Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft
File:                     ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft (raw, json)
Hash identifier:          7Gcjf5eCzXh12Hj8xzKdRdWufsiVixXQaAHHrm61U9s=
Subject key identifier:   41:CF:B0:AA:6B:2A:BC:C4:AF:06:34:F9:06:B3:2E:FF:F8:9F:91:03
Authority key identifier: B9:F1:D5:B0:6F:57:01:55:5F:F5:88:81:54:DD:14:1B:48:89:61:17
Certificate issuer:       /CN=b9f1d5b06f5701555ff5888154dd141b48896117
Certificate serial:       019A4EF41AB2CCF367F221B7041CC6543364
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ufHVsG9XAVVf9YiBVN0UG0iJYRc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft
Manifest number:          1724
Signing time:             Tue 04 Nov 2025 13:00:11 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:11 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:11 +0000
Files and hashes:         1: ufHVsG9XAVVf9YiBVN0UG0iJYRc.crl (hash: wMF3oJIawcT58E1vPiYNlfJHnSiEvUgIiLMThJtg0VQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ufHVsG9XAVVf9YiBVN0UG0iJYRc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:1a:b2:cc:f3:67:f2:21:b7:04:1c:c6:54:33:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9f1d5b06f5701555ff5888154dd141b48896117
        Validity
            Not Before: Nov  4 13:00:11 2025 GMT
            Not After : Nov  5 13:00:11 2025 GMT
        Subject: CN=41cfb0aa6b2abcc4af0634f906b32efff89f9103
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:e8:c4:ce:0f:25:43:2d:e6:1f:a5:08:98:5c:
                    6f:f5:e9:43:28:cf:f4:a8:6a:d1:3c:31:7a:51:09:
                    26:01:10:9d:c2:fd:63:c3:d6:ec:6b:c6:3d:b8:65:
                    41:8b:04:e3:96:43:9d:c2:96:0e:25:0d:b2:6f:5f:
                    aa:61:b6:bc:9d:a5:10:f6:d7:49:ae:b0:1a:2c:f1:
                    70:72:f6:77:5e:4b:1f:20:27:21:24:61:98:6c:16:
                    ae:91:60:69:56:4a:cb:fa:a0:e6:55:31:23:2a:4a:
                    f9:a2:06:aa:a0:d9:46:84:f3:37:d0:07:98:a7:5f:
                    83:46:b6:f9:a5:59:d9:6d:95:50:73:5f:c0:f5:b0:
                    bf:ac:d9:24:88:a3:20:0a:e6:e9:9a:a9:78:ed:af:
                    79:8f:c3:22:36:21:49:4e:6b:65:cd:bc:1b:b1:7b:
                    b2:b3:1c:77:b6:cb:a1:25:a3:e0:bf:1c:ae:cd:5c:
                    b8:11:2d:99:c0:eb:33:56:eb:fb:4b:85:04:53:19:
                    a5:84:25:67:85:8b:94:c9:48:f2:e0:16:64:5f:d4:
                    7d:16:87:0e:1b:50:73:04:4c:ae:ee:8a:01:52:08:
                    2a:a8:ec:9e:fa:85:43:ba:14:53:82:f6:fc:a8:7c:
                    3f:a0:75:de:f1:ec:a3:6b:2c:04:c5:89:a8:c8:ec:
                    a8:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:CF:B0:AA:6B:2A:BC:C4:AF:06:34:F9:06:B3:2E:FF:F8:9F:91:03
            X509v3 Authority Key Identifier:
                keyid:B9:F1:D5:B0:6F:57:01:55:5F:F5:88:81:54:DD:14:1B:48:89:61:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ufHVsG9XAVVf9YiBVN0UG0iJYRc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ac:43:d8:84:c1:46:39:48:35:9a:30:2b:d7:75:5c:95:68:50:
         1c:ab:8b:ba:71:ed:c3:89:4f:75:9b:67:06:00:4b:7f:70:ba:
         b5:ca:39:85:fd:26:d7:b5:2e:0e:f6:d5:a8:c0:e6:95:e1:11:
         b5:38:9f:a7:3a:59:ac:fb:62:c2:1c:88:83:67:71:bd:99:16:
         4b:fa:f3:dd:a7:a1:23:8b:d9:cd:9f:c0:66:47:c4:40:b2:b1:
         21:15:64:ec:b9:04:a7:d4:29:b4:ae:7f:b8:04:47:4a:4a:0e:
         5b:dc:09:e3:bb:27:cf:3c:2a:4d:2d:e3:cb:2a:1c:9d:80:a4:
         a8:ac:b2:da:ab:61:98:b9:da:4f:56:59:2a:f9:7c:94:37:b8:
         9d:ef:7a:fc:ae:7f:d4:9f:f5:70:de:22:6c:d8:01:39:df:ee:
         05:da:b4:00:6a:fe:8c:1d:af:1d:c2:5f:86:07:d2:64:d8:6c:
         51:a6:47:13:77:29:0b:d1:a4:3f:4d:d4:99:b9:8d:db:81:6f:
         01:47:67:ab:96:46:9d:c3:f9:4b:a2:e5:12:d7:c5:ad:05:f0:
         81:02:b2:ca:4b:20:7b:b2:4e:81:a6:26:f1:29:53:2d:19:b0:
         47:55:59:22:1e:5e:f4:74:41:66:29:ee:39:22:0f:28:b2:a1:
         86:9d:98:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9BqyzPNn8iG3BBzGVDNkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZjFkNWIwNmY1NzAxNTU1ZmY1ODg4MTU0ZGQxNDFiNDg4
OTYxMTcwHhcNMjUxMTA0MTMwMDExWhcNMjUxMTA1MTMwMDExWjAzMTEwLwYDVQQD
Eyg0MWNmYjBhYTZiMmFiY2M0YWYwNjM0ZjkwNmIzMmVmZmY4OWY5MTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnujEzg8lQy3mH6UImFxv9elDKM/0
qGrRPDF6UQkmARCdwv1jw9bsa8Y9uGVBiwTjlkOdwpYOJQ2yb1+qYba8naUQ9tdJ
rrAaLPFwcvZ3XksfICchJGGYbBaukWBpVkrL+qDmVTEjKkr5ogaqoNlGhPM30AeY
p1+DRrb5pVnZbZVQc1/A9bC/rNkkiKMgCubpmql47a95j8MiNiFJTmtlzbwbsXuy
sxx3tsuhJaPgvxyuzVy4ES2ZwOszVuv7S4UEUxmlhCVnhYuUyUjy4BZkX9R9FocO
G1BzBEyu7ooBUggqqOye+oVDuhRTgvb8qHw/oHXe8eyjaywExYmoyOyopwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEHPsKprKrzErwY0+QazLv/4n5EDMB8GA1UdIwQY
MBaAFLnx1bBvVwFVX/WIgVTdFBtIiWEXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWZIVnNHOVhBVlZmOVlpQlZOMFVHMGlKWVJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9jYWY1ZWEtNjI2ZS00NTVhLTg3MDgt
ZjVjYThmYTcyNzBkLzEvdWZIVnNHOVhBVlZmOVlpQlZOMFVHMGlKWVJjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9jYWY1ZWEtNjI2ZS00NTVhLTg3MDgtZjVjYThmYTcyNzBk
LzEvdWZIVnNHOVhBVlZmOVlpQlZOMFVHMGlKWVJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArEPYhMFG
OUg1mjAr13VclWhQHKuLunHtw4lPdZtnBgBLf3C6tco5hf0m17UuDvbVqMDmleER
tTifpzpZrPtiwhyIg2dxvZkWS/rz3aehI4vZzZ/AZkfEQLKxIRVk7LkEp9QptK5/
uARHSkoOW9wJ47snzzwqTS3jyyocnYCkqKyy2qthmLnaT1ZZKvl8lDe4ne96/K5/
1J/1cN4ibNgBOd/uBdq0AGr+jB2vHcJfhgfSZNhsUaZHE3cpC9GkP03UmbmN24Fv
AUdnq5ZGncP5S6LlEtfFrQXwgQKyyksge7JOgaYm8SlTLRmwR1VZIh5e9HRBZinu
OSIPKLKhhp2Y3A==
-----END CERTIFICATE-----