Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/7a53ec-56d7-45cd-bab8-b32adf61ab47/1/ucN059N57ajbliAKTu_lvBwok58.mft
File:                     ucN059N57ajbliAKTu_lvBwok58.mft (raw, json)
Hash identifier:          HWBaTdCJJVvnXi4HNh3SogryzGGqLtewCYz/sWMmOOQ=
Subject key identifier:   16:1F:28:FD:D4:02:0B:19:90:30:05:18:82:C1:C2:61:CA:1B:2C:82
Authority key identifier: B9:C3:74:E7:D3:79:ED:A8:DB:96:20:0A:4E:EF:E5:BC:1C:28:93:9F
Certificate issuer:       /CN=b9c374e7d379eda8db96200a4eefe5bc1c28939f
Certificate serial:       0199FDDA00CD0F73CF925A6A794E41FA5DFB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ucN059N57ajbliAKTu_lvBwok58.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/7a53ec-56d7-45cd-bab8-b32adf61ab47/1/ucN059N57ajbliAKTu_lvBwok58.mft
Manifest number:          0D9A
Signing time:             Sun 19 Oct 2025 19:02:26 +0000
Manifest this update:     Sun 19 Oct 2025 19:02:26 +0000
Manifest next update:     Mon 20 Oct 2025 19:02:26 +0000
Files and hashes:         1: ucN059N57ajbliAKTu_lvBwok58.crl (hash: FN71d7tKOmt3cCoQBR3Qc+MZC5y5CoJDDdHtVUYOzOg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/7a53ec-56d7-45cd-bab8-b32adf61ab47/1/ucN059N57ajbliAKTu_lvBwok58.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/7a53ec-56d7-45cd-bab8-b32adf61ab47/1/ucN059N57ajbliAKTu_lvBwok58.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ucN059N57ajbliAKTu_lvBwok58.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:da:00:cd:0f:73:cf:92:5a:6a:79:4e:41:fa:5d:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9c374e7d379eda8db96200a4eefe5bc1c28939f
        Validity
            Not Before: Oct 19 19:02:26 2025 GMT
            Not After : Oct 20 19:02:26 2025 GMT
        Subject: CN=161f28fdd4020b199030051882c1c261ca1b2c82
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:1e:5f:6c:70:1f:61:d7:38:b2:5c:76:71:98:
                    98:c2:d0:83:db:d0:6d:e4:fa:a4:59:b6:80:b6:63:
                    55:04:5d:d5:ba:81:ec:44:12:0c:c1:c7:74:e0:8c:
                    39:a9:cc:30:ba:32:8a:63:c7:0c:b1:f3:ae:51:c4:
                    c7:d4:80:6e:06:79:af:40:4d:75:47:47:ca:e4:be:
                    9e:1e:79:74:88:1d:76:7a:2b:c9:6a:13:0f:4c:93:
                    e0:a8:d9:ff:f1:fb:bb:35:b8:7a:fa:9d:d2:77:b9:
                    29:e5:4a:d5:82:41:81:40:57:a2:e8:79:04:7c:36:
                    d7:a4:46:5a:8a:8f:a7:22:38:b8:df:c4:ae:18:b8:
                    78:f8:dc:76:7a:1d:87:f1:29:c5:da:3b:56:5c:bf:
                    51:44:e8:79:a3:21:fc:82:8c:b5:ec:a8:df:b3:4c:
                    96:c0:bd:88:7d:fa:fc:22:67:29:b0:73:8c:b4:36:
                    f8:fd:dc:cd:31:49:72:c5:49:08:93:9b:f4:f0:15:
                    48:83:71:05:33:16:49:43:68:63:1e:eb:4e:50:18:
                    c6:68:a8:8e:49:7c:90:b4:dc:b2:c4:74:7c:24:e6:
                    29:55:ef:67:15:7e:de:bd:fd:d0:1f:47:38:9d:4a:
                    e1:60:37:62:0c:68:67:ed:79:85:2a:94:85:7d:b4:
                    a5:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:1F:28:FD:D4:02:0B:19:90:30:05:18:82:C1:C2:61:CA:1B:2C:82
            X509v3 Authority Key Identifier:
                keyid:B9:C3:74:E7:D3:79:ED:A8:DB:96:20:0A:4E:EF:E5:BC:1C:28:93:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ucN059N57ajbliAKTu_lvBwok58.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/7a53ec-56d7-45cd-bab8-b32adf61ab47/1/ucN059N57ajbliAKTu_lvBwok58.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/7a53ec-56d7-45cd-bab8-b32adf61ab47/1/ucN059N57ajbliAKTu_lvBwok58.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:b0:9d:36:3a:4d:e7:05:97:8e:2c:17:ba:f6:86:04:53:2c:
         e3:96:3e:91:11:9b:1d:d7:1b:9f:27:be:dd:9f:07:74:df:31:
         01:3b:46:78:71:0e:7a:7c:0d:94:14:71:ae:8c:97:80:b1:d7:
         60:1b:2a:0e:3f:e9:07:5a:31:6e:51:ca:22:e9:79:92:d9:6a:
         89:d8:35:f3:65:7b:6a:33:e4:c3:4f:65:78:3d:b9:35:30:68:
         ad:d1:29:1f:49:c5:4f:f5:b6:17:d2:91:f0:0e:7f:73:72:6a:
         65:26:cc:40:db:d3:4b:bf:ec:16:ac:50:0d:a0:32:99:19:e3:
         a0:38:35:25:be:e7:5c:06:8e:cd:99:5b:08:04:b0:61:ea:ca:
         ba:cb:b1:8d:1f:bd:c9:b2:2e:e0:5b:96:a7:c2:a5:86:5e:0b:
         25:ae:09:b7:9b:ab:84:d1:6a:88:9c:f5:8c:84:e2:f8:4e:2b:
         74:59:a1:86:9e:1b:3d:69:30:19:38:d3:8b:4c:d6:08:e2:1d:
         31:5d:35:40:fe:1c:85:25:ed:82:05:d0:ae:58:31:8f:1f:80:
         39:35:a4:3a:45:b2:22:34:80:8d:79:97:b4:00:1f:63:dc:45:
         07:de:90:d4:86:99:df:f7:af:ec:18:86:6d:51:66:a2:07:af:
         a1:c4:de:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92gDND3PPklpqeU5B+l37MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YzM3NGU3ZDM3OWVkYThkYjk2MjAwYTRlZWZlNWJjMWMy
ODkzOWYwHhcNMjUxMDE5MTkwMjI2WhcNMjUxMDIwMTkwMjI2WjAzMTEwLwYDVQQD
EygxNjFmMjhmZGQ0MDIwYjE5OTAzMDA1MTg4MmMxYzI2MWNhMWIyYzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9B5fbHAfYdc4slx2cZiYwtCD29Bt
5PqkWbaAtmNVBF3VuoHsRBIMwcd04Iw5qcwwujKKY8cMsfOuUcTH1IBuBnmvQE11
R0fK5L6eHnl0iB12eivJahMPTJPgqNn/8fu7Nbh6+p3Sd7kp5UrVgkGBQFei6HkE
fDbXpEZaio+nIji438SuGLh4+Nx2eh2H8SnF2jtWXL9RROh5oyH8goy17Kjfs0yW
wL2Iffr8ImcpsHOMtDb4/dzNMUlyxUkIk5v08BVIg3EFMxZJQ2hjHutOUBjGaKiO
SXyQtNyyxHR8JOYpVe9nFX7evf3QH0c4nUrhYDdiDGhn7XmFKpSFfbSl5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBYfKP3UAgsZkDAFGILBwmHKGyyCMB8GA1UdIwQY
MBaAFLnDdOfTee2o25YgCk7v5bwcKJOfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWNOMDU5TjU3YWpibGlBS1R1X2x2QndvazU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC83YTUzZWMtNTZkNy00NWNkLWJhYjgt
YjMyYWRmNjFhYjQ3LzEvdWNOMDU5TjU3YWpibGlBS1R1X2x2QndvazU4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC83YTUzZWMtNTZkNy00NWNkLWJhYjgtYjMyYWRmNjFhYjQ3
LzEvdWNOMDU5TjU3YWpibGlBS1R1X2x2QndvazU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdbCdNjpN
5wWXjiwXuvaGBFMs45Y+kRGbHdcbnye+3Z8HdN8xATtGeHEOenwNlBRxroyXgLHX
YBsqDj/pB1oxblHKIul5ktlqidg182V7ajPkw09leD25NTBordEpH0nFT/W2F9KR
8A5/c3JqZSbMQNvTS7/sFqxQDaAymRnjoDg1Jb7nXAaOzZlbCASwYerKusuxjR+9
ybIu4FuWp8Klhl4LJa4Jt5urhNFqiJz1jITi+E4rdFmhhp4bPWkwGTjTi0zWCOId
MV01QP4chSXtggXQrlgxjx+AOTWkOkWyIjSAjXmXtAAfY9xFB96Q1IaZ3/ev7BiG
bVFmogevocTe1Q==
-----END CERTIFICATE-----