Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft
File:                     5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft (raw, json)
Hash identifier:          KH1NpPMXDBX6ClPLfCTEJOXvMF6oZ+OcNuIktfvFNqE=
Subject key identifier:   FF:59:A9:40:63:5D:64:A8:FE:95:48:39:F6:43:04:CE:E4:9E:0F:17
Authority key identifier: E5:2C:B8:5C:A7:93:FA:D5:65:B4:60:8E:26:D8:2A:6A:E2:7D:C2:32
Certificate issuer:       /CN=e52cb85ca793fad565b4608e26d82a6ae27dc232
Certificate serial:       019A71EE93BEF898589068062A4D009BA9B7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5Sy4XKeT-tVltGCOJtgqauJ9wjI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft
Manifest number:          0DA4
Signing time:             Tue 11 Nov 2025 08:00:52 +0000
Manifest this update:     Tue 11 Nov 2025 08:00:52 +0000
Manifest next update:     Wed 12 Nov 2025 08:00:52 +0000
Files and hashes:         1: 5Sy4XKeT-tVltGCOJtgqauJ9wjI.crl (hash: KAB7dgFNq+HDtoZTpdpSpcXJUNd+T2Y+0pdWqnfjJY8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5Sy4XKeT-tVltGCOJtgqauJ9wjI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 08:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:ee:93:be:f8:98:58:90:68:06:2a:4d:00:9b:a9:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e52cb85ca793fad565b4608e26d82a6ae27dc232
        Validity
            Not Before: Nov 11 08:00:52 2025 GMT
            Not After : Nov 12 08:00:52 2025 GMT
        Subject: CN=ff59a940635d64a8fe954839f64304cee49e0f17
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:8d:41:d1:00:63:1d:4c:c7:83:50:eb:90:f2:
                    e4:2e:83:6a:fe:a0:63:16:12:63:42:08:e2:c6:4c:
                    1d:c5:63:03:6e:1f:79:0c:6d:38:b2:98:7f:94:8c:
                    4d:f4:81:57:26:d9:06:c3:66:c6:d5:92:49:f3:e1:
                    0e:dd:c7:d3:95:ce:cc:69:49:7c:c6:dc:20:39:4c:
                    a4:18:6b:81:c4:5f:76:40:b0:22:bd:d2:e6:06:90:
                    b4:88:5e:cc:fa:e6:0d:0d:09:20:90:03:42:23:36:
                    23:12:f7:08:b7:73:a1:a0:1a:e4:0a:8b:02:38:8e:
                    c5:08:74:50:99:be:65:b4:4e:2c:a1:c8:05:5d:b7:
                    c9:f0:7d:0a:7a:54:97:f8:af:0b:80:e9:39:62:c3:
                    97:06:c6:80:20:c2:aa:a2:e5:58:2b:9d:8a:5e:34:
                    d5:02:0b:cb:c6:6e:3e:3d:45:4f:62:9f:28:01:24:
                    7a:55:ba:4b:87:a7:f5:b1:80:c9:ef:eb:5f:4b:e8:
                    6c:3b:76:88:c3:33:77:e7:1a:5e:6d:99:89:4a:84:
                    e4:14:73:53:3e:c5:ef:1a:ed:43:dd:f0:71:de:99:
                    90:8e:a7:3f:a7:58:71:96:1f:8d:e8:7f:c6:d7:c7:
                    9e:d4:13:55:12:f3:c0:8f:e4:c8:cb:5b:a3:ec:ec:
                    17:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:59:A9:40:63:5D:64:A8:FE:95:48:39:F6:43:04:CE:E4:9E:0F:17
            X509v3 Authority Key Identifier:
                keyid:E5:2C:B8:5C:A7:93:FA:D5:65:B4:60:8E:26:D8:2A:6A:E2:7D:C2:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Sy4XKeT-tVltGCOJtgqauJ9wjI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:fd:96:66:15:04:58:ea:5c:7b:55:84:6b:6b:ca:e8:6e:eb:
         a0:58:1b:bb:1d:c1:f4:28:63:66:4f:61:17:3f:5d:a9:f4:38:
         41:fc:60:b7:4c:06:4d:4c:f3:62:76:a8:d6:96:e8:17:dd:9c:
         04:cb:4f:b9:08:4c:aa:43:f3:75:67:3a:d7:da:ad:00:11:db:
         de:ac:f1:f4:a4:75:13:16:b2:39:c5:ae:b6:7f:8b:e9:a3:97:
         2e:75:26:00:8c:4e:30:9f:fa:7d:44:6a:25:cb:de:1d:61:ca:
         d9:db:f8:52:b0:d8:ff:43:42:84:d6:b7:b8:57:a9:bc:50:e6:
         2c:ae:46:20:33:16:c0:94:33:74:cb:3f:b8:6f:46:ac:9e:46:
         64:e5:82:6c:0b:7e:82:13:0c:9c:64:0f:e1:1e:97:e3:eb:40:
         b0:9d:43:2a:83:2a:98:84:23:16:fe:50:71:83:ff:c2:57:29:
         53:ca:b5:9e:7d:70:95:e8:62:d8:bd:cd:de:34:44:1c:2b:20:
         c3:cd:87:3e:89:20:24:82:19:81:ef:19:2c:67:b9:e1:e0:e3:
         d1:2b:cc:49:80:4a:29:35:9a:00:09:70:3a:8f:24:bb:41:ac:
         a8:17:9f:1b:61:64:d1:c2:f4:de:98:1d:63:49:62:57:ac:96:
         79:c5:82:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7pO++JhYkGgGKk0Am6m3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MmNiODVjYTc5M2ZhZDU2NWI0NjA4ZTI2ZDgyYTZhZTI3
ZGMyMzIwHhcNMjUxMTExMDgwMDUyWhcNMjUxMTEyMDgwMDUyWjAzMTEwLwYDVQQD
EyhmZjU5YTk0MDYzNWQ2NGE4ZmU5NTQ4MzlmNjQzMDRjZWU0OWUwZjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8Y1B0QBjHUzHg1DrkPLkLoNq/qBj
FhJjQgjixkwdxWMDbh95DG04sph/lIxN9IFXJtkGw2bG1ZJJ8+EO3cfTlc7MaUl8
xtwgOUykGGuBxF92QLAivdLmBpC0iF7M+uYNDQkgkANCIzYjEvcIt3OhoBrkCosC
OI7FCHRQmb5ltE4socgFXbfJ8H0KelSX+K8LgOk5YsOXBsaAIMKqouVYK52KXjTV
AgvLxm4+PUVPYp8oASR6VbpLh6f1sYDJ7+tfS+hsO3aIwzN35xpebZmJSoTkFHNT
PsXvGu1D3fBx3pmQjqc/p1hxlh+N6H/G18ee1BNVEvPAj+TIy1uj7OwXrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP9ZqUBjXWSo/pVIOfZDBM7kng8XMB8GA1UdIwQY
MBaAFOUsuFynk/rVZbRgjibYKmrifcIyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVN5NFhLZVQtdFZsdEdDT0p0Z3FhdUo5d2pJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi85NWJhZDktMjBmZS00YjhkLThmMDMt
OWMyOTk5ZDA5YjhmLzEvNVN5NFhLZVQtdFZsdEdDT0p0Z3FhdUo5d2pJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi85NWJhZDktMjBmZS00YjhkLThmMDMtOWMyOTk5ZDA5Yjhm
LzEvNVN5NFhLZVQtdFZsdEdDT0p0Z3FhdUo5d2pJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZf2WZhUE
WOpce1WEa2vK6G7roFgbux3B9ChjZk9hFz9dqfQ4Qfxgt0wGTUzzYnao1pboF92c
BMtPuQhMqkPzdWc619qtABHb3qzx9KR1ExayOcWutn+L6aOXLnUmAIxOMJ/6fURq
JcveHWHK2dv4UrDY/0NChNa3uFepvFDmLK5GIDMWwJQzdMs/uG9GrJ5GZOWCbAt+
ghMMnGQP4R6X4+tAsJ1DKoMqmIQjFv5QcYP/wlcpU8q1nn1wlehi2L3N3jREHCsg
w82HPokgJIIZge8ZLGe54eDj0SvMSYBKKTWaAAlwOo8ku0GsqBefG2Fk0cL03pgd
Y0liV6yWecWCGg==
-----END CERTIFICATE-----