Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/d4ef16-2795-4f39-9be9-6175e83c6a2b/1/BLYeUUDNiYT3_iAQ21nr2y8-1OY.mft
File:                     BLYeUUDNiYT3_iAQ21nr2y8-1OY.mft (raw, json)
Hash identifier:          FugURpDWcyQO0zVuwhpb4loD6Gtah7e6Xlah6T+Xro0=
Subject key identifier:   E1:E3:26:1D:97:2C:5A:CF:01:04:C4:25:F9:68:5D:BF:9E:FA:1D:6E
Authority key identifier: 04:B6:1E:51:40:CD:89:84:F7:FE:20:10:DB:59:EB:DB:2F:3E:D4:E6
Certificate issuer:       /CN=04b61e5140cd8984f7fe2010db59ebdb2f3ed4e6
Certificate serial:       0199FBEB2642883B1A71E8E07658174CC9D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BLYeUUDNiYT3_iAQ21nr2y8-1OY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/d4ef16-2795-4f39-9be9-6175e83c6a2b/1/BLYeUUDNiYT3_iAQ21nr2y8-1OY.mft
Manifest number:          0D3A
Signing time:             Sun 19 Oct 2025 10:01:55 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:55 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:55 +0000
Files and hashes:         1: BLYeUUDNiYT3_iAQ21nr2y8-1OY.crl (hash: 2/+OoMIYQO3JWBlmH6HoXqx8gTsXyGVMgWJhEGDDL90=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/82/d4ef16-2795-4f39-9be9-6175e83c6a2b/1/BLYeUUDNiYT3_iAQ21nr2y8-1OY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/82/d4ef16-2795-4f39-9be9-6175e83c6a2b/1/BLYeUUDNiYT3_iAQ21nr2y8-1OY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BLYeUUDNiYT3_iAQ21nr2y8-1OY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:01:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:26:42:88:3b:1a:71:e8:e0:76:58:17:4c:c9:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=04b61e5140cd8984f7fe2010db59ebdb2f3ed4e6
        Validity
            Not Before: Oct 19 10:01:55 2025 GMT
            Not After : Oct 20 10:01:55 2025 GMT
        Subject: CN=e1e3261d972c5acf0104c425f9685dbf9efa1d6e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:52:6c:ca:75:32:ba:9b:69:ed:78:b4:60:0b:
                    c3:ae:39:44:c4:85:d7:80:7f:7b:b6:d7:36:45:e3:
                    63:8f:90:fd:08:7c:0c:10:0c:49:e2:35:c3:f8:4c:
                    9c:bf:3a:b7:84:46:14:36:bd:98:58:8f:f2:5c:fb:
                    a1:64:aa:85:4e:10:83:25:82:54:af:d8:37:e0:58:
                    41:f0:d7:09:04:ed:f8:bc:77:40:bc:b6:bd:79:2f:
                    3f:c8:b2:ee:24:d0:57:e7:e1:90:23:bf:59:d5:d0:
                    e9:ab:3d:fd:f0:9f:d7:5e:f7:2c:85:e2:2a:61:b9:
                    ca:82:6a:d1:62:e0:a3:64:d6:b7:e0:d5:69:11:82:
                    b9:72:84:4e:f7:9f:b7:6a:52:6c:03:9b:4c:f6:59:
                    58:3e:a4:46:dd:cc:91:e9:2b:9c:21:5c:75:f7:c0:
                    49:26:56:4a:73:fd:a1:37:ec:97:b3:85:7f:07:65:
                    e6:a8:4e:36:88:ff:6d:ad:fe:26:dc:48:da:39:5c:
                    68:32:b8:e9:d9:ea:e8:55:10:a1:4c:7f:79:75:5f:
                    a6:60:fd:76:1a:d1:94:fa:e7:ff:9c:43:6e:6a:15:
                    96:7d:2b:79:31:dd:96:1b:87:d4:56:ec:0e:60:20:
                    67:80:d3:95:1d:12:cf:97:49:2d:2f:83:11:80:b0:
                    fd:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:E3:26:1D:97:2C:5A:CF:01:04:C4:25:F9:68:5D:BF:9E:FA:1D:6E
            X509v3 Authority Key Identifier:
                keyid:04:B6:1E:51:40:CD:89:84:F7:FE:20:10:DB:59:EB:DB:2F:3E:D4:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BLYeUUDNiYT3_iAQ21nr2y8-1OY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/d4ef16-2795-4f39-9be9-6175e83c6a2b/1/BLYeUUDNiYT3_iAQ21nr2y8-1OY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/d4ef16-2795-4f39-9be9-6175e83c6a2b/1/BLYeUUDNiYT3_iAQ21nr2y8-1OY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:31:2b:3d:d6:00:65:ff:2b:23:1b:c9:86:b6:c3:37:98:54:
         e7:52:87:95:3e:67:ec:a8:5f:5f:dc:b5:92:54:e5:9d:ec:73:
         b5:3e:0a:a0:4c:18:5d:2a:ee:86:bb:a4:0d:78:ae:1e:47:4d:
         cd:ef:e7:42:6a:a5:4f:45:fe:03:65:50:73:88:69:ac:a2:97:
         66:6f:90:cc:07:8a:78:76:cc:4c:08:0e:92:80:ee:74:3a:71:
         28:37:ee:fd:37:ee:32:52:84:2a:15:b1:b6:88:49:80:4a:9c:
         c1:a0:eb:bc:75:77:89:8a:9e:3e:49:44:00:f1:09:99:80:0a:
         29:7b:51:f3:c5:e2:cb:6c:2c:39:90:ad:09:d4:53:50:24:c6:
         75:40:ac:66:7f:82:ab:8d:79:07:bd:82:e9:29:a5:b0:4c:4e:
         fd:1a:ca:95:f6:1c:29:4f:bd:5b:a1:ab:64:c1:72:ca:ae:d2:
         43:a8:0f:4c:33:0a:86:f5:e0:62:f8:14:c6:ed:ad:7b:4f:a8:
         42:19:db:73:bc:af:4d:10:0c:a6:74:21:e7:51:86:15:ad:9d:
         05:d6:32:c8:bc:3f:09:6f:fb:1d:4f:4c:e6:83:64:2d:e0:cf:
         8a:40:ed:c8:d1:62:69:fd:54:07:79:58:3a:ac:a4:19:33:43:
         d1:03:60:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76yZCiDsacejgdlgXTMnWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0YjYxZTUxNDBjZDg5ODRmN2ZlMjAxMGRiNTllYmRiMmYz
ZWQ0ZTYwHhcNMjUxMDE5MTAwMTU1WhcNMjUxMDIwMTAwMTU1WjAzMTEwLwYDVQQD
EyhlMWUzMjYxZDk3MmM1YWNmMDEwNGM0MjVmOTY4NWRiZjllZmExZDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlJsynUyuptp7Xi0YAvDrjlExIXX
gH97ttc2ReNjj5D9CHwMEAxJ4jXD+Eycvzq3hEYUNr2YWI/yXPuhZKqFThCDJYJU
r9g34FhB8NcJBO34vHdAvLa9eS8/yLLuJNBX5+GQI79Z1dDpqz398J/XXvcsheIq
YbnKgmrRYuCjZNa34NVpEYK5coRO95+3alJsA5tM9llYPqRG3cyR6SucIVx198BJ
JlZKc/2hN+yXs4V/B2XmqE42iP9trf4m3EjaOVxoMrjp2eroVRChTH95dV+mYP12
GtGU+uf/nENuahWWfSt5Md2WG4fUVuwOYCBngNOVHRLPl0ktL4MRgLD9VwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOHjJh2XLFrPAQTEJfloXb+e+h1uMB8GA1UdIwQY
MBaAFAS2HlFAzYmE9/4gENtZ69svPtTmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkxZZVVVRE5pWVQzX2lBUTIxbnIyeTgtMU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9kNGVmMTYtMjc5NS00ZjM5LTliZTkt
NjE3NWU4M2M2YTJiLzEvQkxZZVVVRE5pWVQzX2lBUTIxbnIyeTgtMU9ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9kNGVmMTYtMjc5NS00ZjM5LTliZTktNjE3NWU4M2M2YTJi
LzEvQkxZZVVVRE5pWVQzX2lBUTIxbnIyeTgtMU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAejErPdYA
Zf8rIxvJhrbDN5hU51KHlT5n7KhfX9y1klTlnexztT4KoEwYXSruhrukDXiuHkdN
ze/nQmqlT0X+A2VQc4hprKKXZm+QzAeKeHbMTAgOkoDudDpxKDfu/TfuMlKEKhWx
tohJgEqcwaDrvHV3iYqePklEAPEJmYAKKXtR88Xiy2wsOZCtCdRTUCTGdUCsZn+C
q415B72C6SmlsExO/RrKlfYcKU+9W6GrZMFyyq7SQ6gPTDMKhvXgYvgUxu2te0+o
Qhnbc7yvTRAMpnQh51GGFa2dBdYyyLw/CW/7HU9M5oNkLeDPikDtyNFiaf1UB3lY
OqykGTND0QNgMg==
-----END CERTIFICATE-----