Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.mft
File:                     xxovfXzIw2N0bpa8P8yLBflgb-o.mft (raw, json)
Hash identifier:          hCtElZxfqVg1uNuyCl2dPiriaHgiFj0GAFflhAt9S58=
Subject key identifier:   8B:B8:C5:F0:27:67:E2:F2:BB:2E:43:8A:78:DE:21:8B:BA:67:27:3A
Authority key identifier: C7:1A:2F:7D:7C:C8:C3:63:74:6E:96:BC:3F:CC:8B:05:F9:60:6F:EA
Certificate issuer:       /CN=c71a2f7d7cc8c363746e96bc3fcc8b05f9606fea
Certificate serial:       0199FD342AEAF5FDABD479F7A3357DCEFAD6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xxovfXzIw2N0bpa8P8yLBflgb-o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.mft
Manifest number:          16E1
Signing time:             Sun 19 Oct 2025 16:01:18 +0000
Manifest this update:     Sun 19 Oct 2025 16:01:18 +0000
Manifest next update:     Mon 20 Oct 2025 16:01:18 +0000
Files and hashes:         1: xxovfXzIw2N0bpa8P8yLBflgb-o.crl (hash: vO9inE98+UKTmfJK3PwwXlLVtHZX8+4NAH+zFCTWY1Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xxovfXzIw2N0bpa8P8yLBflgb-o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:34:2a:ea:f5:fd:ab:d4:79:f7:a3:35:7d:ce:fa:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c71a2f7d7cc8c363746e96bc3fcc8b05f9606fea
        Validity
            Not Before: Oct 19 16:01:18 2025 GMT
            Not After : Oct 20 16:01:18 2025 GMT
        Subject: CN=8bb8c5f02767e2f2bb2e438a78de218bba67273a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:31:78:42:7d:1e:72:87:6d:55:7f:64:cd:54:
                    76:78:59:cf:76:06:bd:3c:b3:c1:51:89:35:f8:5c:
                    72:11:25:ba:5a:48:f3:89:6f:90:83:87:fe:86:8b:
                    c5:e9:82:dd:c2:18:31:fd:ff:bb:3c:8c:8e:8f:11:
                    6d:fc:eb:ff:d6:30:bc:13:5f:36:03:d8:6a:b1:d5:
                    fb:83:fa:9b:25:2b:f3:24:52:d0:db:30:c2:7c:ea:
                    21:e8:89:3c:fc:ca:c6:ea:b3:22:9d:0f:6a:e5:a4:
                    82:b9:06:05:16:6b:3f:43:2d:34:d4:26:0d:96:f0:
                    f5:11:72:51:5b:79:54:5d:64:c4:68:24:94:d5:54:
                    03:5e:e8:6e:91:2a:3c:5b:10:9c:d2:ac:14:ad:48:
                    a4:7c:86:ec:3c:28:0c:a6:e7:ae:15:21:70:d1:31:
                    61:88:f0:39:63:01:fe:04:10:f9:bf:92:d7:bf:69:
                    73:9b:89:9a:71:bf:f9:99:c0:ad:37:1e:7b:4f:ab:
                    9c:3c:67:a8:ee:a3:f5:ce:f0:9b:77:de:c3:09:87:
                    58:c0:00:32:5c:4a:90:2d:9b:c5:59:21:4e:6a:c5:
                    e7:bc:b1:c4:78:a1:32:e1:16:4a:a5:36:97:9c:c9:
                    32:d2:de:8e:b7:90:c1:8d:e5:3d:a4:cb:5e:1c:04:
                    e0:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:B8:C5:F0:27:67:E2:F2:BB:2E:43:8A:78:DE:21:8B:BA:67:27:3A
            X509v3 Authority Key Identifier:
                keyid:C7:1A:2F:7D:7C:C8:C3:63:74:6E:96:BC:3F:CC:8B:05:F9:60:6F:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xxovfXzIw2N0bpa8P8yLBflgb-o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:d7:fc:e8:be:d8:01:57:41:6c:cf:39:ac:4f:a8:05:da:c2:
         67:35:5e:ee:8e:ab:3d:ea:83:3d:08:ab:07:02:f9:11:f6:b7:
         b4:e6:d1:a0:e8:e2:f8:73:e2:f6:c6:21:bb:1e:0a:a0:21:96:
         22:27:b5:9e:a9:98:aa:09:01:96:6e:62:96:54:f6:ab:58:94:
         cc:01:c6:f8:26:ff:ff:5d:7a:35:8c:3b:3c:31:22:2e:8b:9c:
         b6:3a:c5:5b:0e:05:a3:52:01:83:9b:65:67:8c:12:96:d9:47:
         33:7f:87:f6:b9:1a:d4:90:1a:0f:da:03:ec:43:2a:32:bd:82:
         39:9a:50:7e:08:94:96:1c:d7:13:23:36:31:2c:79:d8:73:f7:
         9d:98:28:4b:5d:9e:b6:5e:35:74:e3:7b:bc:44:94:41:e2:52:
         c9:2c:6b:62:03:3e:8f:bb:f9:af:18:95:4d:2b:81:b2:3c:0d:
         f9:3d:af:9d:ac:a0:a1:b9:2b:35:70:8e:0a:8d:39:e3:83:49:
         5d:42:43:a7:a3:92:f3:cc:1b:6d:44:b6:c5:e9:a2:dd:56:b2:
         3d:66:30:5a:bb:5c:b3:58:f5:75:05:c2:0b:d4:af:f7:4f:b5:
         74:f7:bb:54:f9:fa:35:91:30:b3:8f:59:73:19:f6:fe:0c:fd:
         49:c8:2e:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9NCrq9f2r1Hn3ozV9zvrWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3MWEyZjdkN2NjOGMzNjM3NDZlOTZiYzNmY2M4YjA1Zjk2
MDZmZWEwHhcNMjUxMDE5MTYwMTE4WhcNMjUxMDIwMTYwMTE4WjAzMTEwLwYDVQQD
Eyg4YmI4YzVmMDI3NjdlMmYyYmIyZTQzOGE3OGRlMjE4YmJhNjcyNzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxjF4Qn0ecodtVX9kzVR2eFnPdga9
PLPBUYk1+FxyESW6WkjziW+Qg4f+hovF6YLdwhgx/f+7PIyOjxFt/Ov/1jC8E182
A9hqsdX7g/qbJSvzJFLQ2zDCfOoh6Ik8/MrG6rMinQ9q5aSCuQYFFms/Qy001CYN
lvD1EXJRW3lUXWTEaCSU1VQDXuhukSo8WxCc0qwUrUikfIbsPCgMpueuFSFw0TFh
iPA5YwH+BBD5v5LXv2lzm4macb/5mcCtNx57T6ucPGeo7qP1zvCbd97DCYdYwAAy
XEqQLZvFWSFOasXnvLHEeKEy4RZKpTaXnMky0t6Ot5DBjeU9pMteHATgoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIu4xfAnZ+Lyuy5DinjeIYu6Zyc6MB8GA1UdIwQY
MBaAFMcaL318yMNjdG6WvD/MiwX5YG/qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHhvdmZYekl3Mk4wYnBhOFA4eUxCZmxnYi1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8wZGM5MjUtYTMzYi00ZDNhLWFkZDMt
ZDZkMTQwZTRjZTZkLzEveHhvdmZYekl3Mk4wYnBhOFA4eUxCZmxnYi1vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8wZGM5MjUtYTMzYi00ZDNhLWFkZDMtZDZkMTQwZTRjZTZk
LzEveHhvdmZYekl3Mk4wYnBhOFA4eUxCZmxnYi1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAftf86L7Y
AVdBbM85rE+oBdrCZzVe7o6rPeqDPQirBwL5Efa3tObRoOji+HPi9sYhux4KoCGW
Iie1nqmYqgkBlm5illT2q1iUzAHG+Cb//116NYw7PDEiLouctjrFWw4Fo1IBg5tl
Z4wSltlHM3+H9rka1JAaD9oD7EMqMr2COZpQfgiUlhzXEyM2MSx52HP3nZgoS12e
tl41dON7vESUQeJSySxrYgM+j7v5rxiVTSuBsjwN+T2vnaygobkrNXCOCo0544NJ
XUJDp6OS88wbbUS2xemi3VayPWYwWrtcs1j1dQXCC9Sv90+1dPe7VPn6NZEws49Z
cxn2/gz9ScguHQ==
-----END CERTIFICATE-----