Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.mft
File:                     6kHoOY_3zvtSIWNusighJuv-O3g.mft (raw, json)
Hash identifier:          ccz8B1zvXu/A6HmfN/MDAV/ae8FnbNTqSZlbL0aLThI=
Subject key identifier:   61:99:1C:68:53:E1:AD:9A:BA:77:AF:4B:1B:A0:0A:B9:66:4C:EF:98
Authority key identifier: EA:41:E8:39:8F:F7:CE:FB:52:21:63:6E:B2:28:21:26:EB:FE:3B:78
Certificate issuer:       /CN=ea41e8398ff7cefb5221636eb2282126ebfe3b78
Certificate serial:       019A71B885DB57CE821B3AFEABF5E1930FF8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6kHoOY_3zvtSIWNusighJuv-O3g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.mft
Manifest number:          036E
Signing time:             Tue 11 Nov 2025 07:01:49 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:49 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:49 +0000
Files and hashes:         1: 6kHoOY_3zvtSIWNusighJuv-O3g.crl (hash: HwnYY9Ix3Oz1UQXPP86VdkD6XqMOA0s2mlJTeNApcqA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6kHoOY_3zvtSIWNusighJuv-O3g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:85:db:57:ce:82:1b:3a:fe:ab:f5:e1:93:0f:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ea41e8398ff7cefb5221636eb2282126ebfe3b78
        Validity
            Not Before: Nov 11 07:01:49 2025 GMT
            Not After : Nov 12 07:01:49 2025 GMT
        Subject: CN=61991c6853e1ad9aba77af4b1ba00ab9664cef98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:1b:ba:23:e7:bb:57:42:a3:46:04:f8:04:65:
                    74:d4:db:f8:58:35:9b:9e:1f:02:56:af:a5:0c:2e:
                    64:90:a9:10:b8:e1:24:c7:8c:83:a1:41:90:01:86:
                    6e:db:53:eb:09:3d:d0:73:98:e6:19:dc:06:b0:e6:
                    8f:a5:c2:11:b0:9b:e2:cd:af:d4:38:cc:b3:d0:1c:
                    3c:ef:b9:c0:c2:ab:61:fb:ff:37:f2:ab:0c:28:04:
                    b4:cb:95:a3:cf:de:f3:36:20:59:6c:d6:f2:ff:88:
                    46:4f:0d:d9:28:25:58:ae:bb:ee:f2:0a:ab:79:a8:
                    2d:fa:bd:88:1d:f0:5b:42:89:b7:83:d4:f0:57:72:
                    a4:b1:27:e0:3a:77:62:40:6e:b7:29:97:03:a1:33:
                    0d:68:94:96:74:0b:88:46:2c:c5:c7:66:5a:6a:25:
                    17:84:3a:49:4b:d3:93:6a:2e:0c:6b:0f:fb:18:e2:
                    bd:1d:38:7f:60:5d:3e:e8:98:d0:7e:b1:ca:e6:dc:
                    30:79:1f:7e:3f:79:aa:a7:c5:05:f4:00:f2:dd:78:
                    a4:50:4c:01:ee:98:57:87:e5:d9:b8:28:d8:1f:c2:
                    ce:2f:6e:11:0c:bd:45:e3:3d:1c:b0:0c:1a:c5:11:
                    a4:5e:35:ab:36:a7:aa:f0:df:ac:96:fb:8d:16:79:
                    5d:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:99:1C:68:53:E1:AD:9A:BA:77:AF:4B:1B:A0:0A:B9:66:4C:EF:98
            X509v3 Authority Key Identifier:
                keyid:EA:41:E8:39:8F:F7:CE:FB:52:21:63:6E:B2:28:21:26:EB:FE:3B:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6kHoOY_3zvtSIWNusighJuv-O3g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:ca:15:e0:d6:7e:d1:c4:61:f2:f2:56:9d:84:a5:c9:5b:3c:
         4a:e1:0d:71:3d:73:35:ca:f9:ae:09:76:59:07:ac:2d:07:f8:
         99:a6:46:32:e0:6e:6d:9b:fa:35:05:68:01:2f:91:cd:59:ec:
         78:14:27:1d:7e:4c:f6:4b:14:35:cc:40:fc:93:03:11:96:19:
         e9:39:f0:2c:c6:33:a9:54:da:f3:55:86:d0:46:f9:f2:24:63:
         dd:ad:bd:ba:76:05:74:21:41:19:ab:3c:92:d1:ba:63:5e:f1:
         08:bf:a9:46:cd:a7:5b:a4:84:7b:a3:be:b8:b8:15:2e:a1:dc:
         f3:d1:1e:8b:af:1f:21:82:a9:f8:c6:b1:a3:c4:a2:a7:a9:1d:
         81:f8:73:61:a4:e9:f0:54:5f:31:1f:36:a5:9e:8d:48:24:f2:
         34:ed:6c:38:ed:00:cc:5f:a9:5b:a6:e1:15:ed:09:f8:9e:45:
         36:e0:cf:f5:67:97:54:3c:0d:81:0c:f3:42:be:de:e7:01:a5:
         62:e1:9f:61:46:7f:d9:a6:d2:c0:e0:1a:c9:fc:1d:10:9b:e1:
         8d:83:68:cb:e2:3f:0d:26:4d:1e:f6:19:19:3e:5f:79:03:a6:
         08:d9:1a:8b:93:cb:ed:d8:5f:4d:a8:6a:32:3b:84:4a:f9:1d:
         00:0a:5c:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuIXbV86CGzr+q/Xhkw/4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhNDFlODM5OGZmN2NlZmI1MjIxNjM2ZWIyMjgyMTI2ZWJm
ZTNiNzgwHhcNMjUxMTExMDcwMTQ5WhcNMjUxMTEyMDcwMTQ5WjAzMTEwLwYDVQQD
Eyg2MTk5MWM2ODUzZTFhZDlhYmE3N2FmNGIxYmEwMGFiOTY2NGNlZjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Ru6I+e7V0KjRgT4BGV01Nv4WDWb
nh8CVq+lDC5kkKkQuOEkx4yDoUGQAYZu21PrCT3Qc5jmGdwGsOaPpcIRsJviza/U
OMyz0Bw877nAwqth+/838qsMKAS0y5Wjz97zNiBZbNby/4hGTw3ZKCVYrrvu8gqr
eagt+r2IHfBbQom3g9TwV3KksSfgOndiQG63KZcDoTMNaJSWdAuIRizFx2ZaaiUX
hDpJS9OTai4Maw/7GOK9HTh/YF0+6JjQfrHK5twweR9+P3mqp8UF9ADy3XikUEwB
7phXh+XZuCjYH8LOL24RDL1F4z0csAwaxRGkXjWrNqeq8N+slvuNFnldGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGGZHGhT4a2aunevSxugCrlmTO+YMB8GA1UdIwQY
MBaAFOpB6DmP9877UiFjbrIoISbr/jt4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmtIb09ZXzN6dnRTSVdOdXNpZ2hKdXYtTzNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy81M2NiZTgtZjVhNy00MDdkLTg0Y2Ut
NjI4YjQzOTRiODIyLzEvNmtIb09ZXzN6dnRTSVdOdXNpZ2hKdXYtTzNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy81M2NiZTgtZjVhNy00MDdkLTg0Y2UtNjI4YjQzOTRiODIy
LzEvNmtIb09ZXzN6dnRTSVdOdXNpZ2hKdXYtTzNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhsoV4NZ+
0cRh8vJWnYSlyVs8SuENcT1zNcr5rgl2WQesLQf4maZGMuBubZv6NQVoAS+RzVns
eBQnHX5M9ksUNcxA/JMDEZYZ6TnwLMYzqVTa81WG0Eb58iRj3a29unYFdCFBGas8
ktG6Y17xCL+pRs2nW6SEe6O+uLgVLqHc89Eei68fIYKp+Maxo8Sip6kdgfhzYaTp
8FRfMR82pZ6NSCTyNO1sOO0AzF+pW6bhFe0J+J5FNuDP9WeXVDwNgQzzQr7e5wGl
YuGfYUZ/2abSwOAayfwdEJvhjYNoy+I/DSZNHvYZGT5feQOmCNkai5PL7dhfTahq
MjuESvkdAApc3w==
-----END CERTIFICATE-----