Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/5392b9-7f23-4740-9123-69c72f168689/1/t5im6ZG5VaKTURGf9312hksNOEo.mft
File:                     t5im6ZG5VaKTURGf9312hksNOEo.mft (raw, json)
Hash identifier:          0NNheTPQuVDIV85mmqkmBifByp7Rlo5LTP3MZXEqu68=
Subject key identifier:   A7:BD:C7:0F:00:9E:D4:60:C4:44:5A:A3:FC:E1:CA:AD:CA:5B:58:6F
Authority key identifier: B7:98:A6:E9:91:B9:55:A2:93:51:11:9F:F7:7D:76:86:4B:0D:38:4A
Certificate issuer:       /CN=b798a6e991b955a29351119ff77d76864b0d384a
Certificate serial:       019A71B850906350217E664E71F473525356
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/t5im6ZG5VaKTURGf9312hksNOEo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ae/5392b9-7f23-4740-9123-69c72f168689/1/t5im6ZG5VaKTURGf9312hksNOEo.mft
Manifest number:          0E42
Signing time:             Tue 11 Nov 2025 07:01:35 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:35 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:35 +0000
Files and hashes:         1: t5im6ZG5VaKTURGf9312hksNOEo.crl (hash: hljNMBN98fvE85hgsHdRwZ7Lnd7SRaTSpqwN8ex2slM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ae/5392b9-7f23-4740-9123-69c72f168689/1/t5im6ZG5VaKTURGf9312hksNOEo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ae/5392b9-7f23-4740-9123-69c72f168689/1/t5im6ZG5VaKTURGf9312hksNOEo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/t5im6ZG5VaKTURGf9312hksNOEo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:50:90:63:50:21:7e:66:4e:71:f4:73:52:53:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b798a6e991b955a29351119ff77d76864b0d384a
        Validity
            Not Before: Nov 11 07:01:35 2025 GMT
            Not After : Nov 12 07:01:35 2025 GMT
        Subject: CN=a7bdc70f009ed460c4445aa3fce1caadca5b586f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:00:e6:ee:a1:34:72:2c:c6:c8:e2:d1:e3:e7:
                    7b:4b:dd:28:b0:12:4e:04:8e:b2:44:e0:3c:79:02:
                    74:0c:8a:8f:a1:22:bf:cd:63:e7:b3:f4:42:ba:e7:
                    d6:6a:db:b6:2a:f9:23:72:8a:b9:4a:d3:87:c8:78:
                    fe:58:3a:b6:4c:de:0f:d4:21:f3:68:80:81:a4:23:
                    70:3e:d6:a6:8a:fd:0c:b5:16:f1:62:ff:a7:fc:7e:
                    b3:b5:fd:ce:bc:18:0c:26:0c:5b:2d:4a:ec:bc:c3:
                    bf:8b:01:58:9e:fa:9c:07:73:36:6a:a4:28:04:20:
                    1b:4c:d6:88:63:3c:85:05:41:97:86:0d:0c:df:bb:
                    8f:59:6c:a0:1a:9f:78:43:71:5b:dd:e3:79:94:49:
                    96:87:c9:ae:88:12:ec:38:5f:80:df:30:27:26:7a:
                    0a:4b:00:e0:70:02:75:59:2c:81:95:f9:ff:02:1a:
                    16:0f:75:89:1c:b3:9a:52:bb:48:78:c9:bb:6c:ec:
                    bf:66:36:95:23:b8:64:3e:16:6e:f8:84:77:4b:4f:
                    ed:b2:47:a9:f8:2d:07:ad:ef:00:54:04:2e:3a:ad:
                    f1:42:36:1e:64:79:6d:3f:e4:fa:60:ed:bd:87:4a:
                    d0:67:cb:30:1a:a9:dc:62:a9:19:ff:bb:2a:8f:49:
                    1f:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:BD:C7:0F:00:9E:D4:60:C4:44:5A:A3:FC:E1:CA:AD:CA:5B:58:6F
            X509v3 Authority Key Identifier:
                keyid:B7:98:A6:E9:91:B9:55:A2:93:51:11:9F:F7:7D:76:86:4B:0D:38:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t5im6ZG5VaKTURGf9312hksNOEo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/5392b9-7f23-4740-9123-69c72f168689/1/t5im6ZG5VaKTURGf9312hksNOEo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/5392b9-7f23-4740-9123-69c72f168689/1/t5im6ZG5VaKTURGf9312hksNOEo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:46:53:3f:6d:db:c2:3e:50:61:60:23:83:87:81:34:f7:67:
         dc:1e:4a:16:bd:b8:bc:b1:a3:25:23:60:c2:a4:09:9a:69:28:
         db:29:92:56:7d:96:d9:2f:87:0c:a1:52:69:94:49:88:23:8b:
         ab:14:b7:fe:86:e1:49:63:ba:64:5f:23:c6:21:78:aa:31:a2:
         a0:9e:eb:06:00:d3:57:ca:97:28:7a:2a:4a:c5:6a:13:a1:6f:
         d9:d9:4b:ad:cf:17:2b:e6:9c:e8:fd:0c:b5:2d:7d:82:19:95:
         cd:1f:9e:e8:2c:96:7c:3b:d9:04:48:dd:bc:05:5c:da:03:8b:
         27:f9:4b:fb:86:d3:08:ca:2b:70:07:99:74:73:92:9e:7b:26:
         9d:72:51:ca:6a:51:10:93:e6:aa:eb:ba:87:93:c6:6e:2d:5f:
         31:21:4f:5a:9c:9f:bd:fb:04:c7:e6:18:41:46:fe:fa:92:58:
         6c:0d:0a:d4:26:fe:be:f5:d6:58:25:7d:fb:ff:1f:4b:69:e8:
         92:f4:f9:b2:da:ea:90:e9:d5:f9:2e:cb:93:67:9e:da:53:65:
         c0:f0:0b:8b:09:aa:38:64:c4:88:11:75:63:83:1c:73:19:6f:
         c8:57:6f:b2:cc:7a:3b:15:5c:c8:82:da:dd:5a:45:76:4b:01:
         a7:24:61:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuFCQY1AhfmZOcfRzUlNWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3OThhNmU5OTFiOTU1YTI5MzUxMTE5ZmY3N2Q3Njg2NGIw
ZDM4NGEwHhcNMjUxMTExMDcwMTM1WhcNMjUxMTEyMDcwMTM1WjAzMTEwLwYDVQQD
EyhhN2JkYzcwZjAwOWVkNDYwYzQ0NDVhYTNmY2UxY2FhZGNhNWI1ODZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQDm7qE0cizGyOLR4+d7S90osBJO
BI6yROA8eQJ0DIqPoSK/zWPns/RCuufWatu2Kvkjcoq5StOHyHj+WDq2TN4P1CHz
aICBpCNwPtamiv0MtRbxYv+n/H6ztf3OvBgMJgxbLUrsvMO/iwFYnvqcB3M2aqQo
BCAbTNaIYzyFBUGXhg0M37uPWWygGp94Q3Fb3eN5lEmWh8muiBLsOF+A3zAnJnoK
SwDgcAJ1WSyBlfn/AhoWD3WJHLOaUrtIeMm7bOy/ZjaVI7hkPhZu+IR3S0/tskep
+C0Hre8AVAQuOq3xQjYeZHltP+T6YO29h0rQZ8swGqncYqkZ/7sqj0kfnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKe9xw8AntRgxERao/zhyq3KW1hvMB8GA1UdIwQY
MBaAFLeYpumRuVWik1ERn/d9doZLDThKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDVpbTZaRzVWYUtUVVJHZjkzMTJoa3NOT0VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS81MzkyYjktN2YyMy00NzQwLTkxMjMt
NjljNzJmMTY4Njg5LzEvdDVpbTZaRzVWYUtUVVJHZjkzMTJoa3NOT0VvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS81MzkyYjktN2YyMy00NzQwLTkxMjMtNjljNzJmMTY4Njg5
LzEvdDVpbTZaRzVWYUtUVVJHZjkzMTJoa3NOT0VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUUZTP23b
wj5QYWAjg4eBNPdn3B5KFr24vLGjJSNgwqQJmmko2ymSVn2W2S+HDKFSaZRJiCOL
qxS3/obhSWO6ZF8jxiF4qjGioJ7rBgDTV8qXKHoqSsVqE6Fv2dlLrc8XK+ac6P0M
tS19ghmVzR+e6CyWfDvZBEjdvAVc2gOLJ/lL+4bTCMorcAeZdHOSnnsmnXJRympR
EJPmquu6h5PGbi1fMSFPWpyfvfsEx+YYQUb++pJYbA0K1Cb+vvXWWCV9+/8fS2no
kvT5strqkOnV+S7Lk2ee2lNlwPALiwmqOGTEiBF1Y4MccxlvyFdvssx6OxVcyILa
3VpFdksBpyRhDg==
-----END CERTIFICATE-----