Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft
File:                     YDRE4ZlioZHv0vIWoSji9M_io94.mft (raw, json)
Hash identifier:          AtzpVhWDusGDFRHJaDrE2j/4fC49NsNgmGYnzZdDqG0=
Subject key identifier:   6D:A2:A0:66:73:A7:10:F6:7E:4F:65:FE:C6:7E:CE:3B:F4:29:47:D5
Authority key identifier: 60:34:44:E1:99:62:A1:91:EF:D2:F2:16:A1:28:E2:F4:CF:E2:A3:DE
Certificate issuer:       /CN=603444e19962a191efd2f216a128e2f4cfe2a3de
Certificate serial:       0199FBEA8F9B20C94A33AE33BE2AF7D7059F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YDRE4ZlioZHv0vIWoSji9M_io94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft
Manifest number:          06FC
Signing time:             Sun 19 Oct 2025 10:01:17 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:17 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:17 +0000
Files and hashes:         1: YDRE4ZlioZHv0vIWoSji9M_io94.crl (hash: Xb2LRVPwtJ+AGCAy1u0abyQfDZveAiDLhG5db5B2jt4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YDRE4ZlioZHv0vIWoSji9M_io94.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ea:8f:9b:20:c9:4a:33:ae:33:be:2a:f7:d7:05:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=603444e19962a191efd2f216a128e2f4cfe2a3de
        Validity
            Not Before: Oct 19 10:01:17 2025 GMT
            Not After : Oct 20 10:01:17 2025 GMT
        Subject: CN=6da2a06673a710f67e4f65fec67ece3bf42947d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:a5:cc:29:8d:52:6c:4d:1f:1b:fd:fe:31:cd:
                    4e:cf:8f:f2:52:96:73:47:b6:47:19:a6:ab:30:06:
                    2d:48:fa:a5:3c:69:64:66:25:12:ad:4d:ea:96:aa:
                    99:b0:d0:ef:0f:01:8a:dc:0c:cd:d9:bb:f1:42:f9:
                    d5:70:9b:e6:7a:9f:d9:00:b4:4c:6f:a8:87:ea:36:
                    b1:ce:1d:92:90:fd:e7:e6:04:5d:17:d1:be:b8:98:
                    1b:d0:80:aa:77:ae:57:42:68:df:26:b0:81:8a:e9:
                    81:b0:09:26:dd:e9:64:e0:0d:ca:1b:c5:8d:37:8d:
                    34:73:86:65:5e:f1:22:6f:b1:c3:cd:c6:f7:ae:8d:
                    f8:6d:c9:34:64:e7:7a:d7:86:68:e5:f9:da:d8:36:
                    0a:5c:48:6b:46:4f:a5:a1:f1:e5:c1:47:e2:2f:9b:
                    5d:34:08:81:2c:e2:c2:0b:66:c9:09:3a:f1:db:1c:
                    ad:e1:0f:05:2d:61:00:b3:56:73:da:0c:66:3b:3b:
                    50:7d:28:c6:90:5b:fe:20:fe:ab:19:38:2f:e3:04:
                    53:7d:26:5b:62:69:1f:e5:9b:21:10:84:28:87:42:
                    16:0d:50:ad:10:4f:90:17:aa:ca:1f:48:28:0b:f6:
                    92:5b:6d:5c:a9:82:37:77:92:58:2a:52:cf:d8:6d:
                    32:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:A2:A0:66:73:A7:10:F6:7E:4F:65:FE:C6:7E:CE:3B:F4:29:47:D5
            X509v3 Authority Key Identifier:
                keyid:60:34:44:E1:99:62:A1:91:EF:D2:F2:16:A1:28:E2:F4:CF:E2:A3:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YDRE4ZlioZHv0vIWoSji9M_io94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:9b:2d:9f:39:78:e5:26:ca:8b:04:0f:4d:a6:2d:ff:72:54:
         74:71:7d:af:7c:91:e8:ad:78:fc:52:2b:53:0b:8c:fe:62:fc:
         69:82:d9:a2:ad:db:35:91:91:53:be:56:1b:4a:20:a0:15:b0:
         9f:7b:4b:3d:4b:95:9a:d6:f7:74:18:f2:ca:77:32:8e:ec:bc:
         dd:9a:6d:e7:6b:f1:cd:bc:d0:bc:a0:db:cc:a8:6a:4f:df:29:
         b7:b4:0d:b1:92:62:6b:8d:e5:0c:89:f5:15:b6:73:72:3a:65:
         e3:17:d2:53:61:68:f8:b3:40:f5:61:26:b2:fc:dc:40:d1:ec:
         d2:f0:3e:75:a6:64:c5:72:ee:39:7e:6a:f8:c3:4b:a5:4f:b8:
         c1:75:fb:59:d4:42:b9:2b:9d:e6:56:a0:a4:8c:ff:20:2f:1e:
         cc:a2:c1:d6:69:7e:fb:96:2a:02:86:1f:6c:83:fa:0d:e2:4e:
         76:de:65:64:30:81:be:39:b0:bd:88:24:3c:7b:a5:82:1e:05:
         86:bf:80:9a:f9:c7:d4:a6:f2:36:0e:48:53:22:c5:96:70:bb:
         66:e9:18:c2:4b:7f:5b:f1:d5:f9:d5:6c:05:75:8c:fb:7d:3f:
         9b:1e:07:e0:4d:60:85:3d:8e:6a:08:1a:05:2b:9f:27:80:de:
         5c:bf:87:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76o+bIMlKM64zvir31wWfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMzQ0NGUxOTk2MmExOTFlZmQyZjIxNmExMjhlMmY0Y2Zl
MmEzZGUwHhcNMjUxMDE5MTAwMTE3WhcNMjUxMDIwMTAwMTE3WjAzMTEwLwYDVQQD
Eyg2ZGEyYTA2NjczYTcxMGY2N2U0ZjY1ZmVjNjdlY2UzYmY0Mjk0N2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKXMKY1SbE0fG/3+Mc1Oz4/yUpZz
R7ZHGaarMAYtSPqlPGlkZiUSrU3qlqqZsNDvDwGK3AzN2bvxQvnVcJvmep/ZALRM
b6iH6jaxzh2SkP3n5gRdF9G+uJgb0ICqd65XQmjfJrCBiumBsAkm3elk4A3KG8WN
N400c4ZlXvEib7HDzcb3ro34bck0ZOd614Zo5fna2DYKXEhrRk+lofHlwUfiL5td
NAiBLOLCC2bJCTrx2xyt4Q8FLWEAs1Zz2gxmOztQfSjGkFv+IP6rGTgv4wRTfSZb
Ymkf5ZshEIQoh0IWDVCtEE+QF6rKH0goC/aSW21cqYI3d5JYKlLP2G0yoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG2ioGZzpxD2fk9l/sZ+zjv0KUfVMB8GA1UdIwQY
MBaAFGA0ROGZYqGR79LyFqEo4vTP4qPeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWURSRTRabGlvWkh2MHZJV29Tamk5TV9pbzk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8xZjMyY2ItZGFiMi00YTlmLWFlNzct
ODQ0N2UyOWMxNTI0LzEvWURSRTRabGlvWkh2MHZJV29Tamk5TV9pbzk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8xZjMyY2ItZGFiMi00YTlmLWFlNzctODQ0N2UyOWMxNTI0
LzEvWURSRTRabGlvWkh2MHZJV29Tamk5TV9pbzk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAapstnzl4
5SbKiwQPTaYt/3JUdHF9r3yR6K14/FIrUwuM/mL8aYLZoq3bNZGRU75WG0ogoBWw
n3tLPUuVmtb3dBjyyncyjuy83Zpt52vxzbzQvKDbzKhqT98pt7QNsZJia43lDIn1
FbZzcjpl4xfSU2Fo+LNA9WEmsvzcQNHs0vA+daZkxXLuOX5q+MNLpU+4wXX7WdRC
uSud5lagpIz/IC8ezKLB1ml++5YqAoYfbIP6DeJOdt5lZDCBvjmwvYgkPHulgh4F
hr+AmvnH1KbyNg5IUyLFlnC7ZukYwkt/W/HV+dVsBXWM+30/mx4H4E1ghT2Oagga
BSufJ4DeXL+H6g==
-----END CERTIFICATE-----