Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
File:                     ydD7lgitlbS_5q4unxPgAv2raA0.mft (raw, json)
Hash identifier:          5YRvP/oxGiuFYBWIMlp381rVLdP922LGv6qQ/o1dn6s=
Subject key identifier:   60:24:1D:E0:02:68:92:C8:96:83:8D:43:EB:98:73:31:56:BF:2B:F5
Authority key identifier: C9:D0:FB:96:08:AD:95:B4:BF:E6:AE:2E:9F:13:E0:02:FD:AB:68:0D
Certificate issuer:       /CN=c9d0fb9608ad95b4bfe6ae2e9f13e002fdab680d
Certificate serial:       0199FB7C76EC2F5DFB0AB46BEA35D2C88236
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
Manifest number:          057B
Signing time:             Sun 19 Oct 2025 08:01:02 +0000
Manifest this update:     Sun 19 Oct 2025 08:01:02 +0000
Manifest next update:     Mon 20 Oct 2025 08:01:02 +0000
Files and hashes:         1: ydD7lgitlbS_5q4unxPgAv2raA0.crl (hash: ZCEoTkov1zQsmmG+bbKmoSZAK2QjFs0jcw4xgW8+v6I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 08:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:7c:76:ec:2f:5d:fb:0a:b4:6b:ea:35:d2:c8:82:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c9d0fb9608ad95b4bfe6ae2e9f13e002fdab680d
        Validity
            Not Before: Oct 19 08:01:02 2025 GMT
            Not After : Oct 20 08:01:02 2025 GMT
        Subject: CN=60241de0026892c896838d43eb98733156bf2bf5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:af:45:ce:17:a9:5c:06:89:e4:de:38:30:36:
                    f5:2d:2e:18:9c:a2:ce:d5:99:f4:fe:da:c1:f6:b8:
                    af:98:33:5a:f5:f6:14:8d:98:e7:fd:13:a5:ae:3e:
                    4e:5a:02:da:c4:1c:dd:5b:d6:8d:f9:ba:4b:90:fb:
                    2a:ee:14:24:4d:d9:94:a9:b0:7f:8b:72:7e:43:67:
                    d6:7f:15:9a:26:65:20:fb:9f:3a:7a:50:c0:22:2e:
                    9c:3c:41:15:75:bd:2c:8c:30:d1:e6:ab:90:37:f3:
                    85:79:f7:47:55:e4:bc:53:08:24:e8:9d:8b:06:62:
                    8f:42:34:37:4a:09:b4:04:8a:8a:e2:58:cc:06:3f:
                    a5:bb:02:13:2d:ca:20:5d:dc:d5:e4:d4:ea:f4:be:
                    f5:ef:4a:b5:b9:ea:93:07:5e:48:5f:6f:81:25:86:
                    6f:83:46:be:3e:6e:14:95:51:2d:f4:43:0e:1c:8f:
                    4d:49:4e:da:74:4e:8d:03:70:ce:2c:2d:67:f3:a4:
                    5e:2b:9a:b4:74:d6:b3:31:d1:fd:56:b8:43:e0:1c:
                    c5:72:e4:10:f9:cf:75:d0:9c:ca:40:70:d7:26:e1:
                    1f:9d:5f:bd:99:91:c6:47:f3:83:e1:ee:4f:96:91:
                    03:20:1d:32:6f:4a:00:f9:86:35:02:0d:0b:0f:b3:
                    d8:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:24:1D:E0:02:68:92:C8:96:83:8D:43:EB:98:73:31:56:BF:2B:F5
            X509v3 Authority Key Identifier:
                keyid:C9:D0:FB:96:08:AD:95:B4:BF:E6:AE:2E:9F:13:E0:02:FD:AB:68:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:74:63:22:80:fd:cc:8d:55:4d:fa:ff:63:31:56:a0:57:b7:
         b4:a3:a6:c9:56:94:e2:93:40:31:59:a3:d2:d6:37:4f:8f:99:
         20:42:14:30:09:a6:66:60:06:6e:34:fe:ff:7d:0e:fb:60:f2:
         a7:18:a1:9d:c6:6a:04:8d:af:6c:93:a2:12:1b:95:65:41:db:
         81:d2:85:ad:93:13:0d:9a:ed:f9:ca:52:05:0f:7e:87:12:1b:
         35:e0:27:45:35:a8:4b:92:74:49:06:65:e8:5c:ac:12:01:10:
         83:14:b0:e1:3e:49:36:e1:6d:be:eb:fa:b2:2a:11:e4:22:de:
         ce:55:de:30:27:b2:27:b1:cd:99:8e:e8:9b:b0:cd:f4:d5:af:
         94:38:16:d6:12:a4:1d:d8:e6:9a:1f:a4:2b:3b:5d:7d:84:62:
         04:59:94:8d:8d:ed:7c:c8:1b:38:0d:e5:c9:f2:d3:c5:3c:f7:
         1d:e1:47:a7:97:29:a9:29:c5:1a:da:c0:49:6a:d0:0f:75:25:
         ed:51:22:f4:3f:ba:10:37:02:d0:77:d1:83:66:d6:b2:76:22:
         c8:80:9e:77:a5:4e:45:87:ae:2c:4f:a1:62:3a:bf:f6:62:59:
         73:45:f7:18:e7:af:07:da:e6:8d:99:71:dd:8e:9c:da:14:f3:
         d5:2d:4f:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7fHbsL137CrRr6jXSyII2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDBmYjk2MDhhZDk1YjRiZmU2YWUyZTlmMTNlMDAyZmRh
YjY4MGQwHhcNMjUxMDE5MDgwMTAyWhcNMjUxMDIwMDgwMTAyWjAzMTEwLwYDVQQD
Eyg2MDI0MWRlMDAyNjg5MmM4OTY4MzhkNDNlYjk4NzMzMTU2YmYyYmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAra9FzhepXAaJ5N44MDb1LS4YnKLO
1Zn0/trB9rivmDNa9fYUjZjn/ROlrj5OWgLaxBzdW9aN+bpLkPsq7hQkTdmUqbB/
i3J+Q2fWfxWaJmUg+586elDAIi6cPEEVdb0sjDDR5quQN/OFefdHVeS8Uwgk6J2L
BmKPQjQ3Sgm0BIqK4ljMBj+luwITLcogXdzV5NTq9L7170q1ueqTB15IX2+BJYZv
g0a+Pm4UlVEt9EMOHI9NSU7adE6NA3DOLC1n86ReK5q0dNazMdH9VrhD4BzFcuQQ
+c910JzKQHDXJuEfnV+9mZHGR/OD4e5PlpEDIB0yb0oA+YY1Ag0LD7PYwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGAkHeACaJLIloONQ+uYczFWvyv1MB8GA1UdIwQY
MBaAFMnQ+5YIrZW0v+auLp8T4AL9q2gNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC84Njg4MzctMmRlMS00OWIzLTlhZjkt
MDUzNDk1ODc1OWFjLzEveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC84Njg4MzctMmRlMS00OWIzLTlhZjktMDUzNDk1ODc1OWFj
LzEveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhXRjIoD9
zI1VTfr/YzFWoFe3tKOmyVaU4pNAMVmj0tY3T4+ZIEIUMAmmZmAGbjT+/30O+2Dy
pxihncZqBI2vbJOiEhuVZUHbgdKFrZMTDZrt+cpSBQ9+hxIbNeAnRTWoS5J0SQZl
6FysEgEQgxSw4T5JNuFtvuv6sioR5CLezlXeMCeyJ7HNmY7om7DN9NWvlDgW1hKk
Hdjmmh+kKztdfYRiBFmUjY3tfMgbOA3lyfLTxTz3HeFHp5cpqSnFGtrASWrQD3Ul
7VEi9D+6EDcC0HfRg2bWsnYiyICed6VORYeuLE+hYjq/9mJZc0X3GOevB9rmjZlx
3Y6c2hTz1S1PNA==
-----END CERTIFICATE-----