Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
File:                     xDGln2B5ajI2rhAIwtXGxHC8sEU.mft (raw, json)
Hash identifier:          qU5E5kU5GggRPQgCK483mbwF2jjmH7kciJJ9JGNIs7k=
Subject key identifier:   B6:D8:F2:E4:32:76:98:C4:33:44:18:9C:41:40:9D:59:5D:BE:93:60
Authority key identifier: C4:31:A5:9F:60:79:6A:32:36:AE:10:08:C2:D5:C6:C4:70:BC:B0:45
Certificate issuer:       /CN=c431a59f60796a3236ae1008c2d5c6c470bcb045
Certificate serial:       0199FEB4B9BF22F6AD1EB13A902073796951
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
Manifest number:          077E
Signing time:             Sun 19 Oct 2025 23:01:20 +0000
Manifest this update:     Sun 19 Oct 2025 23:01:20 +0000
Manifest next update:     Mon 20 Oct 2025 23:01:20 +0000
Files and hashes:         1: xDGln2B5ajI2rhAIwtXGxHC8sEU.crl (hash: crKZMoOzHI2MWNybCqdb6up4fv0C3KWKr8d56kGndrM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:b4:b9:bf:22:f6:ad:1e:b1:3a:90:20:73:79:69:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c431a59f60796a3236ae1008c2d5c6c470bcb045
        Validity
            Not Before: Oct 19 23:01:20 2025 GMT
            Not After : Oct 20 23:01:20 2025 GMT
        Subject: CN=b6d8f2e4327698c43344189c41409d595dbe9360
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:6f:e3:b4:7e:5f:b3:aa:53:57:60:9d:77:9c:
                    28:c8:01:f2:9d:11:38:0c:54:0c:a9:82:8d:fc:8c:
                    ff:75:29:e4:a1:40:bb:e2:bc:b3:69:c0:bc:0e:ca:
                    b5:05:63:43:48:fa:e4:b5:c7:83:5d:b9:98:a7:e5:
                    67:eb:6b:16:63:77:37:91:6e:27:ff:c9:2e:e3:04:
                    a2:2d:40:d0:08:ba:45:d9:19:9d:6e:9e:32:14:29:
                    9a:e8:98:fe:90:7d:64:51:7a:69:25:aa:18:7f:73:
                    9d:30:5e:fb:10:4f:6f:f1:a3:0f:2e:a6:26:bb:fa:
                    89:b1:79:6c:e7:d0:f6:2a:0e:c2:f1:f3:46:f2:08:
                    86:79:e2:31:5b:26:f7:76:fc:c0:6c:12:d7:b2:56:
                    db:49:a9:c2:21:29:e0:a6:a7:30:c5:bf:26:11:fb:
                    6c:41:9a:b5:fa:d8:ca:29:31:40:a4:43:e3:ca:fb:
                    46:2f:8c:ea:48:ef:57:f5:9a:77:5a:f8:2d:8d:53:
                    61:2c:cd:a2:77:2e:ee:e3:19:1b:68:c6:85:26:b4:
                    bf:83:0a:f9:25:f0:87:a6:25:83:54:9b:78:30:c7:
                    fc:e0:63:0d:7c:2a:dc:70:99:b4:44:a4:9e:e0:50:
                    7d:c7:22:56:de:62:a4:c5:7d:b6:af:91:4f:98:02:
                    de:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:D8:F2:E4:32:76:98:C4:33:44:18:9C:41:40:9D:59:5D:BE:93:60
            X509v3 Authority Key Identifier:
                keyid:C4:31:A5:9F:60:79:6A:32:36:AE:10:08:C2:D5:C6:C4:70:BC:B0:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         f2:10:30:bd:34:bf:07:e2:79:e5:e2:62:1d:66:f1:3f:0a:a1:
         e5:0e:09:e9:1a:15:b6:b2:79:75:58:34:af:c8:8e:4f:44:02:
         de:20:45:96:28:55:7b:bd:57:61:7b:0e:bb:58:a1:bb:e7:42:
         2e:31:c1:b2:14:4c:cf:87:7c:06:81:34:d9:9b:47:70:be:80:
         b4:6e:1c:59:1e:94:7a:18:10:8c:27:e1:94:24:77:4b:2d:9d:
         a7:b5:09:76:49:b1:16:40:9b:4f:9c:5a:f1:04:ee:98:c7:7a:
         4f:31:10:63:c3:91:4d:d2:2a:20:d3:b3:58:9b:15:1a:e7:cc:
         6f:e0:e8:25:5d:59:aa:54:2a:26:34:19:e8:38:05:29:a0:99:
         17:a7:60:bd:d4:9b:fd:6a:57:93:fd:ec:58:86:48:ce:77:78:
         3f:c8:a3:26:b4:8d:f3:f1:d8:b2:9a:55:0f:af:45:9f:2c:6e:
         a1:9e:fd:e2:dd:b9:4f:c1:81:9e:97:a3:31:59:c2:28:16:ac:
         ab:86:e9:dc:8a:2e:ca:44:b0:34:51:a4:b7:80:8f:f0:e4:29:
         65:f5:5b:11:5c:45:0c:e7:21:c9:fc:af:8b:f7:43:ee:66:44:
         ad:03:c4:da:a2:14:e9:d2:c4:fc:e4:05:23:c6:81:52:69:26:
         4d:b8:67:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+tLm/IvatHrE6kCBzeWlRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MzFhNTlmNjA3OTZhMzIzNmFlMTAwOGMyZDVjNmM0NzBi
Y2IwNDUwHhcNMjUxMDE5MjMwMTIwWhcNMjUxMDIwMjMwMTIwWjAzMTEwLwYDVQQD
EyhiNmQ4ZjJlNDMyNzY5OGM0MzM0NDE4OWM0MTQwOWQ1OTVkYmU5MzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl2/jtH5fs6pTV2Cdd5woyAHynRE4
DFQMqYKN/Iz/dSnkoUC74ryzacC8Dsq1BWNDSPrktceDXbmYp+Vn62sWY3c3kW4n
/8ku4wSiLUDQCLpF2Rmdbp4yFCma6Jj+kH1kUXppJaoYf3OdMF77EE9v8aMPLqYm
u/qJsXls59D2Kg7C8fNG8giGeeIxWyb3dvzAbBLXslbbSanCISngpqcwxb8mEfts
QZq1+tjKKTFApEPjyvtGL4zqSO9X9Zp3WvgtjVNhLM2idy7u4xkbaMaFJrS/gwr5
JfCHpiWDVJt4MMf84GMNfCrccJm0RKSe4FB9xyJW3mKkxX22r5FPmALeRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLbY8uQydpjEM0QYnEFAnVldvpNgMB8GA1UdIwQY
MBaAFMQxpZ9geWoyNq4QCMLVxsRwvLBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS85Njc1Y2UtOGI1YS00MDFkLWE0OTct
OTY0ZTVmMWJhZmVmLzEveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS85Njc1Y2UtOGI1YS00MDFkLWE0OTctOTY0ZTVmMWJhZmVm
LzEveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA8hAwvTS/
B+J55eJiHWbxPwqh5Q4J6RoVtrJ5dVg0r8iOT0QC3iBFlihVe71XYXsOu1ihu+dC
LjHBshRMz4d8BoE02ZtHcL6AtG4cWR6UehgQjCfhlCR3Sy2dp7UJdkmxFkCbT5xa
8QTumMd6TzEQY8ORTdIqINOzWJsVGufMb+DoJV1ZqlQqJjQZ6DgFKaCZF6dgvdSb
/WpXk/3sWIZIznd4P8ijJrSN8/HYsppVD69FnyxuoZ794t25T8GBnpejMVnCKBas
q4bp3IouykSwNFGkt4CP8OQpZfVbEVxFDOchyfyvi/dD7mZErQPE2qIU6dLE/OQF
I8aBUmkmTbhnDw==
-----END CERTIFICATE-----