Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/6be7af-97b8-4777-bbdd-30117c20bf42/1/r4yBlkcmb7yxOeZyqPuaV89Ysog.mft
File:                     r4yBlkcmb7yxOeZyqPuaV89Ysog.mft (raw, json)
Hash identifier:          DC4hGPgU2AFwFrw+yMdxd95cKOUZS4FbE3Q/VOK79FE=
Subject key identifier:   46:EB:97:57:41:93:59:14:7C:35:59:DB:21:13:65:DF:E2:AA:E6:50
Authority key identifier: AF:8C:81:96:47:26:6F:BC:B1:39:E6:72:A8:FB:9A:57:CF:58:B2:88
Certificate issuer:       /CN=af8c819647266fbcb139e672a8fb9a57cf58b288
Certificate serial:       019A4F6222854711CDD88E412CE151AE2AFC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r4yBlkcmb7yxOeZyqPuaV89Ysog.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/6be7af-97b8-4777-bbdd-30117c20bf42/1/r4yBlkcmb7yxOeZyqPuaV89Ysog.mft
Manifest number:          051F
Signing time:             Tue 04 Nov 2025 15:00:22 +0000
Manifest this update:     Tue 04 Nov 2025 15:00:22 +0000
Manifest next update:     Wed 05 Nov 2025 15:00:22 +0000
Files and hashes:         1: r4yBlkcmb7yxOeZyqPuaV89Ysog.crl (hash: 9KtwC6+Y7Yrdj5nKjjOlsruv61xOyQ/I2oRy6kBsJ9Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f8/6be7af-97b8-4777-bbdd-30117c20bf42/1/r4yBlkcmb7yxOeZyqPuaV89Ysog.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f8/6be7af-97b8-4777-bbdd-30117c20bf42/1/r4yBlkcmb7yxOeZyqPuaV89Ysog.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r4yBlkcmb7yxOeZyqPuaV89Ysog.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:62:22:85:47:11:cd:d8:8e:41:2c:e1:51:ae:2a:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af8c819647266fbcb139e672a8fb9a57cf58b288
        Validity
            Not Before: Nov  4 15:00:22 2025 GMT
            Not After : Nov  5 15:00:22 2025 GMT
        Subject: CN=46eb9757419359147c3559db211365dfe2aae650
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:c9:3b:d5:9a:33:09:d3:bf:9e:58:fa:0a:8d:
                    51:2f:98:cf:8a:56:82:85:a9:b4:bd:24:bd:93:90:
                    f8:78:20:29:f9:aa:0d:f2:65:81:8e:93:d7:7a:87:
                    de:b4:ed:40:0f:7b:c0:81:6d:ea:e0:eb:5b:f4:3e:
                    f2:d0:d0:cb:ed:94:91:da:b3:a2:a0:60:79:e4:7e:
                    dd:ae:69:6f:55:5a:bb:71:f3:a1:0d:be:93:2b:7e:
                    3a:2f:a1:23:7d:32:b0:88:25:d3:0a:b7:c0:38:27:
                    76:b2:e2:2f:da:57:08:11:cf:77:bb:a7:67:d4:da:
                    c1:c9:a5:9c:a9:c1:a4:5d:bf:db:44:7d:7e:3a:0a:
                    f4:ba:91:92:79:2d:2e:a3:60:88:42:47:c4:7d:e3:
                    41:5b:eb:f9:3b:60:fb:94:46:52:d0:69:4a:e9:11:
                    9e:2b:ae:48:0a:24:3b:f8:96:23:70:25:c5:e7:db:
                    2e:00:9f:1d:e3:40:8e:ac:3d:2a:1d:eb:df:bc:c9:
                    70:7e:13:20:cc:05:95:7c:65:69:c9:fd:a1:67:25:
                    9c:e2:93:4a:b0:27:4d:47:8f:0e:5c:48:87:6e:a8:
                    5b:3c:b2:d9:3a:e5:33:52:8f:c9:79:5f:1e:9c:9e:
                    2c:8f:06:f2:dc:01:23:95:52:62:51:11:47:6c:75:
                    d9:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:EB:97:57:41:93:59:14:7C:35:59:DB:21:13:65:DF:E2:AA:E6:50
            X509v3 Authority Key Identifier:
                keyid:AF:8C:81:96:47:26:6F:BC:B1:39:E6:72:A8:FB:9A:57:CF:58:B2:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4yBlkcmb7yxOeZyqPuaV89Ysog.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/6be7af-97b8-4777-bbdd-30117c20bf42/1/r4yBlkcmb7yxOeZyqPuaV89Ysog.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/6be7af-97b8-4777-bbdd-30117c20bf42/1/r4yBlkcmb7yxOeZyqPuaV89Ysog.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:88:fa:43:2e:dc:90:32:43:71:03:7c:70:58:21:63:27:fe:
         46:64:77:93:da:d6:13:86:58:a4:56:fb:9f:ca:09:0b:a1:1b:
         42:b1:57:88:f3:eb:ed:d1:93:bb:b9:34:09:25:72:8f:fc:de:
         8b:dd:9b:e6:ea:59:48:52:3d:91:97:2b:bd:f6:65:86:d6:fe:
         1d:ff:1f:b6:3d:ac:32:0d:69:ee:ca:5a:61:94:7f:90:82:8d:
         1b:a7:97:7f:e0:0d:b1:d7:aa:12:76:4c:11:9f:93:57:df:dc:
         f1:d6:07:0b:52:4f:00:ae:0b:9f:a7:54:af:c9:e3:9a:70:9b:
         ad:33:36:b4:2d:70:ae:98:c5:62:a1:50:4d:1b:9c:77:a7:76:
         c7:fa:62:47:68:00:61:f6:ab:5a:f9:0c:c9:13:7d:26:00:42:
         05:e2:64:18:4e:b5:aa:8d:3a:37:ad:e3:07:75:0b:6e:47:4b:
         dc:6b:00:f0:6e:c3:e9:3c:39:fa:58:e4:c4:b8:9d:af:42:51:
         ba:a1:61:7e:76:0a:1e:15:f8:20:94:8c:12:cd:39:66:5e:28:
         87:9e:bd:3b:dc:9c:15:87:73:cc:32:73:36:77:46:79:12:d2:
         63:1f:f5:6a:a4:c6:fd:33:d3:77:8f:ab:80:26:7e:7b:6d:7f:
         11:c6:5e:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPYiKFRxHN2I5BLOFRrir8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOGM4MTk2NDcyNjZmYmNiMTM5ZTY3MmE4ZmI5YTU3Y2Y1
OGIyODgwHhcNMjUxMTA0MTUwMDIyWhcNMjUxMTA1MTUwMDIyWjAzMTEwLwYDVQQD
Eyg0NmViOTc1NzQxOTM1OTE0N2MzNTU5ZGIyMTEzNjVkZmUyYWFlNjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsk71ZozCdO/nlj6Co1RL5jPilaC
ham0vSS9k5D4eCAp+aoN8mWBjpPXeofetO1AD3vAgW3q4Otb9D7y0NDL7ZSR2rOi
oGB55H7drmlvVVq7cfOhDb6TK346L6EjfTKwiCXTCrfAOCd2suIv2lcIEc93u6dn
1NrByaWcqcGkXb/bRH1+Ogr0upGSeS0uo2CIQkfEfeNBW+v5O2D7lEZS0GlK6RGe
K65ICiQ7+JYjcCXF59suAJ8d40COrD0qHevfvMlwfhMgzAWVfGVpyf2hZyWc4pNK
sCdNR48OXEiHbqhbPLLZOuUzUo/JeV8enJ4sjwby3AEjlVJiURFHbHXZ+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEbrl1dBk1kUfDVZ2yETZd/iquZQMB8GA1UdIwQY
MBaAFK+MgZZHJm+8sTnmcqj7mlfPWLKIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjR5QmxrY21iN3l4T2VaeXFQdWFWODlZc29nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC82YmU3YWYtOTdiOC00Nzc3LWJiZGQt
MzAxMTdjMjBiZjQyLzEvcjR5QmxrY21iN3l4T2VaeXFQdWFWODlZc29nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC82YmU3YWYtOTdiOC00Nzc3LWJiZGQtMzAxMTdjMjBiZjQy
LzEvcjR5QmxrY21iN3l4T2VaeXFQdWFWODlZc29nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoIj6Qy7c
kDJDcQN8cFghYyf+RmR3k9rWE4ZYpFb7n8oJC6EbQrFXiPPr7dGTu7k0CSVyj/ze
i92b5upZSFI9kZcrvfZlhtb+Hf8ftj2sMg1p7spaYZR/kIKNG6eXf+ANsdeqEnZM
EZ+TV9/c8dYHC1JPAK4Ln6dUr8njmnCbrTM2tC1wrpjFYqFQTRucd6d2x/piR2gA
YfarWvkMyRN9JgBCBeJkGE61qo06N63jB3ULbkdL3GsA8G7D6Tw5+ljkxLidr0JR
uqFhfnYKHhX4IJSMEs05Zl4oh569O9ycFYdzzDJzNndGeRLSYx/1aqTG/TPTd4+r
gCZ+e21/EcZecA==
-----END CERTIFICATE-----