Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft
File:                     cUt8OIAz4WI_xti-t69cOUJRkds.mft (raw, json)
Hash identifier:          VYbzDTqwDF+2IuyIHl8otW/+aVvvWtoQkaVGKXIFk64=
Subject key identifier:   56:F0:D1:7A:CD:69:17:74:1A:78:11:33:20:AF:E9:84:DE:6F:40:95
Authority key identifier: 71:4B:7C:38:80:33:E1:62:3F:C6:D8:BE:B7:AF:5C:39:42:51:91:DB
Certificate issuer:       /CN=714b7c388033e1623fc6d8beb7af5c39425191db
Certificate serial:       019A4EF4C4CF0EFEB18C6EAA9B265B3F3A73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cUt8OIAz4WI_xti-t69cOUJRkds.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft
Manifest number:          08C4
Signing time:             Tue 04 Nov 2025 13:00:55 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:55 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:55 +0000
Files and hashes:         1: cUt8OIAz4WI_xti-t69cOUJRkds.crl (hash: oPC1Glsu6YjH+6N/tSz4hLSQybVT44Xy4lL59wrWl9k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cUt8OIAz4WI_xti-t69cOUJRkds.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:c4:cf:0e:fe:b1:8c:6e:aa:9b:26:5b:3f:3a:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=714b7c388033e1623fc6d8beb7af5c39425191db
        Validity
            Not Before: Nov  4 13:00:55 2025 GMT
            Not After : Nov  5 13:00:55 2025 GMT
        Subject: CN=56f0d17acd6917741a78113320afe984de6f4095
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:26:65:00:16:ef:c4:0c:37:4e:14:ce:30:f1:
                    7c:43:ae:6b:d4:78:a4:9c:f6:d0:17:e9:b3:a1:01:
                    aa:46:fa:2c:19:73:c9:54:93:76:b7:8b:bc:fd:9d:
                    87:7c:67:7f:ca:f4:70:7a:98:62:17:0b:8b:73:9b:
                    87:9f:0f:8f:af:6b:6e:2b:9c:d6:9f:dc:f5:7b:28:
                    94:b8:5a:56:e0:36:19:71:28:16:ca:17:6e:99:39:
                    6b:cf:1f:80:d6:71:a4:ea:59:ef:d2:08:ff:9f:18:
                    15:6e:f0:c0:61:79:ad:70:ee:8a:c9:c5:c7:39:ea:
                    6a:15:53:7c:11:68:f1:2a:7f:df:4c:63:6a:bd:08:
                    6b:6c:6e:a7:0b:4b:d8:84:90:2e:18:18:fe:2e:04:
                    e3:ee:fb:e8:45:f8:6e:4a:5f:26:ee:7a:19:62:6c:
                    49:22:2e:05:3c:d2:83:3b:39:ad:24:c6:81:23:6d:
                    1c:fa:be:57:50:09:db:22:22:2e:80:bb:b0:1a:b1:
                    bf:d5:83:f6:42:d4:aa:e5:82:57:13:b9:38:6e:ab:
                    78:bb:06:bd:69:fd:de:fb:bc:62:a1:1e:a4:e7:76:
                    28:33:a3:ad:e0:a1:30:e8:fb:5f:21:99:97:62:d6:
                    0c:e3:58:9b:f2:bb:22:4f:53:d9:26:e7:fc:44:a8:
                    bb:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:F0:D1:7A:CD:69:17:74:1A:78:11:33:20:AF:E9:84:DE:6F:40:95
            X509v3 Authority Key Identifier:
                keyid:71:4B:7C:38:80:33:E1:62:3F:C6:D8:BE:B7:AF:5C:39:42:51:91:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cUt8OIAz4WI_xti-t69cOUJRkds.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:ab:6a:fd:76:e3:d3:79:f2:fb:02:78:ff:f2:ef:0d:a9:c8:
         4f:3f:29:2d:bd:c8:d9:20:e8:a0:e6:02:47:4d:09:ae:41:9c:
         74:1c:d8:21:bb:86:b4:10:1b:a3:3a:65:00:0d:a6:b5:22:26:
         d5:8f:46:63:fc:d1:72:2c:54:82:74:71:16:b1:18:30:08:bf:
         b6:ce:cf:51:73:a1:8c:8b:85:f5:59:b5:3e:86:13:9e:ff:e8:
         e9:59:82:b0:63:d1:a6:24:a9:d0:8f:8b:4d:e3:3f:fa:00:bd:
         7f:38:b7:2c:8a:7c:c0:c5:76:19:d3:26:ff:d9:1a:1e:21:ba:
         b9:22:7e:13:35:72:17:91:a9:1c:f7:e8:45:24:a3:95:c7:6d:
         c5:33:06:d9:0e:5e:dd:64:2f:a1:fa:2e:25:0b:58:47:c7:d4:
         cb:c6:10:8c:e4:8b:36:03:25:87:ba:0f:41:93:97:46:c4:b7:
         99:23:9d:66:f2:b4:2f:5e:26:df:47:4e:0f:3e:e2:35:ad:ae:
         eb:b8:b8:3b:a9:21:f1:3f:d1:58:2a:cf:9d:ad:87:33:31:87:
         a5:04:fd:f8:64:4c:bc:ae:a9:71:25:d5:99:63:3e:d0:dd:cd:
         11:b0:0e:34:2d:4d:37:0a:7a:73:fe:20:99:5d:ac:0f:52:88:
         c8:82:7c:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9MTPDv6xjG6qmyZbPzpzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxNGI3YzM4ODAzM2UxNjIzZmM2ZDhiZWI3YWY1YzM5NDI1
MTkxZGIwHhcNMjUxMTA0MTMwMDU1WhcNMjUxMTA1MTMwMDU1WjAzMTEwLwYDVQQD
Eyg1NmYwZDE3YWNkNjkxNzc0MWE3ODExMzMyMGFmZTk4NGRlNmY0MDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7iZlABbvxAw3ThTOMPF8Q65r1Hik
nPbQF+mzoQGqRvosGXPJVJN2t4u8/Z2HfGd/yvRwephiFwuLc5uHnw+Pr2tuK5zW
n9z1eyiUuFpW4DYZcSgWyhdumTlrzx+A1nGk6lnv0gj/nxgVbvDAYXmtcO6KycXH
OepqFVN8EWjxKn/fTGNqvQhrbG6nC0vYhJAuGBj+LgTj7vvoRfhuSl8m7noZYmxJ
Ii4FPNKDOzmtJMaBI20c+r5XUAnbIiIugLuwGrG/1YP2QtSq5YJXE7k4bqt4uwa9
af3e+7xioR6k53YoM6Ot4KEw6PtfIZmXYtYM41ib8rsiT1PZJuf8RKi7pwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFbw0XrNaRd0GngRMyCv6YTeb0CVMB8GA1UdIwQY
MBaAFHFLfDiAM+FiP8bYvrevXDlCUZHbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1V0OE9JQXo0V0lfeHRpLXQ2OWNPVUpSa2RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9lMDU2NGQtOTQ1My00ZGMyLWFjYTIt
YTAzOGJlMTViOTdiLzEvY1V0OE9JQXo0V0lfeHRpLXQ2OWNPVUpSa2RzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9lMDU2NGQtOTQ1My00ZGMyLWFjYTItYTAzOGJlMTViOTdi
LzEvY1V0OE9JQXo0V0lfeHRpLXQ2OWNPVUpSa2RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFatq/Xbj
03ny+wJ4//LvDanITz8pLb3I2SDooOYCR00JrkGcdBzYIbuGtBAbozplAA2mtSIm
1Y9GY/zRcixUgnRxFrEYMAi/ts7PUXOhjIuF9Vm1PoYTnv/o6VmCsGPRpiSp0I+L
TeM/+gC9fzi3LIp8wMV2GdMm/9kaHiG6uSJ+EzVyF5GpHPfoRSSjlcdtxTMG2Q5e
3WQvofouJQtYR8fUy8YQjOSLNgMlh7oPQZOXRsS3mSOdZvK0L14m30dODz7iNa2u
67i4O6kh8T/RWCrPna2HMzGHpQT9+GRMvK6pcSXVmWM+0N3NEbAONC1NNwp6c/4g
mV2sD1KIyIJ8kQ==
-----END CERTIFICATE-----