Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7ed289-d661-4343-a2e0-0b92679d3625/1/X7dGbY6Sshx7GqE18w7-bnPh-Gw.mft
File:                     X7dGbY6Sshx7GqE18w7-bnPh-Gw.mft (raw, json)
Hash identifier:          RHxxIRh+xG1+toC9lwnOWafL6oLOA0cpqFULvO8Qy0E=
Subject key identifier:   22:98:75:89:E4:30:CB:C2:3A:08:4D:2A:FE:09:2B:B6:74:77:6F:86
Authority key identifier: 5F:B7:46:6D:8E:92:B2:1C:7B:1A:A1:35:F3:0E:FE:6E:73:E1:F8:6C
Certificate issuer:       /CN=5fb7466d8e92b21c7b1aa135f30efe6e73e1f86c
Certificate serial:       0199FCFD362E94FAE679B8FD5156C47E45D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/X7dGbY6Sshx7GqE18w7-bnPh-Gw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/7ed289-d661-4343-a2e0-0b92679d3625/1/X7dGbY6Sshx7GqE18w7-bnPh-Gw.mft
Manifest number:          0CFD
Signing time:             Sun 19 Oct 2025 15:01:16 +0000
Manifest this update:     Sun 19 Oct 2025 15:01:16 +0000
Manifest next update:     Mon 20 Oct 2025 15:01:16 +0000
Files and hashes:         1: X7dGbY6Sshx7GqE18w7-bnPh-Gw.crl (hash: xwgN8d1zLvO2SbGuc1N6Zr1mmSZX43CgUPX4b6tFOfk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/7ed289-d661-4343-a2e0-0b92679d3625/1/X7dGbY6Sshx7GqE18w7-bnPh-Gw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/7ed289-d661-4343-a2e0-0b92679d3625/1/X7dGbY6Sshx7GqE18w7-bnPh-Gw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/X7dGbY6Sshx7GqE18w7-bnPh-Gw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:fd:36:2e:94:fa:e6:79:b8:fd:51:56:c4:7e:45:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5fb7466d8e92b21c7b1aa135f30efe6e73e1f86c
        Validity
            Not Before: Oct 19 15:01:16 2025 GMT
            Not After : Oct 20 15:01:16 2025 GMT
        Subject: CN=22987589e430cbc23a084d2afe092bb674776f86
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:a4:f1:55:95:4f:cd:f4:38:7a:8e:9b:fd:5c:
                    3f:78:c9:17:5f:ea:7c:e7:11:c1:c9:a5:e8:6d:6d:
                    d6:3e:ac:c6:64:22:26:2b:70:16:16:7e:9a:d7:54:
                    b1:0a:33:b8:c1:fa:c8:ea:83:7e:b8:17:eb:b8:98:
                    a3:49:7e:92:db:e5:12:f4:67:29:37:a7:1f:94:09:
                    e4:ad:6a:69:bc:74:1f:9f:cd:3b:1f:9d:d7:25:ff:
                    0b:16:68:4c:dd:6d:9c:dd:04:a2:64:30:10:79:d6:
                    de:75:25:7e:0e:fb:bf:37:91:76:81:28:03:c0:84:
                    c5:a2:54:c2:fb:92:7e:7c:43:34:a9:07:4a:1a:86:
                    7f:de:56:8d:29:8c:aa:61:9d:6e:13:6a:95:fb:bc:
                    9a:ec:cf:de:5d:f9:e1:80:86:bf:18:75:aa:a2:79:
                    27:bb:08:b0:b6:77:98:ab:a8:70:e0:d0:4f:38:f9:
                    52:7b:c5:7d:9d:84:c8:f8:ee:fe:5c:4c:a0:0e:f6:
                    5a:a4:99:39:69:28:db:a6:e1:f6:1d:6a:ec:86:cc:
                    2c:2b:e3:83:0b:b6:46:43:18:39:45:4b:ff:98:ab:
                    3c:95:6e:8e:58:9e:b8:c9:a3:a9:99:f8:7f:ed:5d:
                    9e:13:de:56:79:94:be:78:13:3d:f4:32:44:a7:63:
                    e3:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:98:75:89:E4:30:CB:C2:3A:08:4D:2A:FE:09:2B:B6:74:77:6F:86
            X509v3 Authority Key Identifier:
                keyid:5F:B7:46:6D:8E:92:B2:1C:7B:1A:A1:35:F3:0E:FE:6E:73:E1:F8:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X7dGbY6Sshx7GqE18w7-bnPh-Gw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ed289-d661-4343-a2e0-0b92679d3625/1/X7dGbY6Sshx7GqE18w7-bnPh-Gw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ed289-d661-4343-a2e0-0b92679d3625/1/X7dGbY6Sshx7GqE18w7-bnPh-Gw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b2:60:9d:33:ec:a8:3d:0f:0f:34:38:4a:ac:70:09:f4:cd:de:
         ff:10:23:a4:56:a8:e4:72:b6:4a:90:cb:c9:84:19:d7:cb:a2:
         5b:a4:f3:07:c7:1d:4a:10:5f:8d:c8:d9:e5:f5:d3:49:c5:8b:
         9d:79:93:9c:c5:a7:ea:23:9e:1a:59:6b:87:44:92:99:9d:4a:
         a0:1b:13:11:06:a2:fa:df:d0:54:e0:79:7f:64:e4:27:8a:5d:
         57:8c:43:b4:9c:0e:bf:ff:7f:c1:85:b1:d1:8a:17:5e:0a:ff:
         23:53:a4:e6:cf:ae:b3:44:0e:9d:77:f9:d1:00:6c:b2:15:69:
         63:e2:31:5d:92:f7:ea:17:01:53:76:d9:79:ac:40:54:8c:51:
         89:b0:21:89:36:ed:22:1f:76:e7:0d:d4:cb:25:ca:1e:3e:09:
         52:b4:23:93:09:b2:77:a4:08:2d:8d:cd:f6:42:ff:31:6f:41:
         bd:65:3a:6d:a2:74:4a:7f:20:c3:b1:b9:a7:48:3d:74:5c:b9:
         bc:79:ec:ea:7c:ef:28:85:5d:d1:56:8a:b7:24:40:b4:15:87:
         58:f8:4f:4e:26:05:f2:fc:e5:1b:c0:bb:70:d5:c0:c7:48:13:
         ec:89:4b:df:f2:38:2a:0b:82:82:0e:f3:2f:ab:bb:2e:1e:86:
         d4:50:3c:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8/TYulPrmebj9UVbEfkXYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYjc0NjZkOGU5MmIyMWM3YjFhYTEzNWYzMGVmZTZlNzNl
MWY4NmMwHhcNMjUxMDE5MTUwMTE2WhcNMjUxMDIwMTUwMTE2WjAzMTEwLwYDVQQD
EygyMjk4NzU4OWU0MzBjYmMyM2EwODRkMmFmZTA5MmJiNjc0Nzc2Zjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1qTxVZVPzfQ4eo6b/Vw/eMkXX+p8
5xHByaXobW3WPqzGZCImK3AWFn6a11SxCjO4wfrI6oN+uBfruJijSX6S2+US9Gcp
N6cflAnkrWppvHQfn807H53XJf8LFmhM3W2c3QSiZDAQedbedSV+Dvu/N5F2gSgD
wITFolTC+5J+fEM0qQdKGoZ/3laNKYyqYZ1uE2qV+7ya7M/eXfnhgIa/GHWqonkn
uwiwtneYq6hw4NBPOPlSe8V9nYTI+O7+XEygDvZapJk5aSjbpuH2HWrshswsK+OD
C7ZGQxg5RUv/mKs8lW6OWJ64yaOpmfh/7V2eE95WeZS+eBM99DJEp2PjiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCKYdYnkMMvCOghNKv4JK7Z0d2+GMB8GA1UdIwQY
MBaAFF+3Rm2OkrIcexqhNfMO/m5z4fhsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDdkR2JZNlNzaHg3R3FFMTh3Ny1iblBoLUd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83ZWQyODktZDY2MS00MzQzLWEyZTAt
MGI5MjY3OWQzNjI1LzEvWDdkR2JZNlNzaHg3R3FFMTh3Ny1iblBoLUd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83ZWQyODktZDY2MS00MzQzLWEyZTAtMGI5MjY3OWQzNjI1
LzEvWDdkR2JZNlNzaHg3R3FFMTh3Ny1iblBoLUd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsmCdM+yo
PQ8PNDhKrHAJ9M3e/xAjpFao5HK2SpDLyYQZ18uiW6TzB8cdShBfjcjZ5fXTScWL
nXmTnMWn6iOeGllrh0SSmZ1KoBsTEQai+t/QVOB5f2TkJ4pdV4xDtJwOv/9/wYWx
0YoXXgr/I1Ok5s+us0QOnXf50QBsshVpY+IxXZL36hcBU3bZeaxAVIxRibAhiTbt
Ih925w3UyyXKHj4JUrQjkwmyd6QILY3N9kL/MW9BvWU6baJ0Sn8gw7G5p0g9dFy5
vHns6nzvKIVd0VaKtyRAtBWHWPhPTiYF8vzlG8C7cNXAx0gT7IlL3/I4KguCgg7z
L6u7Lh6G1FA8oQ==
-----END CERTIFICATE-----