Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.mft
File:                     pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.mft (raw, json)
Hash identifier:          JmB593VEnM5QW1MzKKBs9uM+nr6UNg0QSRm0S2TpK0g=
Subject key identifier:   79:E4:96:D5:A4:90:6B:DF:04:60:D8:FC:F8:2E:B4:D6:81:AF:3C:1D
Authority key identifier: A5:8D:49:83:C9:C6:3B:D8:A1:58:00:3C:58:5F:43:D9:94:C1:2D:C2
Certificate issuer:       /CN=a58d4983c9c63bd8a158003c585f43d994c12dc2
Certificate serial:       019A0110BBEDB14CEC1931090045D4DCDBD4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.mft
Manifest number:          0B43
Signing time:             Mon 20 Oct 2025 10:01:05 +0000
Manifest this update:     Mon 20 Oct 2025 10:01:05 +0000
Manifest next update:     Tue 21 Oct 2025 10:01:05 +0000
Files and hashes:         1: pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.crl (hash: 26j6Z855lQZISW03xJmQ01X2nOEextIKupQTRMjlhmA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 10:01:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:01:10:bb:ed:b1:4c:ec:19:31:09:00:45:d4:dc:db:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a58d4983c9c63bd8a158003c585f43d994c12dc2
        Validity
            Not Before: Oct 20 10:01:05 2025 GMT
            Not After : Oct 21 10:01:05 2025 GMT
        Subject: CN=79e496d5a4906bdf0460d8fcf82eb4d681af3c1d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:51:64:77:8b:e0:15:88:d3:e1:41:3a:56:31:
                    41:5b:19:15:b7:3f:1c:05:39:9e:a3:7b:ea:9e:13:
                    df:fa:3a:a3:10:ae:c5:70:32:ca:6c:10:dd:b4:76:
                    3d:c9:40:73:5f:2b:e8:8f:7e:d3:73:d7:3c:53:53:
                    e3:a9:9a:fc:5b:c2:17:17:5d:aa:84:c0:36:57:17:
                    4f:f6:e6:68:a4:af:ca:37:50:94:00:aa:bd:21:15:
                    5c:5f:45:d4:51:b5:73:7c:c6:0e:04:4c:61:91:10:
                    72:a1:fc:dc:84:0b:28:6f:5a:50:77:8a:2d:5b:e1:
                    4e:6e:d2:d0:e7:3b:ae:cc:49:84:6d:07:2e:83:3b:
                    09:2e:18:10:54:c8:02:de:83:2b:43:ad:1e:92:4e:
                    1d:36:b6:69:d5:ce:5b:d9:5c:73:92:10:fd:17:40:
                    5d:ea:1f:32:43:57:ca:b7:d1:e9:60:3f:88:ff:52:
                    86:cc:98:5b:16:dd:5a:7d:d9:87:a6:3d:3c:26:15:
                    62:4f:a7:a5:f3:5f:35:cd:15:57:98:c1:7d:1f:f9:
                    90:78:98:1c:99:15:ee:47:b9:60:ba:6b:b6:7f:dd:
                    5a:a9:1a:26:c3:c3:b9:4a:6e:19:cb:50:8f:de:a3:
                    78:3f:e9:fc:b7:2a:32:55:60:25:e2:fe:c6:5b:aa:
                    25:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:E4:96:D5:A4:90:6B:DF:04:60:D8:FC:F8:2E:B4:D6:81:AF:3C:1D
            X509v3 Authority Key Identifier:
                keyid:A5:8D:49:83:C9:C6:3B:D8:A1:58:00:3C:58:5F:43:D9:94:C1:2D:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:95:ff:c2:3e:e7:e9:24:1c:ba:f4:4f:94:78:4b:85:cf:d8:
         24:5b:06:a5:03:e1:44:2b:81:94:46:d5:6e:93:a9:5b:d5:c3:
         7b:ee:40:c6:0a:c2:65:da:db:23:cd:ad:62:dd:e4:7e:5b:19:
         72:cd:94:d5:84:a7:20:9d:0b:bb:33:5b:63:05:d6:ab:b3:02:
         02:26:0a:2d:bd:28:e1:c8:ae:50:4d:f6:9a:6e:e4:bd:39:96:
         1c:d2:ff:92:5d:14:b9:c5:95:4f:92:cc:11:06:61:63:28:41:
         d1:5f:09:a5:90:7f:00:c9:7c:fc:83:ec:2b:e5:35:e7:6b:05:
         09:c4:d5:c7:6f:5e:79:7e:e3:5d:e9:0b:73:38:52:07:ee:05:
         07:14:cc:0c:03:29:21:0a:3d:1a:d1:1f:f8:69:d9:5c:26:d7:
         99:a7:24:fb:a3:49:3e:6d:3c:fa:de:ca:27:ce:96:d4:ea:1d:
         d7:f6:83:ec:7a:b7:ec:e7:f3:ff:23:3e:c2:97:85:66:cd:21:
         08:9f:b4:0c:f5:73:5e:aa:9a:cf:1d:10:0d:55:d2:7d:81:fc:
         0e:7f:94:42:49:de:8e:e3:7c:44:98:34:77:38:ae:82:6f:5b:
         a0:ad:a8:9c:a1:ed:df:19:fc:c1:6c:64:66:08:f3:f3:f3:00:
         77:88:7b:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoBELvtsUzsGTEJAEXU3NvUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1OGQ0OTgzYzljNjNiZDhhMTU4MDAzYzU4NWY0M2Q5OTRj
MTJkYzIwHhcNMjUxMDIwMTAwMTA1WhcNMjUxMDIxMTAwMTA1WjAzMTEwLwYDVQQD
Eyg3OWU0OTZkNWE0OTA2YmRmMDQ2MGQ4ZmNmODJlYjRkNjgxYWYzYzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklFkd4vgFYjT4UE6VjFBWxkVtz8c
BTmeo3vqnhPf+jqjEK7FcDLKbBDdtHY9yUBzXyvoj37Tc9c8U1PjqZr8W8IXF12q
hMA2VxdP9uZopK/KN1CUAKq9IRVcX0XUUbVzfMYOBExhkRByofzchAsob1pQd4ot
W+FObtLQ5zuuzEmEbQcugzsJLhgQVMgC3oMrQ60ekk4dNrZp1c5b2VxzkhD9F0Bd
6h8yQ1fKt9HpYD+I/1KGzJhbFt1afdmHpj08JhViT6el8181zRVXmMF9H/mQeJgc
mRXuR7lgumu2f91aqRomw8O5Sm4Zy1CP3qN4P+n8tyoyVWAl4v7GW6olEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHnkltWkkGvfBGDY/PgutNaBrzwdMB8GA1UdIwQY
MBaAFKWNSYPJxjvYoVgAPFhfQ9mUwS3CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFkxSmc4bkdPOWloV0FBOFdGOUQyWlRCTGNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9jM2EzNDMtZGE4Mi00MjdhLTk4YzYt
Y2UzMGQ0YTM5OGUwLzEvcFkxSmc4bkdPOWloV0FBOFdGOUQyWlRCTGNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9jM2EzNDMtZGE4Mi00MjdhLTk4YzYtY2UzMGQ0YTM5OGUw
LzEvcFkxSmc4bkdPOWloV0FBOFdGOUQyWlRCTGNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApJX/wj7n
6SQcuvRPlHhLhc/YJFsGpQPhRCuBlEbVbpOpW9XDe+5AxgrCZdrbI82tYt3kflsZ
cs2U1YSnIJ0LuzNbYwXWq7MCAiYKLb0o4ciuUE32mm7kvTmWHNL/kl0UucWVT5LM
EQZhYyhB0V8JpZB/AMl8/IPsK+U152sFCcTVx29eeX7jXekLczhSB+4FBxTMDAMp
IQo9GtEf+GnZXCbXmack+6NJPm08+t7KJ86W1Ood1/aD7Hq37Ofz/yM+wpeFZs0h
CJ+0DPVzXqqazx0QDVXSfYH8Dn+UQknejuN8RJg0dziugm9boK2onKHt3xn8wWxk
Zgjz8/MAd4h7hQ==
-----END CERTIFICATE-----