Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft
File:                     yO91rieylt0KS84TZH2LWJv06cM.mft (raw, json)
Hash identifier:          MfUHBk8hkLOkS51vafh8RUhlpHmYk+la4UdsXFwrTbM=
Subject key identifier:   74:D5:BE:7F:0C:C7:81:81:30:98:6B:A7:47:E6:3C:59:A0:74:56:1C
Authority key identifier: C8:EF:75:AE:27:B2:96:DD:0A:4B:CE:13:64:7D:8B:58:9B:F4:E9:C3
Certificate issuer:       /CN=c8ef75ae27b296dd0a4bce13647d8b589bf4e9c3
Certificate serial:       019A4EBD540D803D87BA9D96E4CBBA29A0A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft
Manifest number:          127A
Signing time:             Tue 04 Nov 2025 12:00:21 +0000
Manifest this update:     Tue 04 Nov 2025 12:00:21 +0000
Manifest next update:     Wed 05 Nov 2025 12:00:21 +0000
Files and hashes:         1: yO91rieylt0KS84TZH2LWJv06cM.crl (hash: 4e0aYrEsUfjoSf+asdzKPr3mT8ODZj3IZVGHURYA0ak=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:bd:54:0d:80:3d:87:ba:9d:96:e4:cb:ba:29:a0:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8ef75ae27b296dd0a4bce13647d8b589bf4e9c3
        Validity
            Not Before: Nov  4 12:00:21 2025 GMT
            Not After : Nov  5 12:00:21 2025 GMT
        Subject: CN=74d5be7f0cc7818130986ba747e63c59a074561c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:94:3e:7d:e1:5f:41:77:c8:cb:12:0a:43:45:
                    bc:99:d0:a8:85:78:d4:94:4d:89:f9:90:7c:51:c1:
                    16:08:c9:26:72:63:20:26:06:37:e1:32:90:6b:cc:
                    50:0b:c2:f6:b5:cc:f0:9f:7a:79:ba:d5:a3:7d:c8:
                    90:9a:1b:be:e9:b9:2c:a6:d4:b0:ba:c2:25:b3:87:
                    21:54:11:94:ba:c2:2b:48:af:4d:d8:04:bc:c8:89:
                    cd:fe:04:a0:8d:8d:13:cb:dc:da:92:aa:c2:7a:35:
                    a5:33:f3:12:60:c1:b3:a0:66:da:30:3e:90:93:fa:
                    8a:a8:55:24:ca:03:db:17:32:03:9b:8c:db:5a:d2:
                    86:c6:3f:7e:d4:ec:e2:8e:db:f3:f0:34:c3:f2:d8:
                    b2:ca:3c:8c:48:37:cf:38:b7:a7:9b:d3:b8:1c:06:
                    c4:b6:27:97:53:a7:09:97:71:e2:76:00:9a:b9:08:
                    80:9f:82:bc:6c:2a:52:32:74:30:fd:8c:0e:6d:d8:
                    ac:e8:42:1c:8e:8c:53:d6:4a:5b:7b:00:15:e6:2c:
                    bf:73:44:c1:bf:1b:6f:2b:84:07:96:31:3c:99:83:
                    27:95:9e:98:8b:b8:57:ad:a5:7a:1b:7c:ee:79:80:
                    40:f7:c5:4c:9f:6c:4e:f5:0e:72:d0:1d:14:d7:c3:
                    35:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:D5:BE:7F:0C:C7:81:81:30:98:6B:A7:47:E6:3C:59:A0:74:56:1C
            X509v3 Authority Key Identifier:
                keyid:C8:EF:75:AE:27:B2:96:DD:0A:4B:CE:13:64:7D:8B:58:9B:F4:E9:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:8e:88:80:ca:f2:92:92:5b:a2:f3:02:c1:4d:6d:63:02:0b:
         71:a2:0f:87:de:2d:1d:72:fe:34:a5:49:05:39:23:0b:9c:d8:
         a4:a4:ff:24:fd:c3:4f:a0:7b:be:b4:85:7a:96:2c:fe:81:c4:
         b5:7b:2d:52:fd:80:68:d8:b0:21:cf:f1:4c:dc:a0:f5:e2:1a:
         49:2d:2d:23:3b:b8:9d:78:e5:a7:79:f0:46:d0:76:d6:51:b8:
         60:be:07:82:c1:12:f5:12:89:34:cd:e9:00:e8:8d:3d:b7:c8:
         42:70:f4:ad:8d:75:d0:f6:47:b7:4f:45:d0:34:1f:bf:c5:20:
         21:05:46:1e:cd:25:26:35:74:65:22:5e:31:70:3b:ce:9d:7f:
         32:97:c5:e9:ec:27:7f:22:3d:19:d8:0e:fa:e1:54:7e:e2:c0:
         a4:0a:e5:15:d2:86:ee:74:dc:19:d7:46:71:ec:6e:3c:3a:c3:
         44:e9:12:4e:80:09:7b:cc:50:1a:49:a1:91:57:53:d9:6d:a2:
         0b:dd:d3:46:fd:1b:39:9e:b5:6a:a8:17:31:dd:c8:bd:f1:b1:
         cb:5d:fd:63:a5:99:0b:a0:1c:2a:e5:d2:66:ff:68:22:7d:76:
         b6:2f:c5:dc:a0:d8:d7:1b:65:3c:f0:b0:e8:4c:8f:a9:5f:f9:
         f4:f1:fa:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOvVQNgD2Hup2W5Mu6KaCiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZWY3NWFlMjdiMjk2ZGQwYTRiY2UxMzY0N2Q4YjU4OWJm
NGU5YzMwHhcNMjUxMTA0MTIwMDIxWhcNMjUxMTA1MTIwMDIxWjAzMTEwLwYDVQQD
Eyg3NGQ1YmU3ZjBjYzc4MTgxMzA5ODZiYTc0N2U2M2M1OWEwNzQ1NjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJQ+feFfQXfIyxIKQ0W8mdCohXjU
lE2J+ZB8UcEWCMkmcmMgJgY34TKQa8xQC8L2tczwn3p5utWjfciQmhu+6bksptSw
usIls4chVBGUusIrSK9N2AS8yInN/gSgjY0Ty9zakqrCejWlM/MSYMGzoGbaMD6Q
k/qKqFUkygPbFzIDm4zbWtKGxj9+1Ozijtvz8DTD8tiyyjyMSDfPOLenm9O4HAbE
tieXU6cJl3HidgCauQiAn4K8bCpSMnQw/YwObdis6EIcjoxT1kpbewAV5iy/c0TB
vxtvK4QHljE8mYMnlZ6Yi7hXraV6G3zueYBA98VMn2xO9Q5y0B0U18M1mQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHTVvn8Mx4GBMJhrp0fmPFmgdFYcMB8GA1UdIwQY
MBaAFMjvda4nspbdCkvOE2R9i1ib9OnDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS84YmVmOGItOTc2NS00MTMxLTljYWYt
NzczNTFkMDg1MGM5LzEveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS84YmVmOGItOTc2NS00MTMxLTljYWYtNzczNTFkMDg1MGM5
LzEveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApo6IgMry
kpJbovMCwU1tYwILcaIPh94tHXL+NKVJBTkjC5zYpKT/JP3DT6B7vrSFepYs/oHE
tXstUv2AaNiwIc/xTNyg9eIaSS0tIzu4nXjlp3nwRtB21lG4YL4HgsES9RKJNM3p
AOiNPbfIQnD0rY110PZHt09F0DQfv8UgIQVGHs0lJjV0ZSJeMXA7zp1/MpfF6ewn
fyI9GdgO+uFUfuLApArlFdKG7nTcGddGcexuPDrDROkSToAJe8xQGkmhkVdT2W2i
C93TRv0bOZ61aqgXMd3IvfGxy139Y6WZC6AcKuXSZv9oIn12ti/F3KDY1xtlPPCw
6EyPqV/59PH6/Q==
-----END CERTIFICATE-----