Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft
File:                     y_nNJDztaTe2vqVxAoFP-bpCZiE.mft (raw, json)
Hash identifier:          azw+v0LyrOby7j2vJIADwzfdR2t4uOqEisD9NHDdIm8=
Subject key identifier:   B6:D7:38:5A:2E:9B:43:B7:71:E7:D7:0E:47:14:7B:44:18:31:E4:07
Authority key identifier: CB:F9:CD:24:3C:ED:69:37:B6:BE:A5:71:02:81:4F:F9:BA:42:66:21
Certificate issuer:       /CN=cbf9cd243ced6937b6bea57102814ff9ba426621
Certificate serial:       019A533F99C8284AA8A6456EDD8427C6CBE4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y_nNJDztaTe2vqVxAoFP-bpCZiE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft
Manifest number:          170C
Signing time:             Wed 05 Nov 2025 09:01:08 +0000
Manifest this update:     Wed 05 Nov 2025 09:01:08 +0000
Manifest next update:     Thu 06 Nov 2025 09:01:08 +0000
Files and hashes:         1: y_nNJDztaTe2vqVxAoFP-bpCZiE.crl (hash: ICjvbPC97CgRZ9KNQfwzbjXmgwxVcKXOtRwBWcFwmEw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y_nNJDztaTe2vqVxAoFP-bpCZiE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 03:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:53:3f:99:c8:28:4a:a8:a6:45:6e:dd:84:27:c6:cb:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cbf9cd243ced6937b6bea57102814ff9ba426621
        Validity
            Not Before: Nov  5 09:01:08 2025 GMT
            Not After : Nov  6 09:01:08 2025 GMT
        Subject: CN=b6d7385a2e9b43b771e7d70e47147b441831e407
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:3c:56:e7:4f:ef:c3:60:a5:e6:f6:2f:88:f4:
                    4f:09:fd:ef:18:c6:39:d6:5e:d7:9a:7a:ea:35:59:
                    01:7c:33:40:dd:fa:39:bb:b5:cc:b5:08:29:8e:80:
                    38:fa:59:0e:5c:e9:7b:a2:d5:9f:a7:0c:48:6b:84:
                    b7:ec:2f:06:8b:cb:c2:4a:12:87:a6:d2:2a:5a:ef:
                    45:9f:b4:f3:fc:58:ea:db:1b:2c:05:17:04:e2:29:
                    42:72:bb:a0:21:4b:5b:4f:32:c5:ad:dd:11:17:46:
                    e0:08:94:d6:f5:60:5a:67:e7:d8:34:d2:71:d2:cf:
                    50:08:fb:01:e6:64:ee:5a:73:82:fb:5b:c1:ce:63:
                    1d:3d:a7:b0:f2:c3:ee:bd:23:a8:4a:2b:d8:e8:1e:
                    3a:18:32:c4:19:ac:39:18:7a:98:40:14:8d:34:18:
                    b2:03:89:fa:9e:42:cb:d2:b6:56:56:37:3c:1c:26:
                    c8:a9:6a:eb:bf:b7:21:d9:f4:ef:1e:e0:8b:f8:d5:
                    a9:f2:52:00:34:03:6e:d2:ea:9c:c3:d6:57:de:74:
                    db:79:d7:0c:31:fb:a7:a9:2d:a9:69:d1:86:18:64:
                    2b:c1:ed:e4:54:7c:35:7b:a9:67:e0:ce:c2:e1:7d:
                    13:6a:9f:9d:2d:51:c9:42:2c:1b:cb:6c:4f:de:68:
                    97:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:D7:38:5A:2E:9B:43:B7:71:E7:D7:0E:47:14:7B:44:18:31:E4:07
            X509v3 Authority Key Identifier:
                keyid:CB:F9:CD:24:3C:ED:69:37:B6:BE:A5:71:02:81:4F:F9:BA:42:66:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y_nNJDztaTe2vqVxAoFP-bpCZiE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:f5:67:e6:f1:a4:64:75:de:e6:78:ad:dd:6d:1f:f6:b4:d7:
         21:c3:68:94:e7:b4:ff:51:dd:4e:bd:56:66:3a:3e:b8:de:26:
         31:7e:3e:82:f5:03:c6:28:e0:82:39:9d:e5:78:95:c8:85:b5:
         76:13:0c:e8:94:d0:db:46:64:0d:65:eb:8d:25:a5:f5:ff:66:
         5d:e0:21:2f:08:af:b4:1c:1d:67:a0:d1:9c:02:5b:57:40:22:
         b9:ad:2a:67:68:42:6f:ea:9b:a5:4c:52:b0:3f:29:54:aa:d9:
         b3:a8:f3:3d:3c:ef:5e:4c:6f:82:38:ca:a8:2f:66:b1:7d:82:
         4f:35:11:2b:ce:b3:7a:19:20:34:5c:9b:8f:6e:9f:75:3b:48:
         c6:fc:f3:40:45:d0:31:7c:3f:71:e9:49:e9:ca:80:a9:11:21:
         65:1d:86:dd:b6:44:08:d2:94:d1:88:a1:0b:1c:cb:87:a0:a1:
         06:54:e0:0f:30:3b:3d:a4:db:1e:c0:91:e0:45:42:f9:4e:4c:
         0b:ee:9a:f2:f7:61:98:84:54:80:31:1d:27:d0:3b:c7:35:a6:
         83:41:07:e1:92:54:8e:ba:17:55:72:1a:82:c0:20:9c:ed:0f:
         4b:fa:05:7b:12:ad:f4:09:e2:57:e5:54:e7:32:30:2b:c1:d0:
         d9:b8:21:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpTP5nIKEqopkVu3YQnxsvkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZjljZDI0M2NlZDY5MzdiNmJlYTU3MTAyODE0ZmY5YmE0
MjY2MjEwHhcNMjUxMTA1MDkwMTA4WhcNMjUxMTA2MDkwMTA4WjAzMTEwLwYDVQQD
EyhiNmQ3Mzg1YTJlOWI0M2I3NzFlN2Q3MGU0NzE0N2I0NDE4MzFlNDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTxW50/vw2Cl5vYviPRPCf3vGMY5
1l7XmnrqNVkBfDNA3fo5u7XMtQgpjoA4+lkOXOl7otWfpwxIa4S37C8Gi8vCShKH
ptIqWu9Fn7Tz/Fjq2xssBRcE4ilCcrugIUtbTzLFrd0RF0bgCJTW9WBaZ+fYNNJx
0s9QCPsB5mTuWnOC+1vBzmMdPaew8sPuvSOoSivY6B46GDLEGaw5GHqYQBSNNBiy
A4n6nkLL0rZWVjc8HCbIqWrrv7ch2fTvHuCL+NWp8lIANANu0uqcw9ZX3nTbedcM
MfunqS2padGGGGQrwe3kVHw1e6ln4M7C4X0Tap+dLVHJQiwby2xP3miXBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLbXOFoum0O3cefXDkcUe0QYMeQHMB8GA1UdIwQY
MBaAFMv5zSQ87Wk3tr6lcQKBT/m6QmYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveV9uTkpEenRhVGUydnFWeEFvRlAtYnBDWmlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy80OTdkZDEtNzU1ZS00NDJhLWIzMWQt
MWMxMzI1MGE2YTNjLzEveV9uTkpEenRhVGUydnFWeEFvRlAtYnBDWmlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy80OTdkZDEtNzU1ZS00NDJhLWIzMWQtMWMxMzI1MGE2YTNj
LzEveV9uTkpEenRhVGUydnFWeEFvRlAtYnBDWmlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK/Vn5vGk
ZHXe5nit3W0f9rTXIcNolOe0/1HdTr1WZjo+uN4mMX4+gvUDxijggjmd5XiVyIW1
dhMM6JTQ20ZkDWXrjSWl9f9mXeAhLwivtBwdZ6DRnAJbV0Aiua0qZ2hCb+qbpUxS
sD8pVKrZs6jzPTzvXkxvgjjKqC9msX2CTzURK86zehkgNFybj26fdTtIxvzzQEXQ
MXw/celJ6cqAqREhZR2G3bZECNKU0YihCxzLh6ChBlTgDzA7PaTbHsCR4EVC+U5M
C+6a8vdhmIRUgDEdJ9A7xzWmg0EH4ZJUjroXVXIagsAgnO0PS/oFexKt9AniV+VU
5zIwK8HQ2bgh5w==
-----END CERTIFICATE-----