Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft
File:                     ulwqMT590aRJ4sH7JsWrA-UmgY0.mft (raw, json)
Hash identifier:          yoc6PEE1l9xWQQI5NFeW/QE0vk/y8cD9/CqjvUHwpEs=
Subject key identifier:   C7:28:AF:D2:09:29:AF:F7:D1:C1:25:1F:1F:C1:E7:12:63:02:7E:BC
Authority key identifier: BA:5C:2A:31:3E:7D:D1:A4:49:E2:C1:FB:26:C5:AB:03:E5:26:81:8D
Certificate issuer:       /CN=ba5c2a313e7dd1a449e2c1fb26c5ab03e526818d
Certificate serial:       019A4E19019A7E8DA5439193131E5A2B8356
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ulwqMT590aRJ4sH7JsWrA-UmgY0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft
Manifest number:          0439
Signing time:             Tue 04 Nov 2025 09:00:52 +0000
Manifest this update:     Tue 04 Nov 2025 09:00:52 +0000
Manifest next update:     Wed 05 Nov 2025 09:00:52 +0000
Files and hashes:         1: ulwqMT590aRJ4sH7JsWrA-UmgY0.crl (hash: sY6PDUfxhRpIc7y4LeCOvNYGtw0mMs880ETDP1eW1xg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ulwqMT590aRJ4sH7JsWrA-UmgY0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:19:01:9a:7e:8d:a5:43:91:93:13:1e:5a:2b:83:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba5c2a313e7dd1a449e2c1fb26c5ab03e526818d
        Validity
            Not Before: Nov  4 09:00:52 2025 GMT
            Not After : Nov  5 09:00:52 2025 GMT
        Subject: CN=c728afd20929aff7d1c1251f1fc1e71263027ebc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:d6:4b:7e:d2:33:12:64:3c:59:76:9b:11:00:
                    e7:44:ec:a8:2d:21:37:52:ee:1d:1f:9d:83:ce:03:
                    fa:cf:4e:02:22:10:04:8c:65:d1:6f:03:2c:5d:7f:
                    ab:82:e5:7e:bf:d5:db:ef:2a:ae:f3:76:86:72:1e:
                    e1:cf:00:39:2e:47:a0:66:2b:c1:35:80:51:b0:42:
                    df:ce:2b:35:e0:29:51:45:7d:f2:15:65:b0:d9:16:
                    23:f0:37:71:6b:f1:af:d1:04:6a:a8:ab:4b:d5:6c:
                    c7:5d:36:59:c0:46:5d:2e:6e:26:9b:73:b5:c9:fa:
                    22:df:05:5a:ce:d3:97:94:a7:85:ae:fc:c4:56:16:
                    80:bd:be:46:33:a6:fb:37:c5:3a:75:33:93:7d:47:
                    26:07:0a:a2:cf:c8:79:77:db:76:54:b6:3b:f1:64:
                    64:90:43:48:9a:d8:6d:b2:b2:7b:d4:f0:c0:94:36:
                    3a:67:91:62:da:8a:b4:8b:f3:ee:11:f8:18:d2:02:
                    89:43:e4:86:43:d0:01:b7:fc:9d:80:73:6b:78:f2:
                    99:29:b2:69:62:fd:79:62:67:3f:e6:d9:2f:93:2a:
                    5d:02:d0:6d:19:67:67:76:0e:be:17:92:ad:e3:b4:
                    73:d0:2a:7a:47:27:80:75:0a:f6:97:4e:38:70:7c:
                    0b:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:28:AF:D2:09:29:AF:F7:D1:C1:25:1F:1F:C1:E7:12:63:02:7E:BC
            X509v3 Authority Key Identifier:
                keyid:BA:5C:2A:31:3E:7D:D1:A4:49:E2:C1:FB:26:C5:AB:03:E5:26:81:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ulwqMT590aRJ4sH7JsWrA-UmgY0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:c8:ea:84:dc:ea:c2:00:ee:4b:f4:f5:83:ad:0d:71:8d:10:
         0d:f5:2d:dc:ed:07:81:66:70:65:1d:ad:a3:7f:f1:4e:db:b5:
         a2:74:fa:08:9a:72:75:d0:7a:f4:4f:6f:97:47:a7:59:c0:81:
         6a:54:18:cb:f9:5c:fe:43:99:c4:3e:90:a5:e9:b8:e6:6c:68:
         9c:f1:64:9c:6d:ba:1b:2e:8a:2d:12:a2:13:50:b5:71:80:9a:
         67:e0:73:23:22:dd:02:74:e3:58:e0:a3:65:4b:2a:53:b5:a3:
         67:73:c5:4b:29:17:04:44:85:19:de:0c:21:1f:58:04:39:20:
         61:29:49:c5:da:ed:b1:03:87:c8:bb:e6:62:26:4d:73:96:d0:
         06:85:d1:7c:54:4b:1e:a6:80:c1:1b:0c:40:aa:8a:33:1c:c1:
         7f:b3:02:d5:e6:7a:fa:fb:38:0a:f1:56:3c:1f:af:3b:4c:a6:
         bc:fe:7e:8d:4b:82:bf:fe:65:02:35:1a:6e:2e:81:c9:b4:ce:
         e5:d0:89:a0:05:00:14:a7:18:70:c8:cc:a6:80:bb:93:76:d4:
         b8:c5:00:bf:be:0e:51:03:18:85:fc:6f:4f:7e:30:8f:81:ea:
         a5:42:6d:71:d8:94:03:70:70:41:d8:73:1c:8c:7b:97:e1:d0:
         ac:91:1b:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOGQGafo2lQ5GTEx5aK4NWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNWMyYTMxM2U3ZGQxYTQ0OWUyYzFmYjI2YzVhYjAzZTUy
NjgxOGQwHhcNMjUxMTA0MDkwMDUyWhcNMjUxMTA1MDkwMDUyWjAzMTEwLwYDVQQD
EyhjNzI4YWZkMjA5MjlhZmY3ZDFjMTI1MWYxZmMxZTcxMjYzMDI3ZWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx9ZLftIzEmQ8WXabEQDnROyoLSE3
Uu4dH52DzgP6z04CIhAEjGXRbwMsXX+rguV+v9Xb7yqu83aGch7hzwA5LkegZivB
NYBRsELfzis14ClRRX3yFWWw2RYj8Ddxa/Gv0QRqqKtL1WzHXTZZwEZdLm4mm3O1
yfoi3wVaztOXlKeFrvzEVhaAvb5GM6b7N8U6dTOTfUcmBwqiz8h5d9t2VLY78WRk
kENImthtsrJ71PDAlDY6Z5Fi2oq0i/PuEfgY0gKJQ+SGQ9ABt/ydgHNrePKZKbJp
Yv15Ymc/5tkvkypdAtBtGWdndg6+F5Kt47Rz0Cp6RyeAdQr2l044cHwLvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMcor9IJKa/30cElHx/B5xJjAn68MB8GA1UdIwQY
MBaAFLpcKjE+fdGkSeLB+ybFqwPlJoGNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWx3cU1UNTkwYVJKNHNIN0pzV3JBLVVtZ1kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9mOGVhOTgtNGZiYy00ZjNlLWI2NTgt
ZTBhN2FlMjE2Y2I3LzEvdWx3cU1UNTkwYVJKNHNIN0pzV3JBLVVtZ1kwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9mOGVhOTgtNGZiYy00ZjNlLWI2NTgtZTBhN2FlMjE2Y2I3
LzEvdWx3cU1UNTkwYVJKNHNIN0pzV3JBLVVtZ1kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApcjqhNzq
wgDuS/T1g60NcY0QDfUt3O0HgWZwZR2to3/xTtu1onT6CJpyddB69E9vl0enWcCB
alQYy/lc/kOZxD6Qpem45mxonPFknG26Gy6KLRKiE1C1cYCaZ+BzIyLdAnTjWOCj
ZUsqU7WjZ3PFSykXBESFGd4MIR9YBDkgYSlJxdrtsQOHyLvmYiZNc5bQBoXRfFRL
HqaAwRsMQKqKMxzBf7MC1eZ6+vs4CvFWPB+vO0ymvP5+jUuCv/5lAjUabi6BybTO
5dCJoAUAFKcYcMjMpoC7k3bUuMUAv74OUQMYhfxvT34wj4HqpUJtcdiUA3BwQdhz
HIx7l+HQrJEbvw==
-----END CERTIFICATE-----