Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/a73900-b34f-4ffc-9e39-2315cd9b9fa2/1/UcPMVEFPtEK-OdbhpK9yTP_u7v8.mft
File:                     UcPMVEFPtEK-OdbhpK9yTP_u7v8.mft (raw, json)
Hash identifier:          xg5ODI2MSUBMTRM3wmbczRf78jMg/xdNMgcNH70muss=
Subject key identifier:   C6:1D:D3:A2:E7:C5:A0:B2:06:B5:A7:33:B2:F9:13:90:F4:61:1E:41
Authority key identifier: 51:C3:CC:54:41:4F:B4:42:BE:39:D6:E1:A4:AF:72:4C:FF:EE:EE:FF
Certificate issuer:       /CN=51c3cc54414fb442be39d6e1a4af724cffeeeeff
Certificate serial:       019A50E35091E496A4138012A5B4B72B932A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UcPMVEFPtEK-OdbhpK9yTP_u7v8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/a73900-b34f-4ffc-9e39-2315cd9b9fa2/1/UcPMVEFPtEK-OdbhpK9yTP_u7v8.mft
Manifest number:          1613
Signing time:             Tue 04 Nov 2025 22:01:05 +0000
Manifest this update:     Tue 04 Nov 2025 22:01:05 +0000
Manifest next update:     Wed 05 Nov 2025 22:01:05 +0000
Files and hashes:         1: UcPMVEFPtEK-OdbhpK9yTP_u7v8.crl (hash: mD2atSfF1j/bO3J/Q6GI6CJDaN0KTM37t2HRMz8nHrA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/a73900-b34f-4ffc-9e39-2315cd9b9fa2/1/UcPMVEFPtEK-OdbhpK9yTP_u7v8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/a73900-b34f-4ffc-9e39-2315cd9b9fa2/1/UcPMVEFPtEK-OdbhpK9yTP_u7v8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UcPMVEFPtEK-OdbhpK9yTP_u7v8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 22:01:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:50:e3:50:91:e4:96:a4:13:80:12:a5:b4:b7:2b:93:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=51c3cc54414fb442be39d6e1a4af724cffeeeeff
        Validity
            Not Before: Nov  4 22:01:05 2025 GMT
            Not After : Nov  5 22:01:05 2025 GMT
        Subject: CN=c61dd3a2e7c5a0b206b5a733b2f91390f4611e41
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:c9:e8:fe:38:97:49:28:a1:d0:cd:e1:49:41:
                    87:33:6f:ef:bc:3d:0e:c8:92:70:8d:b2:1e:49:ba:
                    93:6f:00:99:d6:78:89:bb:5b:24:47:e9:bf:08:1a:
                    92:03:cf:e6:c9:fb:31:79:d1:7d:50:63:ad:b0:c9:
                    d0:1d:c6:bb:13:59:14:2c:fd:25:de:15:9b:7b:aa:
                    7b:fa:e3:69:ba:81:e1:18:e9:d9:d3:18:c8:e8:48:
                    78:9b:e2:e2:07:65:96:5a:e0:8c:7f:35:d7:f1:01:
                    fb:b5:54:ae:9e:75:58:8e:1e:72:37:da:bc:a9:5d:
                    a0:b9:fc:8e:0a:2d:2a:d1:ec:c7:80:a4:0a:07:6a:
                    63:14:e7:8f:26:84:d6:bf:d1:5f:4f:19:36:2c:23:
                    53:e7:16:66:a4:48:9b:4f:03:aa:36:0c:9f:61:ba:
                    da:b3:91:6a:55:62:37:30:1f:9e:ce:f2:4c:30:bc:
                    36:4c:9b:07:3a:ea:07:d6:c2:cb:d0:10:23:18:aa:
                    7d:e7:5f:b9:9e:45:b2:32:81:9b:d6:01:89:26:a4:
                    af:2a:a1:5a:d1:80:40:cb:d5:6d:48:22:a4:00:7c:
                    35:d0:20:5b:81:d4:94:bf:64:58:a5:45:5d:82:a3:
                    d3:00:6a:e1:63:31:d0:25:df:70:be:0e:03:be:6a:
                    8c:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:1D:D3:A2:E7:C5:A0:B2:06:B5:A7:33:B2:F9:13:90:F4:61:1E:41
            X509v3 Authority Key Identifier:
                keyid:51:C3:CC:54:41:4F:B4:42:BE:39:D6:E1:A4:AF:72:4C:FF:EE:EE:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UcPMVEFPtEK-OdbhpK9yTP_u7v8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/a73900-b34f-4ffc-9e39-2315cd9b9fa2/1/UcPMVEFPtEK-OdbhpK9yTP_u7v8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/a73900-b34f-4ffc-9e39-2315cd9b9fa2/1/UcPMVEFPtEK-OdbhpK9yTP_u7v8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:cf:36:a8:d6:46:56:59:c1:47:14:e5:9f:7c:05:40:c8:11:
         f5:c8:ad:54:1c:32:23:6e:00:0b:b4:67:db:bf:af:35:f1:e3:
         6e:6d:7c:9c:12:51:0c:30:ab:e5:72:76:67:95:8c:1f:63:96:
         5a:d8:db:35:dd:ce:3d:a2:ee:07:d8:e8:5a:7d:f4:c3:5b:18:
         86:42:40:d3:b5:93:e0:78:5f:01:1b:1c:81:72:74:55:eb:d9:
         77:11:53:21:84:91:da:84:ef:57:9f:05:0b:63:1f:31:0d:2b:
         92:30:f6:44:08:12:25:91:95:b5:9d:91:4e:8f:2a:95:c7:ec:
         da:73:dd:ac:d6:80:12:fc:6e:f3:4b:44:d8:e8:52:0b:ad:2c:
         b7:66:3b:d9:bc:d0:53:0a:7b:18:9f:f9:b4:ce:a7:66:c9:91:
         d2:64:5d:59:57:1a:f0:68:5b:cc:da:35:6f:00:56:98:16:c6:
         ac:d7:20:58:07:9d:56:eb:59:8c:2a:92:20:34:a1:57:73:31:
         61:b9:33:44:7a:12:7d:8e:e0:0a:21:f9:c2:ed:31:ff:51:78:
         5a:a1:e2:35:50:bc:43:a0:c7:6a:a2:8f:9d:e0:b5:01:c9:07:
         d4:ea:d8:9d:dc:2e:b0:51:37:1c:c8:7b:25:03:e0:c6:05:c5:
         21:19:c8:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQ41CR5JakE4ASpbS3K5MqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxYzNjYzU0NDE0ZmI0NDJiZTM5ZDZlMWE0YWY3MjRjZmZl
ZWVlZmYwHhcNMjUxMTA0MjIwMTA1WhcNMjUxMTA1MjIwMTA1WjAzMTEwLwYDVQQD
EyhjNjFkZDNhMmU3YzVhMGIyMDZiNWE3MzNiMmY5MTM5MGY0NjExZTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz8no/jiXSSih0M3hSUGHM2/vvD0O
yJJwjbIeSbqTbwCZ1niJu1skR+m/CBqSA8/myfsxedF9UGOtsMnQHca7E1kULP0l
3hWbe6p7+uNpuoHhGOnZ0xjI6Eh4m+LiB2WWWuCMfzXX8QH7tVSunnVYjh5yN9q8
qV2gufyOCi0q0ezHgKQKB2pjFOePJoTWv9FfTxk2LCNT5xZmpEibTwOqNgyfYbra
s5FqVWI3MB+ezvJMMLw2TJsHOuoH1sLL0BAjGKp951+5nkWyMoGb1gGJJqSvKqFa
0YBAy9VtSCKkAHw10CBbgdSUv2RYpUVdgqPTAGrhYzHQJd9wvg4DvmqMfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMYd06LnxaCyBrWnM7L5E5D0YR5BMB8GA1UdIwQY
MBaAFFHDzFRBT7RCvjnW4aSvckz/7u7/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWNQTVZFRlB0RUstT2RiaHBLOXlUUF91N3Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9hNzM5MDAtYjM0Zi00ZmZjLTllMzkt
MjMxNWNkOWI5ZmEyLzEvVWNQTVZFRlB0RUstT2RiaHBLOXlUUF91N3Y4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9hNzM5MDAtYjM0Zi00ZmZjLTllMzktMjMxNWNkOWI5ZmEy
LzEvVWNQTVZFRlB0RUstT2RiaHBLOXlUUF91N3Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMc82qNZG
VlnBRxTln3wFQMgR9citVBwyI24AC7Rn27+vNfHjbm18nBJRDDCr5XJ2Z5WMH2OW
WtjbNd3OPaLuB9joWn30w1sYhkJA07WT4HhfARscgXJ0VevZdxFTIYSR2oTvV58F
C2MfMQ0rkjD2RAgSJZGVtZ2RTo8qlcfs2nPdrNaAEvxu80tE2OhSC60st2Y72bzQ
Uwp7GJ/5tM6nZsmR0mRdWVca8GhbzNo1bwBWmBbGrNcgWAedVutZjCqSIDShV3Mx
YbkzRHoSfY7gCiH5wu0x/1F4WqHiNVC8Q6DHaqKPneC1AckH1OrYndwusFE3HMh7
JQPgxgXFIRnIhA==
-----END CERTIFICATE-----