Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft
File:                     YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft (raw, json)
Hash identifier:          kP5jCR9bLEb0a5JURGGBx5u35jRZmBuk9yh8aGA/Z7A=
Subject key identifier:   1C:2E:6F:10:31:74:75:D3:2C:D5:DF:44:12:DD:3F:65:51:95:A7:BA
Authority key identifier: 60:A4:34:FD:6B:FF:8B:6F:BB:0D:52:F8:DA:42:E9:1F:8A:5A:29:2F
Certificate issuer:       /CN=60a434fd6bff8b6fbb0d52f8da42e91f8a5a292f
Certificate serial:       0199FD3437A1D11DB0182FAA05CBF1F6D5FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YKQ0_Wv_i2-7DVL42kLpH4paKS8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft
Manifest number:          087C
Signing time:             Sun 19 Oct 2025 16:01:21 +0000
Manifest this update:     Sun 19 Oct 2025 16:01:21 +0000
Manifest next update:     Mon 20 Oct 2025 16:01:21 +0000
Files and hashes:         1: YKQ0_Wv_i2-7DVL42kLpH4paKS8.crl (hash: 7P7q7fjjp/Z8+Y1+W1FWwM8Aeg3BcY1TJ48fvhy7/UU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YKQ0_Wv_i2-7DVL42kLpH4paKS8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:34:37:a1:d1:1d:b0:18:2f:aa:05:cb:f1:f6:d5:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60a434fd6bff8b6fbb0d52f8da42e91f8a5a292f
        Validity
            Not Before: Oct 19 16:01:21 2025 GMT
            Not After : Oct 20 16:01:21 2025 GMT
        Subject: CN=1c2e6f10317475d32cd5df4412dd3f655195a7ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:03:41:d7:a1:8d:f5:49:7c:a1:4b:d3:9c:8c:
                    72:45:8f:76:09:00:e7:9b:ce:12:2f:0c:b7:8d:c6:
                    7d:2e:68:f2:45:af:db:6a:91:d8:a8:f0:7a:c4:d8:
                    9f:75:c1:62:c6:91:7b:a4:f9:be:e3:3f:ee:e8:fa:
                    d2:77:48:9b:78:14:6e:a3:50:cd:d4:26:70:7c:0d:
                    9e:45:79:cc:4c:72:a7:a2:49:24:f4:e5:8d:a2:ff:
                    54:9c:89:32:51:15:81:01:61:b1:69:17:6d:d0:9e:
                    4f:91:4a:85:6b:45:f1:2e:7b:41:ca:34:21:2c:68:
                    c6:be:0c:7b:22:5a:a6:98:e0:69:21:cf:85:e9:fb:
                    15:67:44:89:c6:65:bf:80:89:d4:3d:c1:1b:87:c4:
                    6e:01:25:f6:2e:33:69:e9:a0:2d:66:32:7f:d6:a2:
                    00:ab:1e:e6:22:a5:b2:6e:06:db:04:ee:c3:bb:d8:
                    78:1a:f6:d3:83:80:02:0a:18:80:e2:1c:cf:d7:a3:
                    8b:3b:3b:fb:3d:02:64:79:d4:e3:51:ca:f5:27:f3:
                    f0:88:b0:5c:94:3c:04:5c:30:12:c4:b1:60:32:c0:
                    51:d0:15:ea:7f:2a:4a:61:14:66:e3:10:8e:99:42:
                    e0:16:ec:33:a9:13:52:b1:b3:c1:b1:a7:d6:d0:f0:
                    7f:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:2E:6F:10:31:74:75:D3:2C:D5:DF:44:12:DD:3F:65:51:95:A7:BA
            X509v3 Authority Key Identifier:
                keyid:60:A4:34:FD:6B:FF:8B:6F:BB:0D:52:F8:DA:42:E9:1F:8A:5A:29:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YKQ0_Wv_i2-7DVL42kLpH4paKS8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:fc:3d:1d:2c:9a:37:25:f4:6b:aa:87:40:05:52:17:60:e0:
         3a:82:f3:68:32:7e:eb:8c:5a:2c:fd:8d:0f:bb:84:15:9b:15:
         df:27:af:2b:94:28:80:57:64:53:10:a5:04:cf:9f:cb:a3:9c:
         93:de:7b:f4:88:44:07:11:d5:27:e2:da:c1:98:3c:b2:d2:21:
         e3:47:bd:ec:01:44:87:95:95:df:d6:86:4d:59:0e:a5:4d:5b:
         13:32:af:4f:58:00:67:10:7b:3b:88:c0:01:52:0d:02:66:82:
         90:2a:10:4f:66:ce:6f:07:a9:63:f3:f6:41:e5:f6:5b:1f:65:
         06:1d:2d:5f:6d:f3:4d:c4:92:c0:7d:67:2d:51:a8:2a:64:df:
         8a:ab:3b:76:c1:92:66:b5:5d:07:48:96:1b:44:0d:42:fe:42:
         12:31:d1:85:1e:7e:9d:1a:55:76:f4:57:b7:03:0e:ef:b0:0f:
         22:44:18:1c:cb:7f:fc:e9:81:e4:c8:8a:c1:64:82:37:78:2d:
         a2:f6:79:5b:80:52:76:57:84:5c:57:da:05:3d:4c:83:72:ca:
         31:ce:a0:ac:a5:89:a9:d1:cf:67:ec:57:fe:be:7f:e9:fe:96:
         62:86:5b:b8:54:1b:b5:85:35:0c:e1:9c:86:2b:8f:2c:33:c5:
         8a:3a:42:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9NDeh0R2wGC+qBcvx9tX7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwYTQzNGZkNmJmZjhiNmZiYjBkNTJmOGRhNDJlOTFmOGE1
YTI5MmYwHhcNMjUxMDE5MTYwMTIxWhcNMjUxMDIwMTYwMTIxWjAzMTEwLwYDVQQD
EygxYzJlNmYxMDMxNzQ3NWQzMmNkNWRmNDQxMmRkM2Y2NTUxOTVhN2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngNB16GN9Ul8oUvTnIxyRY92CQDn
m84SLwy3jcZ9LmjyRa/bapHYqPB6xNifdcFixpF7pPm+4z/u6PrSd0ibeBRuo1DN
1CZwfA2eRXnMTHKnokkk9OWNov9UnIkyURWBAWGxaRdt0J5PkUqFa0XxLntByjQh
LGjGvgx7IlqmmOBpIc+F6fsVZ0SJxmW/gInUPcEbh8RuASX2LjNp6aAtZjJ/1qIA
qx7mIqWybgbbBO7Du9h4GvbTg4ACChiA4hzP16OLOzv7PQJkedTjUcr1J/PwiLBc
lDwEXDASxLFgMsBR0BXqfypKYRRm4xCOmULgFuwzqRNSsbPBsafW0PB/ywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBwubxAxdHXTLNXfRBLdP2VRlae6MB8GA1UdIwQY
MBaAFGCkNP1r/4tvuw1S+NpC6R+KWikvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUtRMF9Xdl9pMi03RFZMNDJrTHBINHBhS1M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82ODAxYzktZGQxNy00ZGNhLTgxMDAt
NmEzZjAxZDljYjUwLzEvWUtRMF9Xdl9pMi03RFZMNDJrTHBINHBhS1M4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi82ODAxYzktZGQxNy00ZGNhLTgxMDAtNmEzZjAxZDljYjUw
LzEvWUtRMF9Xdl9pMi03RFZMNDJrTHBINHBhS1M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARPw9HSya
NyX0a6qHQAVSF2DgOoLzaDJ+64xaLP2ND7uEFZsV3yevK5QogFdkUxClBM+fy6Oc
k9579IhEBxHVJ+LawZg8stIh40e97AFEh5WV39aGTVkOpU1bEzKvT1gAZxB7O4jA
AVINAmaCkCoQT2bObwepY/P2QeX2Wx9lBh0tX23zTcSSwH1nLVGoKmTfiqs7dsGS
ZrVdB0iWG0QNQv5CEjHRhR5+nRpVdvRXtwMO77APIkQYHMt//OmB5MiKwWSCN3gt
ovZ5W4BSdleEXFfaBT1Mg3LKMc6grKWJqdHPZ+xX/r5/6f6WYoZbuFQbtYU1DOGc
hiuPLDPFijpCBA==
-----END CERTIFICATE-----