Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft
File:                     gY1FuJShqq5kDmhOV8_bUw36umk.mft (raw, json)
Hash identifier:          qwr7eS4jwxkjJyh0vNXnk+S49IEwWDTJJMfDWAHn1aM=
Subject key identifier:   CE:B9:AC:4F:65:4E:BB:6B:0D:05:C3:8B:87:97:63:98:2F:18:FA:74
Authority key identifier: 81:8D:45:B8:94:A1:AA:AE:64:0E:68:4E:57:CF:DB:53:0D:FA:BA:69
Certificate issuer:       /CN=818d45b894a1aaae640e684e57cfdb530dfaba69
Certificate serial:       019A7226333DF9265CE521AD56002F9CD6AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gY1FuJShqq5kDmhOV8_bUw36umk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft
Manifest number:          0BAD
Signing time:             Tue 11 Nov 2025 09:01:37 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:37 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:37 +0000
Files and hashes:         1: gY1FuJShqq5kDmhOV8_bUw36umk.crl (hash: dzbJlwiNMINbYo/R/E7GN5e6Lj3LlADyDXn7tcN1R9g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gY1FuJShqq5kDmhOV8_bUw36umk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:33:3d:f9:26:5c:e5:21:ad:56:00:2f:9c:d6:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=818d45b894a1aaae640e684e57cfdb530dfaba69
        Validity
            Not Before: Nov 11 09:01:37 2025 GMT
            Not After : Nov 12 09:01:37 2025 GMT
        Subject: CN=ceb9ac4f654ebb6b0d05c38b879763982f18fa74
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:ff:9f:ef:4c:d6:a4:bc:a6:e1:20:e2:ed:9e:
                    3c:5b:f1:ab:3f:27:ba:14:94:01:ce:2f:dd:79:f8:
                    00:fc:7a:2e:7b:1d:54:b5:19:eb:52:25:5c:18:1a:
                    d5:13:01:76:08:4a:1d:f8:0f:b3:be:ec:8e:66:cd:
                    b4:ea:92:b2:8b:14:87:f8:3f:1f:e4:c5:28:ba:88:
                    44:1a:28:c9:89:74:7e:fa:67:14:c8:f0:dc:b7:78:
                    08:2a:78:d8:0f:1d:16:e7:80:14:0a:52:11:53:05:
                    b0:d2:31:13:7f:26:c7:32:6d:c9:67:80:90:b6:9a:
                    e5:dc:c2:1e:7d:cc:26:c7:dd:1f:19:06:fc:74:4a:
                    c2:0c:31:8b:71:cc:1a:e2:54:a0:e1:6d:e7:42:11:
                    87:49:dc:e1:e9:a5:ee:e8:21:bf:64:5e:a7:f5:19:
                    06:d4:ec:96:ae:ac:8b:ff:e6:ad:e8:2a:a3:34:48:
                    07:f0:0e:f2:b4:96:25:be:15:71:2f:95:9e:51:13:
                    fe:81:d5:e7:30:13:91:09:b6:da:2c:3f:97:33:36:
                    c4:ad:bd:df:1f:3c:66:b7:0f:73:38:04:35:27:51:
                    72:a0:7c:13:61:d1:26:b2:c9:87:45:44:01:4b:2e:
                    61:51:bd:29:75:ef:4a:47:d4:d7:a5:69:74:20:cc:
                    8c:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:B9:AC:4F:65:4E:BB:6B:0D:05:C3:8B:87:97:63:98:2F:18:FA:74
            X509v3 Authority Key Identifier:
                keyid:81:8D:45:B8:94:A1:AA:AE:64:0E:68:4E:57:CF:DB:53:0D:FA:BA:69

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gY1FuJShqq5kDmhOV8_bUw36umk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:e8:1d:57:25:26:b5:1e:0c:f8:4d:62:a3:1c:d6:6b:de:b7:
         a9:0d:d4:12:7e:ca:e9:2b:bc:18:9d:64:98:54:18:13:ab:14:
         c6:f0:2b:8b:be:5e:b7:a6:24:52:94:28:26:af:c2:68:e8:b8:
         64:2d:fb:a6:7e:62:90:1d:63:80:08:a8:ad:76:d8:be:2e:fa:
         a7:3c:30:ab:68:2e:5f:07:0a:7c:f7:cb:4c:5c:2e:ab:eb:a5:
         50:15:ad:46:d1:9c:79:3a:e3:89:42:33:be:94:d5:e7:24:1d:
         56:82:54:99:8f:61:1a:af:58:c5:75:0d:c6:30:05:15:fa:fa:
         fb:85:95:db:4b:e2:c6:d3:25:a1:19:47:eb:e5:39:92:97:9f:
         55:c1:e7:2b:21:20:13:aa:60:06:7f:a4:a6:8e:cd:11:36:7a:
         e8:40:13:fb:96:38:99:c3:07:1f:af:4d:a4:b8:65:09:cc:7c:
         8a:f6:4a:48:e6:a2:b3:d6:d3:66:8c:e4:ff:68:8d:a3:b1:66:
         9e:a8:4b:4a:9d:3b:0c:ef:df:bb:57:ca:ed:20:62:7d:6a:c8:
         51:b7:2b:31:7d:3e:bb:eb:fb:91:e0:93:53:08:ca:6a:ce:f7:
         36:d8:54:f0:41:c4:ca:52:39:e5:46:78:bf:85:b8:bb:07:d7:
         ce:5e:1c:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJjM9+SZc5SGtVgAvnNauMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOGQ0NWI4OTRhMWFhYWU2NDBlNjg0ZTU3Y2ZkYjUzMGRm
YWJhNjkwHhcNMjUxMTExMDkwMTM3WhcNMjUxMTEyMDkwMTM3WjAzMTEwLwYDVQQD
EyhjZWI5YWM0ZjY1NGViYjZiMGQwNWMzOGI4Nzk3NjM5ODJmMThmYTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/+f70zWpLym4SDi7Z48W/GrPye6
FJQBzi/defgA/Houex1UtRnrUiVcGBrVEwF2CEod+A+zvuyOZs206pKyixSH+D8f
5MUouohEGijJiXR++mcUyPDct3gIKnjYDx0W54AUClIRUwWw0jETfybHMm3JZ4CQ
tprl3MIefcwmx90fGQb8dErCDDGLccwa4lSg4W3nQhGHSdzh6aXu6CG/ZF6n9RkG
1OyWrqyL/+at6CqjNEgH8A7ytJYlvhVxL5WeURP+gdXnMBORCbbaLD+XMzbErb3f
Hzxmtw9zOAQ1J1FyoHwTYdEmssmHRUQBSy5hUb0pde9KR9TXpWl0IMyMCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM65rE9lTrtrDQXDi4eXY5gvGPp0MB8GA1UdIwQY
MBaAFIGNRbiUoaquZA5oTlfP21MN+rppMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1kxRnVKU2hxcTVrRG1oT1Y4X2JVdzM2dW1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC83MDMzNTgtYjY5Yi00ODkzLWFiNGUt
ZTA2OTlkMzA0OTE5LzEvZ1kxRnVKU2hxcTVrRG1oT1Y4X2JVdzM2dW1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC83MDMzNTgtYjY5Yi00ODkzLWFiNGUtZTA2OTlkMzA0OTE5
LzEvZ1kxRnVKU2hxcTVrRG1oT1Y4X2JVdzM2dW1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN+gdVyUm
tR4M+E1ioxzWa963qQ3UEn7K6Su8GJ1kmFQYE6sUxvAri75et6YkUpQoJq/CaOi4
ZC37pn5ikB1jgAiorXbYvi76pzwwq2guXwcKfPfLTFwuq+ulUBWtRtGceTrjiUIz
vpTV5yQdVoJUmY9hGq9YxXUNxjAFFfr6+4WV20vixtMloRlH6+U5kpefVcHnKyEg
E6pgBn+kpo7NETZ66EAT+5Y4mcMHH69NpLhlCcx8ivZKSOais9bTZozk/2iNo7Fm
nqhLSp07DO/fu1fK7SBifWrIUbcrMX0+u+v7keCTUwjKas73NthU8EHEylI55UZ4
v4W4uwfXzl4c+Q==
-----END CERTIFICATE-----