Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft
File:                     WnMRox5rU6F10ZE1sryZOh-5hLE.mft (raw, json)
Hash identifier:          W5PVFyb2oymLjZINNQe3B6qONCNwv7j46X+/EBHZALU=
Subject key identifier:   90:8D:EF:93:22:E5:1C:63:03:0D:F1:D4:07:CD:96:23:D2:48:40:88
Authority key identifier: 5A:73:11:A3:1E:6B:53:A1:75:D1:91:35:B2:BC:99:3A:1F:B9:84:B1
Certificate issuer:       /CN=5a7311a31e6b53a175d19135b2bc993a1fb984b1
Certificate serial:       019A7113237E4F7CC31D65651520A6F4F8C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft
Manifest number:          1544
Signing time:             Tue 11 Nov 2025 04:01:10 +0000
Manifest this update:     Tue 11 Nov 2025 04:01:10 +0000
Manifest next update:     Wed 12 Nov 2025 04:01:10 +0000
Files and hashes:         1: WnMRox5rU6F10ZE1sryZOh-5hLE.crl (hash: DgWNwFzMCzAwZdBAyn8CVSs/d+/9N2RF1I18nzDL+zI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:13:23:7e:4f:7c:c3:1d:65:65:15:20:a6:f4:f8:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5a7311a31e6b53a175d19135b2bc993a1fb984b1
        Validity
            Not Before: Nov 11 04:01:10 2025 GMT
            Not After : Nov 12 04:01:10 2025 GMT
        Subject: CN=908def9322e51c63030df1d407cd9623d2484088
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:08:ea:de:f3:c9:4f:57:69:fb:53:0e:fc:65:
                    90:73:49:78:df:34:4e:57:b1:5b:21:71:86:95:55:
                    eb:9d:02:7f:a1:70:54:3a:1c:5a:03:41:a9:7d:f2:
                    91:7d:79:d1:6c:78:b2:15:43:e2:c5:42:87:4d:0c:
                    2d:ef:05:4c:0f:55:63:e6:59:42:6a:1f:e8:73:ae:
                    e6:a2:57:2e:1a:4f:88:77:b9:e9:46:68:2e:5a:08:
                    3c:0e:c9:84:c1:ab:7b:a3:c8:8b:74:ce:17:1f:28:
                    b3:74:d5:a5:fc:67:56:69:24:c4:64:92:ad:e6:a1:
                    0c:a0:00:5b:c8:13:07:ba:9d:eb:bc:78:67:61:de:
                    c9:75:1a:10:bd:40:b5:d8:c7:8d:53:90:03:45:2e:
                    f5:60:12:da:4f:61:51:53:2d:3b:91:5d:ad:1d:9f:
                    7c:7d:54:ec:4f:f1:6b:59:02:e5:af:4d:42:fd:d2:
                    8d:05:17:2c:d5:4c:40:43:31:0b:a4:68:42:61:64:
                    d7:98:a3:e7:b2:9d:8d:49:65:51:1b:f9:3d:17:55:
                    24:40:14:3d:b8:a1:c3:43:ec:38:f1:01:2a:32:f1:
                    01:91:29:db:1e:7d:0a:89:bd:4d:6e:ee:40:17:82:
                    f0:be:9d:5c:77:be:9e:d1:7d:30:65:5f:93:9f:86:
                    fe:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:8D:EF:93:22:E5:1C:63:03:0D:F1:D4:07:CD:96:23:D2:48:40:88
            X509v3 Authority Key Identifier:
                keyid:5A:73:11:A3:1E:6B:53:A1:75:D1:91:35:B2:BC:99:3A:1F:B9:84:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:d7:46:49:ec:b3:ae:5a:f1:14:e6:89:23:19:27:aa:c0:0a:
         1d:55:fb:81:ad:73:36:77:72:cf:49:ab:3f:da:bc:1b:de:26:
         b2:c1:fe:f2:3e:5d:96:3f:e5:1e:9a:25:86:24:b4:ab:56:b2:
         76:ca:ff:8f:6f:bc:54:94:62:ce:af:0a:49:d2:45:73:fd:b5:
         ac:02:89:54:40:65:5d:8b:bd:06:d1:7d:62:3f:89:61:d9:e3:
         a4:96:06:f9:3b:72:4b:fc:28:6c:11:31:c9:e1:75:ee:37:67:
         c4:63:a0:62:ad:ce:dc:41:66:ce:24:8b:35:8d:68:2d:11:98:
         03:c4:6c:ac:91:fb:ea:25:ce:62:0d:86:30:c5:63:8e:ee:08:
         d1:de:75:98:44:2f:1a:4a:91:d8:15:e1:2b:07:c8:38:0c:20:
         ad:74:d6:e3:7b:aa:15:1e:7b:c9:a0:17:62:46:55:94:64:62:
         2e:cf:43:6a:64:8b:37:c2:08:c3:d9:eb:7c:43:55:77:79:30:
         93:78:1d:d7:17:4f:09:cc:ea:bb:82:76:c5:90:5e:c5:39:d4:
         1c:e7:c6:48:ca:62:63:a7:25:11:4b:1f:16:b5:49:ee:da:10:
         c2:10:8b:30:af:de:15:ad:58:e3:6d:3a:79:8b:e7:07:f5:cb:
         ce:44:31:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEyN+T3zDHWVlFSCm9PjFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNzMxMWEzMWU2YjUzYTE3NWQxOTEzNWIyYmM5OTNhMWZi
OTg0YjEwHhcNMjUxMTExMDQwMTEwWhcNMjUxMTEyMDQwMTEwWjAzMTEwLwYDVQQD
Eyg5MDhkZWY5MzIyZTUxYzYzMDMwZGYxZDQwN2NkOTYyM2QyNDg0MDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArgjq3vPJT1dp+1MO/GWQc0l43zRO
V7FbIXGGlVXrnQJ/oXBUOhxaA0GpffKRfXnRbHiyFUPixUKHTQwt7wVMD1Vj5llC
ah/oc67molcuGk+Id7npRmguWgg8DsmEwat7o8iLdM4XHyizdNWl/GdWaSTEZJKt
5qEMoABbyBMHup3rvHhnYd7JdRoQvUC12MeNU5ADRS71YBLaT2FRUy07kV2tHZ98
fVTsT/FrWQLlr01C/dKNBRcs1UxAQzELpGhCYWTXmKPnsp2NSWVRG/k9F1UkQBQ9
uKHDQ+w48QEqMvEBkSnbHn0Kib1Nbu5AF4Lwvp1cd76e0X0wZV+Tn4b+ZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJCN75Mi5RxjAw3x1AfNliPSSECIMB8GA1UdIwQY
MBaAFFpzEaMea1OhddGRNbK8mTofuYSxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9lNjc3ODEtMTcxZC00MGQ3LTkwMzct
MWJhYTgzYzhhMDM2LzEvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9lNjc3ODEtMTcxZC00MGQ3LTkwMzctMWJhYTgzYzhhMDM2
LzEvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAatdGSeyz
rlrxFOaJIxknqsAKHVX7ga1zNndyz0mrP9q8G94mssH+8j5dlj/lHpolhiS0q1ay
dsr/j2+8VJRizq8KSdJFc/21rAKJVEBlXYu9BtF9Yj+JYdnjpJYG+TtyS/wobBEx
yeF17jdnxGOgYq3O3EFmziSLNY1oLRGYA8RsrJH76iXOYg2GMMVjju4I0d51mEQv
GkqR2BXhKwfIOAwgrXTW43uqFR57yaAXYkZVlGRiLs9DamSLN8IIw9nrfENVd3kw
k3gd1xdPCczqu4J2xZBexTnUHOfGSMpiY6clEUsfFrVJ7toQwhCLMK/eFa1Y4206
eYvnB/XLzkQxeg==
-----END CERTIFICATE-----