Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1c2984-fd83-41ba-b1dc-f683b9681d61/1/tU0YlEyigIUFOR3pf6nWsrxhiZo.mft
File:                     tU0YlEyigIUFOR3pf6nWsrxhiZo.mft (raw, json)
Hash identifier:          fD4P73zMC7rBdpHLLNgRkKakaoaW/ms1wrV+yBtvm/M=
Subject key identifier:   F7:E8:78:08:DD:12:E3:A9:41:15:3E:29:4C:EC:86:73:3A:29:AD:A8
Authority key identifier: B5:4D:18:94:4C:A2:80:85:05:39:1D:E9:7F:A9:D6:B2:BC:61:89:9A
Certificate issuer:       /CN=b54d18944ca2808505391de97fa9d6b2bc61899a
Certificate serial:       019A4EF542C0643AD3827B7684020BC0F3D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tU0YlEyigIUFOR3pf6nWsrxhiZo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/1c2984-fd83-41ba-b1dc-f683b9681d61/1/tU0YlEyigIUFOR3pf6nWsrxhiZo.mft
Manifest number:          11AA
Signing time:             Tue 04 Nov 2025 13:01:27 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:27 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:27 +0000
Files and hashes:         1: tU0YlEyigIUFOR3pf6nWsrxhiZo.crl (hash: JmNEt7Xg14zbl9hmqmQJ3ic6Fl1Iy2aYvwNChrxhH8I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4d/1c2984-fd83-41ba-b1dc-f683b9681d61/1/tU0YlEyigIUFOR3pf6nWsrxhiZo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4d/1c2984-fd83-41ba-b1dc-f683b9681d61/1/tU0YlEyigIUFOR3pf6nWsrxhiZo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tU0YlEyigIUFOR3pf6nWsrxhiZo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:42:c0:64:3a:d3:82:7b:76:84:02:0b:c0:f3:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b54d18944ca2808505391de97fa9d6b2bc61899a
        Validity
            Not Before: Nov  4 13:01:27 2025 GMT
            Not After : Nov  5 13:01:27 2025 GMT
        Subject: CN=f7e87808dd12e3a941153e294cec86733a29ada8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:e1:4c:aa:0a:05:cf:95:bb:d3:1d:52:b6:e1:
                    06:5a:8b:16:35:84:ed:3b:2f:19:22:fa:2b:0c:2e:
                    ef:19:b0:cd:51:68:09:47:c7:51:d9:d4:42:3d:16:
                    aa:ff:86:c8:cc:9d:8e:01:7c:67:d0:e6:28:53:42:
                    a7:64:fa:94:dc:cf:1c:96:5e:41:49:6e:0e:14:93:
                    7e:84:99:dd:94:28:6c:d7:79:e0:f4:62:04:b1:6b:
                    14:07:8c:2b:58:bc:16:5f:e7:4d:f3:d4:fb:95:a7:
                    18:06:46:1d:dc:90:e2:0b:3c:a3:c3:d9:9d:e8:1a:
                    fa:1c:50:d6:88:f7:e4:ba:4e:eb:d8:b8:e1:26:76:
                    a9:32:38:ca:58:9e:6a:8f:36:4a:03:85:aa:a3:f1:
                    38:9d:fb:10:63:91:17:5e:00:87:6c:bf:db:f0:8a:
                    2a:d9:b4:6e:2b:7a:80:ff:f3:e2:e5:60:a6:9a:a8:
                    35:6c:44:e9:4b:6c:83:a1:22:0c:2e:8e:d0:1f:b4:
                    d9:e9:76:74:f8:ba:61:e0:b4:d9:de:84:25:63:26:
                    1f:77:f2:36:b5:50:55:ae:ed:e1:42:4c:0a:78:47:
                    c1:dc:f2:b1:d8:4a:24:2b:0a:0b:26:70:3f:56:c7:
                    f9:51:0f:98:4c:20:e9:5d:e5:cf:e1:4c:da:a6:a5:
                    40:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:E8:78:08:DD:12:E3:A9:41:15:3E:29:4C:EC:86:73:3A:29:AD:A8
            X509v3 Authority Key Identifier:
                keyid:B5:4D:18:94:4C:A2:80:85:05:39:1D:E9:7F:A9:D6:B2:BC:61:89:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tU0YlEyigIUFOR3pf6nWsrxhiZo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1c2984-fd83-41ba-b1dc-f683b9681d61/1/tU0YlEyigIUFOR3pf6nWsrxhiZo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1c2984-fd83-41ba-b1dc-f683b9681d61/1/tU0YlEyigIUFOR3pf6nWsrxhiZo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:a7:73:48:38:64:aa:c8:0f:a6:a8:93:57:76:33:f1:84:8f:
         ff:d2:26:a4:4d:37:5f:9c:52:73:8a:8d:cc:a9:d5:25:49:32:
         a0:fc:17:b1:82:1a:16:20:74:32:5a:04:71:b9:b5:94:3b:82:
         b6:27:e4:2f:61:96:60:22:0e:8b:67:f1:78:c3:bf:79:93:29:
         4b:a9:be:f0:e3:ae:91:72:5c:d1:99:e6:d9:0c:34:6d:1d:f8:
         c2:b0:e0:f1:77:8f:3e:34:c9:4f:bc:b8:b4:93:55:cf:49:88:
         20:af:ba:2b:0a:37:74:a2:95:c8:41:22:bb:51:e7:7a:5a:c8:
         08:02:a3:24:29:43:4b:2a:18:c2:cd:ed:33:4e:9c:11:89:68:
         9d:d5:f9:61:0f:e6:2c:d6:af:63:87:71:78:cd:d6:7c:79:40:
         73:df:79:4c:39:67:ac:70:ca:b6:46:1d:b7:aa:f8:df:73:60:
         2a:31:73:4b:e2:15:ff:d1:45:12:77:69:0b:33:a2:7e:25:bb:
         18:52:6c:48:b0:80:e1:7b:8e:e1:1e:96:b1:27:9d:d6:f9:d6:
         c9:a4:eb:f2:2b:81:84:28:f7:aa:4b:f1:e7:72:c4:ec:13:24:
         10:52:29:f9:41:cd:45:1b:d1:d5:51:11:67:77:31:da:da:0d:
         e2:b8:d7:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9ULAZDrTgnt2hAILwPPVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NGQxODk0NGNhMjgwODUwNTM5MWRlOTdmYTlkNmIyYmM2
MTg5OWEwHhcNMjUxMTA0MTMwMTI3WhcNMjUxMTA1MTMwMTI3WjAzMTEwLwYDVQQD
EyhmN2U4NzgwOGRkMTJlM2E5NDExNTNlMjk0Y2VjODY3MzNhMjlhZGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0eFMqgoFz5W70x1StuEGWosWNYTt
Oy8ZIvorDC7vGbDNUWgJR8dR2dRCPRaq/4bIzJ2OAXxn0OYoU0KnZPqU3M8cll5B
SW4OFJN+hJndlChs13ng9GIEsWsUB4wrWLwWX+dN89T7lacYBkYd3JDiCzyjw9md
6Br6HFDWiPfkuk7r2LjhJnapMjjKWJ5qjzZKA4Wqo/E4nfsQY5EXXgCHbL/b8Ioq
2bRuK3qA//Pi5WCmmqg1bETpS2yDoSIMLo7QH7TZ6XZ0+Lph4LTZ3oQlYyYfd/I2
tVBVru3hQkwKeEfB3PKx2EokKwoLJnA/Vsf5UQ+YTCDpXeXP4UzapqVA8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPfoeAjdEuOpQRU+KUzshnM6Ka2oMB8GA1UdIwQY
MBaAFLVNGJRMooCFBTkd6X+p1rK8YYmaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFUwWWxFeWlnSVVGT1IzcGY2bldzcnhoaVpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xYzI5ODQtZmQ4My00MWJhLWIxZGMt
ZjY4M2I5NjgxZDYxLzEvdFUwWWxFeWlnSVVGT1IzcGY2bldzcnhoaVpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xYzI5ODQtZmQ4My00MWJhLWIxZGMtZjY4M2I5NjgxZDYx
LzEvdFUwWWxFeWlnSVVGT1IzcGY2bldzcnhoaVpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb6dzSDhk
qsgPpqiTV3Yz8YSP/9ImpE03X5xSc4qNzKnVJUkyoPwXsYIaFiB0MloEcbm1lDuC
tifkL2GWYCIOi2fxeMO/eZMpS6m+8OOukXJc0Znm2Qw0bR34wrDg8XePPjTJT7y4
tJNVz0mIIK+6Kwo3dKKVyEEiu1HnelrICAKjJClDSyoYws3tM06cEYlondX5YQ/m
LNavY4dxeM3WfHlAc995TDlnrHDKtkYdt6r433NgKjFzS+IV/9FFEndpCzOifiW7
GFJsSLCA4XuO4R6WsSed1vnWyaTr8iuBhCj3qkvx53LE7BMkEFIp+UHNRRvR1VER
Z3cx2toN4rjXNA==
-----END CERTIFICATE-----