Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft
File:                     CUsU8URwOb33-d7l-ik4XB3OlZ0.mft (raw, json)
Hash identifier:          cVGz6PMmZX6mlG6BN/EYjrp61QQgup7Y/z5P0SejP9g=
Subject key identifier:   A5:F6:B7:56:D1:54:40:FA:A1:E0:07:66:56:1D:85:E1:94:36:93:01
Authority key identifier: 09:4B:14:F1:44:70:39:BD:F7:F9:DE:E5:FA:29:38:5C:1D:CE:95:9D
Certificate issuer:       /CN=094b14f1447039bdf7f9dee5fa29385c1dce959d
Certificate serial:       019A50E33778417625DD20D546D28B688A0B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CUsU8URwOb33-d7l-ik4XB3OlZ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft
Manifest number:          169D
Signing time:             Tue 04 Nov 2025 22:00:59 +0000
Manifest this update:     Tue 04 Nov 2025 22:00:59 +0000
Manifest next update:     Wed 05 Nov 2025 22:00:59 +0000
Files and hashes:         1: CUsU8URwOb33-d7l-ik4XB3OlZ0.crl (hash: gxK/a/5EPISZ824sWgWORhXEB3kb40PAcVt0+/R+KKc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CUsU8URwOb33-d7l-ik4XB3OlZ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 18:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:50:e3:37:78:41:76:25:dd:20:d5:46:d2:8b:68:8a:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=094b14f1447039bdf7f9dee5fa29385c1dce959d
        Validity
            Not Before: Nov  4 22:00:59 2025 GMT
            Not After : Nov  5 22:00:59 2025 GMT
        Subject: CN=a5f6b756d15440faa1e00766561d85e194369301
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:1f:39:51:d6:eb:d9:a7:c2:1d:6d:16:b7:a7:
                    bf:66:53:f4:c0:10:b2:21:32:e2:6f:e8:77:74:a8:
                    7c:29:15:d8:70:0d:14:7e:c7:b3:5b:01:86:a5:b6:
                    aa:ed:4a:fc:69:9f:a9:06:13:1b:27:29:14:bb:e8:
                    45:79:6d:87:d7:59:a4:71:8e:e1:0a:e9:a3:e6:e7:
                    4e:5d:0d:fc:82:94:60:c2:ef:33:4b:0e:3f:80:80:
                    82:6c:0c:25:06:f6:e5:10:cf:e8:42:ae:a6:ef:8d:
                    4e:de:0a:39:c9:f7:99:74:f1:42:32:90:4a:32:e1:
                    bb:3d:9b:17:d4:f7:5c:d2:d4:37:8d:80:bc:11:c8:
                    bf:4f:0d:3e:98:d3:f4:3c:ee:e2:17:94:18:61:65:
                    7b:6a:f5:e1:f4:3d:6a:d0:7c:ed:47:31:ed:d2:75:
                    de:4d:dd:e8:0e:4c:5f:dc:6a:84:56:07:4a:3a:de:
                    54:9f:63:78:70:34:bb:53:7a:66:06:e9:01:00:bd:
                    f7:71:29:14:85:49:11:94:26:d7:5f:39:8f:0b:7d:
                    fb:76:34:40:2d:2e:f1:9a:11:76:23:cc:67:4b:e8:
                    6d:fe:4a:81:b6:42:97:7d:c4:ef:0c:db:f2:d6:19:
                    34:0d:ce:72:db:05:60:4a:0c:f4:a9:23:5f:91:61:
                    f6:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:F6:B7:56:D1:54:40:FA:A1:E0:07:66:56:1D:85:E1:94:36:93:01
            X509v3 Authority Key Identifier:
                keyid:09:4B:14:F1:44:70:39:BD:F7:F9:DE:E5:FA:29:38:5C:1D:CE:95:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CUsU8URwOb33-d7l-ik4XB3OlZ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:e3:2f:e7:d3:3e:6f:fc:c7:b1:fe:28:d5:f4:0a:58:37:7c:
         4b:67:59:a3:84:a4:01:a6:87:c0:9e:91:d9:6d:a5:2e:7b:ca:
         a8:ad:2d:5b:74:42:f8:7c:26:66:52:23:32:84:9d:95:18:1a:
         eb:b2:5d:b1:51:df:f2:a0:94:4a:59:26:0f:9d:fa:f2:47:0d:
         1e:1a:bb:c5:53:13:80:71:17:3c:c3:85:8b:4b:d3:06:75:aa:
         90:d9:13:ae:32:2f:61:e8:46:9e:ab:1e:58:dc:38:50:18:12:
         9b:e4:bf:39:2c:15:bc:dd:35:6b:c6:13:76:43:95:ea:4e:f6:
         ef:1c:0a:92:3b:d3:24:bd:9c:03:32:d9:53:7e:43:ae:d6:72:
         91:fd:07:40:43:13:6d:62:27:b8:4d:16:24:d7:e4:30:5f:37:
         ca:c1:75:19:58:2d:d0:22:13:37:0d:6c:6a:a9:c6:65:2a:82:
         fc:69:bb:9f:13:73:55:97:18:0b:2c:c4:29:4c:b5:4d:6d:a0:
         72:f9:4b:98:83:54:7d:99:d4:62:6b:1e:99:b2:96:88:c7:8d:
         86:5f:1b:0c:23:d8:d0:1f:2c:67:bb:1e:40:0b:95:17:b8:d3:
         3f:60:63:93:81:be:77:3a:d3:6b:31:51:1c:da:14:d5:2d:75:
         9a:f5:89:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQ4zd4QXYl3SDVRtKLaIoLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NGIxNGYxNDQ3MDM5YmRmN2Y5ZGVlNWZhMjkzODVjMWRj
ZTk1OWQwHhcNMjUxMTA0MjIwMDU5WhcNMjUxMTA1MjIwMDU5WjAzMTEwLwYDVQQD
EyhhNWY2Yjc1NmQxNTQ0MGZhYTFlMDA3NjY1NjFkODVlMTk0MzY5MzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmB85Udbr2afCHW0Wt6e/ZlP0wBCy
ITLib+h3dKh8KRXYcA0UfsezWwGGpbaq7Ur8aZ+pBhMbJykUu+hFeW2H11mkcY7h
Cumj5udOXQ38gpRgwu8zSw4/gICCbAwlBvblEM/oQq6m741O3go5yfeZdPFCMpBK
MuG7PZsX1Pdc0tQ3jYC8Eci/Tw0+mNP0PO7iF5QYYWV7avXh9D1q0HztRzHt0nXe
Td3oDkxf3GqEVgdKOt5Un2N4cDS7U3pmBukBAL33cSkUhUkRlCbXXzmPC337djRA
LS7xmhF2I8xnS+ht/kqBtkKXfcTvDNvy1hk0Dc5y2wVgSgz0qSNfkWH2RQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKX2t1bRVED6oeAHZlYdheGUNpMBMB8GA1UdIwQY
MBaAFAlLFPFEcDm99/ne5fopOFwdzpWdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1VzVThVUndPYjMzLWQ3bC1pazRYQjNPbFowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi82MDY5MzktY2M2OS00Y2ZhLTg0M2Ut
NTBiNjRjYmQwZmUxLzEvQ1VzVThVUndPYjMzLWQ3bC1pazRYQjNPbFowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi82MDY5MzktY2M2OS00Y2ZhLTg0M2UtNTBiNjRjYmQwZmUx
LzEvQ1VzVThVUndPYjMzLWQ3bC1pazRYQjNPbFowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ+Mv59M+
b/zHsf4o1fQKWDd8S2dZo4SkAaaHwJ6R2W2lLnvKqK0tW3RC+HwmZlIjMoSdlRga
67JdsVHf8qCUSlkmD5368kcNHhq7xVMTgHEXPMOFi0vTBnWqkNkTrjIvYehGnqse
WNw4UBgSm+S/OSwVvN01a8YTdkOV6k727xwKkjvTJL2cAzLZU35DrtZykf0HQEMT
bWInuE0WJNfkMF83ysF1GVgt0CITNw1saqnGZSqC/Gm7nxNzVZcYCyzEKUy1TW2g
cvlLmINUfZnUYmsembKWiMeNhl8bDCPY0B8sZ7seQAuVF7jTP2Bjk4G+dzrTazFR
HNoU1S11mvWJhQ==
-----END CERTIFICATE-----