Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.mft
File:                     xcidUmDLNP27s7wlv0rbr0zcaKA.mft (raw, json)
Hash identifier:          4O1cE4imZU17O3SdvPNllsi2vWptFxWulbvxGjl+Yfw=
Subject key identifier:   89:77:7E:EF:8E:53:F9:A3:D6:47:AE:AA:F6:8E:CE:5D:FA:EA:42:82
Authority key identifier: C5:C8:9D:52:60:CB:34:FD:BB:B3:BC:25:BF:4A:DB:AF:4C:DC:68:A0
Certificate issuer:       /CN=c5c89d5260cb34fdbbb3bc25bf4adbaf4cdc68a0
Certificate serial:       019A71B7FB0D5BABB6CF1BCE1017519542CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xcidUmDLNP27s7wlv0rbr0zcaKA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.mft
Manifest number:          06DB
Signing time:             Tue 11 Nov 2025 07:01:14 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:14 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:14 +0000
Files and hashes:         1: xcidUmDLNP27s7wlv0rbr0zcaKA.crl (hash: 3YP7LAEzKAz6zxo5luEZWrc5WvK6IVjmAmLpQsuHfHY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xcidUmDLNP27s7wlv0rbr0zcaKA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:fb:0d:5b:ab:b6:cf:1b:ce:10:17:51:95:42:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c5c89d5260cb34fdbbb3bc25bf4adbaf4cdc68a0
        Validity
            Not Before: Nov 11 07:01:14 2025 GMT
            Not After : Nov 12 07:01:14 2025 GMT
        Subject: CN=89777eef8e53f9a3d647aeaaf68ece5dfaea4282
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:4d:7b:5d:0d:03:46:e9:60:46:2e:c4:1b:a3:
                    e1:aa:f2:ac:5c:40:78:91:f0:a8:c9:2a:4e:6c:1f:
                    6f:45:25:3e:ee:f3:37:64:9c:48:64:0c:ce:5f:e6:
                    10:b5:07:eb:fe:5a:56:2a:68:86:ac:33:b1:cf:26:
                    f9:80:a5:c5:e8:a2:46:b2:63:3a:75:cd:ee:5d:78:
                    7e:f1:3c:36:a6:d8:2b:81:ea:c6:60:80:32:ab:aa:
                    2d:30:45:3a:93:ba:5a:7b:cf:a6:c9:df:b7:c7:54:
                    81:6e:6c:60:3f:b6:c4:3e:1f:03:1b:82:72:d2:09:
                    43:44:b9:60:4a:b6:a9:2c:56:e4:68:d6:e2:b8:98:
                    9f:ad:b7:dd:b1:f8:09:bd:67:fb:e5:d7:22:f0:5b:
                    db:26:bc:c4:54:9d:17:c5:85:9f:8b:79:cd:10:da:
                    cd:9c:d1:78:a7:00:99:57:84:8c:6c:7f:9e:44:4b:
                    29:fc:bf:9c:84:54:e6:78:b6:62:d8:3e:83:f5:cc:
                    94:13:08:b6:36:dc:18:52:85:aa:8d:bc:d5:44:5d:
                    a7:bd:8f:ad:27:a9:85:86:4e:7b:d8:de:fa:97:29:
                    1f:1b:56:57:7e:f8:bb:a8:a7:b4:88:67:ac:5c:c8:
                    11:67:62:a1:38:49:34:7c:14:8a:03:73:a3:b5:33:
                    b1:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:77:7E:EF:8E:53:F9:A3:D6:47:AE:AA:F6:8E:CE:5D:FA:EA:42:82
            X509v3 Authority Key Identifier:
                keyid:C5:C8:9D:52:60:CB:34:FD:BB:B3:BC:25:BF:4A:DB:AF:4C:DC:68:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xcidUmDLNP27s7wlv0rbr0zcaKA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:ff:13:ef:06:0b:9f:5c:d2:82:06:0b:c4:a3:66:c3:70:ca:
         31:f0:7d:b7:85:ed:7d:80:c1:03:f9:4e:0b:43:89:b4:5d:b6:
         2b:de:e7:34:5c:da:e5:c3:a2:f6:53:6d:8f:8a:03:f9:fa:ca:
         0a:5f:df:34:90:ff:a0:ba:d6:79:f2:27:48:3e:b7:10:a9:18:
         8f:26:91:8b:b7:6b:f1:4c:61:0e:b4:74:85:37:2a:cb:16:e0:
         b7:55:4b:59:9a:bb:b1:71:15:9b:52:50:80:88:76:39:46:e6:
         37:e4:c6:72:d9:3c:98:24:53:84:79:cc:c3:40:04:aa:8f:9b:
         92:cd:7e:8f:62:7d:e3:f2:46:df:bf:62:d1:ce:e0:c5:25:0d:
         b5:9a:27:b2:ca:16:c1:3d:39:c5:e8:42:8a:dc:8d:e9:77:d8:
         c0:37:3c:ac:37:39:53:36:26:fa:62:ae:c3:2a:50:9a:28:a2:
         de:51:50:0d:0d:90:8e:4a:5c:1d:d0:a7:73:24:9c:5f:b8:cf:
         7d:b5:60:d6:37:c1:a9:38:b7:95:4e:bf:42:a1:75:a4:64:f3:
         53:69:7f:7a:c7:d5:0e:46:30:f9:38:fa:63:a4:1a:46:f7:bf:
         99:72:19:cf:54:e4:cd:ee:6c:f4:cf:e3:d9:db:65:a3:7d:f0:
         e1:73:04:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt/sNW6u2zxvOEBdRlULLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1Yzg5ZDUyNjBjYjM0ZmRiYmIzYmMyNWJmNGFkYmFmNGNk
YzY4YTAwHhcNMjUxMTExMDcwMTE0WhcNMjUxMTEyMDcwMTE0WjAzMTEwLwYDVQQD
Eyg4OTc3N2VlZjhlNTNmOWEzZDY0N2FlYWFmNjhlY2U1ZGZhZWE0MjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw017XQ0DRulgRi7EG6PhqvKsXEB4
kfCoySpObB9vRSU+7vM3ZJxIZAzOX+YQtQfr/lpWKmiGrDOxzyb5gKXF6KJGsmM6
dc3uXXh+8Tw2ptgrgerGYIAyq6otMEU6k7pae8+myd+3x1SBbmxgP7bEPh8DG4Jy
0glDRLlgSrapLFbkaNbiuJifrbfdsfgJvWf75dci8FvbJrzEVJ0XxYWfi3nNENrN
nNF4pwCZV4SMbH+eREsp/L+chFTmeLZi2D6D9cyUEwi2NtwYUoWqjbzVRF2nvY+t
J6mFhk572N76lykfG1ZXfvi7qKe0iGesXMgRZ2KhOEk0fBSKA3OjtTOxsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIl3fu+OU/mj1keuqvaOzl366kKCMB8GA1UdIwQY
MBaAFMXInVJgyzT9u7O8Jb9K269M3GigMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGNpZFVtRExOUDI3czd3bHYwcmJyMHpjYUtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS82MjNiMTQtNGU2ZS00YzMxLTk2YmUt
OGViY2QwOWIyYmNhLzEveGNpZFVtRExOUDI3czd3bHYwcmJyMHpjYUtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS82MjNiMTQtNGU2ZS00YzMxLTk2YmUtOGViY2QwOWIyYmNh
LzEveGNpZFVtRExOUDI3czd3bHYwcmJyMHpjYUtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQP8T7wYL
n1zSggYLxKNmw3DKMfB9t4XtfYDBA/lOC0OJtF22K97nNFza5cOi9lNtj4oD+frK
Cl/fNJD/oLrWefInSD63EKkYjyaRi7dr8UxhDrR0hTcqyxbgt1VLWZq7sXEVm1JQ
gIh2OUbmN+TGctk8mCRThHnMw0AEqo+bks1+j2J94/JG379i0c7gxSUNtZonssoW
wT05xehCityN6XfYwDc8rDc5UzYm+mKuwypQmiii3lFQDQ2QjkpcHdCncyScX7jP
fbVg1jfBqTi3lU6/QqF1pGTzU2l/esfVDkYw+Tj6Y6QaRve/mXIZz1Tkze5s9M/j
2dtlo33w4XMEmw==
-----END CERTIFICATE-----