Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.mft
File:                     KGURKILY5sctAiwsPaF7UsKtsHs.mft (raw, json)
Hash identifier:          pYC07maWTgGLMC8Ij4qbr42RNYYaVU3JIwIdpVQmuFQ=
Subject key identifier:   40:17:47:E5:76:8C:4B:29:33:90:BE:44:57:DE:3C:E7:E2:DB:16:B0
Authority key identifier: 28:65:11:28:82:D8:E6:C7:2D:02:2C:2C:3D:A1:7B:52:C2:AD:B0:7B
Certificate issuer:       /CN=2865112882d8e6c72d022c2c3da17b52c2adb07b
Certificate serial:       019A4EF4867A393620C89FF9012344670F25
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KGURKILY5sctAiwsPaF7UsKtsHs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.mft
Manifest number:          09DA
Signing time:             Tue 04 Nov 2025 13:00:39 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:39 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:39 +0000
Files and hashes:         1: KGURKILY5sctAiwsPaF7UsKtsHs.crl (hash: 2+O7/BL7Sm0Xiv2QE/LNriqhjOFOsc3aanZVV5XoG2s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KGURKILY5sctAiwsPaF7UsKtsHs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:86:7a:39:36:20:c8:9f:f9:01:23:44:67:0f:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2865112882d8e6c72d022c2c3da17b52c2adb07b
        Validity
            Not Before: Nov  4 13:00:39 2025 GMT
            Not After : Nov  5 13:00:39 2025 GMT
        Subject: CN=401747e5768c4b293390be4457de3ce7e2db16b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:12:4f:eb:af:35:eb:02:1d:63:c5:49:82:f5:
                    75:6c:a2:13:75:16:0a:fe:e9:de:a2:33:01:40:54:
                    80:4f:2b:d5:00:4a:4e:19:6f:62:98:2e:a9:9c:9e:
                    96:95:44:c9:b2:e7:43:81:be:3e:d6:d1:ce:bb:87:
                    fc:13:fd:1c:6c:b8:6e:3f:28:31:bb:9b:92:69:e3:
                    58:38:05:ff:74:00:13:a0:b8:ec:95:a5:50:b0:f4:
                    ae:7f:9b:9a:e7:e4:91:3d:5f:e4:c5:d6:3a:63:23:
                    ae:a1:d5:55:e0:af:bb:1c:15:fa:4d:3a:21:5c:19:
                    c6:a0:bf:23:e4:94:d8:3d:96:cd:8f:2a:89:d5:81:
                    1f:2f:38:79:d8:89:0b:83:63:23:20:6d:32:05:70:
                    49:8f:8c:42:91:0b:87:79:40:12:f1:dc:dd:c0:22:
                    44:73:36:a1:9e:8b:7c:e4:43:3f:89:c4:29:1a:ed:
                    03:3c:68:cf:2b:ec:6a:3e:a3:b2:80:0c:35:97:5b:
                    75:38:7e:48:28:27:df:54:73:14:34:2c:72:f9:4a:
                    d6:32:05:84:78:9b:7a:4f:8e:d8:63:c7:a2:5c:ea:
                    c6:7c:b9:f3:f3:a4:c1:56:6b:97:5d:f3:76:43:29:
                    ce:5f:64:a3:33:53:a9:0f:9a:50:66:d7:15:bd:5e:
                    18:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:17:47:E5:76:8C:4B:29:33:90:BE:44:57:DE:3C:E7:E2:DB:16:B0
            X509v3 Authority Key Identifier:
                keyid:28:65:11:28:82:D8:E6:C7:2D:02:2C:2C:3D:A1:7B:52:C2:AD:B0:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KGURKILY5sctAiwsPaF7UsKtsHs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         af:e3:01:53:b7:42:46:35:66:72:52:df:02:5a:05:87:7b:ff:
         8b:bb:ff:60:1d:b8:e3:7a:7d:a4:94:5f:74:7f:f5:f9:87:ee:
         bc:84:21:87:71:ae:60:82:dc:83:10:7e:a9:61:b5:d9:17:38:
         12:ab:6b:19:ca:f2:d7:00:29:ce:aa:e4:61:ce:1b:eb:a5:51:
         15:7b:d9:be:3b:d8:78:3c:6c:6e:30:7e:f5:60:7e:71:07:c9:
         50:26:77:cf:19:6f:e9:53:70:86:fa:7c:35:2e:de:89:36:35:
         6c:11:75:88:08:6b:f6:68:55:4a:f4:64:16:4c:f5:ad:30:b5:
         d5:31:0b:7b:fa:16:21:fd:eb:52:4b:e7:46:96:5b:12:c4:94:
         9e:78:fa:ea:a0:1d:17:d2:a3:83:86:9e:e5:8d:46:dc:20:18:
         0d:e0:11:1a:4e:5c:a0:a1:bd:73:b7:5e:dc:48:71:b9:51:b9:
         5c:3b:9b:90:f4:6f:3a:9b:4b:7f:df:dc:a9:a8:f8:2f:ba:70:
         e5:83:54:ec:70:c2:b7:b3:47:fd:a3:52:1c:1a:be:33:29:61:
         54:1b:f0:2b:23:82:16:35:ff:ae:5d:07:e2:8e:b5:3f:27:af:
         0e:9f:94:de:13:2c:64:58:b7:8e:90:ff:02:77:f5:6a:64:6d:
         99:99:f8:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9IZ6OTYgyJ/5ASNEZw8lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4NjUxMTI4ODJkOGU2YzcyZDAyMmMyYzNkYTE3YjUyYzJh
ZGIwN2IwHhcNMjUxMTA0MTMwMDM5WhcNMjUxMTA1MTMwMDM5WjAzMTEwLwYDVQQD
Eyg0MDE3NDdlNTc2OGM0YjI5MzM5MGJlNDQ1N2RlM2NlN2UyZGIxNmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBJP66816wIdY8VJgvV1bKITdRYK
/uneojMBQFSATyvVAEpOGW9imC6pnJ6WlUTJsudDgb4+1tHOu4f8E/0cbLhuPygx
u5uSaeNYOAX/dAAToLjslaVQsPSuf5ua5+SRPV/kxdY6YyOuodVV4K+7HBX6TToh
XBnGoL8j5JTYPZbNjyqJ1YEfLzh52IkLg2MjIG0yBXBJj4xCkQuHeUAS8dzdwCJE
czahnot85EM/icQpGu0DPGjPK+xqPqOygAw1l1t1OH5IKCffVHMUNCxy+UrWMgWE
eJt6T47YY8eiXOrGfLnz86TBVmuXXfN2QynOX2SjM1OpD5pQZtcVvV4YvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEAXR+V2jEspM5C+RFfePOfi2xawMB8GA1UdIwQY
MBaAFChlESiC2ObHLQIsLD2he1LCrbB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0dVUktJTFk1c2N0QWl3c1BhRjdVc0t0c0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9hZDhkMDktMzllOS00MDhmLWEzNzAt
OWJiM2Y1N2MwZWYwLzEvS0dVUktJTFk1c2N0QWl3c1BhRjdVc0t0c0hzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9hZDhkMDktMzllOS00MDhmLWEzNzAtOWJiM2Y1N2MwZWYw
LzEvS0dVUktJTFk1c2N0QWl3c1BhRjdVc0t0c0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr+MBU7dC
RjVmclLfAloFh3v/i7v/YB2443p9pJRfdH/1+YfuvIQhh3GuYILcgxB+qWG12Rc4
EqtrGcry1wApzqrkYc4b66VRFXvZvjvYeDxsbjB+9WB+cQfJUCZ3zxlv6VNwhvp8
NS7eiTY1bBF1iAhr9mhVSvRkFkz1rTC11TELe/oWIf3rUkvnRpZbEsSUnnj66qAd
F9Kjg4ae5Y1G3CAYDeARGk5coKG9c7de3EhxuVG5XDubkPRvOptLf9/cqaj4L7pw
5YNU7HDCt7NH/aNSHBq+MylhVBvwKyOCFjX/rl0H4o61PyevDp+U3hMsZFi3jpD/
Anf1amRtmZn47Q==
-----END CERTIFICATE-----