Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/82785f-f0c5-4313-91a1-6dfd8bbadfe9/1/0ur89N6SC5zmRdbmlt8IqosFUZs.mft
File:                     0ur89N6SC5zmRdbmlt8IqosFUZs.mft (raw, json)
Hash identifier:          Lug25H2JA3dUqX7nKpneufttCdaduGfJVhZ5JFBCzF4=
Subject key identifier:   9B:5C:A2:1A:04:EB:53:00:42:2E:6A:87:94:0E:0E:B8:63:D2:ED:3C
Authority key identifier: D2:EA:FC:F4:DE:92:0B:9C:E6:45:D6:E6:96:DF:08:AA:8B:05:51:9B
Certificate issuer:       /CN=d2eafcf4de920b9ce645d6e696df08aa8b05519b
Certificate serial:       019A70A57F7621678BD9DC5F12DE29EFD9DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0ur89N6SC5zmRdbmlt8IqosFUZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/82785f-f0c5-4313-91a1-6dfd8bbadfe9/1/0ur89N6SC5zmRdbmlt8IqosFUZs.mft
Manifest number:          1420
Signing time:             Tue 11 Nov 2025 02:01:25 +0000
Manifest this update:     Tue 11 Nov 2025 02:01:25 +0000
Manifest next update:     Wed 12 Nov 2025 02:01:25 +0000
Files and hashes:         1: 0ur89N6SC5zmRdbmlt8IqosFUZs.crl (hash: niw5bEkSDbTQy+c0EhY1UnMgZ+C6cxFh9/CY/RPqROA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3f/82785f-f0c5-4313-91a1-6dfd8bbadfe9/1/0ur89N6SC5zmRdbmlt8IqosFUZs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3f/82785f-f0c5-4313-91a1-6dfd8bbadfe9/1/0ur89N6SC5zmRdbmlt8IqosFUZs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0ur89N6SC5zmRdbmlt8IqosFUZs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 02:01:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:a5:7f:76:21:67:8b:d9:dc:5f:12:de:29:ef:d9:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2eafcf4de920b9ce645d6e696df08aa8b05519b
        Validity
            Not Before: Nov 11 02:01:25 2025 GMT
            Not After : Nov 12 02:01:25 2025 GMT
        Subject: CN=9b5ca21a04eb5300422e6a87940e0eb863d2ed3c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:fc:56:19:b0:99:d3:1f:03:4e:8a:94:df:d3:
                    f3:80:5d:c9:48:b1:e6:30:b5:27:fe:36:24:c9:98:
                    94:be:26:49:ab:a1:e5:2b:fa:36:ff:7f:43:33:c5:
                    5c:2e:8e:23:76:d1:ba:c7:44:31:7a:cc:e2:1e:e1:
                    a6:ea:ef:77:75:cf:41:b8:d7:da:4e:4c:6e:78:51:
                    cd:ea:cd:c7:31:02:7d:dc:07:71:40:e8:2d:33:a0:
                    88:e5:d0:9a:bf:57:30:b5:06:74:f8:c0:89:40:8d:
                    16:41:e3:6d:76:d7:fd:af:e9:7a:7d:86:ba:eb:1b:
                    87:3a:f7:1c:cc:25:2d:be:92:4b:83:45:f8:48:ae:
                    0d:07:64:b1:13:43:3d:af:e5:4e:7d:9f:a4:0a:84:
                    a8:4c:01:fa:e8:3f:2b:d0:7a:cb:da:fa:29:bb:68:
                    b6:ae:00:d5:a1:e2:31:e4:8d:ae:e7:4b:46:fd:1f:
                    14:d4:83:7f:64:c6:7d:67:16:cb:67:9f:ea:d8:d5:
                    f7:7c:2c:15:77:7f:da:05:d9:ad:53:63:ed:1c:bb:
                    bc:c0:f3:bc:a5:86:46:a8:47:3a:2e:cd:bf:a0:e1:
                    da:bf:5e:8e:e2:be:8f:29:55:38:84:9f:f0:6a:36:
                    88:37:eb:58:42:a0:46:c9:fe:bf:6c:67:8c:58:2d:
                    19:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:5C:A2:1A:04:EB:53:00:42:2E:6A:87:94:0E:0E:B8:63:D2:ED:3C
            X509v3 Authority Key Identifier:
                keyid:D2:EA:FC:F4:DE:92:0B:9C:E6:45:D6:E6:96:DF:08:AA:8B:05:51:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0ur89N6SC5zmRdbmlt8IqosFUZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/82785f-f0c5-4313-91a1-6dfd8bbadfe9/1/0ur89N6SC5zmRdbmlt8IqosFUZs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/82785f-f0c5-4313-91a1-6dfd8bbadfe9/1/0ur89N6SC5zmRdbmlt8IqosFUZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:6c:af:d4:0b:22:63:87:73:f3:18:31:8b:25:9d:1b:e2:e3:
         3d:bd:4b:9e:c7:50:88:57:1e:db:3a:20:6f:a4:48:07:ef:70:
         43:b4:d3:b8:78:5f:de:02:2d:f1:3b:8b:0b:5f:1d:5c:e6:12:
         65:a6:5b:fe:ee:94:91:3f:1b:27:c8:8b:00:1d:29:43:8e:34:
         cb:bf:7e:3c:7f:93:68:9d:fb:9f:2e:54:60:29:25:a8:af:42:
         df:ee:00:f4:7b:22:01:2c:ac:e0:a5:bf:eb:14:1e:aa:d5:53:
         c5:bf:71:9a:a5:4f:6d:46:86:c0:82:b3:14:19:27:a3:3f:8d:
         79:1b:78:86:db:a8:f2:60:eb:21:ae:f4:2d:fd:26:29:60:04:
         66:a3:2d:b1:fc:4d:10:69:21:18:b4:b7:25:53:f6:6f:13:4d:
         1c:63:2e:87:80:3d:4d:f1:6a:d6:0c:78:0a:ca:86:a7:dc:f3:
         33:a6:a0:35:ec:c3:a4:79:bf:64:f7:7f:0c:cb:35:55:a5:b3:
         f5:b5:1c:a4:ad:cd:63:0b:30:1d:80:33:0d:dc:e4:3c:80:77:
         dd:23:00:cd:8a:d8:a8:39:a0:a4:bd:e6:fc:09:9b:16:69:7f:
         8f:b8:c3:d8:7b:56:6e:db:cd:88:64:79:21:94:4c:6a:07:52:
         c8:9c:56:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwpX92IWeL2dxfEt4p79ncMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyZWFmY2Y0ZGU5MjBiOWNlNjQ1ZDZlNjk2ZGYwOGFhOGIw
NTUxOWIwHhcNMjUxMTExMDIwMTI1WhcNMjUxMTEyMDIwMTI1WjAzMTEwLwYDVQQD
Eyg5YjVjYTIxYTA0ZWI1MzAwNDIyZTZhODc5NDBlMGViODYzZDJlZDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyvxWGbCZ0x8DToqU39PzgF3JSLHm
MLUn/jYkyZiUviZJq6HlK/o2/39DM8VcLo4jdtG6x0QxesziHuGm6u93dc9BuNfa
TkxueFHN6s3HMQJ93AdxQOgtM6CI5dCav1cwtQZ0+MCJQI0WQeNtdtf9r+l6fYa6
6xuHOvcczCUtvpJLg0X4SK4NB2SxE0M9r+VOfZ+kCoSoTAH66D8r0HrL2vopu2i2
rgDVoeIx5I2u50tG/R8U1IN/ZMZ9ZxbLZ5/q2NX3fCwVd3/aBdmtU2PtHLu8wPO8
pYZGqEc6Ls2/oOHav16O4r6PKVU4hJ/wajaIN+tYQqBGyf6/bGeMWC0ZPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJtcohoE61MAQi5qh5QODrhj0u08MB8GA1UdIwQY
MBaAFNLq/PTekguc5kXW5pbfCKqLBVGbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHVyODlONlNDNXptUmRibWx0OElxb3NGVVpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi84Mjc4NWYtZjBjNS00MzEzLTkxYTEt
NmRmZDhiYmFkZmU5LzEvMHVyODlONlNDNXptUmRibWx0OElxb3NGVVpzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi84Mjc4NWYtZjBjNS00MzEzLTkxYTEtNmRmZDhiYmFkZmU5
LzEvMHVyODlONlNDNXptUmRibWx0OElxb3NGVVpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG2yv1Asi
Y4dz8xgxiyWdG+LjPb1LnsdQiFce2zogb6RIB+9wQ7TTuHhf3gIt8TuLC18dXOYS
ZaZb/u6UkT8bJ8iLAB0pQ440y79+PH+TaJ37ny5UYCklqK9C3+4A9HsiASys4KW/
6xQeqtVTxb9xmqVPbUaGwIKzFBknoz+NeRt4htuo8mDrIa70Lf0mKWAEZqMtsfxN
EGkhGLS3JVP2bxNNHGMuh4A9TfFq1gx4CsqGp9zzM6agNezDpHm/ZPd/DMs1VaWz
9bUcpK3NYwswHYAzDdzkPIB33SMAzYrYqDmgpL3m/AmbFml/j7jD2HtWbtvNiGR5
IZRMagdSyJxWeA==
-----END CERTIFICATE-----