Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/cbd72b-f64b-454e-b58c-2715eb710e80/1/ck8UGJq3EFYgN12vm6qBTW3ZN6I.mft
File:                     ck8UGJq3EFYgN12vm6qBTW3ZN6I.mft (raw, json)
Hash identifier:          JP0Ot8q4/Qgr+47jBG1Jn17AvpIGQo1xe2g4C8l83XQ=
Subject key identifier:   90:E9:29:ED:46:C4:E8:26:8F:44:3F:17:E9:B4:8A:D6:22:08:1C:F4
Authority key identifier: 72:4F:14:18:9A:B7:10:56:20:37:5D:AF:9B:AA:81:4D:6D:D9:37:A2
Certificate issuer:       /CN=724f14189ab7105620375daf9baa814d6dd937a2
Certificate serial:       019A52D2B3DA543A1B3600BC7361351C1B40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ck8UGJq3EFYgN12vm6qBTW3ZN6I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/cbd72b-f64b-454e-b58c-2715eb710e80/1/ck8UGJq3EFYgN12vm6qBTW3ZN6I.mft
Manifest number:          087D
Signing time:             Wed 05 Nov 2025 07:02:11 +0000
Manifest this update:     Wed 05 Nov 2025 07:02:11 +0000
Manifest next update:     Thu 06 Nov 2025 07:02:11 +0000
Files and hashes:         1: ck8UGJq3EFYgN12vm6qBTW3ZN6I.crl (hash: PRVRVbx9NbfDLIdajZJ5X3qRaphoEXxfTmTlvmeW0U4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c0/cbd72b-f64b-454e-b58c-2715eb710e80/1/ck8UGJq3EFYgN12vm6qBTW3ZN6I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c0/cbd72b-f64b-454e-b58c-2715eb710e80/1/ck8UGJq3EFYgN12vm6qBTW3ZN6I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ck8UGJq3EFYgN12vm6qBTW3ZN6I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 03:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:52:d2:b3:da:54:3a:1b:36:00:bc:73:61:35:1c:1b:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=724f14189ab7105620375daf9baa814d6dd937a2
        Validity
            Not Before: Nov  5 07:02:11 2025 GMT
            Not After : Nov  6 07:02:11 2025 GMT
        Subject: CN=90e929ed46c4e8268f443f17e9b48ad622081cf4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:36:78:4d:ad:7e:7b:a9:58:63:64:ed:bc:95:
                    04:d4:e0:c3:2c:91:92:85:1a:c1:70:c4:6f:fc:9a:
                    74:46:90:3a:03:00:aa:96:c4:76:52:d1:98:b9:fa:
                    e6:e6:db:07:76:5e:41:fd:61:fd:60:01:0c:15:72:
                    54:d9:f5:cd:e1:1b:7b:3c:7c:9e:6b:df:5c:92:3a:
                    2a:e3:b3:a5:89:90:56:09:78:b9:be:31:3f:78:bc:
                    8d:57:ad:f0:be:f9:f3:2f:68:a0:7a:b9:77:0e:f9:
                    53:e8:a5:51:59:fc:6e:66:1b:ec:6f:25:34:8e:ed:
                    3c:6f:5d:c5:1a:92:aa:7e:03:3a:b4:70:1e:11:3c:
                    33:b3:61:b7:67:42:19:74:ef:b0:83:d8:28:90:b7:
                    02:b5:e7:b9:97:d2:30:7b:26:29:3f:f7:a9:69:88:
                    c3:65:2d:5d:a9:01:b3:7c:33:5d:23:ba:2c:ec:43:
                    34:3f:f8:f3:30:95:ea:c4:b0:15:31:27:a2:43:28:
                    11:bd:d6:5c:19:27:4f:fe:70:d8:5a:52:91:74:fd:
                    46:6f:ef:70:23:3a:74:6e:cf:e7:e7:16:88:0d:ce:
                    03:68:52:23:de:91:05:bb:b9:fd:ab:c3:41:bf:40:
                    60:a9:0c:e7:c1:2a:3a:11:4f:38:c5:c3:fd:8c:23:
                    7b:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:E9:29:ED:46:C4:E8:26:8F:44:3F:17:E9:B4:8A:D6:22:08:1C:F4
            X509v3 Authority Key Identifier:
                keyid:72:4F:14:18:9A:B7:10:56:20:37:5D:AF:9B:AA:81:4D:6D:D9:37:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ck8UGJq3EFYgN12vm6qBTW3ZN6I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/cbd72b-f64b-454e-b58c-2715eb710e80/1/ck8UGJq3EFYgN12vm6qBTW3ZN6I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/cbd72b-f64b-454e-b58c-2715eb710e80/1/ck8UGJq3EFYgN12vm6qBTW3ZN6I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:d5:2d:ea:97:ff:02:26:a0:72:ed:86:11:a9:66:10:00:6d:
         6b:7c:5e:91:66:d2:37:ab:dd:dc:f8:f2:0e:52:2e:42:81:3c:
         d0:c2:6c:9a:32:1f:d6:c3:57:bf:9b:5f:e6:b2:b7:6d:68:c7:
         3e:74:e0:15:42:39:42:eb:30:01:02:44:1f:e1:49:91:ab:50:
         21:5c:58:8f:ab:83:62:6d:69:f1:cd:7e:10:c1:cb:7a:06:61:
         49:1b:71:c8:d3:31:8e:2e:a8:3d:94:bd:4d:84:c3:ba:5b:94:
         a8:d2:72:ae:f7:cd:9c:80:a7:97:e1:00:59:cf:b5:ae:e4:57:
         30:10:33:b2:e2:bb:6e:cb:25:e3:55:f3:c8:0f:15:bf:84:0e:
         a2:c1:95:90:23:68:a4:dd:bd:0c:2d:0a:1f:e3:f2:19:ce:c1:
         6c:f1:47:59:68:2b:c8:be:92:1f:1e:e3:72:c9:54:cb:da:cf:
         41:2e:8e:8c:cf:4e:3e:ce:dc:fb:1c:30:13:39:db:14:e2:95:
         95:77:1c:e2:c3:7e:e7:1a:71:ee:e0:79:71:26:0b:22:11:f6:
         9a:b4:12:30:2f:bb:25:d5:81:30:1d:c3:e9:de:43:0c:e5:0a:
         a6:63:74:92:d1:86:ce:7c:8a:4b:48:eb:ea:63:74:00:61:3b:
         59:60:25:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpS0rPaVDobNgC8c2E1HBtAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNGYxNDE4OWFiNzEwNTYyMDM3NWRhZjliYWE4MTRkNmRk
OTM3YTIwHhcNMjUxMTA1MDcwMjExWhcNMjUxMTA2MDcwMjExWjAzMTEwLwYDVQQD
Eyg5MGU5MjllZDQ2YzRlODI2OGY0NDNmMTdlOWI0OGFkNjIyMDgxY2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTZ4Ta1+e6lYY2TtvJUE1ODDLJGS
hRrBcMRv/Jp0RpA6AwCqlsR2UtGYufrm5tsHdl5B/WH9YAEMFXJU2fXN4Rt7PHye
a99ckjoq47OliZBWCXi5vjE/eLyNV63wvvnzL2igerl3DvlT6KVRWfxuZhvsbyU0
ju08b13FGpKqfgM6tHAeETwzs2G3Z0IZdO+wg9gokLcCtee5l9IweyYpP/epaYjD
ZS1dqQGzfDNdI7os7EM0P/jzMJXqxLAVMSeiQygRvdZcGSdP/nDYWlKRdP1Gb+9w
Izp0bs/n5xaIDc4DaFIj3pEFu7n9q8NBv0BgqQznwSo6EU84xcP9jCN7nQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJDpKe1GxOgmj0Q/F+m0itYiCBz0MB8GA1UdIwQY
MBaAFHJPFBiatxBWIDddr5uqgU1t2TeiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2s4VUdKcTNFRllnTjEydm02cUJUVzNaTjZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9jYmQ3MmItZjY0Yi00NTRlLWI1OGMt
MjcxNWViNzEwZTgwLzEvY2s4VUdKcTNFRllnTjEydm02cUJUVzNaTjZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9jYmQ3MmItZjY0Yi00NTRlLWI1OGMtMjcxNWViNzEwZTgw
LzEvY2s4VUdKcTNFRllnTjEydm02cUJUVzNaTjZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACNUt6pf/
Aiagcu2GEalmEABta3xekWbSN6vd3PjyDlIuQoE80MJsmjIf1sNXv5tf5rK3bWjH
PnTgFUI5QuswAQJEH+FJkatQIVxYj6uDYm1p8c1+EMHLegZhSRtxyNMxji6oPZS9
TYTDuluUqNJyrvfNnICnl+EAWc+1ruRXMBAzsuK7bssl41XzyA8Vv4QOosGVkCNo
pN29DC0KH+PyGc7BbPFHWWgryL6SHx7jcslUy9rPQS6OjM9OPs7c+xwwEznbFOKV
lXcc4sN+5xpx7uB5cSYLIhH2mrQSMC+7JdWBMB3D6d5DDOUKpmN0ktGGznyKS0jr
6mN0AGE7WWAlQA==
-----END CERTIFICATE-----