:63:0b:97:bb:96:3f:bb:62:fe:55:
         57:e8:89:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxE2LUlCBswzbiWzS3ihTbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1NzE4NzMzYWFkNDNlZjZhOTliZDhkOTUwNGEyMGRkODkw
MjJlOGYwHhcNMjUxMTExMDQwMTI3WhcNMjUxMTEyMDQwMTI3WjAzMTEwLwYDVQQD
EyhkODI0ZjRlMWVhMDRhNTQ1ZTJlOTU2MmY2OGVlMzIyZmExZmU1NTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA91nkEnB/b1hQd8NHOTigTWI75H6C
vOyOAmTB3sTnWJxCv44z8KHje8Os8JJUODDNpfyYnlzVGUYOW1qTAZaDmsMPK2f4
Mt0p/UxQHoSl2ih3hU1/Ul2nNDCHcCPyOMYGzWQIhHmNkheO0wYsLcy4CqYLWX0S
gWM16N5LU5o43Cnig2hniDWag5u22+KtG+NhrnQ0Jb2mgnVsIdu6ILuOZnD80jmJ
DLIx0MB9z65MPMg65YBf437uZOTRpVRc7v5dQjxDtVrTgJM6rUOHYYnkWjrxnolX
AOrglAz2ehUGLHyhBF72+vWsNc26pGIbWyEC+knbz1v9nQ8JPSTQO7/m9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNgk9OHqBKVF4ulWL2juMi+h/lV9MB8GA1UdIwQY
MBaAFPVxhzOq1D72qZvY2VBKIN2JAi6PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVhHSE02clVQdmFwbTlqWlVFb2czWWtDTG84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8yMzMzN2MtMzc1OC00MGI2LWE5Yzgt
ZDcyNWZhNjczMmI2LzEvOVhHSE02clVQdmFwbTlqWlVFb2czWWtDTG84Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8yMzMzN2MtMzc1OC00MGI2LWE5YzgtZDcyNWZhNjczMmI2
LzEvOVhHSE02clVQdmFwbTlqWlVFb2czWWtDTG84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA4CmGvjKC
SKJxWfRWvYkH1B1phfZe2fliIbN5lgFJSQ/5IYnJwCiai7P7DtWJH6Dov0iA8CQ7
dv4HVFCwk79Te4aSJi8Y007xNw9nZlHssOgYutMvUuGV17nUKh0T+DvkOyuszkZh
gsKBLRQ8tiG9qrzjxq7971ZNuAYbc022vMwV08evsN9JMIII8EL2/H6N1x1ihkZ2
KYlnf1ev/UKSDh9VII+BiY0qAFiRrM1WWU5VXZMScL5vWZQTkErlwpb8SnEvzOJT
U7jd/H+as0womnYWAU+JIpMppoFaA76J1/BfYNnGebkUBCKMl3u2H9IH60pjC5e7
lj+7Yv5VV+iJjQ==
-----END CERTIFICATE-----