Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/e5055f-dd77-4e66-b76e-f1e18b31292c/1/ySqWHIeskFGOp1LxhbtlEoq6KGY.mft
File:                     ySqWHIeskFGOp1LxhbtlEoq6KGY.mft (raw, json)
Hash identifier:          P6tonETKJISVIxNJA85MG9opKwut57YMEcOzmtggIKA=
Subject key identifier:   47:BC:52:47:BC:38:3F:60:F0:63:67:B0:1F:35:F6:F6:DE:1F:28:41
Authority key identifier: C9:2A:96:1C:87:AC:90:51:8E:A7:52:F1:85:BB:65:12:8A:BA:28:66
Certificate issuer:       /CN=c92a961c87ac90518ea752f185bb65128aba2866
Certificate serial:       019A71B817ED1A65E11E40B78D113859D348
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ySqWHIeskFGOp1LxhbtlEoq6KGY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/e5055f-dd77-4e66-b76e-f1e18b31292c/1/ySqWHIeskFGOp1LxhbtlEoq6KGY.mft
Manifest number:          03C3
Signing time:             Tue 11 Nov 2025 07:01:21 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:21 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:21 +0000
Files and hashes:         1: ySqWHIeskFGOp1LxhbtlEoq6KGY.crl (hash: KUr2JkfEXyDUYbwbOUl27TkbZi7Ez7Xmw9rrdjcerIw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/e5055f-dd77-4e66-b76e-f1e18b31292c/1/ySqWHIeskFGOp1LxhbtlEoq6KGY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/e5055f-dd77-4e66-b76e-f1e18b31292c/1/ySqWHIeskFGOp1LxhbtlEoq6KGY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ySqWHIeskFGOp1LxhbtlEoq6KGY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:17:ed:1a:65:e1:1e:40:b7:8d:11:38:59:d3:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c92a961c87ac90518ea752f185bb65128aba2866
        Validity
            Not Before: Nov 11 07:01:21 2025 GMT
            Not After : Nov 12 07:01:21 2025 GMT
        Subject: CN=47bc5247bc383f60f06367b01f35f6f6de1f2841
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:58:c9:d2:0b:59:08:b2:59:a0:a3:76:db:a0:
                    b0:46:63:44:be:11:fa:9b:f7:59:6a:a4:f3:ab:0a:
                    7c:24:f2:4b:6b:ad:4f:3a:64:be:64:5a:d5:26:d5:
                    d2:90:75:01:db:d4:b7:c1:5c:33:14:9b:cf:09:60:
                    4c:3d:29:a0:51:63:2d:f3:59:4c:8d:46:c7:40:ed:
                    84:c2:f5:36:f5:cc:33:17:0d:2c:f5:10:6e:10:40:
                    b3:26:9f:2a:53:e2:4a:ec:b7:9f:01:96:e5:62:a5:
                    16:66:2f:27:b0:ad:53:15:cd:ea:cf:85:58:17:dd:
                    34:03:a7:74:0d:7b:34:ef:da:65:11:35:84:6b:c5:
                    68:c2:7d:fe:03:77:8d:9d:85:68:57:66:ea:bc:fc:
                    b8:16:dc:db:62:ed:c7:84:4d:56:42:38:6b:70:1c:
                    8d:b4:09:b7:28:b7:5c:ed:1a:ca:21:ac:7b:0f:92:
                    4c:61:c1:c9:9a:ce:94:b0:55:63:25:df:5a:ec:9e:
                    ef:56:f2:df:79:75:d7:f3:eb:94:70:b7:47:63:6a:
                    6f:48:45:7f:b3:e7:9e:72:a8:24:31:26:b0:79:6e:
                    6a:46:21:d3:2b:98:67:c7:a7:f4:d4:b9:c9:30:a8:
                    e4:4a:f0:48:0f:b8:ee:f1:12:f8:97:36:b2:52:03:
                    45:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:BC:52:47:BC:38:3F:60:F0:63:67:B0:1F:35:F6:F6:DE:1F:28:41
            X509v3 Authority Key Identifier:
                keyid:C9:2A:96:1C:87:AC:90:51:8E:A7:52:F1:85:BB:65:12:8A:BA:28:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ySqWHIeskFGOp1LxhbtlEoq6KGY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/e5055f-dd77-4e66-b76e-f1e18b31292c/1/ySqWHIeskFGOp1LxhbtlEoq6KGY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/e5055f-dd77-4e66-b76e-f1e18b31292c/1/ySqWHIeskFGOp1LxhbtlEoq6KGY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:f6:98:bf:1a:93:e7:d1:a5:c8:3d:84:f1:1c:25:37:65:79:
         fd:3b:f4:6d:b0:d5:73:e3:72:c5:e8:d9:3b:19:64:b5:2d:a9:
         80:7a:9f:f4:29:b7:64:61:1f:bf:4c:7f:1b:2e:95:b5:2b:f5:
         e6:2a:7b:d4:9d:95:32:d8:c4:b0:85:61:02:08:a5:99:54:a0:
         ea:60:fd:2b:c7:2f:bf:58:9a:14:6c:e6:0e:56:11:34:69:98:
         83:a7:3a:57:a6:a1:c3:9e:23:6a:6e:96:c9:7b:c8:a2:f2:ff:
         4e:58:46:68:55:9f:f0:37:89:f4:d3:2d:9c:4b:50:b1:3d:29:
         2a:0d:67:46:1e:60:14:88:43:35:16:fd:4e:8b:da:b1:f1:e0:
         41:a4:42:5e:5e:8f:3e:f3:34:21:f6:12:26:1f:1e:19:c1:3c:
         94:3f:46:05:87:94:03:79:90:8b:39:b0:5f:f2:35:bc:a2:7d:
         00:dd:88:44:18:64:a3:3a:0f:a1:53:a5:e1:66:de:d8:91:69:
         f5:c4:bd:28:54:a6:2b:51:5b:9e:ac:e0:de:08:c2:de:77:a8:
         8a:4a:c3:16:9d:95:ac:93:4a:54:74:9b:84:44:bf:e0:ad:e4:
         ec:17:9c:a3:80:02:4b:4f:d9:4a:ba:2c:ef:5d:ad:35:a9:f8:
         81:60:44:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuBftGmXhHkC3jRE4WdNIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5MmE5NjFjODdhYzkwNTE4ZWE3NTJmMTg1YmI2NTEyOGFi
YTI4NjYwHhcNMjUxMTExMDcwMTIxWhcNMjUxMTEyMDcwMTIxWjAzMTEwLwYDVQQD
Eyg0N2JjNTI0N2JjMzgzZjYwZjA2MzY3YjAxZjM1ZjZmNmRlMWYyODQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVjJ0gtZCLJZoKN226CwRmNEvhH6
m/dZaqTzqwp8JPJLa61POmS+ZFrVJtXSkHUB29S3wVwzFJvPCWBMPSmgUWMt81lM
jUbHQO2EwvU29cwzFw0s9RBuEECzJp8qU+JK7LefAZblYqUWZi8nsK1TFc3qz4VY
F900A6d0DXs079plETWEa8Vown3+A3eNnYVoV2bqvPy4FtzbYu3HhE1WQjhrcByN
tAm3KLdc7RrKIax7D5JMYcHJms6UsFVjJd9a7J7vVvLfeXXX8+uUcLdHY2pvSEV/
s+eecqgkMSaweW5qRiHTK5hnx6f01LnJMKjkSvBID7ju8RL4lzayUgNFfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEe8Uke8OD9g8GNnsB819vbeHyhBMB8GA1UdIwQY
MBaAFMkqlhyHrJBRjqdS8YW7ZRKKuihmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVNxV0hJZXNrRkdPcDFMeGhidGxFb3E2S0dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9lNTA1NWYtZGQ3Ny00ZTY2LWI3NmUt
ZjFlMThiMzEyOTJjLzEveVNxV0hJZXNrRkdPcDFMeGhidGxFb3E2S0dZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9lNTA1NWYtZGQ3Ny00ZTY2LWI3NmUtZjFlMThiMzEyOTJj
LzEveVNxV0hJZXNrRkdPcDFMeGhidGxFb3E2S0dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEPaYvxqT
59GlyD2E8RwlN2V5/Tv0bbDVc+NyxejZOxlktS2pgHqf9Cm3ZGEfv0x/Gy6VtSv1
5ip71J2VMtjEsIVhAgilmVSg6mD9K8cvv1iaFGzmDlYRNGmYg6c6V6ahw54jam6W
yXvIovL/TlhGaFWf8DeJ9NMtnEtQsT0pKg1nRh5gFIhDNRb9TovasfHgQaRCXl6P
PvM0IfYSJh8eGcE8lD9GBYeUA3mQizmwX/I1vKJ9AN2IRBhkozoPoVOl4Wbe2JFp
9cS9KFSmK1Fbnqzg3gjC3neoikrDFp2VrJNKVHSbhES/4K3k7Beco4ACS0/ZSros
712tNan4gWBEbQ==
-----END CERTIFICATE-----