Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/7b540f-b83a-40b9-ae6d-cdcee23a83b0/1/yKQR5q7CPK13xDcrTXsLH8gtXcA.mft
File:                     yKQR5q7CPK13xDcrTXsLH8gtXcA.mft (raw, json)
Hash identifier:          1LzjjGZ11ahHAZTChkKtW9Wi1wlkVw4yhP1MV2mE58I=
Subject key identifier:   6F:A7:99:20:2D:0B:47:4F:01:5E:57:CD:5D:0B:55:77:FC:FE:95:83
Authority key identifier: C8:A4:11:E6:AE:C2:3C:AD:77:C4:37:2B:4D:7B:0B:1F:C8:2D:5D:C0
Certificate issuer:       /CN=c8a411e6aec23cad77c4372b4d7b0b1fc82d5dc0
Certificate serial:       0199FC8F735AE1FC319517E64C10593C9015
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yKQR5q7CPK13xDcrTXsLH8gtXcA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/7b540f-b83a-40b9-ae6d-cdcee23a83b0/1/yKQR5q7CPK13xDcrTXsLH8gtXcA.mft
Manifest number:          16E0
Signing time:             Sun 19 Oct 2025 13:01:23 +0000
Manifest this update:     Sun 19 Oct 2025 13:01:23 +0000
Manifest next update:     Mon 20 Oct 2025 13:01:23 +0000
Files and hashes:         1: yKQR5q7CPK13xDcrTXsLH8gtXcA.crl (hash: gZJu07ahlz8FOuSzgKSRNWF0JKMuL2IaAi0paAST3Ek=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d3/7b540f-b83a-40b9-ae6d-cdcee23a83b0/1/yKQR5q7CPK13xDcrTXsLH8gtXcA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d3/7b540f-b83a-40b9-ae6d-cdcee23a83b0/1/yKQR5q7CPK13xDcrTXsLH8gtXcA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yKQR5q7CPK13xDcrTXsLH8gtXcA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:8f:73:5a:e1:fc:31:95:17:e6:4c:10:59:3c:90:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8a411e6aec23cad77c4372b4d7b0b1fc82d5dc0
        Validity
            Not Before: Oct 19 13:01:23 2025 GMT
            Not After : Oct 20 13:01:23 2025 GMT
        Subject: CN=6fa799202d0b474f015e57cd5d0b5577fcfe9583
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:05:c4:6d:41:83:69:c0:9f:1c:d8:64:c7:de:
                    da:5e:7a:76:28:ec:13:14:73:4f:bb:2f:a5:e2:bf:
                    ab:40:42:91:c1:f9:a2:a7:7d:1f:6b:7f:f8:5a:de:
                    9d:34:31:f6:52:e6:5e:d6:2c:06:89:3f:9c:09:7a:
                    4a:31:60:67:72:5c:ab:df:18:4f:88:3e:74:d4:b3:
                    bc:cc:3a:f9:2c:55:45:d7:2b:59:44:ee:f4:de:a2:
                    63:cc:f7:e2:40:31:00:cb:05:27:8b:62:24:a1:2d:
                    6a:ab:7b:47:ca:37:b3:63:42:6e:5a:94:45:dd:b9:
                    19:f8:f9:c1:bb:41:f8:9d:d3:6b:4f:8e:f1:cb:a8:
                    66:df:75:ca:f6:aa:47:3f:6f:c4:6c:b3:b6:8e:11:
                    c7:83:2b:f3:e5:c7:75:a1:1a:b7:60:eb:e4:57:53:
                    5a:fe:e0:a9:9c:cc:32:a5:83:11:2c:0d:b7:9d:50:
                    c8:b1:c4:78:de:93:34:a2:26:e5:ad:88:dc:23:e1:
                    2a:8f:79:d3:37:2f:3c:01:4e:6b:c0:68:6d:dc:39:
                    6d:e5:db:bc:57:22:2e:44:4d:c7:83:81:75:e9:44:
                    4a:5e:26:27:2a:06:d9:41:ca:b9:1c:19:3f:d6:c8:
                    a3:87:6b:8d:4a:0d:13:29:8f:c1:ba:bf:ac:f7:e0:
                    a8:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:A7:99:20:2D:0B:47:4F:01:5E:57:CD:5D:0B:55:77:FC:FE:95:83
            X509v3 Authority Key Identifier:
                keyid:C8:A4:11:E6:AE:C2:3C:AD:77:C4:37:2B:4D:7B:0B:1F:C8:2D:5D:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yKQR5q7CPK13xDcrTXsLH8gtXcA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7b540f-b83a-40b9-ae6d-cdcee23a83b0/1/yKQR5q7CPK13xDcrTXsLH8gtXcA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7b540f-b83a-40b9-ae6d-cdcee23a83b0/1/yKQR5q7CPK13xDcrTXsLH8gtXcA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:6c:b0:02:31:e3:b0:cc:11:fe:9e:7e:1d:73:56:06:5e:ff:
         db:c5:64:7a:46:60:0f:6e:26:ce:9d:54:ca:d4:de:98:33:72:
         d2:0b:4e:f1:15:5e:6a:61:2a:fb:c7:65:ed:81:9a:fe:01:79:
         a7:64:83:8a:99:e7:db:a3:fe:fe:d5:be:50:37:06:3a:b3:8b:
         95:39:12:dc:88:4b:56:9e:be:13:92:44:d8:8d:6b:e2:0f:58:
         1c:9a:54:9e:75:94:81:fb:71:f6:6f:5c:a8:57:4c:96:0d:19:
         86:6e:7f:6a:93:8a:89:36:9c:45:96:c1:29:e3:a4:af:d3:c2:
         a0:fb:d2:39:79:48:a1:01:d8:46:57:f3:0e:90:d3:1f:09:b1:
         03:7a:1d:83:c1:62:3e:66:e9:e8:38:ed:19:3c:46:da:75:e6:
         e2:c0:04:9f:5d:d5:ef:fa:2c:94:04:e0:05:12:23:b7:81:53:
         c3:e1:ae:6d:cd:f6:f8:8b:9f:4f:ed:e8:e8:f0:1c:e1:5d:0a:
         de:fa:b1:01:21:8a:5d:1d:f1:42:61:3e:d4:fd:f4:a9:39:5b:
         77:67:c7:81:ca:27:ed:1f:ef:b4:57:5d:82:23:73:6b:8b:78:
         49:dd:6b:5d:db:81:93:4f:19:15:28:21:56:03:00:2e:5f:f2:
         fd:da:a2:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8j3Na4fwxlRfmTBBZPJAVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4YTQxMWU2YWVjMjNjYWQ3N2M0MzcyYjRkN2IwYjFmYzgy
ZDVkYzAwHhcNMjUxMDE5MTMwMTIzWhcNMjUxMDIwMTMwMTIzWjAzMTEwLwYDVQQD
Eyg2ZmE3OTkyMDJkMGI0NzRmMDE1ZTU3Y2Q1ZDBiNTU3N2ZjZmU5NTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwXEbUGDacCfHNhkx97aXnp2KOwT
FHNPuy+l4r+rQEKRwfmip30fa3/4Wt6dNDH2UuZe1iwGiT+cCXpKMWBnclyr3xhP
iD501LO8zDr5LFVF1ytZRO703qJjzPfiQDEAywUni2IkoS1qq3tHyjezY0JuWpRF
3bkZ+PnBu0H4ndNrT47xy6hm33XK9qpHP2/EbLO2jhHHgyvz5cd1oRq3YOvkV1Na
/uCpnMwypYMRLA23nVDIscR43pM0oiblrYjcI+Eqj3nTNy88AU5rwGht3Dlt5du8
VyIuRE3Hg4F16URKXiYnKgbZQcq5HBk/1sijh2uNSg0TKY/Bur+s9+CoKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG+nmSAtC0dPAV5XzV0LVXf8/pWDMB8GA1UdIwQY
MBaAFMikEeauwjytd8Q3K017Cx/ILV3AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUtRUjVxN0NQSzEzeERjclRYc0xIOGd0WGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy83YjU0MGYtYjgzYS00MGI5LWFlNmQt
Y2RjZWUyM2E4M2IwLzEveUtRUjVxN0NQSzEzeERjclRYc0xIOGd0WGNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy83YjU0MGYtYjgzYS00MGI5LWFlNmQtY2RjZWUyM2E4M2Iw
LzEveUtRUjVxN0NQSzEzeERjclRYc0xIOGd0WGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWWywAjHj
sMwR/p5+HXNWBl7/28VkekZgD24mzp1UytTemDNy0gtO8RVeamEq+8dl7YGa/gF5
p2SDipnn26P+/tW+UDcGOrOLlTkS3IhLVp6+E5JE2I1r4g9YHJpUnnWUgftx9m9c
qFdMlg0Zhm5/apOKiTacRZbBKeOkr9PCoPvSOXlIoQHYRlfzDpDTHwmxA3odg8Fi
Pmbp6DjtGTxG2nXm4sAEn13V7/oslATgBRIjt4FTw+Gubc32+IufT+3o6PAc4V0K
3vqxASGKXR3xQmE+1P30qTlbd2fHgcon7R/vtFddgiNza4t4Sd1rXduBk08ZFSgh
VgMALl/y/dqiLA==
-----END CERTIFICATE-----