Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/06684c-9955-424b-ace8-23797aeabb0f/1/xbqElpIUKuxW19DdyN1N20HPg8E.mft
File:                     xbqElpIUKuxW19DdyN1N20HPg8E.mft (raw, json)
Hash identifier:          643mHNexSoa1fcMGFF/Or76f1pd/h7A08BgqjVj3ihU=
Subject key identifier:   C3:62:B7:ED:98:E4:11:46:42:A8:23:83:3E:76:59:99:51:F5:C9:16
Authority key identifier: C5:BA:84:96:92:14:2A:EC:56:D7:D0:DD:C8:DD:4D:DB:41:CF:83:C1
Certificate issuer:       /CN=c5ba849692142aec56d7d0ddc8dd4ddb41cf83c1
Certificate serial:       019A722596CDAE2782503745A5F5F9FD2589
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xbqElpIUKuxW19DdyN1N20HPg8E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/06684c-9955-424b-ace8-23797aeabb0f/1/xbqElpIUKuxW19DdyN1N20HPg8E.mft
Manifest number:          101F
Signing time:             Tue 11 Nov 2025 09:00:57 +0000
Manifest this update:     Tue 11 Nov 2025 09:00:57 +0000
Manifest next update:     Wed 12 Nov 2025 09:00:57 +0000
Files and hashes:         1: xbqElpIUKuxW19DdyN1N20HPg8E.crl (hash: 7bQiY3uVap1iub+4N7HEqO5ouM0D6D7H09fktHgfaUE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/06684c-9955-424b-ace8-23797aeabb0f/1/xbqElpIUKuxW19DdyN1N20HPg8E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/06684c-9955-424b-ace8-23797aeabb0f/1/xbqElpIUKuxW19DdyN1N20HPg8E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xbqElpIUKuxW19DdyN1N20HPg8E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:96:cd:ae:27:82:50:37:45:a5:f5:f9:fd:25:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c5ba849692142aec56d7d0ddc8dd4ddb41cf83c1
        Validity
            Not Before: Nov 11 09:00:57 2025 GMT
            Not After : Nov 12 09:00:57 2025 GMT
        Subject: CN=c362b7ed98e4114642a823833e76599951f5c916
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:30:e1:18:84:d9:49:d7:d8:8b:1d:80:b1:36:
                    7f:1b:ea:36:9a:60:75:f6:c7:a8:5c:9a:2c:f1:30:
                    71:e2:60:09:16:85:4f:45:df:e6:31:59:15:5e:52:
                    ad:77:f3:68:20:57:03:8b:b3:86:00:07:71:4f:31:
                    d7:87:6c:bd:47:ee:b7:e6:b8:17:ad:6d:e8:68:65:
                    67:15:ef:cc:43:d7:fa:5b:a2:dd:d8:84:83:4e:a2:
                    d6:40:87:c4:3a:d3:e4:6c:2e:49:25:5e:f8:60:97:
                    3c:fb:1a:60:60:b1:95:92:7a:fb:3b:9c:d7:6b:06:
                    3c:21:4b:e3:1c:86:a0:9a:20:00:0e:8a:53:d1:60:
                    13:69:93:c8:19:9c:a6:25:14:2e:f3:c5:43:7e:61:
                    b3:3b:52:a6:b2:1e:8d:56:5b:97:a0:9f:05:cb:8e:
                    60:f3:95:f3:8f:7c:4c:22:16:bd:15:96:fc:bd:e6:
                    a3:3a:45:b5:52:f2:50:75:4e:e3:34:36:2a:74:0d:
                    5c:0e:8b:b6:6a:57:58:c7:89:45:bf:f9:97:11:cc:
                    fb:01:1a:04:bf:28:48:53:fc:5c:a7:27:0b:75:7f:
                    c0:11:b0:e7:2a:e5:75:7d:52:87:7b:60:1b:06:76:
                    bf:f5:67:25:fb:08:03:12:f3:df:8b:00:fb:62:7e:
                    15:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:62:B7:ED:98:E4:11:46:42:A8:23:83:3E:76:59:99:51:F5:C9:16
            X509v3 Authority Key Identifier:
                keyid:C5:BA:84:96:92:14:2A:EC:56:D7:D0:DD:C8:DD:4D:DB:41:CF:83:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xbqElpIUKuxW19DdyN1N20HPg8E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/06684c-9955-424b-ace8-23797aeabb0f/1/xbqElpIUKuxW19DdyN1N20HPg8E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/06684c-9955-424b-ace8-23797aeabb0f/1/xbqElpIUKuxW19DdyN1N20HPg8E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:cb:24:45:93:12:c1:bd:21:32:cf:b6:8a:53:2d:a9:fc:87:
         2c:d8:a2:94:82:16:93:14:59:54:e4:2e:e9:e0:6c:c0:ff:6c:
         b2:10:35:78:2f:a4:46:8d:c5:b4:ae:0f:7f:3a:ab:b3:e6:36:
         4d:8c:51:ae:03:fb:ae:c6:b3:20:85:fc:37:47:27:fd:34:3c:
         7f:d6:be:c1:17:8d:9f:95:2c:cd:10:bd:33:16:db:6d:cc:a5:
         06:0f:5f:ca:e9:ec:a4:91:16:96:00:3f:65:21:88:3d:4e:3d:
         98:53:e7:53:fb:7a:da:16:e1:a9:99:2e:1c:e9:47:40:e9:ac:
         33:7a:0e:9b:2c:de:5f:55:db:38:af:cf:78:9a:7f:e0:35:ba:
         93:8c:cc:6b:eb:e7:89:1d:42:db:45:81:b6:1b:0d:fe:2a:2d:
         2e:98:b1:90:53:0a:13:fc:74:fa:78:54:a6:17:e1:b0:ff:01:
         2c:fe:1c:47:64:47:19:0f:84:93:b8:4b:53:49:5a:8f:57:90:
         14:27:d1:5d:d0:d4:c3:f1:a3:11:5f:7f:d5:44:f0:16:d0:ee:
         77:99:70:66:80:43:6c:b6:0a:6f:02:5f:50:48:51:9b:e4:16:
         99:31:11:6c:dc:10:35:08:6f:21:4a:4e:fb:8a:07:1f:1f:80:
         25:61:d5:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJZbNrieCUDdFpfX5/SWJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YmE4NDk2OTIxNDJhZWM1NmQ3ZDBkZGM4ZGQ0ZGRiNDFj
ZjgzYzEwHhcNMjUxMTExMDkwMDU3WhcNMjUxMTEyMDkwMDU3WjAzMTEwLwYDVQQD
EyhjMzYyYjdlZDk4ZTQxMTQ2NDJhODIzODMzZTc2NTk5OTUxZjVjOTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzDhGITZSdfYix2AsTZ/G+o2mmB1
9seoXJos8TBx4mAJFoVPRd/mMVkVXlKtd/NoIFcDi7OGAAdxTzHXh2y9R+635rgX
rW3oaGVnFe/MQ9f6W6Ld2ISDTqLWQIfEOtPkbC5JJV74YJc8+xpgYLGVknr7O5zX
awY8IUvjHIagmiAADopT0WATaZPIGZymJRQu88VDfmGzO1Kmsh6NVluXoJ8Fy45g
85Xzj3xMIha9FZb8veajOkW1UvJQdU7jNDYqdA1cDou2aldYx4lFv/mXEcz7ARoE
vyhIU/xcpycLdX/AEbDnKuV1fVKHe2AbBna/9Wcl+wgDEvPfiwD7Yn4VSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMNit+2Y5BFGQqgjgz52WZlR9ckWMB8GA1UdIwQY
MBaAFMW6hJaSFCrsVtfQ3cjdTdtBz4PBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGJxRWxwSVVLdXhXMTlEZHlOMU4yMEhQZzhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS8wNjY4NGMtOTk1NS00MjRiLWFjZTgt
MjM3OTdhZWFiYjBmLzEveGJxRWxwSVVLdXhXMTlEZHlOMU4yMEhQZzhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS8wNjY4NGMtOTk1NS00MjRiLWFjZTgtMjM3OTdhZWFiYjBm
LzEveGJxRWxwSVVLdXhXMTlEZHlOMU4yMEhQZzhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATsskRZMS
wb0hMs+2ilMtqfyHLNiilIIWkxRZVOQu6eBswP9sshA1eC+kRo3FtK4Pfzqrs+Y2
TYxRrgP7rsazIIX8N0cn/TQ8f9a+wReNn5UszRC9MxbbbcylBg9fyunspJEWlgA/
ZSGIPU49mFPnU/t62hbhqZkuHOlHQOmsM3oOmyzeX1XbOK/PeJp/4DW6k4zMa+vn
iR1C20WBthsN/iotLpixkFMKE/x0+nhUphfhsP8BLP4cR2RHGQ+Ek7hLU0laj1eQ
FCfRXdDUw/GjEV9/1UTwFtDud5lwZoBDbLYKbwJfUEhRm+QWmTERbNwQNQhvIUpO
+4oHHx+AJWHVGw==
-----END CERTIFICATE-----