Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft
File:                     yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft (raw, json)
Hash identifier:          RsME+p04MGYsj8VUJTE11ZSqR+veascEz5WW5kpxxIo=
Subject key identifier:   FA:81:89:83:57:EC:84:1E:1D:47:0F:36:45:DA:E0:F1:3D:9B:82:64
Authority key identifier: CA:1A:1A:62:C8:0B:0F:33:34:C5:DC:18:DC:64:B7:BF:97:88:90:13
Certificate issuer:       /CN=ca1a1a62c80b0f3334c5dc18dc64b7bf97889013
Certificate serial:       019A4FD089C377B0E2767E9E37047124B740
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yhoaYsgLDzM0xdwY3GS3v5eIkBM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft
Manifest number:          0A25
Signing time:             Tue 04 Nov 2025 17:00:58 +0000
Manifest this update:     Tue 04 Nov 2025 17:00:58 +0000
Manifest next update:     Wed 05 Nov 2025 17:00:58 +0000
Files and hashes:         1: yhoaYsgLDzM0xdwY3GS3v5eIkBM.crl (hash: ZBBbigwN9G8DN3xGZF7yrDByOKR4lhUhu15JM/eBvKE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yhoaYsgLDzM0xdwY3GS3v5eIkBM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:d0:89:c3:77:b0:e2:76:7e:9e:37:04:71:24:b7:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca1a1a62c80b0f3334c5dc18dc64b7bf97889013
        Validity
            Not Before: Nov  4 17:00:58 2025 GMT
            Not After : Nov  5 17:00:58 2025 GMT
        Subject: CN=fa81898357ec841e1d470f3645dae0f13d9b8264
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:92:10:24:3b:8e:9b:7e:18:85:50:31:26:dd:
                    d1:2d:d3:e6:e4:ac:59:6d:cb:d7:05:fd:8e:a5:4c:
                    63:9e:3f:b8:ef:2e:a4:3c:f1:04:d5:bb:b9:56:74:
                    e0:0a:2a:ca:88:12:a2:73:9c:5b:da:30:c8:a6:a3:
                    32:03:cd:24:47:1d:26:5c:10:74:00:f6:16:03:f6:
                    b7:0c:01:e7:c4:f0:f3:0e:ca:0f:6c:cf:bf:f5:96:
                    a9:39:b4:46:3c:c2:6e:d5:bd:4d:51:36:d2:bf:98:
                    36:9b:bc:75:3e:b8:10:4e:ee:d6:fe:5f:2c:2d:31:
                    93:a7:67:2a:40:03:77:27:a0:24:8c:25:ef:35:21:
                    50:ae:11:ec:94:a1:bc:7f:d7:87:eb:78:1b:ae:3f:
                    17:be:f4:d6:22:06:5b:b2:ed:67:41:4d:47:0e:43:
                    d5:aa:f2:50:7f:39:0d:2a:e8:d4:96:fc:57:74:1a:
                    da:eb:e6:9d:32:b4:14:68:ff:3c:15:b3:35:75:38:
                    83:c6:c3:45:e2:d3:43:65:55:a5:d3:52:7a:ab:4f:
                    60:a2:be:ee:b2:d2:d9:b1:86:d1:4d:89:5c:2b:70:
                    eb:95:2c:bb:29:95:f2:31:0d:cb:b4:40:8c:b2:0c:
                    37:04:d1:98:bc:21:a2:f7:e2:3c:66:46:fc:6c:78:
                    1e:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:81:89:83:57:EC:84:1E:1D:47:0F:36:45:DA:E0:F1:3D:9B:82:64
            X509v3 Authority Key Identifier:
                keyid:CA:1A:1A:62:C8:0B:0F:33:34:C5:DC:18:DC:64:B7:BF:97:88:90:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yhoaYsgLDzM0xdwY3GS3v5eIkBM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:30:a1:f2:d9:ec:61:16:d0:75:2c:cd:ed:e0:84:c6:09:02:
         46:53:be:be:91:2c:87:54:06:f9:e6:d0:71:b0:f1:29:a8:30:
         ff:2e:9e:4f:9d:05:f7:15:e1:d6:59:79:3b:30:77:bd:72:94:
         4b:82:0a:a8:2f:de:33:ce:d1:56:ca:0e:2c:cd:a7:03:0f:7b:
         13:14:b9:10:f5:60:b9:d1:1a:99:96:c3:0c:9f:4e:03:d3:40:
         18:99:26:de:85:a9:13:b7:8d:74:c7:39:54:8e:10:40:84:4b:
         4a:e7:1f:50:fc:32:cb:f1:d3:fb:29:0c:7b:24:b7:da:c0:75:
         20:99:db:8a:e8:0b:44:72:f1:31:81:15:1a:f4:7b:7d:d4:91:
         f7:fb:44:7d:43:a3:ef:2d:4c:30:3e:1e:7d:c8:1f:e7:53:82:
         77:08:7c:11:4c:bc:b2:25:3a:93:c8:85:50:ec:c3:ee:2b:82:
         de:cc:9d:91:8f:4f:3a:74:e3:95:ff:e8:9a:c0:a2:db:32:ff:
         66:9e:da:e9:06:1e:b9:05:85:11:ad:53:2e:e0:56:6c:8a:64:
         e8:8e:67:08:ab:d7:d5:4f:35:5e:d3:51:00:80:3d:ff:82:d8:
         e2:35:f2:02:df:6f:56:ce:a7:ed:be:fa:8e:d4:2a:83:15:d1:
         87:ee:77:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpP0InDd7Didn6eNwRxJLdAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMWExYTYyYzgwYjBmMzMzNGM1ZGMxOGRjNjRiN2JmOTc4
ODkwMTMwHhcNMjUxMTA0MTcwMDU4WhcNMjUxMTA1MTcwMDU4WjAzMTEwLwYDVQQD
EyhmYTgxODk4MzU3ZWM4NDFlMWQ0NzBmMzY0NWRhZTBmMTNkOWI4MjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzJIQJDuOm34YhVAxJt3RLdPm5KxZ
bcvXBf2OpUxjnj+47y6kPPEE1bu5VnTgCirKiBKic5xb2jDIpqMyA80kRx0mXBB0
APYWA/a3DAHnxPDzDsoPbM+/9ZapObRGPMJu1b1NUTbSv5g2m7x1PrgQTu7W/l8s
LTGTp2cqQAN3J6AkjCXvNSFQrhHslKG8f9eH63gbrj8XvvTWIgZbsu1nQU1HDkPV
qvJQfzkNKujUlvxXdBra6+adMrQUaP88FbM1dTiDxsNF4tNDZVWl01J6q09gor7u
stLZsYbRTYlcK3DrlSy7KZXyMQ3LtECMsgw3BNGYvCGi9+I8Zkb8bHgelQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPqBiYNX7IQeHUcPNkXa4PE9m4JkMB8GA1UdIwQY
MBaAFMoaGmLICw8zNMXcGNxkt7+XiJATMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWhvYVlzZ0xEek0weGR3WTNHUzN2NWVJa0JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8wZGRiZGMtNWUyMi00OTQ1LWJkY2Qt
YTA5ODU0YWI2NWEyLzEveWhvYVlzZ0xEek0weGR3WTNHUzN2NWVJa0JNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8wZGRiZGMtNWUyMi00OTQ1LWJkY2QtYTA5ODU0YWI2NWEy
LzEveWhvYVlzZ0xEek0weGR3WTNHUzN2NWVJa0JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgzCh8tns
YRbQdSzN7eCExgkCRlO+vpEsh1QG+ebQcbDxKagw/y6eT50F9xXh1ll5OzB3vXKU
S4IKqC/eM87RVsoOLM2nAw97ExS5EPVgudEamZbDDJ9OA9NAGJkm3oWpE7eNdMc5
VI4QQIRLSucfUPwyy/HT+ykMeyS32sB1IJnbiugLRHLxMYEVGvR7fdSR9/tEfUOj
7y1MMD4efcgf51OCdwh8EUy8siU6k8iFUOzD7iuC3sydkY9POnTjlf/omsCi2zL/
Zp7a6QYeuQWFEa1TLuBWbIpk6I5nCKvX1U81XtNRAIA9/4LY4jXyAt9vVs6n7b76
jtQqgxXRh+53tg==
-----END CERTIFICATE-----