Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft
File:                     WnMRox5rU6F10ZE1sryZOh-5hLE.mft (raw, json)
Hash identifier:          oBzCbrvkqdU8Hs3QOXZBHe9zk6DKhUwXHkS3bEYw3cQ=
Subject key identifier:   DA:39:6D:18:90:66:4D:33:5F:75:91:F3:18:88:11:A2:89:BD:EB:9F
Authority key identifier: 5A:73:11:A3:1E:6B:53:A1:75:D1:91:35:B2:BC:99:3A:1F:B9:84:B1
Certificate issuer:       /CN=5a7311a31e6b53a175d19135b2bc993a1fb984b1
Certificate serial:       019A0110BD8ACE7124E732D14EF16D2123B8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft
Manifest number:          150A
Signing time:             Mon 20 Oct 2025 10:01:05 +0000
Manifest this update:     Mon 20 Oct 2025 10:01:05 +0000
Manifest next update:     Tue 21 Oct 2025 10:01:05 +0000
Files and hashes:         1: WnMRox5rU6F10ZE1sryZOh-5hLE.crl (hash: u1i3XOaVAUE4v58TV4M9h3hMYP1YJMbs7sZ10HsjMJw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 09:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:01:10:bd:8a:ce:71:24:e7:32:d1:4e:f1:6d:21:23:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5a7311a31e6b53a175d19135b2bc993a1fb984b1
        Validity
            Not Before: Oct 20 10:01:05 2025 GMT
            Not After : Oct 21 10:01:05 2025 GMT
        Subject: CN=da396d1890664d335f7591f3188811a289bdeb9f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:45:ac:68:06:99:7a:50:56:42:53:6d:12:86:
                    4f:9f:40:fb:8a:f4:47:11:e1:ec:f5:9d:6c:40:43:
                    f2:97:00:ac:db:e5:6e:46:ea:e1:40:2c:89:c9:7a:
                    d8:28:24:56:41:e6:84:3d:9b:33:49:ab:9e:cf:7a:
                    19:e4:1b:c7:7f:bc:84:84:47:1b:83:2f:bd:03:a9:
                    bd:ef:c7:ca:c1:ce:ac:79:2f:57:66:89:c5:79:71:
                    a1:88:6a:0c:44:04:2e:85:a5:96:e3:89:13:36:1a:
                    b5:2d:7a:89:5d:dd:9d:b3:6f:7f:e3:70:bd:ca:b8:
                    dd:ae:38:f5:92:62:da:49:20:63:54:bd:65:71:87:
                    9e:84:a4:95:3c:a8:f4:ce:cb:c2:e1:c5:0b:d5:3e:
                    9a:f8:49:54:f1:63:44:20:41:d7:69:c9:e0:6b:a5:
                    5c:d1:25:f7:29:d9:cb:8e:4a:73:05:c7:57:32:71:
                    3a:75:57:39:f7:1d:2d:ea:c2:b4:e4:6e:32:b0:8c:
                    e2:08:06:4d:1e:d2:2f:b4:27:55:3e:a9:18:9e:96:
                    2d:6f:05:4f:d5:56:51:0d:44:05:25:d6:ef:76:5d:
                    54:00:2f:9d:02:a8:9d:2b:db:af:0e:de:9f:85:cd:
                    a2:ca:b5:be:37:c9:d3:e8:47:f9:e1:e3:69:cd:1c:
                    cc:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:39:6D:18:90:66:4D:33:5F:75:91:F3:18:88:11:A2:89:BD:EB:9F
            X509v3 Authority Key Identifier:
                keyid:5A:73:11:A3:1E:6B:53:A1:75:D1:91:35:B2:BC:99:3A:1F:B9:84:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a1:15:c7:a9:48:b9:d4:1f:8d:cb:fc:1b:8f:a2:fe:b7:6e:90:
         5a:13:5b:53:61:7f:b4:4c:d3:38:0c:ea:13:2c:fb:9a:75:19:
         59:aa:e0:6a:13:e9:78:5d:db:35:20:45:9b:f0:d5:11:b2:b3:
         e1:97:5d:e0:90:fe:84:f2:74:96:06:38:18:57:eb:36:49:b0:
         ad:c4:4a:90:94:69:59:06:c4:84:b8:58:0c:19:2b:29:4e:1d:
         2d:32:42:9c:0c:8c:fa:87:be:eb:9b:1f:e2:73:55:e9:28:4e:
         3a:33:93:8b:62:09:06:1c:1b:8c:69:b4:91:78:28:10:7c:40:
         fb:c7:ab:e7:3a:12:04:aa:34:8b:07:1b:8d:90:25:c1:05:30:
         ef:7e:9c:35:da:f0:0e:76:a8:45:be:3c:3c:9a:d0:19:7a:50:
         4c:d5:ce:21:42:20:78:4f:1b:1c:f7:3d:58:cd:43:3f:e6:53:
         6e:a7:17:53:53:dc:21:76:fa:83:b8:9d:17:63:de:27:b2:9d:
         c2:5f:2f:ed:61:b6:86:fc:9d:35:80:cd:d4:8e:1c:95:be:cd:
         02:69:f3:83:f3:53:90:16:0a:55:d2:d8:06:11:90:13:d2:2b:
         75:84:7b:78:ba:f0:fa:2a:75:a3:4f:90:48:bf:93:99:b3:9d:
         86:1f:ba:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoBEL2KznEk5zLRTvFtISO4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNzMxMWEzMWU2YjUzYTE3NWQxOTEzNWIyYmM5OTNhMWZi
OTg0YjEwHhcNMjUxMDIwMTAwMTA1WhcNMjUxMDIxMTAwMTA1WjAzMTEwLwYDVQQD
EyhkYTM5NmQxODkwNjY0ZDMzNWY3NTkxZjMxODg4MTFhMjg5YmRlYjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4kWsaAaZelBWQlNtEoZPn0D7ivRH
EeHs9Z1sQEPylwCs2+VuRurhQCyJyXrYKCRWQeaEPZszSauez3oZ5BvHf7yEhEcb
gy+9A6m978fKwc6seS9XZonFeXGhiGoMRAQuhaWW44kTNhq1LXqJXd2ds29/43C9
yrjdrjj1kmLaSSBjVL1lcYeehKSVPKj0zsvC4cUL1T6a+ElU8WNEIEHXacnga6Vc
0SX3KdnLjkpzBcdXMnE6dVc59x0t6sK05G4ysIziCAZNHtIvtCdVPqkYnpYtbwVP
1VZRDUQFJdbvdl1UAC+dAqidK9uvDt6fhc2iyrW+N8nT6Ef54eNpzRzMdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNo5bRiQZk0zX3WR8xiIEaKJveufMB8GA1UdIwQY
MBaAFFpzEaMea1OhddGRNbK8mTofuYSxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9lNjc3ODEtMTcxZC00MGQ3LTkwMzct
MWJhYTgzYzhhMDM2LzEvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9lNjc3ODEtMTcxZC00MGQ3LTkwMzctMWJhYTgzYzhhMDM2
LzEvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoRXHqUi5
1B+Ny/wbj6L+t26QWhNbU2F/tEzTOAzqEyz7mnUZWargahPpeF3bNSBFm/DVEbKz
4Zdd4JD+hPJ0lgY4GFfrNkmwrcRKkJRpWQbEhLhYDBkrKU4dLTJCnAyM+oe+65sf
4nNV6ShOOjOTi2IJBhwbjGm0kXgoEHxA+8er5zoSBKo0iwcbjZAlwQUw736cNdrw
DnaoRb48PJrQGXpQTNXOIUIgeE8bHPc9WM1DP+ZTbqcXU1PcIXb6g7idF2PeJ7Kd
wl8v7WG2hvydNYDN1I4clb7NAmnzg/NTkBYKVdLYBhGQE9IrdYR7eLrw+ip1o0+Q
SL+TmbOdhh+65A==
-----END CERTIFICATE-----