Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.mft
File:                     xLxp1Co7FePOy5HHcrpkM8URvpk.mft (raw, json)
Hash identifier:          UD9V+c0L7aAbFfLLNwuiSnzSb0fW9CEFPBCAMhvasKc=
Subject key identifier:   98:4C:DC:9D:A3:86:6C:18:0A:EC:14:7B:A0:15:BA:42:60:19:00:92
Authority key identifier: C4:BC:69:D4:2A:3B:15:E3:CE:CB:91:C7:72:BA:64:33:C5:11:BE:99
Certificate issuer:       /CN=c4bc69d42a3b15e3cecb91c772ba6433c511be99
Certificate serial:       019A70DBF6DC01EBEABD1C2C1030334CC774
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xLxp1Co7FePOy5HHcrpkM8URvpk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.mft
Manifest number:          171A
Signing time:             Tue 11 Nov 2025 03:00:54 +0000
Manifest this update:     Tue 11 Nov 2025 03:00:54 +0000
Manifest next update:     Wed 12 Nov 2025 03:00:54 +0000
Files and hashes:         1: xLxp1Co7FePOy5HHcrpkM8URvpk.crl (hash: d/ACpOxAiIS5miBpzn+87ylZyypCbZtST1r3w0jwDZ4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xLxp1Co7FePOy5HHcrpkM8URvpk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 03:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:db:f6:dc:01:eb:ea:bd:1c:2c:10:30:33:4c:c7:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c4bc69d42a3b15e3cecb91c772ba6433c511be99
        Validity
            Not Before: Nov 11 03:00:54 2025 GMT
            Not After : Nov 12 03:00:54 2025 GMT
        Subject: CN=984cdc9da3866c180aec147ba015ba4260190092
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:9e:3f:ec:12:81:02:b3:3a:db:b6:fe:aa:2e:
                    d9:1d:2a:9e:cd:fc:f5:03:2f:0e:73:ae:1b:76:41:
                    b4:6e:a9:a7:88:2f:92:76:44:0e:b5:a4:82:0a:9a:
                    d6:87:81:d9:cb:1e:3a:7b:7b:51:4e:f0:a3:41:1a:
                    bc:4a:6f:f3:45:cd:46:be:0f:12:11:47:15:8f:34:
                    d9:09:c1:5a:d0:c1:8f:ed:96:ab:a3:9f:8c:11:50:
                    15:b3:25:d3:34:3b:89:d0:13:92:85:aa:21:0f:b9:
                    15:a6:3c:f2:55:b3:a7:85:af:27:fa:35:6a:aa:01:
                    46:f0:3a:4a:fb:be:60:f0:ed:0f:f1:12:14:27:d9:
                    33:d8:54:cc:e2:8a:c8:91:86:54:2d:20:65:ab:93:
                    62:a9:72:a8:0e:c5:c4:56:0a:ed:81:74:83:71:3f:
                    48:9d:86:cb:a7:24:73:6b:c9:67:01:9b:2e:c5:b4:
                    07:0a:c0:29:65:05:3b:80:c7:64:ab:07:3d:e4:b9:
                    8f:8e:4a:ea:9d:a1:ab:69:9a:ab:da:60:e5:69:64:
                    15:7d:52:ba:34:39:93:61:21:f9:e4:47:0d:23:b0:
                    e1:e0:ad:81:80:5d:c8:2c:b7:78:79:f1:e6:7b:a0:
                    56:8f:75:4a:1b:17:03:a2:88:55:8e:f5:da:4a:23:
                    9a:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:4C:DC:9D:A3:86:6C:18:0A:EC:14:7B:A0:15:BA:42:60:19:00:92
            X509v3 Authority Key Identifier:
                keyid:C4:BC:69:D4:2A:3B:15:E3:CE:CB:91:C7:72:BA:64:33:C5:11:BE:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xLxp1Co7FePOy5HHcrpkM8URvpk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:c3:2a:9b:3f:27:f8:45:8a:10:cc:27:a0:ed:6c:a9:f2:91:
         3e:66:62:eb:6f:da:47:ee:4f:b3:78:f7:22:ac:55:53:26:c5:
         ce:13:bf:c5:fd:60:f1:b5:54:1f:b3:08:4a:2e:56:a2:74:82:
         f5:24:6b:87:28:2b:9b:34:03:a5:73:03:45:9a:3a:a6:1c:e3:
         83:94:d4:ef:e3:4d:dc:53:a3:07:a2:cf:0b:43:e1:91:1e:4a:
         bc:3c:b4:65:d7:f7:e0:5c:fc:6e:47:22:55:4c:38:d0:88:bd:
         64:e1:75:32:82:ee:df:b5:68:e4:29:2a:c4:07:7e:c2:c8:12:
         eb:71:44:61:e0:ad:8c:68:b6:83:12:de:18:8a:99:89:fc:7c:
         fa:7f:0d:9a:1e:71:ff:2a:d7:c4:1c:fb:9a:cd:6a:05:0c:29:
         1d:e1:5c:8d:a4:ba:3c:d7:c1:7e:a4:70:b3:d2:5b:05:97:11:
         12:c5:2b:d2:93:24:02:d1:d1:4d:81:23:91:ba:a5:5b:61:d5:
         d9:ce:4d:c0:ad:bb:d2:01:23:d4:d4:01:cd:e0:9f:b5:e7:1d:
         90:5f:01:a1:da:16:81:14:eb:5e:15:b7:79:14:e5:ea:44:f3:
         8d:1d:33:a2:6c:cb:96:c7:7d:dc:46:d2:31:ab:5f:8e:f2:eb:
         f2:bd:b7:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw2/bcAevqvRwsEDAzTMd0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0YmM2OWQ0MmEzYjE1ZTNjZWNiOTFjNzcyYmE2NDMzYzUx
MWJlOTkwHhcNMjUxMTExMDMwMDU0WhcNMjUxMTEyMDMwMDU0WjAzMTEwLwYDVQQD
Eyg5ODRjZGM5ZGEzODY2YzE4MGFlYzE0N2JhMDE1YmE0MjYwMTkwMDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZ4/7BKBArM627b+qi7ZHSqezfz1
Ay8Oc64bdkG0bqmniC+SdkQOtaSCCprWh4HZyx46e3tRTvCjQRq8Sm/zRc1Gvg8S
EUcVjzTZCcFa0MGP7Zaro5+MEVAVsyXTNDuJ0BOShaohD7kVpjzyVbOnha8n+jVq
qgFG8DpK+75g8O0P8RIUJ9kz2FTM4orIkYZULSBlq5NiqXKoDsXEVgrtgXSDcT9I
nYbLpyRza8lnAZsuxbQHCsApZQU7gMdkqwc95LmPjkrqnaGraZqr2mDlaWQVfVK6
NDmTYSH55EcNI7Dh4K2BgF3ILLd4efHme6BWj3VKGxcDoohVjvXaSiOaGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJhM3J2jhmwYCuwUe6AVukJgGQCSMB8GA1UdIwQY
MBaAFMS8adQqOxXjzsuRx3K6ZDPFEb6ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEx4cDFDbzdGZVBPeTVISGNycGtNOFVSdnBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9kOGMyMWItZmUzNi00YTJlLWFjMmUt
ZDE3Zjk4MTE0MDcwLzEveEx4cDFDbzdGZVBPeTVISGNycGtNOFVSdnBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9kOGMyMWItZmUzNi00YTJlLWFjMmUtZDE3Zjk4MTE0MDcw
LzEveEx4cDFDbzdGZVBPeTVISGNycGtNOFVSdnBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl8Mqmz8n
+EWKEMwnoO1sqfKRPmZi62/aR+5Ps3j3IqxVUybFzhO/xf1g8bVUH7MISi5WonSC
9SRrhygrmzQDpXMDRZo6phzjg5TU7+NN3FOjB6LPC0PhkR5KvDy0Zdf34Fz8bkci
VUw40Ii9ZOF1MoLu37Vo5CkqxAd+wsgS63FEYeCtjGi2gxLeGIqZifx8+n8Nmh5x
/yrXxBz7ms1qBQwpHeFcjaS6PNfBfqRws9JbBZcREsUr0pMkAtHRTYEjkbqlW2HV
2c5NwK270gEj1NQBzeCftecdkF8BodoWgRTrXhW3eRTl6kTzjR0zomzLlsd93EbS
MatfjvLr8r232w==
-----END CERTIFICATE-----