Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/6c791f-ba85-4c03-b791-e5b1672d4b17/1/hyyq6fD7ed7GhEvqzowiHO9NMsk.mft
File:                     hyyq6fD7ed7GhEvqzowiHO9NMsk.mft (raw, json)
Hash identifier:          j9w/OmI/TfWxFYp3gBS+DRHyIC0AnRw0BbHq2QEjYFc=
Subject key identifier:   D9:EC:AF:65:9F:E5:74:12:5A:F4:28:F9:D3:20:8B:28:E4:9C:3B:6B
Authority key identifier: 87:2C:AA:E9:F0:FB:79:DE:C6:84:4B:EA:CE:8C:22:1C:EF:4D:32:C9
Certificate issuer:       /CN=872caae9f0fb79dec6844beace8c221cef4d32c9
Certificate serial:       019A52D1E5AD969B80E07769743A7AA56CB2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hyyq6fD7ed7GhEvqzowiHO9NMsk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/6c791f-ba85-4c03-b791-e5b1672d4b17/1/hyyq6fD7ed7GhEvqzowiHO9NMsk.mft
Manifest number:          1197
Signing time:             Wed 05 Nov 2025 07:01:18 +0000
Manifest this update:     Wed 05 Nov 2025 07:01:18 +0000
Manifest next update:     Thu 06 Nov 2025 07:01:18 +0000
Files and hashes:         1: hyyq6fD7ed7GhEvqzowiHO9NMsk.crl (hash: Jo9q2CRDxvoSMQSwd4k7siguXLPtMp36WnGy3KFH1rk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/6c791f-ba85-4c03-b791-e5b1672d4b17/1/hyyq6fD7ed7GhEvqzowiHO9NMsk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/6c791f-ba85-4c03-b791-e5b1672d4b17/1/hyyq6fD7ed7GhEvqzowiHO9NMsk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hyyq6fD7ed7GhEvqzowiHO9NMsk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 03:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:52:d1:e5:ad:96:9b:80:e0:77:69:74:3a:7a:a5:6c:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=872caae9f0fb79dec6844beace8c221cef4d32c9
        Validity
            Not Before: Nov  5 07:01:18 2025 GMT
            Not After : Nov  6 07:01:18 2025 GMT
        Subject: CN=d9ecaf659fe574125af428f9d3208b28e49c3b6b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:cc:5a:dd:61:ec:05:6b:7b:4d:75:c3:50:14:
                    f4:32:81:8e:d0:4b:b6:21:56:e4:06:1b:1e:c1:f6:
                    40:45:95:fd:a1:d7:78:f0:b4:e7:c4:b1:e9:69:64:
                    eb:2b:4b:aa:95:27:49:39:60:6b:b2:f0:4e:41:c4:
                    3b:38:4c:af:34:c7:16:cd:f0:90:52:e2:5e:ef:35:
                    41:c7:70:cb:6f:d5:4c:e3:c9:a1:c8:9f:b4:8e:66:
                    6a:5b:86:bd:14:b8:05:b4:b9:ec:75:42:ee:52:57:
                    64:f4:6d:a6:89:71:9e:d2:55:a9:a7:32:08:77:27:
                    05:cd:28:59:82:a2:07:57:88:2f:e6:b7:d1:82:96:
                    7e:10:8a:88:39:29:0d:5a:d6:12:b5:22:ee:84:8f:
                    d5:ec:0a:79:dc:0b:f4:57:68:e1:4b:c4:56:c8:5a:
                    a6:d4:76:6c:e1:db:7b:16:83:26:39:df:c3:b8:ba:
                    a3:09:ea:79:64:95:b1:0c:48:b3:7e:c5:f9:78:61:
                    60:da:ec:87:bf:3c:db:57:ba:ea:b5:9b:22:45:08:
                    62:6a:ce:9b:d4:f8:cc:69:ca:2d:d0:86:55:6c:e3:
                    24:2d:a2:d2:34:2c:d3:f9:b8:a0:a8:3c:1a:6c:b5:
                    f2:df:96:a6:50:3a:9e:79:ed:8f:ef:cb:52:4b:0a:
                    72:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:EC:AF:65:9F:E5:74:12:5A:F4:28:F9:D3:20:8B:28:E4:9C:3B:6B
            X509v3 Authority Key Identifier:
                keyid:87:2C:AA:E9:F0:FB:79:DE:C6:84:4B:EA:CE:8C:22:1C:EF:4D:32:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hyyq6fD7ed7GhEvqzowiHO9NMsk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/6c791f-ba85-4c03-b791-e5b1672d4b17/1/hyyq6fD7ed7GhEvqzowiHO9NMsk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/6c791f-ba85-4c03-b791-e5b1672d4b17/1/hyyq6fD7ed7GhEvqzowiHO9NMsk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:a9:9f:66:ad:80:58:16:1c:74:1b:1d:77:bc:3c:b8:7d:39:
         a7:4e:05:23:da:67:02:83:bd:cb:4c:43:3c:c9:df:28:d4:a0:
         d4:d7:0a:f1:a7:44:dd:23:7f:89:da:88:01:0e:b8:00:7d:d5:
         11:fc:40:4e:e4:d7:32:9c:08:97:7e:3f:06:f5:86:01:a3:ec:
         e3:9b:ff:ff:54:a8:7a:77:fd:0c:cd:b0:b3:b7:84:70:2f:44:
         11:5e:13:6a:35:96:af:85:5f:84:b6:ed:26:a5:fb:5a:34:27:
         61:fc:f2:c7:28:6a:43:9a:cd:3f:d4:9b:b7:46:6b:5b:82:c0:
         d3:a8:01:23:7a:3b:f3:57:76:8e:e3:2f:b5:e1:32:53:cd:89:
         04:ef:69:1a:0b:f7:53:da:fa:ef:9a:de:2a:24:d7:54:2c:26:
         77:da:d8:a0:9a:29:2d:9b:bd:7a:1d:5a:29:ab:d4:fd:e1:47:
         0d:60:21:8a:6f:58:d2:e1:7f:3a:c4:81:67:a9:6c:02:aa:2b:
         9b:8f:5b:b4:43:4e:eb:1e:fb:87:92:53:89:03:6d:6f:c6:2b:
         9d:67:28:8d:80:06:d4:07:b6:ae:ff:7f:e1:22:06:df:41:11:
         16:37:18:e8:ea:d6:85:94:84:79:a2:5d:98:27:95:07:4e:cc:
         62:5c:ef:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpS0eWtlpuA4HdpdDp6pWyyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MmNhYWU5ZjBmYjc5ZGVjNjg0NGJlYWNlOGMyMjFjZWY0
ZDMyYzkwHhcNMjUxMTA1MDcwMTE4WhcNMjUxMTA2MDcwMTE4WjAzMTEwLwYDVQQD
EyhkOWVjYWY2NTlmZTU3NDEyNWFmNDI4ZjlkMzIwOGIyOGU0OWMzYjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlsxa3WHsBWt7TXXDUBT0MoGO0Eu2
IVbkBhsewfZARZX9odd48LTnxLHpaWTrK0uqlSdJOWBrsvBOQcQ7OEyvNMcWzfCQ
UuJe7zVBx3DLb9VM48mhyJ+0jmZqW4a9FLgFtLnsdULuUldk9G2miXGe0lWppzII
dycFzShZgqIHV4gv5rfRgpZ+EIqIOSkNWtYStSLuhI/V7Ap53Av0V2jhS8RWyFqm
1HZs4dt7FoMmOd/DuLqjCep5ZJWxDEizfsX5eGFg2uyHvzzbV7rqtZsiRQhias6b
1PjMacot0IZVbOMkLaLSNCzT+bigqDwabLXy35amUDqeee2P78tSSwpyQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNnsr2Wf5XQSWvQo+dMgiyjknDtrMB8GA1UdIwQY
MBaAFIcsqunw+3nexoRL6s6MIhzvTTLJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHl5cTZmRDdlZDdHaEV2cXpvd2lITzlOTXNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC82Yzc5MWYtYmE4NS00YzAzLWI3OTEt
ZTViMTY3MmQ0YjE3LzEvaHl5cTZmRDdlZDdHaEV2cXpvd2lITzlOTXNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC82Yzc5MWYtYmE4NS00YzAzLWI3OTEtZTViMTY3MmQ0YjE3
LzEvaHl5cTZmRDdlZDdHaEV2cXpvd2lITzlOTXNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJamfZq2A
WBYcdBsdd7w8uH05p04FI9pnAoO9y0xDPMnfKNSg1NcK8adE3SN/idqIAQ64AH3V
EfxATuTXMpwIl34/BvWGAaPs45v//1Soenf9DM2ws7eEcC9EEV4TajWWr4VfhLbt
JqX7WjQnYfzyxyhqQ5rNP9Sbt0ZrW4LA06gBI3o781d2juMvteEyU82JBO9pGgv3
U9r675reKiTXVCwmd9rYoJopLZu9eh1aKavU/eFHDWAhim9Y0uF/OsSBZ6lsAqor
m49btENO6x77h5JTiQNtb8YrnWcojYAG1Ae2rv9/4SIG30ERFjcY6OrWhZSEeaJd
mCeVB07MYlzvAw==
-----END CERTIFICATE-----