Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/85df14-a815-4691-a923-46e65c95f83a/1/yM7BO9bzBCDedNLDFWTa3aCOAU0.mft
File:                     yM7BO9bzBCDedNLDFWTa3aCOAU0.mft (raw, json)
Hash identifier:          anSEZywnGWBiVrMrnj7kCaAg/2hwF8PoeAGGc+S/WYc=
Subject key identifier:   EB:3B:3B:94:2F:E9:E6:F9:24:17:79:D6:8A:0E:C8:78:7F:1D:D6:CB
Authority key identifier: C8:CE:C1:3B:D6:F3:04:20:DE:74:D2:C3:15:64:DA:DD:A0:8E:01:4D
Certificate issuer:       /CN=c8cec13bd6f30420de74d2c31564dadda08e014d
Certificate serial:       019A71B82B56C9BFC2AB8EBB9592210D2609
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yM7BO9bzBCDedNLDFWTa3aCOAU0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/85df14-a815-4691-a923-46e65c95f83a/1/yM7BO9bzBCDedNLDFWTa3aCOAU0.mft
Manifest number:          0149
Signing time:             Tue 11 Nov 2025 07:01:26 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:26 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:26 +0000
Files and hashes:         1: yM7BO9bzBCDedNLDFWTa3aCOAU0.crl (hash: MiQg2q2AAdPCB7CA1hjIfUZGYvd1kkp8nSDDYjyk56w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2f/85df14-a815-4691-a923-46e65c95f83a/1/yM7BO9bzBCDedNLDFWTa3aCOAU0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2f/85df14-a815-4691-a923-46e65c95f83a/1/yM7BO9bzBCDedNLDFWTa3aCOAU0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yM7BO9bzBCDedNLDFWTa3aCOAU0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:2b:56:c9:bf:c2:ab:8e:bb:95:92:21:0d:26:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8cec13bd6f30420de74d2c31564dadda08e014d
        Validity
            Not Before: Nov 11 07:01:26 2025 GMT
            Not After : Nov 12 07:01:26 2025 GMT
        Subject: CN=eb3b3b942fe9e6f9241779d68a0ec8787f1dd6cb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:98:7e:f7:5c:ff:c7:d9:eb:a4:78:32:34:5d:
                    a3:ce:b8:62:9f:be:fd:ab:8e:a4:a6:02:32:3e:26:
                    26:91:d0:42:6e:88:c1:c3:2a:51:a3:d3:d3:a7:e2:
                    7c:a7:4a:eb:de:00:32:a6:12:e2:2d:0e:90:c2:b3:
                    de:d9:ab:2f:26:5b:1a:62:47:22:63:d0:9c:30:28:
                    26:c7:99:bb:62:59:8e:ee:ed:0e:42:e5:60:20:a2:
                    0d:08:51:e1:0b:78:c1:fc:3a:69:58:82:21:7a:6d:
                    3b:5d:04:b8:4d:93:d7:f1:b3:65:c9:26:33:81:a9:
                    b7:f2:87:6c:20:73:85:94:41:f5:c6:2b:e9:b5:90:
                    08:8a:23:b7:f2:0c:8a:04:12:fd:b1:e4:f5:7a:ac:
                    a0:3c:00:5c:87:e7:a9:cf:9e:31:32:c1:25:aa:9a:
                    22:cf:e0:94:76:f4:c1:a8:25:df:d3:2c:ac:cd:52:
                    cc:ec:18:3d:39:80:94:4a:52:b6:93:86:95:f0:e6:
                    6b:47:dd:a2:15:5d:26:8e:8c:66:58:87:ee:16:be:
                    a4:2d:e4:1e:8c:a0:65:38:4c:e3:85:4d:7b:b0:5d:
                    5e:5a:8a:36:2d:39:35:8c:7d:b6:20:2f:5a:e2:b7:
                    e5:32:84:47:29:bc:55:2b:80:7c:7f:37:a5:2f:16:
                    01:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:3B:3B:94:2F:E9:E6:F9:24:17:79:D6:8A:0E:C8:78:7F:1D:D6:CB
            X509v3 Authority Key Identifier:
                keyid:C8:CE:C1:3B:D6:F3:04:20:DE:74:D2:C3:15:64:DA:DD:A0:8E:01:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yM7BO9bzBCDedNLDFWTa3aCOAU0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/85df14-a815-4691-a923-46e65c95f83a/1/yM7BO9bzBCDedNLDFWTa3aCOAU0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/85df14-a815-4691-a923-46e65c95f83a/1/yM7BO9bzBCDedNLDFWTa3aCOAU0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:c8:f2:1d:41:02:36:be:03:ba:8e:e7:a8:d0:f2:75:39:6a:
         e5:70:40:79:0f:7d:54:65:f0:19:22:af:c0:86:62:a2:53:72:
         55:0e:7d:dd:f6:49:62:41:f8:3c:eb:ee:bc:6e:bb:95:a1:62:
         29:de:a8:d8:02:16:9e:89:a4:fc:d4:f2:70:0c:f1:6b:f0:f8:
         fa:3d:a9:81:54:5b:66:8c:83:62:11:76:3f:88:f9:97:27:67:
         00:fc:e7:d4:f1:0e:9c:ac:9c:e5:69:a8:f4:df:9f:f2:b0:e2:
         a7:38:c7:a4:a2:37:fb:9c:23:4c:86:dd:d9:4c:07:40:3f:c2:
         1d:93:9d:2d:ff:bc:3f:52:ca:3e:85:88:de:e8:fe:09:1b:20:
         e6:50:6a:56:23:50:0b:4f:07:a6:e6:01:45:ff:d2:fd:52:24:
         ca:dd:5b:73:bc:07:be:6b:7b:2e:82:9f:9a:f5:1c:32:df:d5:
         f5:a3:6e:27:8c:4f:e2:ba:d2:e1:72:49:a1:4d:41:39:f3:12:
         1e:cc:4c:71:b3:0d:7a:4b:28:bc:ee:96:c7:56:e9:ec:00:60:
         2b:27:58:56:ce:ab:fd:f2:cb:24:d7:15:8b:71:5f:c6:a0:00:
         5f:ad:68:9f:dd:65:d4:b7:bd:aa:22:bb:88:07:57:0c:05:55:
         84:92:74:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuCtWyb/Cq467lZIhDSYJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4Y2VjMTNiZDZmMzA0MjBkZTc0ZDJjMzE1NjRkYWRkYTA4
ZTAxNGQwHhcNMjUxMTExMDcwMTI2WhcNMjUxMTEyMDcwMTI2WjAzMTEwLwYDVQQD
EyhlYjNiM2I5NDJmZTllNmY5MjQxNzc5ZDY4YTBlYzg3ODdmMWRkNmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA45h+91z/x9nrpHgyNF2jzrhin779
q46kpgIyPiYmkdBCbojBwypRo9PTp+J8p0rr3gAyphLiLQ6QwrPe2asvJlsaYkci
Y9CcMCgmx5m7YlmO7u0OQuVgIKINCFHhC3jB/DppWIIhem07XQS4TZPX8bNlySYz
gam38odsIHOFlEH1xivptZAIiiO38gyKBBL9seT1eqygPABch+epz54xMsElqpoi
z+CUdvTBqCXf0yyszVLM7Bg9OYCUSlK2k4aV8OZrR92iFV0mjoxmWIfuFr6kLeQe
jKBlOEzjhU17sF1eWoo2LTk1jH22IC9a4rflMoRHKbxVK4B8fzelLxYBFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOs7O5Qv6eb5JBd51ooOyHh/HdbLMB8GA1UdIwQY
MBaAFMjOwTvW8wQg3nTSwxVk2t2gjgFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU03Qk85YnpCQ0RlZE5MREZXVGEzYUNPQVUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi84NWRmMTQtYTgxNS00NjkxLWE5MjMt
NDZlNjVjOTVmODNhLzEveU03Qk85YnpCQ0RlZE5MREZXVGEzYUNPQVUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi84NWRmMTQtYTgxNS00NjkxLWE5MjMtNDZlNjVjOTVmODNh
LzEveU03Qk85YnpCQ0RlZE5MREZXVGEzYUNPQVUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQsjyHUEC
Nr4Duo7nqNDydTlq5XBAeQ99VGXwGSKvwIZiolNyVQ593fZJYkH4POvuvG67laFi
Kd6o2AIWnomk/NTycAzxa/D4+j2pgVRbZoyDYhF2P4j5lydnAPzn1PEOnKyc5Wmo
9N+f8rDipzjHpKI3+5wjTIbd2UwHQD/CHZOdLf+8P1LKPoWI3uj+CRsg5lBqViNQ
C08HpuYBRf/S/VIkyt1bc7wHvmt7LoKfmvUcMt/V9aNuJ4xP4rrS4XJJoU1BOfMS
HsxMcbMNeksovO6Wx1bp7ABgKydYVs6r/fLLJNcVi3FfxqAAX61on91l1Le9qiK7
iAdXDAVVhJJ0Ug==
-----END CERTIFICATE-----