Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/492bd0-993b-476e-8fac-9de48d43b1db/1/xorAnHI17TE4Ph_ThzkY3RgzNCo.mft
File:                     xorAnHI17TE4Ph_ThzkY3RgzNCo.mft (raw, json)
Hash identifier:          I5CQ8WjZZdhMAbygZek3Vo+h0z3KoSGxQPP0oI5A8s8=
Subject key identifier:   8B:5A:F4:F5:59:92:20:D7:2D:5F:5A:72:7A:19:A5:E2:E7:BD:F4:45
Authority key identifier: C6:8A:C0:9C:72:35:ED:31:38:3E:1F:D3:87:39:18:DD:18:33:34:2A
Certificate issuer:       /CN=c68ac09c7235ed31383e1fd3873918dd1833342a
Certificate serial:       0199FCFD8D470DC3A7763D28064DEED716FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xorAnHI17TE4Ph_ThzkY3RgzNCo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9a/492bd0-993b-476e-8fac-9de48d43b1db/1/xorAnHI17TE4Ph_ThzkY3RgzNCo.mft
Manifest number:          06B2
Signing time:             Sun 19 Oct 2025 15:01:39 +0000
Manifest this update:     Sun 19 Oct 2025 15:01:39 +0000
Manifest next update:     Mon 20 Oct 2025 15:01:39 +0000
Files and hashes:         1: xorAnHI17TE4Ph_ThzkY3RgzNCo.crl (hash: T+ioTrwd1Konxt3/C60/z/L5Ek85teocJDwJV7WIVNw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9a/492bd0-993b-476e-8fac-9de48d43b1db/1/xorAnHI17TE4Ph_ThzkY3RgzNCo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9a/492bd0-993b-476e-8fac-9de48d43b1db/1/xorAnHI17TE4Ph_ThzkY3RgzNCo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xorAnHI17TE4Ph_ThzkY3RgzNCo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:fd:8d:47:0d:c3:a7:76:3d:28:06:4d:ee:d7:16:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c68ac09c7235ed31383e1fd3873918dd1833342a
        Validity
            Not Before: Oct 19 15:01:39 2025 GMT
            Not After : Oct 20 15:01:39 2025 GMT
        Subject: CN=8b5af4f5599220d72d5f5a727a19a5e2e7bdf445
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:70:e0:c4:6a:c7:24:27:6e:10:98:48:48:f3:
                    c9:e7:06:93:fd:2c:ce:0b:89:63:0a:91:8e:64:2d:
                    0c:c9:9b:c7:8a:ee:83:81:b2:3a:03:d2:54:ab:88:
                    2b:2d:7f:82:95:5b:96:b0:8f:39:79:af:2e:1f:eb:
                    a5:eb:cd:4b:e7:be:67:d5:78:a2:41:74:c6:ba:45:
                    9e:0d:e6:89:76:68:77:33:ef:7f:8d:49:37:85:86:
                    7d:35:13:e4:1c:d5:6a:ed:ae:83:79:3c:05:51:84:
                    f7:d3:1e:84:b1:ef:1a:50:fd:b0:66:4f:0d:8a:04:
                    03:aa:25:28:ea:75:1b:9d:3f:06:f2:37:60:b5:d4:
                    a6:2c:d9:ea:a1:62:f3:de:29:63:98:30:1c:35:ef:
                    5f:ec:93:f6:fa:b1:62:5a:1d:98:02:57:92:09:89:
                    c7:8e:63:e4:95:a4:20:6b:ac:0b:b3:7c:5a:aa:49:
                    73:1c:7b:b7:a6:b2:f7:2f:1d:e1:0c:7a:f8:91:f1:
                    d4:10:32:17:e6:bd:d1:98:22:ba:86:82:49:9b:30:
                    ba:7c:26:e1:95:18:46:00:7d:40:3c:c3:45:1d:e7:
                    17:e3:83:e2:d0:92:4c:a8:6f:96:13:6d:39:ff:6e:
                    90:4e:11:93:32:66:43:47:10:c4:98:3d:28:46:d7:
                    ca:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:5A:F4:F5:59:92:20:D7:2D:5F:5A:72:7A:19:A5:E2:E7:BD:F4:45
            X509v3 Authority Key Identifier:
                keyid:C6:8A:C0:9C:72:35:ED:31:38:3E:1F:D3:87:39:18:DD:18:33:34:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xorAnHI17TE4Ph_ThzkY3RgzNCo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/492bd0-993b-476e-8fac-9de48d43b1db/1/xorAnHI17TE4Ph_ThzkY3RgzNCo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/492bd0-993b-476e-8fac-9de48d43b1db/1/xorAnHI17TE4Ph_ThzkY3RgzNCo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b1:7c:99:ea:71:d1:c2:85:3b:67:66:2f:d7:ca:7e:c4:cf:ee:
         9b:38:3c:39:78:a4:67:b8:8d:a9:e9:60:92:17:08:8b:2f:46:
         95:bd:dc:e0:6a:41:fb:b7:8a:b0:c0:ba:f1:b2:c2:9a:33:90:
         2f:6e:47:04:46:2b:d5:17:cc:db:2f:e6:37:2d:fe:d3:a9:a6:
         50:2a:a9:9e:30:80:45:da:50:71:db:93:6d:67:db:9e:99:12:
         da:7e:c7:0a:ac:c3:73:35:c1:ab:94:cf:c2:7b:fa:20:7e:ea:
         1d:76:d9:b3:76:e7:e0:96:a0:7f:3e:9a:1c:28:03:e0:cf:17:
         f8:ac:5c:31:6e:a7:02:fc:ea:33:09:0a:8b:43:72:cd:a1:cb:
         db:d5:0d:f7:05:36:ca:61:c0:4a:20:d2:77:99:8e:f7:28:f1:
         07:0d:4a:d7:b1:e5:ff:bb:a2:73:a8:4b:db:a1:d2:39:f3:9d:
         45:a7:99:ba:e0:6f:66:37:de:f4:ae:28:b3:62:55:d0:5a:dc:
         64:8c:b4:d9:36:0c:17:44:6b:2c:c8:4f:5a:e6:47:d5:56:5f:
         46:55:7f:b1:b0:6d:0a:78:10:1a:f7:4d:ea:bf:b3:44:cf:cd:
         0d:25:93:fb:bc:d0:53:9c:84:8d:e1:98:a9:14:fa:47:4e:64:
         97:70:b1:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8/Y1HDcOndj0oBk3u1xb7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2OGFjMDljNzIzNWVkMzEzODNlMWZkMzg3MzkxOGRkMTgz
MzM0MmEwHhcNMjUxMDE5MTUwMTM5WhcNMjUxMDIwMTUwMTM5WjAzMTEwLwYDVQQD
Eyg4YjVhZjRmNTU5OTIyMGQ3MmQ1ZjVhNzI3YTE5YTVlMmU3YmRmNDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3DgxGrHJCduEJhISPPJ5waT/SzO
C4ljCpGOZC0MyZvHiu6DgbI6A9JUq4grLX+ClVuWsI85ea8uH+ul681L575n1Xii
QXTGukWeDeaJdmh3M+9/jUk3hYZ9NRPkHNVq7a6DeTwFUYT30x6Ese8aUP2wZk8N
igQDqiUo6nUbnT8G8jdgtdSmLNnqoWLz3iljmDAcNe9f7JP2+rFiWh2YAleSCYnH
jmPklaQga6wLs3xaqklzHHu3prL3Lx3hDHr4kfHUEDIX5r3RmCK6hoJJmzC6fCbh
lRhGAH1APMNFHecX44Pi0JJMqG+WE205/26QThGTMmZDRxDEmD0oRtfKsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIta9PVZkiDXLV9acnoZpeLnvfRFMB8GA1UdIwQY
MBaAFMaKwJxyNe0xOD4f04c5GN0YMzQqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG9yQW5ISTE3VEU0UGhfVGh6a1kzUmd6TkNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS80OTJiZDAtOTkzYi00NzZlLThmYWMt
OWRlNDhkNDNiMWRiLzEveG9yQW5ISTE3VEU0UGhfVGh6a1kzUmd6TkNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS80OTJiZDAtOTkzYi00NzZlLThmYWMtOWRlNDhkNDNiMWRi
LzEveG9yQW5ISTE3VEU0UGhfVGh6a1kzUmd6TkNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsXyZ6nHR
woU7Z2Yv18p+xM/umzg8OXikZ7iNqelgkhcIiy9Glb3c4GpB+7eKsMC68bLCmjOQ
L25HBEYr1RfM2y/mNy3+06mmUCqpnjCARdpQcduTbWfbnpkS2n7HCqzDczXBq5TP
wnv6IH7qHXbZs3bn4Jagfz6aHCgD4M8X+KxcMW6nAvzqMwkKi0NyzaHL29UN9wU2
ymHASiDSd5mO9yjxBw1K17Hl/7uic6hL26HSOfOdRaeZuuBvZjfe9K4os2JV0Frc
ZIy02TYMF0RrLMhPWuZH1VZfRlV/sbBtCngQGvdN6r+zRM/NDSWT+7zQU5yEjeGY
qRT6R05kl3CxKQ==
-----END CERTIFICATE-----