Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/2575fe-a526-4195-9745-fa96bdd2ffa3/1/T03F1MB2_YQmOrcubxe1_0rLhEg.mft
File:                     T03F1MB2_YQmOrcubxe1_0rLhEg.mft (raw, json)
Hash identifier:          a5+wSffzbpsvnXG3MsjDSeTampI1rC/zQSwSnQ1o5Kk=
Subject key identifier:   86:1B:19:87:6F:79:A3:D0:99:CC:69:96:99:8D:28:3F:E3:D9:2C:21
Authority key identifier: 4F:4D:C5:D4:C0:76:FD:84:26:3A:B7:2E:6F:17:B5:FF:4A:CB:84:48
Certificate issuer:       /CN=4f4dc5d4c076fd84263ab72e6f17b5ff4acb8448
Certificate serial:       019A4EBD47120BC8FFC5328136534577A958
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T03F1MB2_YQmOrcubxe1_0rLhEg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/2575fe-a526-4195-9745-fa96bdd2ffa3/1/T03F1MB2_YQmOrcubxe1_0rLhEg.mft
Manifest number:          0A2A
Signing time:             Tue 04 Nov 2025 12:00:18 +0000
Manifest this update:     Tue 04 Nov 2025 12:00:18 +0000
Manifest next update:     Wed 05 Nov 2025 12:00:18 +0000
Files and hashes:         1: T03F1MB2_YQmOrcubxe1_0rLhEg.crl (hash: 7FBS4Yov3jTLjjM7r3tgLwTuP3ixjBunv8oCeRCFbXU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/2575fe-a526-4195-9745-fa96bdd2ffa3/1/T03F1MB2_YQmOrcubxe1_0rLhEg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/2575fe-a526-4195-9745-fa96bdd2ffa3/1/T03F1MB2_YQmOrcubxe1_0rLhEg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/T03F1MB2_YQmOrcubxe1_0rLhEg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:bd:47:12:0b:c8:ff:c5:32:81:36:53:45:77:a9:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f4dc5d4c076fd84263ab72e6f17b5ff4acb8448
        Validity
            Not Before: Nov  4 12:00:18 2025 GMT
            Not After : Nov  5 12:00:18 2025 GMT
        Subject: CN=861b19876f79a3d099cc6996998d283fe3d92c21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:a7:55:e5:fb:76:83:d8:13:96:b7:c0:f1:6f:
                    32:2e:b8:b4:f4:80:2a:30:41:a6:67:b3:2f:69:28:
                    9a:a5:96:e0:a2:d3:e4:5f:0b:54:1b:58:21:dd:b1:
                    61:38:a3:65:55:ec:d6:5b:fe:6b:f4:27:90:1f:cf:
                    76:32:cb:5e:ba:5a:1f:55:9c:d2:be:51:48:0c:4e:
                    9a:de:99:2c:27:ab:a9:e3:13:db:fd:cf:76:5b:47:
                    d3:07:b6:62:59:82:af:da:3a:2e:79:65:98:fa:cf:
                    af:39:fa:86:a7:91:14:ca:2f:bf:ee:8f:c8:2a:b4:
                    93:7c:8f:23:89:ba:2c:af:46:76:4a:38:39:13:41:
                    29:57:9e:3f:c1:d3:71:d3:0f:04:3b:4f:3b:32:5a:
                    c5:24:cd:80:c4:d0:cc:80:c2:82:66:e0:3d:a2:ee:
                    2c:a2:d1:da:38:34:ae:a9:a6:88:0f:ab:ff:33:0f:
                    25:b2:7c:26:7e:1d:60:ca:ba:12:c9:08:09:27:20:
                    d2:56:00:c4:2f:bc:10:70:ac:de:7d:73:37:53:65:
                    78:aa:88:da:90:fe:ff:8e:f0:f0:64:1e:1f:3e:93:
                    4c:b4:8a:80:81:69:e3:84:2d:fc:01:5d:63:86:60:
                    22:06:db:e5:0f:97:d4:07:aa:90:42:57:78:02:5b:
                    e5:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:1B:19:87:6F:79:A3:D0:99:CC:69:96:99:8D:28:3F:E3:D9:2C:21
            X509v3 Authority Key Identifier:
                keyid:4F:4D:C5:D4:C0:76:FD:84:26:3A:B7:2E:6F:17:B5:FF:4A:CB:84:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T03F1MB2_YQmOrcubxe1_0rLhEg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2575fe-a526-4195-9745-fa96bdd2ffa3/1/T03F1MB2_YQmOrcubxe1_0rLhEg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2575fe-a526-4195-9745-fa96bdd2ffa3/1/T03F1MB2_YQmOrcubxe1_0rLhEg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:4f:fb:bb:d9:43:0d:9a:eb:1d:2f:ad:82:95:b8:c8:72:8f:
         1f:12:06:93:3f:62:9c:d8:a9:51:84:6c:c1:8a:88:43:4f:00:
         15:a7:74:ec:3b:72:9f:64:af:54:98:20:1a:df:c6:72:83:6e:
         ac:ed:60:70:fd:3f:74:8f:35:46:44:c4:8a:21:d0:78:5d:c1:
         5e:21:e0:c4:60:2c:dd:2b:4d:5d:61:10:a3:89:0e:ce:06:b0:
         fb:f8:76:0b:aa:d5:c4:fe:f2:31:8d:c6:14:50:93:02:b8:3e:
         c8:83:10:2b:84:46:32:d2:0f:27:18:f9:3c:ae:90:69:86:c9:
         d4:38:38:8e:62:e8:f4:85:80:76:9b:7d:62:eb:07:cf:c6:2f:
         76:b6:4d:af:94:04:68:2c:32:8e:ac:4e:bd:c7:ae:67:fb:0f:
         0b:08:a6:9e:cd:69:61:5d:bf:bd:60:2f:37:1d:c2:5b:3e:35:
         26:d6:a9:53:72:a3:f1:c5:5c:87:0b:fc:d2:84:0c:10:29:80:
         f6:ac:18:db:59:c8:10:40:cf:2f:12:e3:38:ad:fc:a3:e6:73:
         6c:a0:66:78:3b:c4:1a:a7:f9:d6:a0:e3:c5:7a:1e:25:72:8c:
         42:9d:22:89:7f:c6:7b:39:22:a6:00:81:62:80:c4:98:29:cf:
         89:75:66:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOvUcSC8j/xTKBNlNFd6lYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmNGRjNWQ0YzA3NmZkODQyNjNhYjcyZTZmMTdiNWZmNGFj
Yjg0NDgwHhcNMjUxMTA0MTIwMDE4WhcNMjUxMTA1MTIwMDE4WjAzMTEwLwYDVQQD
Eyg4NjFiMTk4NzZmNzlhM2QwOTljYzY5OTY5OThkMjgzZmUzZDkyYzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsadV5ft2g9gTlrfA8W8yLri09IAq
MEGmZ7MvaSiapZbgotPkXwtUG1gh3bFhOKNlVezWW/5r9CeQH892MsteulofVZzS
vlFIDE6a3pksJ6up4xPb/c92W0fTB7ZiWYKv2joueWWY+s+vOfqGp5EUyi+/7o/I
KrSTfI8jibosr0Z2Sjg5E0EpV54/wdNx0w8EO087MlrFJM2AxNDMgMKCZuA9ou4s
otHaODSuqaaID6v/Mw8lsnwmfh1gyroSyQgJJyDSVgDEL7wQcKzefXM3U2V4qoja
kP7/jvDwZB4fPpNMtIqAgWnjhC38AV1jhmAiBtvlD5fUB6qQQld4AlvlzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIYbGYdveaPQmcxplpmNKD/j2SwhMB8GA1UdIwQY
MBaAFE9NxdTAdv2EJjq3Lm8Xtf9Ky4RIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDAzRjFNQjJfWVFtT3JjdWJ4ZTFfMHJMaEVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8yNTc1ZmUtYTUyNi00MTk1LTk3NDUt
ZmE5NmJkZDJmZmEzLzEvVDAzRjFNQjJfWVFtT3JjdWJ4ZTFfMHJMaEVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8yNTc1ZmUtYTUyNi00MTk1LTk3NDUtZmE5NmJkZDJmZmEz
LzEvVDAzRjFNQjJfWVFtT3JjdWJ4ZTFfMHJMaEVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKU/7u9lD
DZrrHS+tgpW4yHKPHxIGkz9inNipUYRswYqIQ08AFad07Dtyn2SvVJggGt/GcoNu
rO1gcP0/dI81RkTEiiHQeF3BXiHgxGAs3StNXWEQo4kOzgaw+/h2C6rVxP7yMY3G
FFCTArg+yIMQK4RGMtIPJxj5PK6QaYbJ1Dg4jmLo9IWAdpt9YusHz8YvdrZNr5QE
aCwyjqxOvceuZ/sPCwimns1pYV2/vWAvNx3CWz41JtapU3Kj8cVchwv80oQMECmA
9qwY21nIEEDPLxLjOK38o+ZzbKBmeDvEGqf51qDjxXoeJXKMQp0iiX/GezkipgCB
YoDEmCnPiXVmQQ==
-----END CERTIFICATE-----