Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/8bdd00-7943-4584-84f3-3b242d54e788/1/YwYjArQ4WSN2xCZPSdxeZz7bLPs.mft
File:                     YwYjArQ4WSN2xCZPSdxeZz7bLPs.mft (raw, json)
Hash identifier:          0NMC0Kuhb9DJIj//HP2Q4xij38TSTbIjKVXxnm0WUBg=
Subject key identifier:   56:0F:F1:8E:37:A5:07:F4:B6:86:F6:CE:16:47:F9:F4:AE:3C:A9:8B
Authority key identifier: 63:06:23:02:B4:38:59:23:76:C4:26:4F:49:DC:5E:67:3E:DB:2C:FB
Certificate issuer:       /CN=63062302b438592376c4264f49dc5e673edb2cfb
Certificate serial:       0199FBEC50B3B095DC60A2D170904DE38000
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YwYjArQ4WSN2xCZPSdxeZz7bLPs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/8bdd00-7943-4584-84f3-3b242d54e788/1/YwYjArQ4WSN2xCZPSdxeZz7bLPs.mft
Manifest number:          0ACC
Signing time:             Sun 19 Oct 2025 10:03:12 +0000
Manifest this update:     Sun 19 Oct 2025 10:03:12 +0000
Manifest next update:     Mon 20 Oct 2025 10:03:12 +0000
Files and hashes:         1: YwYjArQ4WSN2xCZPSdxeZz7bLPs.crl (hash: q8+bfjygYzYTV3vzndvth//cngNONZH/szeGLdX2EO0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/8bdd00-7943-4584-84f3-3b242d54e788/1/YwYjArQ4WSN2xCZPSdxeZz7bLPs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/8bdd00-7943-4584-84f3-3b242d54e788/1/YwYjArQ4WSN2xCZPSdxeZz7bLPs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YwYjArQ4WSN2xCZPSdxeZz7bLPs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:03:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ec:50:b3:b0:95:dc:60:a2:d1:70:90:4d:e3:80:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63062302b438592376c4264f49dc5e673edb2cfb
        Validity
            Not Before: Oct 19 10:03:12 2025 GMT
            Not After : Oct 20 10:03:12 2025 GMT
        Subject: CN=560ff18e37a507f4b686f6ce1647f9f4ae3ca98b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:d3:4e:70:fe:f9:3b:68:af:87:5e:fd:e7:ce:
                    0d:eb:1a:c5:4c:01:b0:98:e7:4c:83:37:11:d4:d9:
                    37:36:f2:97:cf:65:fa:a3:42:ad:31:4e:e1:2b:c0:
                    28:9a:d8:20:da:40:a8:22:78:82:04:fb:76:87:47:
                    5b:46:cd:a6:8c:da:fa:be:07:d2:38:bc:80:31:bd:
                    db:92:36:11:69:f4:b2:08:95:90:74:44:cb:6f:07:
                    5f:1f:e2:30:3b:d0:28:d8:eb:24:7a:82:6b:c1:35:
                    ab:40:d3:f1:fb:b4:2a:40:61:7e:6b:a8:c3:50:ec:
                    42:df:90:bb:90:71:03:ac:cc:93:af:2e:78:72:c5:
                    33:8b:41:cb:46:9b:9f:6d:5a:88:ca:5b:41:42:22:
                    3d:6a:d9:69:dd:5f:32:69:3c:f6:b9:9d:2f:b1:65:
                    07:e4:ec:4c:4d:7e:fc:a3:1e:2e:e7:20:df:c0:16:
                    40:db:73:8c:49:ea:ee:f4:05:2b:8b:d5:dc:67:73:
                    84:f5:4f:61:be:2c:fa:65:46:b9:c6:8a:61:cf:7c:
                    76:74:ac:49:59:ca:31:47:0a:4b:59:25:f4:80:e7:
                    6a:7f:97:83:75:b1:03:42:6c:97:37:37:16:f0:5a:
                    22:83:16:40:2b:c3:4d:a5:7d:35:bf:42:3e:6f:ae:
                    10:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:0F:F1:8E:37:A5:07:F4:B6:86:F6:CE:16:47:F9:F4:AE:3C:A9:8B
            X509v3 Authority Key Identifier:
                keyid:63:06:23:02:B4:38:59:23:76:C4:26:4F:49:DC:5E:67:3E:DB:2C:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YwYjArQ4WSN2xCZPSdxeZz7bLPs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/8bdd00-7943-4584-84f3-3b242d54e788/1/YwYjArQ4WSN2xCZPSdxeZz7bLPs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/8bdd00-7943-4584-84f3-3b242d54e788/1/YwYjArQ4WSN2xCZPSdxeZz7bLPs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         aa:1c:bc:c8:69:23:58:77:57:0e:bb:7b:75:20:53:a7:4d:f7:
         f3:9b:9d:21:50:88:10:25:02:39:96:b5:cc:6a:f3:15:7b:fa:
         b2:2f:5f:f4:d2:3c:c0:23:7a:04:a4:74:20:82:06:a8:d0:eb:
         36:83:ec:56:aa:a2:10:a1:6b:af:60:de:2c:6d:e6:b9:21:34:
         83:4e:77:90:e5:97:99:aa:d2:5d:d5:8b:3c:49:87:8c:8b:52:
         bb:e9:56:83:03:26:3e:dd:3a:8b:03:35:44:49:97:9e:36:13:
         dd:b4:fb:00:d4:10:77:e1:94:b1:53:b9:b1:04:80:cd:e2:76:
         30:89:67:9a:17:25:85:d4:b7:1d:c2:58:14:fa:f1:44:a4:fa:
         3b:fe:8c:d4:1d:a2:25:4f:81:2f:5f:4f:3d:01:51:52:8c:7d:
         2d:47:9b:f5:f5:71:d0:a2:63:d9:0c:91:bb:58:3a:0c:60:eb:
         7f:fc:be:30:52:65:1b:ef:38:a3:42:bb:19:3b:b0:69:25:a1:
         19:2b:a2:d0:b7:15:96:5a:fe:78:b4:e0:d5:11:a4:f6:c5:a4:
         42:92:5b:d6:14:14:4a:df:66:73:b5:b8:75:5a:d3:b1:e3:32:
         57:54:d2:57:91:fd:3b:a1:76:54:6c:27:e0:29:cc:e3:c6:df:
         e4:6e:ca:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn77FCzsJXcYKLRcJBN44AAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMDYyMzAyYjQzODU5MjM3NmM0MjY0ZjQ5ZGM1ZTY3M2Vk
YjJjZmIwHhcNMjUxMDE5MTAwMzEyWhcNMjUxMDIwMTAwMzEyWjAzMTEwLwYDVQQD
Eyg1NjBmZjE4ZTM3YTUwN2Y0YjY4NmY2Y2UxNjQ3ZjlmNGFlM2NhOThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttNOcP75O2ivh179584N6xrFTAGw
mOdMgzcR1Nk3NvKXz2X6o0KtMU7hK8Aomtgg2kCoIniCBPt2h0dbRs2mjNr6vgfS
OLyAMb3bkjYRafSyCJWQdETLbwdfH+IwO9Ao2OskeoJrwTWrQNPx+7QqQGF+a6jD
UOxC35C7kHEDrMyTry54csUzi0HLRpufbVqIyltBQiI9atlp3V8yaTz2uZ0vsWUH
5OxMTX78ox4u5yDfwBZA23OMSeru9AUri9XcZ3OE9U9hviz6ZUa5xophz3x2dKxJ
WcoxRwpLWSX0gOdqf5eDdbEDQmyXNzcW8FoigxZAK8NNpX01v0I+b64Q8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFYP8Y43pQf0tob2zhZH+fSuPKmLMB8GA1UdIwQY
MBaAFGMGIwK0OFkjdsQmT0ncXmc+2yz7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXdZakFyUTRXU04yeENaUFNkeGVaejdiTFBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi84YmRkMDAtNzk0My00NTg0LTg0ZjMt
M2IyNDJkNTRlNzg4LzEvWXdZakFyUTRXU04yeENaUFNkeGVaejdiTFBzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi84YmRkMDAtNzk0My00NTg0LTg0ZjMtM2IyNDJkNTRlNzg4
LzEvWXdZakFyUTRXU04yeENaUFNkeGVaejdiTFBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqhy8yGkj
WHdXDrt7dSBTp03385udIVCIECUCOZa1zGrzFXv6si9f9NI8wCN6BKR0IIIGqNDr
NoPsVqqiEKFrr2DeLG3muSE0g053kOWXmarSXdWLPEmHjItSu+lWgwMmPt06iwM1
REmXnjYT3bT7ANQQd+GUsVO5sQSAzeJ2MIlnmhclhdS3HcJYFPrxRKT6O/6M1B2i
JU+BL19PPQFRUox9LUeb9fVx0KJj2QyRu1g6DGDrf/y+MFJlG+84o0K7GTuwaSWh
GSui0LcVllr+eLTg1RGk9sWkQpJb1hQUSt9mc7W4dVrTseMyV1TSV5H9O6F2VGwn
4CnM48bf5G7Kcg==
-----END CERTIFICATE-----