Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/cbe005-2689-4379-9a7e-a50e32de0823/1/xIzPWOSy4trdSoSDPAZ87iuXRek.mft
File:                     xIzPWOSy4trdSoSDPAZ87iuXRek.mft (raw, json)
Hash identifier:          LeMaQzs3ovAO5uCDcjCUd3yhrtyDemwGPxccHt9Ph2E=
Subject key identifier:   E1:7F:4D:70:A4:B6:20:6D:E2:27:2C:7F:A0:BC:EE:45:C8:DB:4C:B2
Authority key identifier: C4:8C:CF:58:E4:B2:E2:DA:DD:4A:84:83:3C:06:7C:EE:2B:97:45:E9
Certificate issuer:       /CN=c48ccf58e4b2e2dadd4a84833c067cee2b9745e9
Certificate serial:       019A7112C1122ECD01674B1D5B6528857EE8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xIzPWOSy4trdSoSDPAZ87iuXRek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/cbe005-2689-4379-9a7e-a50e32de0823/1/xIzPWOSy4trdSoSDPAZ87iuXRek.mft
Manifest number:          094E
Signing time:             Tue 11 Nov 2025 04:00:45 +0000
Manifest this update:     Tue 11 Nov 2025 04:00:45 +0000
Manifest next update:     Wed 12 Nov 2025 04:00:45 +0000
Files and hashes:         1: xIzPWOSy4trdSoSDPAZ87iuXRek.crl (hash: rF/632fG+kCzZaIKvht6koYWrgtk0qdvw5iJbpgB61U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cb/cbe005-2689-4379-9a7e-a50e32de0823/1/xIzPWOSy4trdSoSDPAZ87iuXRek.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cb/cbe005-2689-4379-9a7e-a50e32de0823/1/xIzPWOSy4trdSoSDPAZ87iuXRek.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xIzPWOSy4trdSoSDPAZ87iuXRek.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:12:c1:12:2e:cd:01:67:4b:1d:5b:65:28:85:7e:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c48ccf58e4b2e2dadd4a84833c067cee2b9745e9
        Validity
            Not Before: Nov 11 04:00:45 2025 GMT
            Not After : Nov 12 04:00:45 2025 GMT
        Subject: CN=e17f4d70a4b6206de2272c7fa0bcee45c8db4cb2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:16:b6:93:b6:86:d0:34:ec:db:1f:a4:b7:bb:
                    8e:64:07:c0:38:e9:8e:d4:1a:0a:c3:00:1b:ef:60:
                    fd:ab:29:62:60:7f:29:f6:9a:e1:0e:19:00:c4:73:
                    74:50:18:04:fe:e5:44:86:a8:e9:ad:65:04:15:ba:
                    08:c1:56:ee:75:f2:8b:8e:b5:9e:3e:e8:23:88:a1:
                    e7:5d:2b:17:bd:52:a7:ae:3d:ca:04:ee:d4:49:29:
                    b2:c3:5c:0c:7f:ee:1a:72:5e:50:ee:4f:22:38:99:
                    a4:f9:58:2c:a0:c0:db:ba:d9:6c:89:2e:15:71:20:
                    b5:80:04:0d:41:9c:79:0e:d0:d0:d0:ed:df:9b:31:
                    09:ca:3b:6f:31:6b:11:64:af:7e:cf:bb:82:7d:44:
                    d2:46:9d:fb:23:22:fa:92:06:f6:96:8f:32:39:ac:
                    aa:0a:ad:a8:53:e2:17:6e:6a:a7:da:08:e8:b7:a1:
                    bb:e1:79:fb:3e:6f:a1:b5:de:f1:c2:06:e5:d6:bb:
                    9c:b7:61:7f:96:cd:b9:81:4b:88:38:4d:71:b8:78:
                    1c:5a:08:b9:24:0b:53:35:8e:d5:56:c9:a9:c9:14:
                    38:fc:bc:da:61:64:ab:69:df:4d:7a:f1:91:d9:5e:
                    41:14:1e:3d:dc:ba:e5:e1:0a:c9:e0:27:37:f9:9d:
                    49:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:7F:4D:70:A4:B6:20:6D:E2:27:2C:7F:A0:BC:EE:45:C8:DB:4C:B2
            X509v3 Authority Key Identifier:
                keyid:C4:8C:CF:58:E4:B2:E2:DA:DD:4A:84:83:3C:06:7C:EE:2B:97:45:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xIzPWOSy4trdSoSDPAZ87iuXRek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/cbe005-2689-4379-9a7e-a50e32de0823/1/xIzPWOSy4trdSoSDPAZ87iuXRek.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/cbe005-2689-4379-9a7e-a50e32de0823/1/xIzPWOSy4trdSoSDPAZ87iuXRek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:e6:82:43:d4:3d:ad:21:67:94:25:0d:3c:bc:ab:97:7d:d0:
         ba:cb:38:19:03:96:11:a9:61:b8:da:02:d8:b8:f8:78:eb:f3:
         eb:f7:13:53:3c:12:73:6c:14:bc:38:d5:2a:5a:4d:0f:0b:42:
         26:38:7b:c3:75:80:ba:fc:75:30:3d:2d:e0:67:c1:45:74:d0:
         51:77:38:55:60:96:ca:1d:75:c3:97:56:23:e4:77:2c:51:7f:
         a1:5c:56:4e:a9:a5:4d:4e:1e:ae:48:44:76:f0:84:1e:f2:b7:
         23:51:f0:3e:ab:80:d2:b3:4b:2c:65:4a:ed:fc:22:31:54:0b:
         18:6b:c2:ff:ab:48:d0:38:99:f0:f1:e9:f9:fb:3b:00:0f:c7:
         cb:96:4d:9f:cf:1b:4f:19:d3:15:7b:e4:3a:81:e4:25:c9:bd:
         b9:01:4d:f5:bf:50:87:12:3a:09:13:55:b0:fe:1c:2b:04:86:
         39:95:9b:0a:e2:15:9b:03:d0:17:03:a7:83:7a:ec:07:fc:ff:
         fe:b5:1a:e5:27:72:1c:66:ce:30:26:99:52:27:b4:c2:72:3f:
         b8:56:2a:c5:7b:5b:86:41:70:39:ad:97:46:47:fc:62:ac:82:
         74:72:dc:57:75:1e:6e:d5:38:50:bd:72:e1:9f:7c:c5:e1:e5:
         c7:64:bd:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEsESLs0BZ0sdW2UohX7oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0OGNjZjU4ZTRiMmUyZGFkZDRhODQ4MzNjMDY3Y2VlMmI5
NzQ1ZTkwHhcNMjUxMTExMDQwMDQ1WhcNMjUxMTEyMDQwMDQ1WjAzMTEwLwYDVQQD
EyhlMTdmNGQ3MGE0YjYyMDZkZTIyNzJjN2ZhMGJjZWU0NWM4ZGI0Y2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsha2k7aG0DTs2x+kt7uOZAfAOOmO
1BoKwwAb72D9qyliYH8p9prhDhkAxHN0UBgE/uVEhqjprWUEFboIwVbudfKLjrWe
PugjiKHnXSsXvVKnrj3KBO7USSmyw1wMf+4acl5Q7k8iOJmk+VgsoMDbutlsiS4V
cSC1gAQNQZx5DtDQ0O3fmzEJyjtvMWsRZK9+z7uCfUTSRp37IyL6kgb2lo8yOayq
Cq2oU+IXbmqn2gjot6G74Xn7Pm+htd7xwgbl1ruct2F/ls25gUuIOE1xuHgcWgi5
JAtTNY7VVsmpyRQ4/LzaYWSrad9NevGR2V5BFB493Lrl4QrJ4Cc3+Z1JdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOF/TXCktiBt4icsf6C87kXI20yyMB8GA1UdIwQY
MBaAFMSMz1jksuLa3UqEgzwGfO4rl0XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEl6UFdPU3k0dHJkU29TRFBBWjg3aXVYUmVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9jYmUwMDUtMjY4OS00Mzc5LTlhN2Ut
YTUwZTMyZGUwODIzLzEveEl6UFdPU3k0dHJkU29TRFBBWjg3aXVYUmVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9jYmUwMDUtMjY4OS00Mzc5LTlhN2UtYTUwZTMyZGUwODIz
LzEveEl6UFdPU3k0dHJkU29TRFBBWjg3aXVYUmVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ+aCQ9Q9
rSFnlCUNPLyrl33Quss4GQOWEalhuNoC2Lj4eOvz6/cTUzwSc2wUvDjVKlpNDwtC
Jjh7w3WAuvx1MD0t4GfBRXTQUXc4VWCWyh11w5dWI+R3LFF/oVxWTqmlTU4erkhE
dvCEHvK3I1HwPquA0rNLLGVK7fwiMVQLGGvC/6tI0DiZ8PHp+fs7AA/Hy5ZNn88b
TxnTFXvkOoHkJcm9uQFN9b9QhxI6CRNVsP4cKwSGOZWbCuIVmwPQFwOng3rsB/z/
/rUa5SdyHGbOMCaZUie0wnI/uFYqxXtbhkFwOa2XRkf8YqyCdHLcV3UebtU4UL1y
4Z98xeHlx2S93A==
-----END CERTIFICATE-----