Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/9ff86c-1f7b-4bc7-976a-dfb79bba1b68/1/uv5tfV8eRHjRoCUXHaawObJjAR8.mft
File:                     uv5tfV8eRHjRoCUXHaawObJjAR8.mft (raw, json)
Hash identifier:          f+lVM/cDc4sp/pzfdsaXAQS80V6Dz8A+YRMtKnyPd9Q=
Subject key identifier:   43:B4:61:E1:CB:CC:7E:5F:C2:E5:AC:6F:10:18:24:D6:55:AF:4F:EB
Authority key identifier: BA:FE:6D:7D:5F:1E:44:78:D1:A0:25:17:1D:A6:B0:39:B2:63:01:1F
Certificate issuer:       /CN=bafe6d7d5f1e4478d1a025171da6b039b263011f
Certificate serial:       0199FBEC2A4F348A99427877C235A2E5FB30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uv5tfV8eRHjRoCUXHaawObJjAR8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/9ff86c-1f7b-4bc7-976a-dfb79bba1b68/1/uv5tfV8eRHjRoCUXHaawObJjAR8.mft
Manifest number:          0A85
Signing time:             Sun 19 Oct 2025 10:03:02 +0000
Manifest this update:     Sun 19 Oct 2025 10:03:02 +0000
Manifest next update:     Mon 20 Oct 2025 10:03:02 +0000
Files and hashes:         1: uv5tfV8eRHjRoCUXHaawObJjAR8.crl (hash: F9SHu6jaXIBlLRwzfB6sk7x1n2Ecw+tVmv6mWJc09Gc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/9ff86c-1f7b-4bc7-976a-dfb79bba1b68/1/uv5tfV8eRHjRoCUXHaawObJjAR8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/9ff86c-1f7b-4bc7-976a-dfb79bba1b68/1/uv5tfV8eRHjRoCUXHaawObJjAR8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uv5tfV8eRHjRoCUXHaawObJjAR8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ec:2a:4f:34:8a:99:42:78:77:c2:35:a2:e5:fb:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bafe6d7d5f1e4478d1a025171da6b039b263011f
        Validity
            Not Before: Oct 19 10:03:02 2025 GMT
            Not After : Oct 20 10:03:02 2025 GMT
        Subject: CN=43b461e1cbcc7e5fc2e5ac6f101824d655af4feb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:60:30:c5:ba:0b:6d:6b:c0:93:c7:68:4e:29:
                    e3:cc:2c:9a:45:cf:a7:0a:8d:c7:67:c6:f3:40:08:
                    4f:1b:37:22:e5:25:c7:d0:46:0f:b1:b3:5f:10:5e:
                    1b:9f:4e:02:82:8b:7c:10:03:b9:92:af:e5:23:0e:
                    21:8b:93:55:2e:35:4e:fd:b2:e9:86:96:b7:43:a8:
                    fc:c2:a5:d0:fe:16:a6:7f:5b:87:d2:9f:0c:12:e3:
                    ae:ac:a5:f1:5c:9a:7c:17:e6:c2:38:13:67:7b:65:
                    06:fc:6f:f4:92:67:bb:cd:a7:d9:78:4b:23:14:19:
                    ab:c3:5c:24:74:53:9c:a9:25:c2:a2:6b:22:05:df:
                    61:d7:12:5e:a0:09:0c:9e:31:93:be:ed:5b:b6:83:
                    ea:8f:ae:b1:33:25:55:21:98:46:ba:10:0f:ff:12:
                    d6:15:4f:51:e4:f0:cb:4f:4f:15:99:07:bd:5b:da:
                    f4:f0:13:0a:e9:08:82:ec:b1:b7:73:37:7d:5e:d2:
                    0d:5d:83:57:27:20:b7:b5:0b:a9:eb:87:a3:23:29:
                    1d:4f:b7:c3:fc:7f:11:49:fc:5f:0f:4e:4d:4b:42:
                    1b:19:3a:79:6a:b2:a9:52:56:54:fe:a5:ee:c8:e9:
                    85:4d:a3:79:5b:45:cd:cb:0a:2e:ef:67:5a:85:20:
                    b8:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:B4:61:E1:CB:CC:7E:5F:C2:E5:AC:6F:10:18:24:D6:55:AF:4F:EB
            X509v3 Authority Key Identifier:
                keyid:BA:FE:6D:7D:5F:1E:44:78:D1:A0:25:17:1D:A6:B0:39:B2:63:01:1F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uv5tfV8eRHjRoCUXHaawObJjAR8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/9ff86c-1f7b-4bc7-976a-dfb79bba1b68/1/uv5tfV8eRHjRoCUXHaawObJjAR8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/9ff86c-1f7b-4bc7-976a-dfb79bba1b68/1/uv5tfV8eRHjRoCUXHaawObJjAR8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:57:f3:a0:95:9f:2d:f2:29:b6:9b:00:49:86:91:98:8c:71:
         4e:01:b8:dc:04:cd:2d:5e:a8:4b:52:35:46:14:bb:eb:c5:1a:
         ea:99:c7:5d:13:ed:b0:88:e2:df:26:76:ae:ec:05:90:24:23:
         ed:c8:ca:c4:72:ba:f1:a3:83:6f:ee:da:4c:6d:9a:31:36:5e:
         1b:43:86:98:02:8e:2c:06:2e:1f:b5:43:09:50:b6:f3:d4:d4:
         ec:e7:30:29:41:ac:cd:5f:d3:d1:45:31:a3:e7:37:7d:5c:aa:
         83:84:84:73:3a:59:98:07:09:6e:20:bf:c2:9c:ae:1f:b7:ee:
         3c:55:be:d2:58:f1:68:be:5e:03:d5:40:cd:4e:a9:76:88:6e:
         ef:c6:a3:78:7a:03:97:de:31:d8:d5:56:91:28:4b:e7:11:0e:
         46:4e:b0:66:77:70:27:1a:3d:77:0a:0b:ee:c1:24:6b:98:fa:
         6b:f4:15:c0:69:3d:c6:b4:f8:10:d1:58:c5:f5:d5:41:90:ca:
         fd:6c:e6:ee:e7:8d:e5:c3:f0:fc:67:28:85:cd:32:48:45:69:
         dd:a6:48:a9:3d:e5:b5:81:23:9d:05:fd:09:e2:c2:cb:64:60:
         1e:5c:01:f5:e4:1c:1d:4c:e3:71:d9:3b:5c:86:5e:5b:bc:72:
         37:3a:a3:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn77CpPNIqZQnh3wjWi5fswMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhZmU2ZDdkNWYxZTQ0NzhkMWEwMjUxNzFkYTZiMDM5YjI2
MzAxMWYwHhcNMjUxMDE5MTAwMzAyWhcNMjUxMDIwMTAwMzAyWjAzMTEwLwYDVQQD
Eyg0M2I0NjFlMWNiY2M3ZTVmYzJlNWFjNmYxMDE4MjRkNjU1YWY0ZmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2GAwxboLbWvAk8doTinjzCyaRc+n
Co3HZ8bzQAhPGzci5SXH0EYPsbNfEF4bn04Cgot8EAO5kq/lIw4hi5NVLjVO/bLp
hpa3Q6j8wqXQ/hamf1uH0p8MEuOurKXxXJp8F+bCOBNne2UG/G/0kme7zafZeEsj
FBmrw1wkdFOcqSXComsiBd9h1xJeoAkMnjGTvu1btoPqj66xMyVVIZhGuhAP/xLW
FU9R5PDLT08VmQe9W9r08BMK6QiC7LG3czd9XtINXYNXJyC3tQup64ejIykdT7fD
/H8RSfxfD05NS0IbGTp5arKpUlZU/qXuyOmFTaN5W0XNywou72dahSC4AwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEO0YeHLzH5fwuWsbxAYJNZVr0/rMB8GA1UdIwQY
MBaAFLr+bX1fHkR40aAlFx2msDmyYwEfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXY1dGZWOGVSSGpSb0NVWEhhYXdPYkpqQVI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS85ZmY4NmMtMWY3Yi00YmM3LTk3NmEt
ZGZiNzliYmExYjY4LzEvdXY1dGZWOGVSSGpSb0NVWEhhYXdPYkpqQVI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS85ZmY4NmMtMWY3Yi00YmM3LTk3NmEtZGZiNzliYmExYjY4
LzEvdXY1dGZWOGVSSGpSb0NVWEhhYXdPYkpqQVI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAilfzoJWf
LfIptpsASYaRmIxxTgG43ATNLV6oS1I1RhS768Ua6pnHXRPtsIji3yZ2ruwFkCQj
7cjKxHK68aODb+7aTG2aMTZeG0OGmAKOLAYuH7VDCVC289TU7OcwKUGszV/T0UUx
o+c3fVyqg4SEczpZmAcJbiC/wpyuH7fuPFW+0ljxaL5eA9VAzU6pdohu78ajeHoD
l94x2NVWkShL5xEORk6wZndwJxo9dwoL7sEka5j6a/QVwGk9xrT4ENFYxfXVQZDK
/Wzm7ueN5cPw/Gcohc0ySEVp3aZIqT3ltYEjnQX9CeLCy2RgHlwB9eQcHUzjcdk7
XIZeW7xyNzqjeQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:07:05 2025 by rpki-client