Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/98e825-b58c-456e-af28-7b35a06ab54b/1/YQy4N7bSF3jkw9u5aWefDxxQtIo.mft
File:                     YQy4N7bSF3jkw9u5aWefDxxQtIo.mft (raw, json)
Hash identifier:          4cePxkR5qj0STyyRXfb3Fr/6OsZH4cA795YHEty31B8=
Subject key identifier:   7E:AA:40:6A:C8:2D:E5:DD:08:E2:2E:98:75:AC:25:2A:66:B2:49:79
Authority key identifier: 61:0C:B8:37:B6:D2:17:78:E4:C3:DB:B9:69:67:9F:0F:1C:50:B4:8A
Certificate issuer:       /CN=610cb837b6d21778e4c3dbb969679f0f1c50b48a
Certificate serial:       019A4EF49820501C0E7FE09FF4BD58EAEDE0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YQy4N7bSF3jkw9u5aWefDxxQtIo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/98e825-b58c-456e-af28-7b35a06ab54b/1/YQy4N7bSF3jkw9u5aWefDxxQtIo.mft
Manifest number:          0F25
Signing time:             Tue 04 Nov 2025 13:00:43 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:43 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:43 +0000
Files and hashes:         1: YQy4N7bSF3jkw9u5aWefDxxQtIo.crl (hash: uhHgXwEgmfdYJBHpByfTh9TtZw4gSWZkHi7AFwwgwOs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/98e825-b58c-456e-af28-7b35a06ab54b/1/YQy4N7bSF3jkw9u5aWefDxxQtIo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/98e825-b58c-456e-af28-7b35a06ab54b/1/YQy4N7bSF3jkw9u5aWefDxxQtIo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YQy4N7bSF3jkw9u5aWefDxxQtIo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:98:20:50:1c:0e:7f:e0:9f:f4:bd:58:ea:ed:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=610cb837b6d21778e4c3dbb969679f0f1c50b48a
        Validity
            Not Before: Nov  4 13:00:43 2025 GMT
            Not After : Nov  5 13:00:43 2025 GMT
        Subject: CN=7eaa406ac82de5dd08e22e9875ac252a66b24979
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:38:34:1a:57:29:4f:8c:fc:d7:3b:c6:6c:40:
                    b5:df:97:d9:13:58:16:62:d9:60:18:32:27:ff:d3:
                    f2:10:cf:77:ce:de:d9:83:c6:8f:c2:f8:a3:fd:06:
                    82:fe:bd:ba:05:99:11:ce:c3:90:9a:4b:9f:34:03:
                    c5:29:5e:47:19:15:83:a3:3e:df:07:54:a5:3d:f5:
                    a2:35:2e:d0:c1:84:7d:38:b2:6d:d2:4f:30:b3:ab:
                    99:10:79:17:74:11:83:20:f3:80:9b:ec:a0:e6:ac:
                    95:78:ec:60:a1:e8:5e:bd:22:8b:5f:d9:b8:37:ab:
                    63:34:a8:2c:49:59:00:7e:ef:91:21:5f:99:e8:a6:
                    e9:b1:74:02:23:03:93:d8:0d:ee:e6:35:73:34:35:
                    be:10:5f:36:da:30:bc:f1:83:45:88:83:a4:9d:b6:
                    15:c0:d3:f7:11:26:7e:1a:7b:2e:3d:76:39:ad:4d:
                    04:0e:43:4e:ec:8f:c9:76:05:2f:70:53:f6:07:d7:
                    5c:45:02:d4:a9:1a:d1:ee:c1:0f:2c:9e:eb:5d:b1:
                    a1:a7:8a:29:ab:c6:50:a7:55:49:ea:b9:cf:2c:75:
                    9b:df:9d:bc:9b:75:e7:5f:25:1e:df:99:39:8b:22:
                    04:c9:3e:df:aa:29:32:fc:61:d8:9d:bf:a2:bd:54:
                    a4:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:AA:40:6A:C8:2D:E5:DD:08:E2:2E:98:75:AC:25:2A:66:B2:49:79
            X509v3 Authority Key Identifier:
                keyid:61:0C:B8:37:B6:D2:17:78:E4:C3:DB:B9:69:67:9F:0F:1C:50:B4:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YQy4N7bSF3jkw9u5aWefDxxQtIo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/98e825-b58c-456e-af28-7b35a06ab54b/1/YQy4N7bSF3jkw9u5aWefDxxQtIo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/98e825-b58c-456e-af28-7b35a06ab54b/1/YQy4N7bSF3jkw9u5aWefDxxQtIo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:47:54:c1:37:d4:39:4f:7b:61:77:cd:40:c3:12:1b:56:e7:
         29:7d:a6:3e:47:80:6e:a2:90:10:f6:e8:1b:ee:33:55:dd:02:
         93:d1:ec:68:ff:92:be:fe:5a:d0:51:1a:8a:96:16:03:a6:e3:
         8e:83:ad:06:d0:36:20:b5:f3:c4:08:4d:6f:ec:88:dd:7f:68:
         df:da:cd:92:1c:47:da:b4:4d:71:81:55:0f:34:d0:74:6d:c9:
         c9:0c:0e:63:86:b0:25:bc:02:95:e4:95:b8:57:3c:38:01:9b:
         21:18:79:f6:b0:c9:e5:93:92:09:58:f3:55:1d:3d:77:4c:b7:
         c0:64:b2:24:8b:0b:23:50:66:9c:c7:8f:ff:ef:e3:f4:47:9b:
         57:20:1d:f4:20:b6:82:4e:7d:50:4a:27:17:4c:4e:f9:b6:24:
         f6:ff:53:63:02:78:8d:e6:94:87:a2:ae:d3:38:40:da:1a:ce:
         9b:3f:16:ba:38:9c:7c:ab:7a:69:f7:10:45:ac:95:a9:26:1c:
         0b:1a:10:85:b9:03:da:3b:72:f6:88:1e:77:41:ba:a2:58:d7:
         d3:0c:34:78:b4:89:ae:12:4e:93:1c:c3:ad:f6:80:9a:2e:10:
         f1:c8:8d:47:5f:3d:a6:ef:3f:63:9f:b0:ea:c1:d1:26:01:9d:
         05:a3:40:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9JggUBwOf+Cf9L1Y6u3gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMGNiODM3YjZkMjE3NzhlNGMzZGJiOTY5Njc5ZjBmMWM1
MGI0OGEwHhcNMjUxMTA0MTMwMDQzWhcNMjUxMTA1MTMwMDQzWjAzMTEwLwYDVQQD
Eyg3ZWFhNDA2YWM4MmRlNWRkMDhlMjJlOTg3NWFjMjUyYTY2YjI0OTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjg0GlcpT4z81zvGbEC135fZE1gW
YtlgGDIn/9PyEM93zt7Zg8aPwvij/QaC/r26BZkRzsOQmkufNAPFKV5HGRWDoz7f
B1SlPfWiNS7QwYR9OLJt0k8ws6uZEHkXdBGDIPOAm+yg5qyVeOxgoehevSKLX9m4
N6tjNKgsSVkAfu+RIV+Z6KbpsXQCIwOT2A3u5jVzNDW+EF822jC88YNFiIOknbYV
wNP3ESZ+GnsuPXY5rU0EDkNO7I/JdgUvcFP2B9dcRQLUqRrR7sEPLJ7rXbGhp4op
q8ZQp1VJ6rnPLHWb3528m3XnXyUe35k5iyIEyT7fqiky/GHYnb+ivVSkEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH6qQGrILeXdCOIumHWsJSpmskl5MB8GA1UdIwQY
MBaAFGEMuDe20hd45MPbuWlnnw8cULSKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVF5NE43YlNGM2prdzl1NWFXZWZEeHhRdElvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy85OGU4MjUtYjU4Yy00NTZlLWFmMjgt
N2IzNWEwNmFiNTRiLzEvWVF5NE43YlNGM2prdzl1NWFXZWZEeHhRdElvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy85OGU4MjUtYjU4Yy00NTZlLWFmMjgtN2IzNWEwNmFiNTRi
LzEvWVF5NE43YlNGM2prdzl1NWFXZWZEeHhRdElvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgkdUwTfU
OU97YXfNQMMSG1bnKX2mPkeAbqKQEPboG+4zVd0Ck9HsaP+Svv5a0FEaipYWA6bj
joOtBtA2ILXzxAhNb+yI3X9o39rNkhxH2rRNcYFVDzTQdG3JyQwOY4awJbwCleSV
uFc8OAGbIRh59rDJ5ZOSCVjzVR09d0y3wGSyJIsLI1BmnMeP/+/j9EebVyAd9CC2
gk59UEonF0xO+bYk9v9TYwJ4jeaUh6Ku0zhA2hrOmz8WujicfKt6afcQRayVqSYc
CxoQhbkD2jty9oged0G6oljX0ww0eLSJrhJOkxzDrfaAmi4Q8ciNR189pu8/Y5+w
6sHRJgGdBaNABQ==
-----END CERTIFICATE-----